Jump to content

Moneypak FBI Virus white screen


Recommended Posts

I've looked through a few of the previous topics on this, and ran the frst.exe scan already.  The log I received follow.  Please help!  Thanks

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-08-2013
Ran by SYSTEM on 29-08-2013 15:39:46
Running from G:\
Windows Vista Ultimate (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet004
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ECenter] - C:\Dell\E-Center\EULALauncher.exe [17920 2007-05-24] ( )
HKLM\...\Run: [iAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-07-26] (Intel Corporation)
HKLM\...\Run: [startCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [Google Desktop Search] - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-01-12] (Google)
HKLM\...\Run: [dscactivate] - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2007-10-09] ( )
HKLM\...\Run: [DellSupportCenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM\...\Run: [NMSSupport] - C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation)
HKLM\...\Run: [CCUTRAYICON] - C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe [215256 2007-06-27] (Intel® Corporation)
HKLM\...\Run: [sigmatelSysTrayApp] - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-05-06] (SigmaTel, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [56080 2007-04-11] (Logitech Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM\...\Run: [seagate Dashboard] - C:\Program Files\Seagate\Seagate Dashboard\MemeoLauncher.exe [79112 2010-07-06] ()
HKLM\...\Run: [] -  [x]
HKLM\...\Run: [ApnUpdater] - "C:\Program Files\Ask.com\Updater\Updater.exe" [x]
HKLM\...\Run: [sendori Tray] - C:\Program Files\Sendori\SendoriTray.exe [83232 2013-07-01] (Sendori, Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM\...\Run: [TkBellExe] - c:\program files\real\realplayer\Update\realsched.exe [295512 2013-05-03] (RealNetworks, Inc.)
HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Winlogon: [userinit] C:\Windows\system32\userinit.exe
HKU\Administrator\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\chagedorn\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\gisuser\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\JimH\...\Run: [DellSupportCenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [ 2009-05-21] (SupportSoft, Inc.)
HKU\JimH\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\JimH.NETRONLINE\...\Run: [DellSupportCenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [ 2009-05-21] (SupportSoft, Inc.)
HKU\JimH.NETRONLINE\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\JimH.NETRONLINE\...\Run: [iSUSPM] - C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [ 2007-08-30] (Macrovision Corporation)
HKU\JimH.NETRONLINE\...\Run: [Google Update] - C:\Users\JimH.NETRONLINE\AppData\Local\Google\Update\GoogleUpdate.exe [ 2009-05-06] (Google Inc.)
HKU\JimH.NETRONLINE\...\Run: [Pando Media Booster] - C:\Program Files\Pando Networks\Media Booster\PMB.exe [ 2010-03-30] ()
HKU\JimH.NETRONLINE\...\Run: [Akamai NetSession Interface] - C:\Users\JimH.NETRONLINE\AppData\Local\Akamai\netsession_win.exe [ 2013-06-05] (Akamai Technologies, Inc.)
HKU\JimH.NETRONLINE\...\Run: [spybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [ 2009-03-05] (Safer-Networking Ltd.)
HKU\JimH.NETRONLINE\...\Winlogon: [shell] C:\Users\JimH.NETRONLINE\AppData\Roaming\dlc.xmm,explorer.exe <==== ATTENTION
BootExecute: autocheck autochk * lsdelete

========================== Services (Whitelisted) =================

S2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-10] ()
S2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel® Corporation)
S2 Application Sendori; C:\Program Files\Sendori\SendoriSvc.exe [119072 2013-07-01] (Sendori, Inc.)
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel® Corporation)
S2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] ()
S2 FLEXlm Service 1; C:\Program Files\Leica Geosystems\Shared\bin\ntx86\lmgrd.exe [1443632 2013-03-26] (Flexera Software LLC)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-01-12] (Google)
S2 gupdate1c99048f72006a8; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-02-16] (Google Inc.)
S2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel® Corporation)
S2 Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1737728 2012-09-21] (Lavasoft Limited                                                  )
S2 lmadmin; C:\Program Files\FlexNet Publisher License Server Manager\lmadmin.exe [8027952 2013-03-20] (Flexera Software LLC)
S2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()
S2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel® Corporation)
S2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel® Corporation)
S2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel® Corporation)
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-03-06] ()
S2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel® Corporation)
S2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 SeagateDashboardService; C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe [14088 2010-07-06] (Memeo)
S2 Service Sendori; C:\Program Files\Sendori\Sendori.Service.exe [22304 2013-07-01] (sendori)
S2 sndappv2; C:\Program Files\Sendori\sndappv2.exe [3623200 2013-07-01] (Sendori)
S2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-08-13] (SupportSoft, Inc.)
S2 STacSV; C:\Windows\system32\STacSV.exe [94208 2007-05-06] (SigmaTel, Inc.)
S2 CltMngSvc; C:\Program Files\SearchProtect\bin\CltMngSvc.exe [x]

