Jump to content

oferna

Members
  • Posts

    4
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I am sorry, I forgot to tell you that after I try to exit the command console; then, I get a black screen, which does not allow me to do anything else. I am able to use the Task Manager and initiate new tasks from there, but that is about it. Please let me know if you need additional details or information. Thank you again, Oscar
  2. Hello Mr. Charlie, I really appreciate your help. I am not getting the "Computer Crime and Intellectual Property Section" window anymore as soon as I booting in the computer; however, I am not getting the Command Console (see image attached) with a message saying that 4407b1b1.exe is not recognized. then, it takes me to the command line c:\windows\system32> Here is the Fixlog.txt results: Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-05-2013 Ran by SYSTEM at 2013-05-15 22:33:23 Run:1 Running from E:\ Boot Mode: Recovery ============================================== HKEY_USERS\OF\Software\Microsoft\Windows\CurrentVersion\Run\\qcgce2mrvjq91kk1e7pnbb19m52fx => Value deleted successfully. C:\Users\OF\AppData\Local\2433f433 => Moved successfully. C:\Users\OF\AppData\Roaming\2433f433 => Moved successfully. C:\Users\OF\Documents\4407b1b1.exe => Moved successfully. C:\Users\OF\Documents\4407b1b1.dll => Moved successfully. C:\ProgramData\2433f433 => Moved successfully. ==== End of Fixlog ==== Would you please guide me as to what to do next. Thank you once again, Oscar
  3. Hello Guys, I need your help. I got this virus on my PC (Windows 7, 32-bit) and I have not been able to remove it. The virus does not allow me to start my computer on any of the safe modes, so I am kind of stocked with it. I have followed one of the recomendations from someone in the forums and downloaded the FRST.exe tool to run a report using the repair option. Here are the results (Also in the text file attached): Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-05-2013 Ran by SYSTEM on 12-05-2013 21:29:16 Running from E:\ Windows 7 Professional (X86) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet002 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated) HKLM\...\Run: [intelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" [1093232 2012-11-02] (Microsoft Corporation) HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" [1668720 2012-11-02] (Microsoft Corporation) HKLM\...\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC) HKLM\...\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263952 2013-02-12] () HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [x] Winlogon\Notify\igfxcui: igfxsrvc.dll (Intel Corporation) HKU\Guest\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation) HKU\OF\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] C:\Users\OF\Documents\4407b1b1.exe [26624 2013-05-11] () HKU\OF\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation) HKU\OF\...\Winlogon: [shell] cmd.exe [26624 2010-11-20] (Microsoft Corporation) HKU\Public\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation) ========================== Services (Whitelisted) ================= ==================== Drivers (Whitelisted) ==================== S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [108032 2008-01-19] (Intel Corporation) S3 AE1000; C:\Windows\System32\DRIVERS\ae1000w7.sys [841504 2010-01-19] (Ralink Technology Corp.) S3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1302492 2011-03-23] (Intel Corporation) S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [21784 2011-08-01] (Microsoft Corporation) S3 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\Windows\System32\drivers\ialmsbw.sys [108736 2003-01-14] (Intel Corporation) S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\Windows\System32\drivers\ialmkchw.sys [78272 2003-01-14] (Intel Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-05-12 21:29 - 2013-05-12 21:29 - 00000000 ____D C:\FRST 2013-05-11 20:05 - 2013-05-11 20:11 - 00000000 ___AD C:\.Trash-0 2013-05-11 19:41 - 2013-05-11 19:41 - 59768832 ____A C:\Windows\System32\config\SOFTWARE.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 19922944 ____A C:\Windows\System32\config\SYSTEM.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 03407872 ____A C:\Windows\System32\config\DEFAULT.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 00262144 ____A C:\Windows\System32\config\SECURITY.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 00262144 ____A C:\Windows\System32\config\SAM.bhv 2013-05-11 18:54 - 2013-05-11 18:54 - 00000000 ___AD C:\$Anvi Rescue Disk$ 2013-05-11 16:40 - 2013-05-11 16:40 - 00174401 ____A C:\ProgramData\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00174396 ____A C:\Users\OF\AppData\Local\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00174372 ____A C:\Users\OF\AppData\Roaming\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00030720 ____A C:\Users\OF\Documents\4407b1b1.exe 2013-05-11 16:40 - 2013-05-11 16:40 - 00030720 ____A C:\Users\OF\Documents\4407b1b1.dll 2013-05-09 15:07 - 2013-05-09 15:07 - 00000000 ____A C:\END 2013-05-03 18:32 - 2013-05-03 18:32 - 14323200 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 13761024 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-03 18:32 - 2013-05-03 18:32 - 02046464 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 01766912 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-03 18:32 - 2013-05-03 18:32 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-05-03 18:32 - 2013-05-03 18:32 - 01129984 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-05-03 18:32 - 2013-05-03 18:32 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-05-03 18:32 - 2013-05-03 18:32 