Jump to content

buyajet

Members
  • Posts

    9
  • Joined

  • Last visited

Reputation

0 Neutral
  1. All is fine, I did what you said and all works well. Again thanks
  2. All went well and there are no threats anmymore thanks to you. I do not have the time to post the last 4 txt files this week. I did make a donation this morning and I want to thank you very much for your outstanding support.
  3. OK-it worked. I probably misread something. THANKS! Now how do we clear Malware and such
  4. Now the computer uis unable to star! It is running a "startup repair" program
  5. I could not copy and paste into this for some reason so I attached the file Fixlog.txt
  6. OK-I will be back yto you shortly. thank you
  7. On another computer running Win 7 we got hit with FBI virus I ran frst64.exe and followed instructions. Please help. Here are the results Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-06-2013 Ran by SYSTEM on 28-06-2013 12:15:42 Running from H:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 10 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2399632 2011-04-13] (Microsoft Corporation) HKLM\...\Run: [MSC] "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey [x] HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess HKLM-x32\...\Run: [startCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [102400 2010-05-11] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard) HKLM-x32\...\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc) HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-11-11] (Logitech Inc.) HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [] [x] HKLM-x32\...\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" [1564872 2012-06-06] (Ask) HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.) HKLM-x32\...\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [1495712 2013-06-07] (APN) HKLM-x32\...\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.) HKU\Cynthia\...\Winlogon: [shell] explorer.exe,C:\Users\Cynthia\AppData\Roaming\skype.dat [69632 2011-11-16] () <==== ATTENTION Startup: C:\ProgramData\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk ShortcutTarget: Logitech Desktop Messenger.lnk -> C:\Program Files (x86)\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (Logitech Inc.) ==================== Services (Whitelisted) ================= S2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [169640 2013-06-07] (APN LLC.) S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-05-17] () S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-05-17] () S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] () ==================== Drivers (Whitelisted) ==================== S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247128 2013-04-26] (Microsoft Corporation) S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [137296 2013-04-26] (Microsoft Corporation) S3 RemoteControl-USBLAN; C:\Windows\System32\DRIVERS\rcblan.sys [46616 2007-01-24] (Belcarra Technologies) S1 tphwsykj; \??\C:\Windows\system32\drivers\tphwsykj.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-06-28 12:15 - 2013-06-28 12:15 - 00000000 ____D C:\FRST 2013-06-27 20:04 - 2013-06-27 20:04 - 00000000 ____D C:\Windows\TempD340B8E9-FB2D-50CA-6378-6F7305AC5AAD-Signatures 2013-06-27 19:55 - 2013-06-28 08:09 - 00000000 ____A C:\Users\Cynthia\AppData\Roaming\skype.ini 2013-06-22 16:46 - 2013-06-22 16:46 - 00000000 ____D C:\Windows\TempB549E74C-376C-60CE-3A7C-2A81AD9F9CCE-Signatures 2013-06-22 16:43 - 2013-06-08 06:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-22 16:43 - 2013-06-08 06:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-22 16:43 - 2013-06-08 06:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-22 16:43 - 2013-06-08 06:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-22 16:43 - 2013-06-08 06:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-06-22 16:43 - 2013-06-08 04:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-22 16:43 - 2013-06-08 03:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-22 16:43 - 2013-06-08 03:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-22 16:43 - 2013-06-08 03:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-22 16:43 - 2013-06-08 03:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-22 16:43 - 2013-06-08 03:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-06-22 16:43 - 2013-06-08 03:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-22 16:43 - 2013-05-16 17:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-06-22 16:43 - 2013-05-16 17:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-06-22 16:43 - 2013-05-16 17:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-06-22 16:43 - 2013-05-16 17:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-06-22 16:43 - 2013-05-16 17:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-06-22 16:43 - 2013-05-16 17:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-06-22 16:43 - 2013-05-16 17:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-06-22 16:43 - 2013-05-16 17:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-06-22 16:43 - 2013-05-16 16:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2013-06-22 16:43 - 2013-05-16 16:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2013-06-22 16:43 - 2013-05-16 16:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2013-06-22 16:43 - 2013-05-16 16:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2013-06-22 16:43 - 2013-05-16 16:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2013-06-22 16:43 - 2013-05-16 16:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2013-06-22 16:43 - 2013-05-16 16:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2013-06-22 16:43 - 2013-05-16 16:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2013-06-22 16:43 - 2013-05-16 16:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2013-06-22 16:43 - 2013-05-14 04:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2013-06-22 16:43 - 2013-05-14 00:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-06-22 13:06 - 2013-06-22 13:06 - 11679672 ____A C:\Users\Cynthia\Downloads\mp3rocket(2).exe 2013-06-22 12:55 - 2013-05-12 21:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2013-06-22 12:55 - 2013-05-12 21:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2013-06-22 12:55 - 2013-05-12 21:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2013-06-22 12:55 - 2013-05-12 21:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll 2013-06-22 12:55 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-06-22 12:55 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2013-06-22 12:55 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2013-06-22 12:55 - 2013-05-12 19:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe 2013-06-22 12:55 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe 2013-06-22 12:55 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll 2013-06-22 12:53 - 2013-05-07 22:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2013-06-22 12:53 - 2013-04-25 21:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2013-06-22 12:53 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll 2013-06-22 12:46 - 2013-06-22 12:46 - 00001745 ____A C:\Users\Public\Desktop\iTunes.lnk 2013-06-22 12:46 - 2013-06-22 12:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-06-22 12:46 - 2013-06-22 12:46 - 00000000 ____D C:\Program Files\iTunes 2013-06-22 12:46 - 2013-06-22 12:46 - 00000000 ____D C:\Program Files\iPod 2013-06-22 12:46 - 2013-06-22 12:46 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-06-22 12:39 - 2013-06-28 08:32 - 00000448 ____A C:\Windows\setupact.log 2013-06-22 12:39 - 2013-06-22 12:39 - 00000000 ____A C:\Windows\setuperr.log 2013-06-09 14:29 - 2013-06-09 14:29 - 00000000 ____D C:\ProgramData\McAfeeSecurePC 2013-06-07 13:59 - 2013-03-18 21:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll 2013-06-07 13:59 - 2013-03-18 21:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll 2013-06-07 13:59 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys ==================== One Month Modified Files and Folders ======= 2013-06-28 12:15 - 2013-06-28 12:15 - 00000000 ____D C:\FRST 2013-06-28 08:32 - 2013-06-22 12:39 - 00000448 ____A C:\Windows\setupact.log 2013-06-28 08:32 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT 2013-06-28 08:09 - 2013-06-27 19:55 - 00000000 ____A C:\Users\Cynthia\AppData\Roaming\skype.ini 2013-06-28 08:07 - 2009-07-13 21:13 - 00714754 ____A C:\Windows\System32\PerfStringBackup.INI 2013-06-28 08:06 - 2012-11-03 21:19 - 00687849 ____A C:\Windows\WindowsUpdate.log 2013-06-28 08:04 - 2011-09-16 21:29 - 00000896 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-06-28 07:59 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-06-28 07:59 - 2009-07-13 20:45 - 00015792 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-06-27 20:04 - 2013-06-27 20:04 - 00000000 ____D C:\Windows\TempD340B8E9-FB2D-50CA-6378-6F7305AC5AAD-Signatures 2013-06-27 20:04 - 2012-07-19 03:25 - 00002146 ____A C:\Windows\epplauncher.mif 2013-06-27 19:42 - 2012-07-25 18:46 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-06-27 19:32 - 2011-09-16 21:29 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-06-27 15:09 - 2009-07-24 11:22 - 00000000 ____D C:\Windows\Panther 2013-06-22 16:46 - 2013-06-22 16:46 - 00000000 ____D C:\Windows\TempB549E74C-376C-60CE-3A7C-2A81AD9F9CCE-Signatures 2013-06-22 16:46 - 2011-04-14 15:34 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-06-22 16:44 - 2011-04-14 16:09 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe 2013-06-22 16:43 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache 2013-06-22 14:14 - 2012-07-19 15:10 - 00000000 ____D C:\Users\Cynthia\Incomplete 2013-06-22 13:48 - 2010-11-09 01:04 - 00000000 ____D C:\ProgramData\PDFC 2013-06-22 13:42 - 2012-07-22 16:27 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-06-22 13:42 - 2012-07-22 16:27 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-06-22 13:06 - 2013-06-22 13:06 - 11679672 ____A C:\Users\Cynthia\Downloads\mp3rocket(2).exe 2013-06-22 13:00 - 2011-10-28 14:19 - 00000000 ____A C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt 2013-06-22 13:00 - 2011-04-23 15:39 - 00000052 ____A C:\Windows\SysWOW64\DOErrors.log 2013-06-22 12:58 - 2011-04-23 15:38 - 00000000 ____D C:\Users\Cynthia\AppData\Roaming\HP Support Assistant 2013-06-22 12:58 - 2011-04-17 14:55 - 00000000 ____D C:\Users\Cynthia\AppData\Roaming\HpUpdate 