VinnyCrew
Members-
Posts
3 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by VinnyCrew
-
72 hours to pay - Locked out!
VinnyCrew replied to Bmatheny's topic in Resolved Malware Removal Logs
WOW that is so AWESOME!!!! THANKS MR.C I WILL REPAY YOU IN A DONATION. JUST GIVE ME A LITTLE BIT TO COME UP WITH SOME EXTRA CHING. I DONT KNOW WHAT I WOULD HAVE DONE IF I DIDN'T FIND YOU. THANKYOU AGAIN VINNYCREW (so thankful) -
72 hours to pay - Locked out!
VinnyCrew replied to Bmatheny's topic in Resolved Malware Removal Logs
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013 Ran by SYSTEM on MININT-IDSH8NJ on 07-11-2013 17:12:37 Running from I:\ Windows 7 Home Premium (X64) OS Language: English(US) Internet Explorer Version 9 Boot Mode: Recovery The current controlset is ControlSet001 ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log. ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor) HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup HKLM-x32\...\Runonce: [AvgUninstallURL] - cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-app?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA"&"inst=NwA3AC0AMgAwADIANwA5ADUANwA5ADEALQBGAFAAOQArADYALQBCAEEAUgA5AEcAKwAxAC0AVABCADkAKwAyAC0ARgBMACsAOQAtAFgATwAzADYAKwAxAC0ARgA5AE0ANwBDACsANQAtAEYAOQBNADEAMABCACsAMgAtAFgATwA5ACsAMQAtAEYAOQBNADIAKwAxAC0ARABEAFQAKwA0ADAAOQA1ADMALQBEAEQAOQAwAEYAKwAxAC0AUwBUADkAMABGAEEAUABQACsAMQAtAEYAOQAwAE0AMQAyAEEATgArADEALQBGADkAMABNADEAMgBBACsAMQAtAEYAOQAwAE0AMQAyAEEAQgArADEALQBVADkANQArADEALQBGADkAMABNADEAMgBBAFQAQgBOACsAMQAtAFQAQgBWAFUAUABHACsAMQAyAC0ARgA5ADAATQAxADIARgBUACsAMQAtAFQAQgBOACsAMQA"&"prod=90"&"ver=9.0.894 [x] HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2010-11-29] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421160 2011-01-25] (Apple Inc.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe [35736 2011-01-30] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-10] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2236080 2013-06-26] () HKLM-x32\...\Run: [instaLAN] - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1885088 2012-02-23] (Affinegy, Inc.) HKU\Ben\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-20] (Google Inc.) HKU\Ben\...\Winlogon: [shell] explorer.exe,C:\Users\Ben\AppData\Roaming\cache.dat [80896 2013-11-05] () <==== ATTENTION HKU\Default\...\RunOnce: [scrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [162336 2009-07-21] () HKU\Default User\...\RunOnce: [scrSav] - C:\Program Files (x86)\eMachines\Screensaver\run_eMachines.exe [162336 2009-07-21] () Startup: C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart ==================== Services (Whitelisted) ================= S2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [563104 2012-02-23] (Affinegy, Inc.) S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5174392 2012-11-02] (AVG Technologies CZ, s.r.o.) S2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.) S2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [625184 2009-04-19] () S3 GameConsoleService; C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe [250616 2009-05-22] (WildTangent, Inc.) S2 Greg_Service; C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe [1150496 2009-08-28] (Acer Incorporated) S2 Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.8.0.41\ccSvcHst.exe [117640 2009-11-20] (Symantec Corporation) S2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [207904 2009-04-19] () S2 Updater Service; C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe [240160 2009-07-03] (Acer) S2 vToolbarUpdater15.