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-05-03 18:28 - 2013-05-03 18:28 - 03419136 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 02284544 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01988096 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01504768 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01247744 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01230336 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01158144 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01080832 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00906240 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00604160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00417792 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00364544 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00207872 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00187392 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-03 18:19 - 2013-05-03 18:40 - 00007644 ____A C:\Windows\IE10_main.log 2013-04-25 15:06 - 2013-04-25 15:06 - 00135120 ____N C:\Windows\Minidump\042513-13500-01.dmp 2013-04-23 14:42 - 2013-04-12 05:45 - 01211752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-21 16:49 - 2013-04-21 16:50 - 00000000 ____D C:\Program Files\Common Files\DivX Shared 2013-04-21 16:48 - 2013-05-09 15:10 - 00000000 ____D C:\ProgramData\DivX 2013-04-21 16:48 - 2013-05-09 15:10 - 00000000 ____D C:\Program Files\DivX ==================== One Month Modified Files and Folders ======== 2013-05-12 21:29 - 2013-05-12 21:29 - 00000000 ____D C:\FRST 2013-05-12 17:24 - 2009-07-13 20:34 - 00021440 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-05-12 17:24 - 2009-07-13 20:34 - 00021440 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-05-12 17:21 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-12 17:21 - 2009-07-13 20:39 - 00068951 ____A C:\Windows\setupact.log 2013-05-12 16:54 - 2010-10-26 23:39 - 01476675 ____A C:\Windows\WindowsUpdate.log 2013-05-12 16:43 - 2011-06-04 04:52 - 00000874 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-12 16:34 - 2011-06-04 04:52 - 00000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-11 20:11 - 2013-05-11 20:05 - 00000000 ___AD C:\.Trash-0 2013-05-11 19:41 - 2013-05-11 19:41 - 59768832 ____A C:\Windows\System32\config\SOFTWARE.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 19922944 ____A C:\Windows\System32\config\SYSTEM.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 03407872 ____A C:\Windows\System32\config\DEFAULT.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 00262144 ____A C:\Windows\System32\config\SECURITY.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 00262144 ____A C:\Windows\System32\config\SAM.bhv 2013-05-11 19:41 - 2010-10-29 22:34 - 00000000 ____D C:\users\Guest 2013-05-11 19:41 - 2010-10-26 20:57 - 00000000 ____D C:\users\OF 2013-05-11 19:41 - 2009-07-13 18:37 - 00000000 ___RD C:\users\Public 2013-05-11 18:54 - 2013-05-11 18:54 - 00000000 ___AD C:\$Anvi Rescue Disk$ 2013-05-11 16:40 - 2013-05-11 16:40 - 00174401 ____A C:\ProgramData\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00174396 ____A C:\Users\OF\AppData\Local\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00174372 ____A C:\Users\OF\AppData\Roaming\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00030720 ____A C:\Users\OF\Documents\4407b1b1.exe 2013-05-11 16:40 - 2013-05-11 16:40 - 00030720 ____A C:\Users\OF\Documents\4407b1b1.dll 2013-05-09 15:10 - 2013-04-21 16:48 - 00000000 ____D C:\ProgramData\DivX 2013-05-09 15:10 - 2013-04-21 16:48 - 00000000 ____D C:\Program Files\DivX 2013-05-09 15:07 - 2013-05-09 15:07 - 00000000 ____A C:\END 2013-05-05 08:00 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\rescache 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\zh-TW 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\zh-HK 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\zh-CN 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\tr-TR 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\sv-SE 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\ru-RU 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\pt-PT 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\pt-BR 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\pl-PL 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\nl-NL 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\nb-NO 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\ko-KR 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\ja-JP 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\it-IT 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\hu-HU 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\fr-FR 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\fi-FI 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\el-GR 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\de-DE 2013-05-03 18:40 - 2013-05-03 18:19 - 00007644 ____A C:\Windows\IE10_main.log 2013-05-03 18:32 - 2013-05-03 18:32 - 14323200 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 13761024 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-03 18:32 - 2013-05-03 18:32 - 02046464 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 01766912 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-03 18:32 - 2013-05-03 18:32 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-05-03 18:32 - 2013-05-03 18:32 - 01129984 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-05-03 18:32 - 2013-05-03 18:32 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-05-03 18:32 - 2013-05-03 18:32 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-05-03 18:28 - 2013-05-03 18:28 - 03419136 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 02284544 