==================== Drivers (Whitelisted) ====================

S0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-10] (Microsoft Corporation)
S3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas32.sys [25088 2008-02-14] (Dell Inc.)
S3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2007-12-08] (Intel Corporation)
S0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64512 2011-07-21] (Lavasoft AB)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28688 2007-04-11] (Logitech, Inc.)
S2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.)
S3 STHDA; C:\Windows\System32\drivers\stwrt.sys [326656 2007-05-06] (SigmaTel, Inc.)
S3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2011-03-30] (TeamViewer GmbH)
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [x]
S2 DS1410D; SYSTEM32\drivers\DS1410D.SYS [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 motccgp; system32\DRIVERS\motccgp.sys [x]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]
S3 motmodem; system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [x]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 USBAAPL; System32\Drivers\usbaapl.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-29 15:28 - 2009-04-10 22:27 - 00627200 _____ (Microsoft Corporation) C:\sethc.exe
2013-08-29 09:25 - 2013-08-29 09:26 - 00000050 _____ C:\Users\JimH.NETRONLINE\imagine_history_082913_102509.txt
2013-08-29 08:01 - 2013-08-29 08:23 - 00000000 ____D C:\ProgramData\wmfb
2013-08-28 23:26 - 2013-08-29 07:42 - 00000000 ____D C:\ProgramData\6Vn3a333
2013-08-28 14:36 - 2013-08-28 15:00 - 00001087 _____ C:\Users\JimH.NETRONLINE\imagine_history_082813_153628.txt
2013-08-26 15:03 - 2013-08-26 15:03 - 19102896 _____ C:\Users\JimH.NETRONLINE\Downloads\DRVR_Network_Intel_A07-615P2_setup_ZPE.exe
2013-08-08 13:56 - 2013-08-08 14:07 - 00000000 ____D C:\Program Files\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

