Jump to content

Infected with FBI virus


Recommended Posts

Hello,

Got infected with FBI virus. Safe mode does not work either. Here is result of Farbar Recovery Scan Tool:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2013

Ran by SYSTEM on 03-05-2013 13:14:12

Running from D:\

Windows 7 Professional (X64) OS Language: English(US)

Internet Explorer Version 9

Boot Mode: Recovery

The current controlset is ControlSet001

ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2184520 2009-03-23] (CANON INC.)

HKLM\...\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon [767312 2009-03-17] (CANON INC.)

HKLM\...\Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [57928 2008-08-11] (LogMeIn, Inc.)

HKLM\...\Run: [RtHDVCpl] RAVCpl64.exe [x]

HKLM\...\Winlogon: [shell] regsvr32 /n /i /s "C:\Users\igor\AppData\Local\qwsrxz.jev" [x ] ()

HKLM-x32\...\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide [2793304 2009-10-14] ()

HKLM-x32\...\Run: [Lingvo Launcher] "C:\Program Files (x86)\ABBYY Lingvo 12\Lvagent.exe" /STARTUP [258048 2006-12-13] (ABBYY (BIT Software))

HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [44280 2012-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [] [x]

HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [642816 2012-12-18] (Adobe Systems Inc.)

HKLM-x32\...\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN [2621440 2010-06-10] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey [161088 2011-01-12] (McAfee, Inc.)

HKLM-x32\...\Run: [shStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE [215360 2011-01-12] (McAfee, Inc.)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [41208 2012-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)

HKU\igor\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2010-03-05] (Google Inc.)

HKU\igor\...\Run: [AdobeBridge] [x]

HKU\igor\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-13] (Microsoft Corporation)

HKU\igor\...\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [160592 2010-03-07] (Siber Systems)

HKU\igor\...\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18642024 2013-02-28] (Skype Technologies S.A.)

AppInit_DLLs: acaptuser64.dll [119160 2008-06-11] (Adobe Systems, Inc.)

Startup: C:ProgramData\Start Menu\Programs\Startup\ctfmon.lnk

ShortcutTarget: ctfmon.lnk -> C:\Windows\System32\regsvr32.exe (Microsoft Corporation)

Startup: C:\Users\igor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> (No File)

==================== Services (Whitelisted) =================

S2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [814344 2010-07-22] (ABBYY)

S2 AERTFilters; C:\Windows\system32\AERTSr64.exe [88576 2008-07-15] (Andrea Electronics Corporation)

S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [109352 2013-05-03] (SurfRight B.V.)

S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [375728 2012-11-07] (LogMeIn, Inc.)

S2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [147888 2012-11-07] (LogMeIn, Inc.)

S2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-11-08] (LogMeIn, Inc.)

S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [655944 2012-07-03] (Malwarebytes Corporation)

S2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [120128 2011-01-12] (McAfee, Inc.)

S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [190256 2012-06-10] (McAfee, Inc.)

S2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [209760 2011-01-12] (McAfee, Inc.)

S2 mfevtp; C:\Windows\system32\mfevtps.exe [156248 2012-06-10] (McAfee, Inc.)

S2 NovacomD; C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe [72192 2011-06-24] (Palm)

S2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2010-09-16] ()

==================== Drivers (Whitelisted) ====================

S3 Asushwio; C:\Windows\SysWow64\drivers\Asushwio.sys [5824 2004-01-28] ()

S2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2011-09-21] (CPUID)

S3 dgderdrv; C:\Windows\SysWow64\drivers\dgderdrv.sys [20032 2011-03-29] (Devguru Co., Ltd)

S2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2008-08-11] (LogMeIn, Inc.)

S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-06] ()

S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-06] ()

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24904 2012-07-03] (Malwarebytes Corporation)

S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [153952 2012-06-10] (McAfee, Inc.)

S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [217696 2012-06-10] (McAfee, Inc.)

S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [607152 2012-06-10] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [97960 2012-06-10] (McAfee, Inc.)

S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [281544 2012-06-10] (McAfee, Inc.)

S3 SNL320XP; C:\Windows\System32\DRIVERS\9kdUSB64.sys [30720 2007-07-03] (Sonix Technology Co., Ltd.)

S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-07] (Duplex Secure Ltd.)