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01988096 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01504768 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01247744 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01230336 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01158144 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01080832 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00906240 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00604160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00417792 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00364544 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00207872 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00187392 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-01 22:06 - 2010-10-27 03:43 - 00238872 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2013-04-28 18:52 - 2010-10-27 19:17 - 00064480 ____A C:\Users\OF\AppData\Local\GDIPFONTCACHEV1.DAT 2013-04-25 15:13 - 2010-11-29 18:13 - 00064480 ____A C:\Users\OF\AppData\Roaming\GDIPFONTCACHEV1.DAT 2013-04-25 15:08 - 2011-10-16 08:32 - 00000000 ____D C:\Windows\Minidump 2013-04-25 15:06 - 2013-04-25 15:06 - 00135120 ____N C:\Windows\Minidump\042513-13500-01.dmp 2013-04-23 14:34 - 2009-07-13 20:33 - 00300192 ____A C:\Windows\System32\FNTCACHE.DAT 2013-04-21 16:50 - 2013-04-21 16:49 - 00000000 ____D C:\Program Files\Common Files\DivX Shared 2013-04-21 16:36 - 2010-10-28 18:47 - 00000000 ____D C:\ProgramData\Adobe 2013-04-21 16:34 - 2012-04-12 17:14 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2013-04-21 16:34 - 2011-06-13 14:01 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2013-04-19 18:05 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\NDF 2013-04-12 05:45 - 2013-04-23 14:42 - 01211752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-05-11 05:05:38 ==================== Memory info =========================== Percentage of memory in use: 18% Total physical RAM: 2046.06 MB Available physical RAM: 1658.68 MB Total Pagefile: 2046.06 MB Available Pagefile: 1656.68 MB Total Virtual: 2047.88 MB Available Virtual: 1963.55 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:74.52 GB) (Free:3.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: (OSCAR) (Removable) (Total:7.47 GB) (Free:7.15 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: F83B2997) Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 8 GB) (Disk ID: 00000000) Partition 1: (Active) - (Size=7 GB) - (Type=0B) Last Boot: 2013-05-05 07:54 ==================== End Of Log ============================ Would someone please be so kind to help me remove this virus. I really appreciate any help on this matter. Thank you in advance, Oscar FRST.txt
  4. Hello, I am having the same issue. I cannot get into any of the safe modes. Please if anyone can help me I would really appreciate it. I have downloaded your tool and ran it thru the command line on using the repair option, and here is the report: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-05-2013 Ran by SYSTEM on 12-05-2013 21:29:16 Running from E:\ Windows 7 Professional (X86) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet002 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated) HKLM\...\Run: [intelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe" [1093232 2012-11-02] (Microsoft Corporation) HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe" [1668720 2012-11-02] (Microsoft Corporation) HKLM\...\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-04-15] (DivX, LLC) HKLM\...\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1263952 2013-02-12] () HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [x] Winlogon\Notify\igfxcui: igfxsrvc.dll (Intel Corporation) HKU\Guest\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation) HKU\OF\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] C:\Users\OF\Documents\4407b1b1.exe [26624 2013-05-11] () HKU\OF\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation) HKU\OF\...\Winlogon: [shell] cmd.exe [26624 2010-11-20] (Microsoft Corporation) HKU\Public\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe [26624 2010-11-20] (Microsoft Corporation) ========================== Services (Whitelisted) ================= ==================== Drivers (Whitelisted) ==================== S3 ac97intc; C:\Windows\System32\drivers\ac97intc.sys [108032 2008-01-19] (Intel Corporation) S3 AE1000; C:\Windows\System32\DRIVERS\ae1000w7.sys [841504 2010-01-19] (Ralink Technology Corp.) S3 ialm; C:\Windows\System32\DRIVERS\ialmnt5.sys [1302492 2011-03-23] (Intel Corporation) S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [21784 2011-08-01] (Microsoft Corporation) S3 {6080A529-897E-4629-A488-ABA0C29B635E}; C:\Windows\System32\drivers\ialmsbw.sys [108736 2003-01-14] (Intel Corporation) S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}; C:\Windows\System32\drivers\ialmkchw.sys [78272 2003-01-14] (Intel Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-05-12 21:29 - 2013-05-12 21:29 - 00000000 ____D C:\FRST 2013-05-11 20:05 - 2013-05-11 20:11 - 00000000 ___AD C:\.Trash-0 2013-05-11 19:41 - 2013-05-11 19:41 - 59768832 ____A C:\Windows\System32\config\SOFTWARE.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 19922944 ____A C:\Windows\System32\config\SYSTEM.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 03407872 ____A C:\Windows\System32\config\DEFAULT.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 00262144 ____A C:\Windows\System32\config\SECURITY.