2013-08-29 14:35 - 2011-08-12 18:40 - 00000064 _____ C:\Windows\System32\rp_stats.dat
2013-08-29 14:35 - 2011-08-12 18:40 - 00000044 _____ C:\Windows\System32\rp_rules.dat
2013-08-29 14:35 - 2007-12-08 01:42 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-08-29 14:33 - 2006-11-02 04:46 - 00003568 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-29 14:33 - 2006-11-02 04:46 - 00003568 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-29 14:32 - 2010-01-14 14:30 - 00051384 _____ C:\aaw7boot.log
2013-08-29 14:32 - 2008-05-01 06:27 - 00055178 _____ C:\Windows\System32\Drivers\stwrte.log
2013-08-29 14:30 - 2010-03-30 14:11 - 00000000 ____D C:\Users\JimH.NETRONLINE\AppData\Local\PMB Files
2013-08-29 14:03 - 2006-11-02 04:59 - 00049244 _____ C:\Windows\PFRO.log
2013-08-29 13:44 - 2007-12-14 15:40 - 00000136 _____ C:\Windows\System32\config\netlogon.ftl
2013-08-29 13:36 - 2007-12-08 01:36 - 01207712 _____ C:\Windows\WindowsUpdate.log
2013-08-29 09:26 - 2013-08-29 09:25 - 00000050 _____ C:\Users\JimH.NETRONLINE\imagine_history_082913_102509.txt
2013-08-29 09:25 - 2007-12-14 16:21 - 00000000 ____D C:\users\JimH.NETRONLINE
2013-08-29 08:57 - 2013-05-30 10:45 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-08-29 08:57 - 2013-05-29 00:38 - 00000000 ____D C:\Users\JimH.NETRONLINE\AppData\Local\Akamai
2013-08-29 08:57 - 2012-05-07 10:39 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-08-29 08:57 - 2010-03-30 14:11 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-29 08:57 - 2009-04-03 08:03 - 00000000 ___HD C:\users\IUSR_NMPR
2013-08-29 08:57 - 2008-09-19 09:07 - 00000000 ____D C:\users\chagedorn
2013-08-29 08:57 - 2008-03-27 09:27 - 00000000 ____D C:\Program Files\Bulk Rename Utility
2013-08-29 08:57 - 2007-12-14 16:35 - 00000000 ____D C:\users\Administrator
2013-08-29 08:57 - 2007-12-14 15:14 - 00000000 ____D C:\users\JimH
2013-08-29 08:57 - 2006-11-02 04:35 - 00000000 ____D C:\Program Files\Windows Defender
2013-08-29 08:57 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\spool
2013-08-29 08:57 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\Msdtc
2013-08-29 08:57 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\registration
2013-08-29 08:57 - 2006-11-02 02:22 - 98828288 _____ C:\Windows\System32\config\software_previous
2013-08-29 08:57 - 2006-11-02 02:22 - 26476544 _____ C:\Windows\System32\config\system_previous
2013-08-29 08:51 - 2006-11-02 03:18 - 00000000 ____D C:\Windows\System32\LogFiles
2013-08-29 08:51 - 2006-11-02 02:22 - 44564480 _____ C:\Windows\System32\config\components_previous
2013-08-29 08:51 - 2006-11-02 02:22 - 00262144 _____ C:\Windows\System32\config\sam_previous
2013-08-29 08:37 - 2013-03-22 07:38 - 00000000 ____D C:\ProgramData\Sendori
2013-08-29 08:34 - 2009-02-11 12:57 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-08-29 08:23 - 2013-08-29 08:01 - 00000000 ____D C:\ProgramData\wmfb
2013-08-29 07:47 - 2006-11-02 02:22 - 05767168 _____ C:\Windows\System32\config\default_previous
2013-08-29 07:42 - 2013-08-28 23:26 - 00000000 ____D C:\ProgramData\6Vn3a333
2013-08-29 07:38 - 2006-11-02 02:22 - 00262144 _____ C:\Windows\System32\config\security_previous
2013-08-28 23:26 - 2007-12-08 02:07 - 00000000 ____D C:\Program Files\Google
2013-08-28 18:51 - 2009-10-28 09:35 - 00000680 _____ C:\Users\JimH.NETRONLINE\AppData\Local\d3d9caps.dat
2013-08-28 15:00 - 2013-08-28 14:36 - 00001087 _____ C:\Users\JimH.NETRONLINE\imagine_history_082813_153628.txt
2013-08-28 15:00 - 2011-01-13 13:46 - 00000000 ____D C:\LPS_DATA
2013-08-28 14:38 - 2008-03-21 07:51 - 00000000 ____D C:\Users\JimH.NETRONLINE\.imagine920
2013-08-27 14:44 - 2006-11-02 02:33 - 00768826 _____ C:\Windows\System32\PerfStringBackup.INI
2013-08-26 15:03 - 2013-08-26 15:03 - 19102896 _____ C:\Users\JimH.NETRONLINE\Downloads\DRVR_Network_Intel_A07-615P2_setup_ZPE.exe
2013-08-23 15:58 - 2007-12-14 17:22 - 00000000 ____D C:\JH
2013-08-23 15:57 - 2013-07-02 18:02 - 00029038 _____ C:\Users\JimH.NETRONLINE\imagine_history_070213_190216.txt
2013-08-22 13:20 - 2013-04-23 12:30 - 00002094 _____ C:\Users\JimH.NETRONLINE\Desktop\Google Chrome.lnk
2013-08-21 15:59 - 2007-12-18 09:06 - 00000000 ____D C:\Users\JimH.NETRONLINE\.imagine910
2013-08-20 18:30 - 2013-06-12 01:30 - 17737608 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerInstaller.exe
2013-08-20 18:30 - 2012-05-17 16:16 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-08-20 18:30 - 2011-06-29 23:27 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-08-08 14:07 - 2013-08-08 13:56 - 00000000 ____D C:\Program Files\Mozilla Thunderbird

