Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP! frst


  • This topic is locked This topic is locked
3 replies to this topic

#1 Tunido

Tunido

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:43 PM

Posted 25 March 2013 - 01:46 PM

Mod edit, Moved to appropriate forum.  boopme

 

Ran frst , can some one help me with the fix comand ?

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2013 (ATTENTION: FRST version is 12 days old)
Ran by SYSTEM at 25-03-2013 10:48:04
Running from F:\
Windows 7 Home Premium  Service Pack 1 (X64) OS Language: English(US) 
The current controlset is ControlSet001
 
==================== Registry (Whitelisted) ===================
 
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11772520 2011-01-04] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2538280 2010-12-22] (Synaptics Incorporated)
HKLM\...\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-10-08] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [114688 2011-10-08] (Lenovo)
HKLM-x32\...\Run: [331BigDog] C:\Program Files (x86)\USB Camera\VM331_STI.EXE [536576 2010-01-15] (Vimicro)
HKLM-x32\...\Run: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d [202096 2010-11-05] (Egis Technology Inc.)
HKLM-x32\...\Run: [VitaKeyTSR] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe /run [383344 2010-12-13] (Egis Technology Inc. )
HKLM-x32\...\Run: [PLTSR] "C:\Program Files (x86)\EgisTec Port Locker\EgisPLTSR.exe" [364400 2010-10-22] (Egis Technology Inc. )
HKLM-x32\...\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s [224352 2010-12-24] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" [222504 2009-05-13] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [1534504 2013-01-14] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421736 2012-03-27] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DBAgent] "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe" /WinStart [1516680 2012-11-08] (Seagate Technology LLC)
HKLM-x32\...\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [688184 2012-02-15] (Sony Corporation)
HKLM-x32\...\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot [295072 2013-01-30] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKU\Martin Papa\...\Run: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [122032 2012-11-08] (Seagate Technology LLC)
HKU\Martin_PC\...\Run: [RESTART_STICKY_NOTES] C:\windows\system32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter EgisPLPwdFilter
Startup: C:\ProgramData\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\ProgramData\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Martin Papa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Martin_PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
 
==================== Services (Whitelisted) ===================
 
2 EgisTec Service Help; "C:\Program Files (x86)\EgisTec Port Locker\Egishlpsvc.exe" [327024 2010-10-22] (Egis Technology Inc. )
2 McAfee SiteAdvisor Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe" [235216 2013-02-05] (McAfee, Inc.)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [383608 2012-11-16] (McAfee, Inc.)
2 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [241456 2013-02-19] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [218760 2013-02-19] (McAfee, Inc.)
2 mfevtp; "C:\windows\system32\mfevtps.exe" [182752 2013-02-19] (McAfee, Inc.)
2 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 PMBDeviceInfoProvider; "C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe" [459832 2012-02-15] (Sony Corporation)
2 RealNetworks Downloader Resolver Service; "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe" [38608 2012-11-29] ()
2 Seagate Dashboard Services; "C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe" [15552 2012-11-08] (Seagate Technology LLC)
 
==================== Drivers (Whitelisted) =====================
 
3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
3 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [228224 2010-10-21] (Vimicro Corporation)
3 vmuvcflt; C:\Windows\System32\Drivers\vmuvcflt.sys [8320 2010-08-16] (Vimicro Corporation)
3 BcmSqlStartupSvc;  [x]
2 CLKMSVC10_3A60B698;  [x]
2 CLKMSVC10_C3B3B687;  [x]
2 DriverService;  [x]
2 IAStorDataMgrSvc;  [x]
2 iATAgentService;  [x]
2 idealife Update Service;  [x]
2 IviRegMgr;  [x]
3 mfeavfk01;  [x]
2 nvUpdatusService;  [x]
2 Oasis2Service;  [x]
2 PCCarerService;  [x]
2 RichVideo;  [x]
2 RtLedService;  [x]
2 SoftwareService;  [x]
3 SQLWriter;  [x]
2 Stereo Service;  [x]
3 wdmirror; C:\Windows\System32\DRIVERS\WDMirror.sys [x]
 