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 00262144 ____A C:\Windows\System32\config\SAM.bhv 2013-05-11 18:54 - 2013-05-11 18:54 - 00000000 ___AD C:\$Anvi Rescue Disk$ 2013-05-11 16:40 - 2013-05-11 16:40 - 00174401 ____A C:\ProgramData\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00174396 ____A C:\Users\OF\AppData\Local\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00174372 ____A C:\Users\OF\AppData\Roaming\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00030720 ____A C:\Users\OF\Documents\4407b1b1.exe 2013-05-11 16:40 - 2013-05-11 16:40 - 00030720 ____A C:\Users\OF\Documents\4407b1b1.dll 2013-05-09 15:07 - 2013-05-09 15:07 - 00000000 ____A C:\END 2013-05-03 18:32 - 2013-05-03 18:32 - 14323200 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 13761024 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-03 18:32 - 2013-05-03 18:32 - 02046464 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 01766912 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-03 18:32 - 2013-05-03 18:32 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-05-03 18:32 - 2013-05-03 18:32 - 01129984 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-05-03 18:32 - 2013-05-03 18:32 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-05-03 18:32 - 2013-05-03 18:32 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-05-03 18:28 - 2013-05-03 18:28 - 03419136 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 02284544 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01988096 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01504768 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01247744 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01230336 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01158144 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01080832 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00906240 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00604160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00417792 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00364544 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00207872 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00187392 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-03 18:19 - 2013-05-03 18:40 - 00007644 ____A C:\Windows\IE10_main.log 2013-04-25 15:06 - 2013-04-25 15:06 - 00135120 ____N C:\Windows\Minidump\042513-13500-01.dmp 2013-04-23 14:42 - 2013-04-12 05:45 - 01211752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2013-04-21 16:49 - 2013-04-21 16:50 - 00000000 ____D C:\Program Files\Common Files\DivX Shared 2013-04-21 16:48 - 2013-05-09 15:10 - 00000000 ____D C:\ProgramData\DivX 2013-04-21 16:48 - 2013-05-09 15:10 - 00000000 ____D C:\Program Files\DivX ==================== One Month Modified Files and Folders ======== 2013-05-12 21:29 - 2013-05-12 21:29 - 00000000 ____D C:\FRST 2013-05-12 17:24 - 2009-07-13 20:34 - 00021440 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-05-12 17:24 - 2009-07-13 20:34 - 00021440 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-05-12 17:21 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-05-12 17:21 - 2009-07-13 20:39 - 00068951 ____A C:\Windows\setupact.log 2013-05-12 16:54 - 2010-10-26 23:39 - 01476675 ____A C:\Windows\WindowsUpdate.log 2013-05-12 16:43 - 2011-06-04 04:52 - 00000874 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-05-12 16:34 - 2011-06-04 04:52 - 00000878 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-05-11 20:11 - 2013-05-11 20:05 - 00000000 ___AD C:\.Trash-0 2013-05-11 19:41 - 2013-05-11 19:41 - 59768832 ____A C:\Windows\System32\config\SOFTWARE.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 19922944 ____A C:\Windows\System32\config\SYSTEM.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 03407872 ____A C:\Windows\System32\config\DEFAULT.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 00262144 ____A C:\Windows\System32\config\SECURITY.bhv 2013-05-11 19:41 - 2013-05-11 19:41 - 00262144 ____A C:\Windows\System32\config\SAM.bhv 2013-05-11 19:41 - 2010-10-29 22:34 - 00000000 ____D C:\users\Guest 2013-05-11 19:41 - 2010-10-26 20:57 - 00000000 ____D C:\users\OF 2013-05-11 19:41 - 2009-07-13 18:37 - 00000000 ___RD C:\users\Public 2013-05-11 18:54 - 2013-05-11 18:54 - 00000000 ___AD C:\$Anvi Rescue Disk$ 2013-05-11 16:40 - 2013-05-11 16:40 - 00174401 ____A C:\ProgramData\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00174396 ____A C:\Users\OF\AppData\Local\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00174372 ____A C:\Users\OF\AppData\Roaming\2433f433 2013-05-11 16:40 - 2013-05-11 16:40 - 00030720 ____A C:\Users\OF\Documents\4407b1b1.exe 2013-05-11 16:40 - 2013-05-11 16:40 - 00030720 ____A C:\Users\OF\Documents\4407b1b1.dll 2013-05-09 15:10 - 2013-04-21 16:48 - 00000000 ____D C:\ProgramData\DivX 2013-05-09 15:10 - 2013-04-21 16:48 - 00000000 ____D C:\Program Files\DivX 2013-05-09 15:07 - 2013-05-09 15:07 - 00000000 ____A C:\END 2013-05-05 08:00 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\rescache 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\zh-TW 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\zh-HK 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\zh-CN 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\tr-TR 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\sv-SE 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\ru-RU 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\pt-PT 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\pt-BR 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\pl-PL 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\nl-NL 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\nb-NO 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\ko-KR 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\ja-JP 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\it-IT 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\hu-HU 