Files to move or delete:
====================
ZeroAccess:
C:\Program Files\Google\Desktop\Install\{35730390-6696-bc54-5b84-516ef35a13b8}
C:\Users\JimH\AppData\Local\Temp\100005f.exe
C:\Users\JimH\AppData\Local\Temp\uf6pvhyo.exe
C:\Users\JimH\AppData\Local\Temp\{D0C51410-E6BA-4A2C-A2F2-8989EF1B5A96}\{8A2BBC6F-2EE2-479D-9664-54C4847BB200}\isrt.dll
C:\Users\JimH\AppData\Local\Temp\VSD536C.tmp\dotnetfx\dotnetchk.exe
C:\Users\JimH\AppData\Local\Temp\pft936B.tmp\MstrHD.dll
C:\Users\JimH\AppData\Local\Temp\pft936B.tmp\Setup.exe
C:\Users\JimH\AppData\Local\Temp\pft936B.tmp\SPHlpr.dll
C:\Users\JimH\AppData\Local\Temp\pft936B.tmp\3-YT\ytb_7.0.4.0_ypsr_1.14_logi_uber_setup_.exe
C:\Users\JimH\AppData\Local\Temp\pft936B.tmp\1-SetPoint\ISSetup.dll
C:\Users\JimH\AppData\Local\Temp\pft936B.tmp\1-SetPoint\setup.exe
C:\Users\JimH\AppData\Local\Temp\pft936B.tmp\1-SetPoint\_Setup.dll
C:\Users\JimH\AppData\Local\Temp\pft936B.tmp\1-SetPoint\Redist\instmsiw.exe
C:\Users\JimH\AppData\Local\Temp\pft936B.tmp\1-SetPoint\Redist\vcredist_x86.exe
C:\Users\JimH\AppData\Local\Temp\pft936B.tmp\1-SetPoint\Redist\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\JimH\AppData\Local\Temp\pft936B.tmp\1-SetPoint\CDDRV\CDDRV_Installer.exe
C:\Users\JimH\AppData\Local\Temp\pft3785.tmp\INS9XMSI.EXE
C:\Users\JimH\AppData\Local\Temp\pft3785.tmp\INSNTMSI.EXE
C:\Users\JimH\AppData\Local\Temp\pft3785.tmp\setup.exe
C:\Users\JimH\AppData\Local\Temp\isp7E47.tmp\_Setup.dll
C:\Users\JimH\AppData\Local\Temp\IS5F8E.tmp\install.exe
C:\Users\JimH\AppData\Local\Temp\IS5F8E.tmp\InstMsi.exe
C:\Users\JimH\AppData\Local\Temp\IS5F8E.tmp\InstMsiW.exe
C:\Users\JimH\AppData\Local\Temp\bye58E8.tmp\Disk1\setup.exe
C:\Users\JimH.NETRONLINE\AppData\Local\Temp\_is3D38.exe
C:\Users\JimH.NETRONLINE\AppData\Local\Temp\{8A1DE114-F94E-43B9-8B6F-3F53D5850434}\ISSetup.dll
C:\Users\JimH.NETRONLINE\AppData\Local\Temp\{8A1DE114-F94E-43B9-8B6F-3F53D5850434}\_Setup.dll
C:\Users\JimH.NETRONLINE\AppData\Local\Temp\MozUpdater-11\updater.exe
C:\Users\JimH.NETRONLINE\AppData\Local\Temp\Marvell 9128\9128\MarvellRAID\MRUSetup.exe
C:\Users\JimH.NETRONLINE\AppData\Local\Temp\Marvell 9128\9128\Driver\drvSetup.exe
C:\Users\JimH.NETRONLINE\AppData\Local\Temp\Marvell 9128\9128\Driver\miniport\i386\mv91xxm.dll
C:\Users\JimH.NETRONLINE\AppData\Local\Temp\Marvell 9128\9128\Driver\miniport\Floppy64\mv91xxm.dll
C:\Users\JimH.NETRONLINE\AppData\Local\Temp\Marvell 9128\9128\Driver\miniport\Floppy32\mv91xxm.dll
C:\Users\JimH.NETRONLINE\AppData\Local\Temp\Marvell 9128\9128\Driver\miniport\amd64\mv91xxm.dll

==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\en-US => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-08-14 23:00:28
Restore point made on: 2013-08-15 23:00:24
Restore point made on: 2013-08-16 23:00:24
Restore point made on: 2013-08-17 23:00:20
Restore point made on: 2013-08-18 23:00:21
Restore point made on: 2013-08-19 23:00:24
Restore point made on: 2013-08-20 23:00:27
Restore point made on: 2013-08-21 23:00:26
Restore point made on: 2013-08-22 23:00:24
Restore point made on: 2013-08-23 23:00:32
Restore point made on: 2013-08-24 23:00:31
Restore point made on: 2013-08-25 23:00:30
Restore point made on: 2013-08-26 23:00:27
Restore point made on: 2013-08-27 23:01:56
Restore point made on: 2013-08-28 16:40:25

==================== Memory info ===========================

Percentage of memory in use: 11%
Total physical RAM: 4029.14 MB
Available physical RAM: 3557.46 MB
Total Pagefile: 3896.63 MB
Available Pagefile: 3686.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.72 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1847.97 GB) (Free:626.41 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (VISTA_32_ULTIMATE) (CDROM) (Total:2.84 GB) (Free:0 GB) CDFS
Drive f: (NETR04-300GB) (Fixed) (Total:279.47 GB) (Free:178.61 GB) NTFS
Drive g: (Silver Toshiba) (Fixed) (Total:931.51 GB) (Free:408.1 GB) NTFS
Drive x: (RECOVERY) (Fixed) (Total:15 GB) (Free:5.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: 08000000)
Partition 1: (Not Active) - (Size=47 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=-214776676352) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 279 GB) (Disk ID: D10282ED)
Partition 1: (Not Active) - (Size=279 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 8A448069)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)


LastRegBack: 2013-08-29 08:42

==================== End Of Log ============================

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.