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [1598128 2013-06-26] (AVG Secure Search) ==================== Drivers (Whitelisted) ==================== S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [127328 2012-12-10] (AVG Technologies CZ, s.r.o. ) S3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. ) S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. ) S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [307040 2012-11-08] (AVG Technologies CZ, s.r.o.) S1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.) S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.) S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [384800 2013-04-11] (AVG Technologies CZ, s.r.o.) S1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-06-26] (AVG Technologies) S1 BHDrvx64; C:\Windows\System32\Drivers\NISx64\1008000.029\BHDrvx64.sys [334384 2010-01-20] (Symantec Corporation) S1 ccHP; C:\Windows\System32\Drivers\NISx64\1008000.029\ccHPx64.sys [583296 2010-11-10] (Symantec Corporation) S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2010-11-09] (Symantec Corporation) S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20101109.001\IDSvia64.sys [476720 2010-10-19] (Symantec Corporation) S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1008000.029\SRTSP64.SYS [476720 2009-11-20] (Symantec Corporation) S1 SRTSPX; C:\Windows\system32\drivers\NISx64\1008000.029\SRTSPX64.SYS [32304 2009-11-20] (Symantec Corporation) S0 SymEFA; C:\Windows\System32\drivers\NISx64\1008000.029\SYMEFA64.SYS [402992 2009-11-20] (Symantec Corporation) S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172592 2010-11-09] (Symantec Corporation) S3 SYMFW; C:\Windows\System32\Drivers\NISx64\1008000.029\SYMFW.SYS [120880 2009-11-20] (Symantec Corporation) S1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [31280 2009-11-20] (Symantec Corporation) S3 SYMNDISV; C:\Windows\System32\Drivers\NISx64\1008000.029\SYMNDISV.SYS [56880 2009-11-20] (Symantec Corporation) S1 SYMTDI; C:\Windows\System32\Drivers\NISx64\1008000.029\SYMTDI.SYS [278576 2009-11-20] (Symantec Corporation) S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101110.039\ENG64.SYS [x] S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20101110.039\EX64.SYS [x] S3 sxuptp; system32\DRIVERS\sxuptp.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-11-05 21:08 - 2013-11-07 17:10 - 00000000 ____D C:\FRST 2013-11-05 18:56 - 2013-11-05 09:57 - 00080896 ____R C:\Users\Ben\AppData\Roaming\cache.dat 2013-11-05 14:58 - 2013-11-05 14:58 - 00003352 ____N C:\bootsqm.dat 2013-11-05 14:57 - 2013-11-05 14:57 - 00000000 __SHD C:\found.000 2013-11-05 09:58 - 2013-11-06 18:52 - 00000004 _____ C:\Users\Ben\AppData\Roaming\cache.ini 2013-10-27 09:25 - 2013-10-27 09:25 - 00000000 ____D C:\Users\Ben\AppData\Roaming\TuneUp Software 2013-10-26 16:13 - 2013-10-26 16:13 - 00000000 ____D C:\Windows\System32\Macromed ==================== One Month Modified Files and Folders ======= 2013-11-07 17:10 - 2013-11-05 21:08 - 00000000 ____D C:\FRST 2013-11-06 18:52 - 2013-11-05 09:58 - 00000004 _____ C:\Users\Ben\AppData\Roaming\cache.ini 2013-11-06 18:52 - 2013-06-07 10:55 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job 2013-11-06 18:52 - 2013-06-03 18:51 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2013-11-06 18:52 - 2010-04-20 15:13 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-11-06 18:52 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-11-06 18:52 - 2009-07-13 20:51 - 00074725 _____ C:\Windows\setupact.log 2013-11-06 17:55 - 2010-03-18 03:41 - 01869499 _____ C:\Windows\WindowsUpdate.log 2013-11-06 17:25 - 2010-04-20 15:13 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-11-06 17:21 - 2009-07-13 20:45 - 00009920 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-11-06 17:21 - 2009-07-13 20:45 - 00009920 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-11-06 17:20 - 2009-07-13 21:13 - 00726444 _____ C:\Windows\System32\PerfStringBackup.INI 2013-11-05 21:28 - 2013-02-19 09:36 - 00000000 ____D C:\Program Files (x86)\GUME149.tmp 2013-11-05 21:28 - 2012-02-13 16:34 - 00000000 ____D C:\c3e31db91a00c3a43c073240 