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\fr-FR 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\fi-FI 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\el-GR 2013-05-03 18:46 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\de-DE 2013-05-03 18:40 - 2013-05-03 18:19 - 00007644 ____A C:\Windows\IE10_main.log 2013-05-03 18:32 - 2013-05-03 18:32 - 14323200 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 13761024 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 02877440 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-05-03 18:32 - 2013-05-03 18:32 - 02046464 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 01766912 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 01441280 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2013-05-03 18:32 - 2013-05-03 18:32 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2013-05-03 18:32 - 2013-05-03 18:32 - 01129984 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00745472 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00719360 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00690688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00629248 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00523264 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00493056 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00391168 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2013-05-03 18:32 - 2013-05-03 18:32 - 00357888 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00242200 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00232960 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00204800 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00138752 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00137216 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00125440 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00117248 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00109056 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00082432 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00073728 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00069120 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2013-05-03 18:32 - 2013-05-03 18:32 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00057344 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00039424 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00023040 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2013-05-03 18:32 - 2013-05-03 18:32 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2013-05-03 18:32 - 2013-05-03 18:32 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2013-05-03 18:28 - 2013-05-03 18:28 - 03419136 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 02284544 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01988096 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01504768 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01247744 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01230336 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01158144 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 01080832 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00906240 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00604160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00417792 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00364544 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00249856 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00207872 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00187392 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll 2013-05-03 18:28 - 2013-05-03 18:28 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2013-05-01 22:06 - 2010-10-27 03:43 - 00238872 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe 2013-04-28 18:52 - 2010-10-27 19:17 - 00064480 ____A C:\Users\OF\AppData\Local\GDIPFONTCACHEV1.DAT 2013-04-25 15:13 - 2010-11-29 18:13 - 00064480 ____A C:\Users\OF\AppData\Roaming\GDIPFONTCACHEV1.DAT 2013-04-25 15:08 - 2011-10-16 08:32 - 00000000 ____D C:\Windows\Minidump 2013-04-25 15:06 - 2013-04-25 15:06 - 00135120 ____N C:\Windows\Minidump\042513-13500-01.dmp 2013-04-23 14:34 - 2009-07-13 20:33 - 00300192 ____A C:\Windows\System32\FNTCACHE.DAT 2013-04-21 16:50 - 2013-04-21 16:49 - 00000000 ____D C:\Program Files\Common Files\DivX Shared 2013-04-21 16:36 - 2010-10-28 18:47 - 00000000 ____D C:\ProgramData\Adobe 2013-04-21 16:34 - 2012-04-12 17:14 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2013-04-21 16:34 - 2011-06-13 14:01 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2013-04-19 18:05 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\NDF 2013-04-12 05:45 - 2013-04-23 14:42 - 01211752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys ==================== Known DLLs (Whitelisted) ============ ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-05-11 05:05:38 ==================== Memory info =========================== Percentage of memory in use: 18% Total physical RAM: 2046.06 MB Available physical RAM: 1658.68 MB Total Pagefile: 2046.06 MB Available Pagefile: 1656.68 MB Total Virtual: 2047.88 MB Available Virtual: 1963.55 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:74.52 GB) (Free:3.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: (OSCAR) (Removable) (Total:7.47 GB) (Free:7.15 GB) FAT32 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: F83B2997) Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 8 GB) (Disk ID: 00000000) Partition 1: (Active) - (Size=7 GB) - (Type=0B) Last Boot: 2013-05-05 07:54 ==================== End Of Log ============================ Please let me know what should I do next. Thank you! FRST.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.