S2 eamonm; system32\DRIVERS\eamonm.sys [x]

S4 LMIRfsClientNP; No ImagePath

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-05-03 13:13 - 2013-05-03 13:13 - 00000000 ____D C:\FRST

2013-05-03 08:53 - 2013-05-03 08:53 - 00001821 ____A C:\Users\Public\Desktop\HitmanPro.lnk

2013-05-03 08:53 - 2013-05-03 08:53 - 00000000 ____D C:\Program Files\HitmanPro

2013-05-03 08:50 - 2013-05-03 08:59 - 00000000 ____D C:ProgramData\HitmanPro

2013-05-03 07:20 - 2013-05-03 07:20 - 00054784 ____A C:ProgramData\kisodkf.qsb

2013-05-03 07:20 - 2013-05-03 07:20 - 00054784 ____A C:\Users\igor\AppData\Local\qwsrxz.jev

2013-04-28 13:03 - 2013-04-28 13:03 - 00000000 ____D C:\Program Files\SAMSUNG

2013-04-28 13:03 - 2010-04-27 06:25 - 00172104 ____A (MCCI Corporation) C:\Windows\System32\Drivers\sscdmdm.sys

2013-04-28 13:03 - 2010-04-27 06:25 - 00136264 ____A (MCCI Corporation) C:\Windows\System32\Drivers\sscdbus.sys

2013-04-28 13:03 - 2010-04-27 06:25 - 00019016 ____A (MCCI Corporation) C:\Windows\System32\Drivers\sscdmdfl.sys

2013-04-28 13:03 - 2010-04-27 06:25 - 00015944 ____A (MCCI Corporation) C:\Windows\System32\Drivers\sscdwhnt.sys

2013-04-28 13:03 - 2010-04-27 06:25 - 00015944 ____A (MCCI Corporation) C:\Windows\System32\Drivers\sscdwh.sys

2013-04-28 13:03 - 2010-04-27 06:25 - 00015432 ____A (MCCI Corporation) C:\Windows\System32\Drivers\sscdcmnt.sys

2013-04-28 13:03 - 2010-04-27 06:25 - 00015432 ____A (MCCI Corporation) C:\Windows\System32\Drivers\sscdcm.sys

2013-04-23 17:49 - 2013-04-12 06:45 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2013-04-17 07:12 - 2013-04-17 07:12 - 00000000 ____D C:\Users\igor\Documents\Outlook Files

2013-04-10 06:01 - 2013-02-21 02:30 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2013-04-10 06:01 - 2013-02-21 02:30 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2013-04-10 06:01 - 2013-02-21 02:29 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2013-04-10 06:01 - 2013-02-21 02:29 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2013-04-10 06:01 - 2013-02-21 02:29 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2013-04-10 06:01 - 2013-02-21 02:29 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2013-04-10 06:01 - 2013-02-21 02:29 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2013-04-10 06:01 - 2013-02-21 02:29 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2013-04-10 06:01 - 2013-02-21 02:29 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2013-04-10 06:01 - 2013-02-21 02:29 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll

2013-04-10 06:01 - 2013-02-21 02:29 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2013-04-10 06:01 - 2013-02-21 02:29 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2013-04-10 06:01 - 2013-02-21 02:29 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2013-04-10 06:01 - 2013-02-21 02:15 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll

2013-04-10 06:01 - 2013-02-21 02:15 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe

2013-04-10 06:01 - 2013-02-21 02:14 - 19230208 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll

2013-04-10 06:01 - 2013-02-21 02:14 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll

2013-04-10 06:01 - 2013-02-21 02:14 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll

2013-04-10 06:01 - 2013-02-21 02:14 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll

2013-04-10 06:01 - 2013-02-21 02:14 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll

2013-04-10 06:01 - 2013-02-21 02:14 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll

2013-04-10 06:01 - 2013-02-21 02:14 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll

2013-04-10 06:01 - 2013-02-21 02:14 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll

2013-04-10 06:01 - 2013-02-21 02:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll

2013-04-10 06:01 - 2013-02-21 02:14 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll

2013-04-10 06:01 - 2013-02-21 02:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll

2013-04-10 06:01 - 2013-02-21 02:14 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll

2013-04-10 06:01 - 2013-02-19 04:01 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2013-04-10 06:01 - 2013-02-19 03:42 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb

2013-04-10 06:01 - 2013-02-19 03:10 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-04-10 06:01 - 2013-02-19 02:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe

2013-04-10 05:05 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe

2013-04-10 05:05 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll

2013-04-10 05:05 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2013-04-10 05:05 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2013-04-10 05:05 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2013-04-10 05:05 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe

2013-04-10 05:05 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys

2013-04-10 05:05 - 2013-02-14 22:08 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll

2013-04-10 05:05 - 2013-02-14 22:06 - 03717632 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll

2013-04-10 05:05 - 2013-02-14 22:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll

