Keepenit
-
Posts
4 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by Keepenit
-
-
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-12-2012
Ran by Terps1 at 01-01-2013 21:47:10
Running from E:\
Service Pack 1 (X64) OS Language: English(US)
Attention: Could not load system hive.
ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY.
==================== One Month Created Files and Folders ========
2013-01-01 20:42 - 2013-01-01 21:42 - 00000408 ____A C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2012-12-27 13:05 - 2012-12-27 13:05 - 00000000 ____D C:\Malwarebytes
2012-12-27 04:45 - 2012-12-27 04:45 - 00000000 ____D C:\Malwarebytes' Anti-Malware
2012-12-24 06:00 - 2012-12-24 06:00 - 00000000 _RASH C:\MSDOS.SYS
2012-12-24 06:00 - 2012-12-24 06:00 - 00000000 _RASH C:\IO.SYS
2012-12-21 13:28 - 2013-01-01 20:55 - 00000004 ____A C:\Users\Terps1\AppData\Roaming\skype.ini
2012-12-21 12:07 - 2012-12-21 12:07 - 00001787 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-12-21 12:06 - 2012-12-21 12:07 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-21 12:06 - 2012-12-21 12:07 - 00000000 ____D C:\Program Files\iTunes
2012-12-21 12:06 - 2012-12-21 12:07 - 00000000 ____D C:\Program Files (x86)\iTunes
2012-12-21 12:06 - 2012-12-21 12:06 - 00000000 ____D C:\Program Files\iPod
2012-12-21 12:01 - 2012-12-21 12:01 - 00001849 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2012-12-21 12:00 - 2012-12-21 12:01 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-12-21 03:00 - 2012-12-16 12:11 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-21 03:00 - 2012-12-16 09:45 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-21 03:00 - 2012-12-16 09:13 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-21 03:00 - 2012-12-16 09:13 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-16 20:58 - 2012-12-16 20:58 - 00001155 ____A C:\Users\Terps1\Desktop\Wondershare iMate.lnk
2012-12-16 20:57 - 2012-12-16 20:57 - 24446624 ____A (WonderShare Software Co.,Ltd. ) C:\Users\Terps1\Downloads\imate_full742.exe
2012-12-16 20:57 - 2012-12-16 20:57 - 00000000 ____D C:\Program Files (x86)\Wondershare
2012-12-11 20:43 - 2012-11-21 22:26 - 03149824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-12-11 20:43 - 2012-11-12 09:20 - 09055744 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-12-11 20:43 - 2012-11-12 08:24 - 06028800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-12-11 20:43 - 2012-11-12 07:28 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-12-11 20:43 - 2012-11-12 06:52 - 01638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-12-11 20:43 - 2012-11-09 00:45 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-12-11 20:43 - 2012-11-08 23:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-12-11 20:43 - 2012-10-27 01:26 - 01231872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-12-11 20:43 - 2012-10-27 01:26 - 00981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-12-11 20:43 - 2012-10-27 01:26 - 00132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-12-11 20:43 - 2012-10-27 01:24 - 00627712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-12-11 20:43 - 2012-10-27 01:24 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-12-11 20:43 - 2012-10-27 01:23 - 11020800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-12-11 20:43 - 2012-10-27 01:23 - 02073600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-12-11 20:43 - 2012-10-27 01:23 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-12-11 20:43 - 2012-10-27 01:23 - 00048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-12-11 20:43 - 2012-10-27 00:51 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-12-11 20:43 - 2012-10-27 00:51 - 01188864 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-12-11 20:43 - 2012-10-27 00:51 - 00134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-12-11 20:43 - 2012-10-27 00:49 - 12295680 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-12-11 20:43 - 2012-10-27 00:49 - 02453504 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-12-11 20:43 - 2012-10-27 00:49 - 00735744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-12-11 