2013-11-05 21:28 - 2012-01-16 12:24 - 00000000 ____D C:\Users\Ben\AppData\Roaming\AVG2012 2013-11-05 21:28 - 2012-01-16 12:19 - 00000000 ____D C:\ProgramData\AVG Secure Search 2013-11-05 21:28 - 2012-01-16 12:19 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search 2013-11-05 21:28 - 2012-01-16 12:17 - 00000000 ____D C:\ProgramData\AVG2012 2013-11-05 21:28 - 2012-01-16 12:12 - 00000000 ____D C:\ProgramData\MFAData 2013-11-05 21:28 - 2011-11-18 18:43 - 00000000 ____D C:\f0016d68ebbfd85ce6 2013-11-05 21:28 - 2011-08-23 10:39 - 00000000 ____D C:\Program Files (x86)\FrostWire 5 2013-11-05 21:28 - 2010-11-10 13:14 - 00000000 ____D C:\Windows\Minidump 2013-11-05 21:28 - 2010-10-12 12:04 - 00000000 ____D C:\Program Files (x86)\Ask.com 2013-11-05 21:28 - 2010-04-20 18:29 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker 2013-11-05 21:28 - 2010-04-20 14:53 - 00000000 ____D C:\users\Ben 2013-11-05 21:28 - 2009-11-20 12:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-11-05 21:28 - 2009-07-13 23:45 - 00000000 ____D C:\Program Files\Windows Journal 2013-11-05 21:28 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Sidebar 2013-11-05 21:28 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Portable Devices 2013-11-05 21:28 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2013-11-05 21:28 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files\DVD Maker 2013-11-05 21:28 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2013-11-05 21:28 - 2009-07-13 21:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2013-11-05 21:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\servicing 2013-11-05 21:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-11-05 21:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\L2Schemas 2013-11-05 21:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat 2013-11-05 21:28 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\System 2013-11-05 21:27 - 2012-07-02 15:38 - 00000000 ____D C:\Windows\System32\SPReview 2013-11-05 21:27 - 2012-07-02 15:37 - 00000000 ____D C:\Windows\System32\EventProviders 2013-11-05 21:27 - 2012-01-16 12:17 - 00000000 ____D C:\Windows\System32\Drivers\AVG 2013-11-05 21:27 - 2010-04-21 12:51 - 00000000 ____D C:\Windows\SysWOW64\Drivers\avg 2013-11-05 21:27 - 2009-11-20 12:46 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\sppui 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Setup 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\oobe 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\manifeststore 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\Dism 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\AdvancedInstallers 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\sppui 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Setup 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\oobe 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\migwiz 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\manifeststore 2013-11-05 21:27 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\Dism 2013-11-05 21:25 - 2010-08-01 19:50 - 00000000 ____D C:\Windows\{113016FE-E013-4FAF-85FB-8649DEED76B2} 2013-11-05 14:58 - 2013-11-05 14:58 - 00003352 ____N C:\bootsqm.dat 2013-11-05 14:57 - 2013-11-05 14:57 - 00000000 __SHD C:\found.000 2013-11-05 09:57 - 2013-11-05 18:56 - 00080896 ____R C:\Users\Ben\AppData\Roaming\cache.dat 2013-11-03 16:39 - 2010-09-26 14:27 - 00000000 ____D C:\Users\Ben\Documents\ACID Xpress 7.0 Projects 2013-11-03 12:06 - 2009-11-20 12:15 - 00029442 _____ C:\Windows\PFRO.log 2013-11-03 11:20 - 2010-04-20 15:13 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-11-03 11:20 - 2010-04-20 15:13 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-11-01 17:51 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration 2013-11-01 17:49 - 2010-12-06 08:58 - 00000000 ____D