2013-04-10 05:05 - 2013-02-14 20:37 - 03217408 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2013-04-10 05:05 - 2013-02-14 20:34 - 00131584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2013-04-10 05:05 - 2013-02-14 19:25 - 00036864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2013-04-10 05:05 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys

2013-04-07 12:32 - 2013-04-07 12:32 - 00000000 ____D C:\Users\igor\Documents\Fax

2013-04-04 19:06 - 2013-04-04 19:06 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-04-04 19:06 - 2013-04-04 19:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-04-04 19:06 - 2013-04-04 19:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-04-04 19:06 - 2013-04-04 19:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2013-04-04 19:06 - 2013-04-04 19:06 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2013-04-04 19:06 - 2013-04-04 19:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-04-04 19:06 - 2013-04-04 19:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2013-04-04 19:06 - 2013-04-04 19:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-04-04 19:06 - 2013-04-04 19:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

2013-04-04 19:05 - 2013-04-04 19:09 - 00007201 ____A C:\Windows\IE10_main.log

==================== One Month Modified Files and Folders =======

2013-05-03 13:13 - 2013-05-03 13:13 - 00000000 ____D C:\FRST

2013-05-03 09:01 - 2010-03-05 16:34 - 01155748 ____A C:\Windows\PFRO.log

2013-05-03 09:00 - 2013-01-24 06:50 - 00000890 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cdfa421826ff93.job

2013-05-03 09:00 - 2010-03-05 16:25 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs

2013-05-03 09:00 - 2010-03-05 16:23 - 01581829 ____A C:\Windows\WindowsUpdate.log

2013-05-03 09:00 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT

2013-05-03 09:00 - 2009-07-13 20:51 - 00019427 ____A C:\Windows\setupact.log

2013-05-03 08:59 - 2013-05-03 08:50 - 00000000 ____D C:ProgramData\HitmanPro

2013-05-03 08:59 - 2009-07-13 20:45 - 00014992 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2013-05-03 08:59 - 2009-07-13 20:45 - 00014992 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2013-05-03 08:57 - 2009-07-13 21:13 - 00783270 ____A C:\Windows\System32\PerfStringBackup.INI

2013-05-03 08:53 - 2013-05-03 08:53 - 00001821 ____A C:\Users\Public\Desktop\HitmanPro.lnk

2013-05-03 08:53 - 2013-05-03 08:53 - 00000000 ____D C:\Program Files\HitmanPro

2013-05-03 07:22 - 2010-03-05 16:41 - 00000000 ____D C:\Users\igor\AppData\Roaming\Skype

2013-05-03 07:21 - 2012-05-20 05:04 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job

2013-05-03 07:20 - 2013-05-03 07:20 - 00054784 ____A C:ProgramData\kisodkf.qsb

2013-05-03 07:20 - 2013-05-03 07:20 - 00054784 ____A C:\Users\igor\AppData\Local\qwsrxz.jev

2013-05-03 07:00 - 2010-03-05 16:41 - 00000894 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-05-03 06:22 - 2012-08-03 16:34 - 00000000 ___RD C:\Users\igor\Dropbox

2013-05-03 06:22 - 2012-08-03 16:30 - 00000000 ____D C:\Users\igor\AppData\Roaming\Dropbox

2013-05-03 06:18 - 2010-03-20 16:32 - 00000000 ____D C:ProgramData\LogMeIn

2013-04-29 03:47 - 2010-03-20 06:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2013-04-29 03:47 - 2010-03-05 16:41 - 00000000 ___RD C:\Program Files (x86)\Skype

2013-04-29 03:47 - 2010-03-05 16:41 - 00000000 ____D C:ProgramData\Skype

2013-04-28 13:13 - 2011-02-27 14:46 - 00000000 ____D C:ProgramData\Samsung

2013-04-28 13:11 - 2011-04-23 19:01 - 00001174 ____A C:\Users\Public\Desktop\Samsung Kies mini.lnk

2013-04-28 13:05 - 2011-02-27 14:46 - 00000000 ____D C:\Program Files (x86)\Samsung

2013-04-28 13:03 - 2013-04-28 13:03 - 00000000 ____D C:\Program Files\SAMSUNG

2013-04-17 07:12 - 2013-04-17 07:12 - 00000000 ____D C:\Users\igor\Documents\Outlook Files

2013-04-17 06:48 - 2010-03-07 09:40 - 00000000 ____D C:ProgramData\Adobe

2013-04-17 06:47 - 2012-05-20 05:04 - 00691592 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2013-04-17 06:47 - 2011-06-12 06:13 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2013-04-12 14:32 - 2010-03-06 15:37 - 00000000 ____D C:ProgramData\Microsoft Help