20:43 - 2012-10-27 00:49 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-12-11 20:43 - 2012-10-27 00:49 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-12-11 20:43 - 2012-10-27 00:49 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-12-11 20:43 - 2012-10-04 12:46 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-12-11 20:43 - 2012-10-04 12:45 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-12-11 20:43 - 2012-10-04 12:41 - 01161216 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-12-11 20:43 - 2012-10-04 12:41 - 00424960 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-12-11 20:43 - 2012-10-04 11:47 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-12-11 20:43 - 2012-10-04 11:47 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-12-11 20:43 - 2012-10-04 10:21 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-12-11 20:43 - 2012-10-04 09:46 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-12-11 20:42 - 2012-11-02 00:59 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\dpnet.dll
2012-12-11 20:42 - 2012-11-02 00:11 - 00376832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2012-12-11 20:42 - 2012-10-04 12:46 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-12-11 20:42 - 2012-10-04 12:46 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-12-11 20:42 - 2012-10-04 12:43 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 12:38 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:47 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 11:40 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 09:46 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-12-11 20:42 - 2012-10-04 09:46 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-12-11 20:42 - 2012-10-04 09:46 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-12-11 20:42 - 2012-10-04 09:41 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 09:41 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 09:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-12-11 20:42 - 2012-10-04 09:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
==================== One Month Modified Files and Folders =======
2013-01-01 23:39 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2013-01-01 21:47 - 2013-01-01 21:47 - 00000000 ____D C:\FRST
2013-01-01 21:44 - 2009-07-14 00:13 - 00730532 ____A C:\Windows\System32\PerfStringBackup.INI
2013-01-01 21:42 - 2013-01-01 20:42 - 00000408 ____A C:\Windows\Tasks\Ad-Aware Update (Weekly).job
2013-01-01 20:55 - 2012-12-21 13:28 - 00000004 ____A C:\Users\Terps1\AppData\Roaming\skype.ini
2013-01-01 20:51 - 2010-10-19 12:44 - 01261162 ____A C:\Windows\WindowsUpdate.log
2013-01-01 20:48 - 2009-07-13 23:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-01-01 20:48 - 2009-07-13 23:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-01-01 20:41 - 2011-02-01 18:55 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-01-01 20:41 - 2011-01-14 23:16 - 00000000 ____D C:\users\Terps1
2013-01-01 20:41 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-01-01 20:41 - 2009-07-13 23:51 - 00058860 ____A C:\Windows\setupact.log
2013-01-01 16:06 - 2011-04-19 20:48 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2611583448-4012852574-889924089-1001UA.job
2013-01-01 15:41 - 2011-02-01 18:55 - 00000898 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-01-01 15:31 - 2011-10-25 20:31 - 00000064 ____A C:\Windows\SysWOW64\rp_stats.dat
2013-01-01 15:31 - 2011-10-25 20:31 - 00000044 ____A C:\Windows\SysWOW64\rp_rules.dat
2013-01-01 15:30 - 2012-04-05 20:43 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-12-27 13:05 - 2012-12-27 13:05 - 00000000 ____D C:\Malwarebytes
2012-12-27 04:45 - 2012-12-27 04:45 - 00000000 ____D C:\Malwarebytes' Anti-Malware
2012-12-24 06:00 - 2012-12-24 06:00 - 00000000 _RASH C:\MSDOS.SYS
2012-12-24 06:00 - 2012-12-24 06:00 - 00000000 _RASH C:\IO.SYS
2012-12-21 12:07 - 2012-12-21 12:07 - 00001787 ____A C:\Users\Public\Desktop\iTunes.lnk
2012-12-21 12:07 - 2012-12-21 12:06 - 00000000 ____D C:\Users\All Users\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-21 12:07 - 2012-12-21 12:06 - 00000000 ____D C:\Program Files\iTunes