2013-06-22 12:52 - 2012-07-18 14:50 - 00000000 ____D C:\Users\Cynthia\AppData\Roaming\MP3Rocket 2013-06-22 12:46 - 2013-06-22 12:46 - 00001745 ____A C:\Users\Public\Desktop\iTunes.lnk 2013-06-22 12:46 - 2013-06-22 12:46 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-06-22 12:46 - 2013-06-22 12:46 - 00000000 ____D C:\Program Files\iTunes 2013-06-22 12:46 - 2013-06-22 12:46 - 00000000 ____D C:\Program Files\iPod 2013-06-22 12:46 - 2013-06-22 12:46 - 00000000 ____D C:\Program Files (x86)\iTunes 2013-06-22 12:39 - 2013-06-22 12:39 - 00000000 ____A C:\Windows\setuperr.log 2013-06-09 19:21 - 2012-05-13 03:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-06-09 19:21 - 2011-04-14 11:37 - 00000000 ____D C:\users\Cynthia 2013-06-09 16:18 - 2013-02-09 20:11 - 00000340 ____A C:\Windows\Tasks\HPCeeScheduleForCynthia.job 2013-06-09 14:37 - 2013-06-09 14:29 - 00000000 ____D C:\ProgramData\McAfeeSecurePC 2013-06-09 09:40 - 2013-03-07 16:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-06-08 06:08 - 2013-06-22 16:43 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2013-06-08 06:07 - 2013-06-22 16:43 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2013-06-08 06:06 - 2013-06-22 16:43 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2013-06-08 06:06 - 2013-06-22 16:43 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2013-06-08 06:06 - 2013-06-22 16:43 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2013-06-08 04:28 - 2013-06-22 16:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2013-06-08 03:42 - 2013-06-22 16:43 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-06-08 03:40 - 2013-06-22 16:43 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-06-08 03:40 - 2013-06-22 16:43 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-06-08 03:40 - 2013-06-22 16:43 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-06-08 03:40 - 2013-06-22 16:43 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-06-08 03:14 - 2012-08-25 23:16 - 00000000 ____D C:\Users\Cynthia\AppData\Local\CrashDumps 2013-06-08 03:13 - 2013-06-22 16:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-06-07 16:45 - 2011-05-16 17:46 - 00000346 ____A C:\Windows\Tasks\HPCeeScheduleForCYNTHIA-HP$.job 2013-06-07 13:58 - 2012-07-19 03:25 - 00000000 ____D C:\Program Files\Microsoft Security Client 2013-06-07 13:58 - 2012-07-19 03:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client ZeroAccess: C:\$Recycle.Bin\S-1-5-21-2641964407-500067123-2422209157-1000\$4a82ca00c5689e198cd45a5212d5036d ZeroAccess: C:\$Recycle.Bin\S-1-5-18\$4a82ca00c5689e198cd45a5212d5036d Files to move or delete: ==================== C:\Users\Cynthia\AppData\Roaming\skype.dat C:\Users\Cynthia\AppData\Roaming\skype.ini ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender C:\Program Files\Microsoft Security Client\MsMpEng.exe => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= Restore point made on: 2013-03-29 22:40:28 Restore point made on: 2013-04-04 16:02:55 Restore point made on: 2013-04-12 15:03:48 Restore point made on: 2013-04-12 22:27:37 Restore point made on: 2013-04-20 16:19:26 Restore point made on: 2013-04-28 12:28:52 Restore point made on: 2013-04-28 22:15:02 Restore point made on: 2013-05-10 16:07:09 Restore point made on: 2013-05-19 11:57:01 Restore point made on: 2013-05-19 22:33:57 Restore point made on: 2013-06-07 13:52:21 Restore point made on: 2013-06-07 13:57:08 Restore point made on: 2013-06-07 13:59:56 Restore point made on: 2013-06-22 16:42:28 Restore point made on: 2013-06-22 16:42:57 Restore point made on: 2013-06-22 16:45:20 Restore point made on: 2013-06-22 16:45:29 Restore point made on: 2013-06-22 16:45:30 Restore point made on: 2013-06-22 16:45:31 Restore point made on: 2013-06-22 16:45:49 Restore point made on: 2013-06-22 16:46:04 Restore point made on: 2013-06-22 16:46:08 Restore point made on: 2013-06-27 20:04:01 ==================== Memory info =========================== Percentage of memory in use: 20% Total physical RAM: 3839.29 MB Available physical RAM: 3038.7 MB Total Pagefile: 3837.43 MB Available Pagefile: 3006.55 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:685.25 GB) (Free:616.28 GB) NTFS (Disk=0 Partition=2) Drive e: (HP_RECOVERY) (Fixed) (Total:13.28 GB) (Free:1.63 GB) NTFS (Disk=0 Partition=3) ==>[system with boot components (obtained from reading drive)] Drive h: (TRAVELDRIVE) (Removable) (Total:1.91 GB) (Free:1.91 GB) FAT (Disk=2 Partition=1) Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 699 GB) (Disk ID: 8CEC28D5) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=685 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (Size: 2 GB) (Disk ID: 00000000) Partition 1: (Active) - (Size=2 GB) - (Type=0E) LastRegBack: 2013-06-22 15:05 ==================== End Of Log ============================ Search txt: Farbar Recovery Scan Tool (x64) Version: 27-06-2013 Ran by SYSTEM at 2013-06-28 12:17:59 Running from H:\ Boot Mode: Recovery ================== Search: "services.exe" =================== C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB C:\Windows\System32\services.exe [2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB ====== End Of Search ======
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.