2013-04-12 06:45 - 2013-04-23 17:49 - 01656680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys

2013-04-11 18:01 - 2013-01-24 06:50 - 00002183 ____A C:\Users\Public\Desktop\Google Chrome.lnk

2013-04-11 17:53 - 2009-07-13 20:45 - 04991592 ____A C:\Windows\System32\FNTCACHE.DAT

2013-04-10 06:03 - 2010-03-05 16:31 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe

2013-04-07 14:36 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache

2013-04-07 12:32 - 2013-04-07 12:32 - 00000000 ____D C:\Users\igor\Documents\Fax

2013-04-05 11:46 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2013-04-04 19:09 - 2013-04-04 19:05 - 00007201 ____A C:\Windows\IE10_main.log

2013-04-04 19:06 - 2013-04-04 19:06 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl

2013-04-04 19:06 - 2013-04-04 19:06 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2013-04-04 19:06 - 2013-04-04 19:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat

2013-04-04 19:06 - 2013-04-04 19:06 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat

2013-04-04 19:06 - 2013-04-04 19:06 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec

2013-04-04 19:06 - 2013-04-04 19:06 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2013-04-04 19:06 - 2013-04-04 19:06 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx

2013-04-04 19:06 - 2013-04-04 19:06 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx

2013-04-04 19:06 - 2013-04-04 19:06 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll

2013-04-04 19:06 - 2013-04-04 19:06 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe

2013-04-04 19:06 - 2013-04-04 19:06 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-03-30 10:32:54

Restore point made on: 2013-04-04 19:05:06

Restore point made on: 2013-04-10 06:01:16

Restore point made on: 2013-04-17 07:55:33

Restore point made on: 2013-04-23 17:52:02

Restore point made on: 2013-05-01 04:22:19

==================== Memory info ===========================

Percentage of memory in use: 9%

Total physical RAM: 9207.18 MB

Available physical RAM: 8295.89 MB

Total Pagefile: 9205.33 MB

Available Pagefile: 8285.73 MB

Total Virtual: 8192 MB

Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:156.25 GB) (Free:61.73 GB) NTFS (Disk=0 Partition=2)

Drive d: (HITMANPRO) (Removable) (Total:3.72 GB) (Free:3.71 GB) FAT32 (Disk=5 Partition=1)

Drive f: (New Volume) (Fixed) (Total:439.82 GB) (Free:143.15 GB) NTFS (Disk=0 Partition=3)

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt

-------- ------------- ------- ------- --- ---

Disk 0 Online 596 GB 1024 KB

Disk 1 No Media 0 B 0 B

Disk 2 No Media 0 B 0 B

Disk 3 No Media 0 B 0 B

Disk 4 No Media 0 B 0 B

Disk 5 Online 3819 MB 0 B

Partitions of Disk 0:

===============

Disk ID: C0000000

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 100 MB 1024 KB

Partition 2 Primary 156 GB 101 MB

Partition 3 Primary 439 GB 156 GB

==================================================================================

Disk: 0

Partition 1

Type : 07

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

=========================================================

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 C NTFS Partition 156 GB Healthy

=========================================================

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 3 F New Volume NTFS Partition 439 GB Healthy

=========================================================

Partitions of Disk 5:

===============

Disk ID: 44894908

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 Primary 3812 MB 31 KB

==================================================================================

Disk: 5

Partition 1

Type : 0B

Hidden: No

Active: Yes

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 8 D HITMANPRO FAT32 Removable 3812 MB Healthy

=========================================================

============================== MBR & Partition Table ==================

====================================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: C0000000)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=156 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=440 GB) - (Type=07 NTFS)

====================================================================

Disk: 5 (Size: 4 GB) (Disk ID: 44894908)

Partition 1: (Active) - (Size=4 GB) - (Type=0B)

Last Boot: 2013-04-27 06:59

==================== End Of Log ============================

Thank you

Link to post
Share on other sites

OK, here you go......this should get you going:

Please download the attached fixlist.txt and copy it to your flashdrive.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options. (as you did before)

Run FRST64 or FRST (which ever one you're using) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

See if the computer boots normally now.

MrC

Link to post
Share on other sites

Here is log file:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2013

Ran by SYSTEM at 2013-05-03 13:46:16 Run:1

Running from D:\

Boot Mode: Recovery

==============================================

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value was restored successfully.

2013-05-03 07:20 - 2013-05-03 07:20 - 00054784 ____A C:ProgramData\kisodkf.qsb => File/Directory not found.

C:\Users\igor\AppData\Local\qwsrxz.jev => Moved successfully.

==== End of Fixlog ====

Thank you.

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.