2012-12-21 12:07 - 2012-12-21 12:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2012-12-21 12:06 - 2012-12-21 12:06 - 00000000 ____D C:\Program Files\iPod
2012-12-21 12:01 - 2012-12-21 12:01 - 00001849 ____A C:\Users\Public\Desktop\QuickTime Player.lnk
2012-12-21 12:01 - 2012-12-21 12:00 - 00000000 ____D C:\Program Files (x86)\QuickTime
2012-12-21 03:28 - 2011-02-01 18:55 - 00000000 ____D C:\Users\Terps1\AppData\Local\Google
2012-12-21 03:27 - 2009-07-13 23:45 - 00414080 ____A C:\Windows\System32\FNTCACHE.DAT
2012-12-21 03:26 - 2010-10-19 12:46 - 00025416 ____A C:\Windows\PFRO.log
2012-12-20 22:07 - 2011-04-19 20:48 - 00000860 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2611583448-4012852574-889924089-1001Core.job
2012-12-16 20:58 - 2012-12-16 20:58 - 00001155 ____A C:\Users\Terps1\Desktop\Wondershare iMate.lnk
2012-12-16 20:57 - 2012-12-16 20:57 - 24446624 ____A (WonderShare Software Co.,Ltd. ) C:\Users\Terps1\Downloads\imate_full742.exe
2012-12-16 20:57 - 2012-12-16 20:57 - 00000000 ____D C:\Program Files (x86)\Wondershare
2012-12-16 12:11 - 2012-12-21 03:00 - 00046080 ____A (Adobe Systems) C:\Windows\System32\atmlib.dll
2012-12-16 09:45 - 2012-12-21 03:00 - 00367616 ____A (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2012-12-16 09:13 - 2012-12-21 03:00 - 00295424 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2012-12-16 09:13 - 2012-12-21 03:00 - 00034304 ____A (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2012-12-12 04:00 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2012-12-12 03:03 - 2011-03-30 16:55 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-12-12 03:03 - 2011-01-19 03:05 - 67413224 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-12-11 20:23 - 2012-04-05 20:43 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-12-11 20:23 - 2011-07-07 08:33 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-2611583448-4012852574-889924089-1001\$dad14df4bee78e467307c6105a6d9739
ZeroAccess:
C:\Users\Terps1\AppData\Local\{dad14df4-bee7-8e46-7307-c6105a6d9739}
C:\Users\Terps1\AppData\Local\{dad14df4-bee7-8e46-7307-c6105a6d9739}\L
C:\Users\Terps1\AppData\Local\{dad14df4-bee7-8e46-7307-c6105a6d9739}\U
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 10%
Total physical RAM: 5885.12 MB
Available physical RAM: 5247.85 MB
Total Pagefile: 11768.43 MB
Available Pagefile: 11146.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB
==================== Partitions =============================
1 Drive c: (WIN7) (Fixed) (Total:698.64 GB) (Free:7.4 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (HBCD 14.0) (CDROM) (Total:0.49 GB) (Free:0 GB) CDFS
3 Drive e: (Secure II) (Removable) (Total:0.48 GB) (Free:0.45 GB) FAT
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 698 GB 0 B
Disk 1 Online 495 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 698 GB 31 KB
==================================================================================
Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C WIN7 NTFS Partition 698 GB Healthy System (partition with boot components)
=========================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 495 MB 16 KB
==================================================================================
Disk: 1
Partition 1
Type : 04
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 E Secure II FAT Removable 495 MB Healthy
=========================================================
Last Boot: 2012-12-27 10:28
==================== End Of Log =============================
-
Nope. Nothing works. No f8. Nothing. Every once in a while, it goes into safe mode, but it will not allow me to select anything and just starts windows normally after like 20 seconds. Once that happens, it's over....
-
Got the FBI money pack virus the other day and it slowly killed my computer. First shut down safe mode. Then shut down setup. Then blocked cd drive from opening or working I have a windows 7 recovery disk in the drive to no avail. No matter what I do I eventually get a "white screen of death". Any ideas?
Moneypak has killed my computer!
in Resolved Malware Removal Logs
Posted
Above is my FRST txt