C:\Program Files (x86)\Belkin 2013-10-27 09:25 - 2013-10-27 09:25 - 00000000 ____D C:\Users\Ben\AppData\Roaming\TuneUp Software 2013-10-26 16:13 - 2013-10-26 16:13 - 00000000 ____D C:\Windows\System32\Macromed 2013-10-26 11:57 - 2013-08-26 07:42 - 00000000 ____D C:\Users\Ben\Documents\BEN RAPS!! 2013-10-21 08:54 - 2010-04-20 15:02 - 00000000 ____D C:\Users\Ben\AppData\Local\Google 2013-10-20 08:37 - 2012-01-16 12:39 - 00000000 ____D C:\Users\Ben\Documents\LOOPERMAN 1-16-12 and newer 2013-10-17 09:12 - 2010-12-12 14:39 - 00000000 ____D C:\Users\Ben\Documents\Looperman 2013-10-15 07:42 - 2012-08-31 21:36 - 00000000 ____D C:\Users\Ben\Documents\Youtube to Mp3 conversions Files to move or delete: ==================== C:\Users\Ben\AppData\Roaming\cache.dat C:\Users\Ben\AppData\Roaming\cache.ini ZeroAccess: C:\Users\Ben\AppData\Local\Google\Desktop\Install C:\ProgramData\4489882.pad C:\ProgramData\dsgsdgdsgdsgw.pad Some content of TEMP: ==================== C:\Users\Ben\AppData\Local\Temp\aacdec.exe C:\Users\Ben\AppData\Local\Temp\AskSLib.dll C:\Users\Ben\AppData\Local\Temp\avguidx.dll C:\Users\Ben\AppData\Local\Temp\CommonInstaller.exe C:\Users\Ben\AppData\Local\Temp\contentDATs.exe C:\Users\Ben\AppData\Local\Temp\Couninst.exe C:\Users\Ben\AppData\Local\Temp\iGearedHelper.dll C:\Users\Ben\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe C:\Users\Ben\AppData\Local\Temp\MachineIdCreator.exe C:\Users\Ben\AppData\Local\Temp\mp3el.exe C:\Users\Ben\AppData\Local\Temp\SearchWithGoogleUpdate.exe C:\Users\Ben\AppData\Local\Temp\SecurityScan_Release.exe C:\Users\Ben\AppData\Local\Temp\soxdec.exe C:\Users\Ben\AppData\Local\Temp\ToolbarInstaller.exe C:\Users\Ben\AppData\Local\Temp\uninst.exe C:\Users\Ben\AppData\Local\Temp\wpsetup.exe C:\Users\Ben\AppData\Local\Temp\zulusetup.exe C:\Users\Ben\AppData\Local\Temp\{C0B24C8C-1355-4242-A8BA-63B92217E680}-GoogleUpdateSetup.exe ==================== Known DLLs (Whitelisted) ================ ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== EXE ASSOCIATION ===================== HKLM\...\.exe: exefile => OK HKLM\...\exefile\DefaultIcon: %1 => OK HKLM\...\exefile\open\command: "%1" %* => OK ==================== Restore Points ========================= 8 Restore point made on: 2013-07-11 10:25:52 Restore point made on: 2013-07-24 08:11:01 Restore point made on: 2013-08-07 10:01:25 Restore point made on: 2013-10-06 20:46:57 Restore point made on: 2013-10-26 18:32:26 Restore point made on: 2013-10-30 13:01:32 Restore point made on: 2013-11-01 16:35:38 Restore point made on: 2013-11-02 14:06:23 ==================== Memory info =========================== Percentage of memory in use: 34% Total physical RAM: 1790.49 MB Available physical RAM: 1169.25 MB Total Pagefile: 1790.49 MB Available Pagefile: 1192.48 MB Total Virtual: 8192 MB Available Virtual: 8191.88 MB ==================== Drives ================================ Drive c: (eMachines) (Fixed) (Total:285.99 GB) (Free:182.59 GB) NTFS Drive e: (PQSERVICE) (Fixed) (Total:12 GB) (Free:2.92 GB) NTFS Drive i: (LEXAR) (Removable) (Total:0.47 GB) (Free:0.47 GB) FAT Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298 GB) (Disk ID: 60CC7B61) Partition 1: (Not Active) - (Size=12 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (MBR Code: Windows XP) (Size: 484 MB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=483 MB) - (Type=06) LastRegBack: 2013-06-03 22:28 ==================== End Of Log ============================ -
72 hours to pay - Locked out!
VinnyCrew replied to Bmatheny's topic in Resolved Malware Removal Logs
I have run the frst64 and now I have the frst.txt saved in the same place as my frst64 file. I have copied the txt. NOW WHAT? When I go to fix I'm being told that the frst.txt.cannot be found? It tells me that it should be in the same pot the original frst64 file is and it is in there.