==================== NetSvcs (Whitelisted) ====================
 
 
==================== One Month Created Files and Folders ========
 
2013-03-23 20:22 - 2013-03-23 20:22 - 00000000 ____D C:\FRST
2013-03-21 14:03 - 2013-03-21 14:03 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{4CB9506B-917F-49C3-A82A-D291AD2541FA}
2013-03-20 12:10 - 2013-02-11 20:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-03-20 12:07 - 2013-03-20 12:07 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{9F31510E-8E07-44EB-8063-3657440FD900}
2013-03-19 13:41 - 2013-03-19 13:42 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{7B2949CF-F164-47F6-957D-7E89F43E0457}
2013-03-14 14:32 - 2013-03-14 14:32 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-03-14 14:32 - 2013-03-14 14:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 14:25 - 2013-03-14 14:25 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{3FE10DD2-42EE-4BF4-9BD4-556C047FCAF7}
2013-03-13 16:37 - 2013-03-13 16:37 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{3D5AB5E2-890A-4317-8E5D-4A161E8EDFC7}
2013-03-12 13:45 - 2013-03-12 13:45 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 19221504 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 15407616 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 14317568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-03-12 13:44 - 2013-03-12 13:44 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-03-12 13:44 - 2013-03-12 13:44 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-03-12 13:44 - 2013-03-12 13:44 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-03-12 13:44 - 2013-03-12 13:44 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00526848 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-03-12 13:44 - 2013-03-12 13:44 - 00391680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-03-12 13:44 - 2013-03-12 13:44 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-03-12 13:44 - 2013-03-12 13:44 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-03-12 13:44 - 2013-03-12 13:44 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-03-12 13:41 - 2013-03-12 13:41 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-12 13:37 - 2013-03-12 13:37 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{7EC92373-18D6-4E1E-87A6-52FA4EF5552F}
2013-03-01 13:18 - 2013-03-01 13:18 - 00547232 ____A C:\Windows\Minidump\030113-36020-01.dmp
2013-03-01 12:16 - 2013-03-01 12:17 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{29B677D1-1E98-45E2-80AB-B15F2AD886F3}
 
 
==================== One Month Modified Files and Folders =======
 
2013-03-24 13:04 - 2013-03-24 08:23 - 00000000 ___AD C:\Kaspersky Rescue Disk 10.0
2013-03-23 20:22 - 2013-03-23 20:22 - 00000000 ____D C:\FRST
2013-03-22 15:03 - 2011-12-28 13:34 - 10961912 ____A C:\Windows\System32\PsBoot.log
2013-03-22 15:03 - 2011-12-28 13:34 - 04441658 ____A C:\Windows\System32\defragLog.log
2013-03-22 14:54 - 2011-10-08 23:19 - 00361077 ____A C:\Windows\System32\fastboot.set
2013-03-21 15:20 - 2011-10-08 23:05 - 01382564 ____A C:\FaceProv.log
2013-03-21 15:20 - 2011-10-08 22:27 - 02009250 ____A C:\Windows\WindowsUpdate.log
2013-03-21 15:19 - 2012-05-24 13:36 - 00000000 ____D C:\Users\Martin Papa\AppData\Roaming\SoftGrid Client
2013-03-21 15:13 - 2012-07-17 09:09 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-03-21 15:10 - 2011-10-08 23:15 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-03-21 14:48 - 2011-10-08 23:00 - 00000000 ____D C:\ProgramData\Adobe
2013-03-21 14:03 - 2013-03-21 14:03 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{4CB9506B-917F-49C3-A82A-D291AD2541FA}
2013-03-21 14:03 - 2011-12-28 14:44 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\Windows Live
2013-03-21 12:05 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-03-21 12:05 - 2009-07-13 20:45 - 00021280 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-03-21 12:02 - 2009-07-13 21:13 - 00779724 ____A C:\Windows\System32\PerfStringBackup.INI
2013-03-21 11:56 - 2011-10-08 23:15 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-03-21 11:55 - 2010-11-20 19:47 - 00054422 ____A C:\Windows\PFRO.log
2013-03-21 11:55 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-03-21 11:55 - 2009-07-13 20:51 - 00061605 ____A C:\Windows\setupact.log
2013-03-20 12:07 - 2013-03-20 12:07 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{9F31510E-8E07-44EB-8063-3657440FD900}
2013-03-19 13:43 - 2013-02-01 14:12 - 00001828 ____A C:\Users\Public\Desktop\McAfee Security Center.lnk
2013-03-19 13:42 - 2013-03-19 13:41 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{7B2949CF-F164-47F6-957D-7E89F43E0457}
2013-03-19 13:38 - 2012-03-28 16:15 - 00000336 ____A C:\Windows\Tasks\GlaryInitialize.job
2013-03-18 20:12 - 2011-12-28 23:59 - 00000441 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-03-14 15:00 - 2011-10-08 23:01 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-03-14 14:35 - 2011-12-28 13:53 - 72013344 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-03-14 14:32 - 2013-03-14 14:32 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-03-14 14:32 - 2013-03-14 14:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-03-14 14:30 - 2011-12-28 22:14 - 00002183 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-03-14 14:25 - 2013-03-14 14:25 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{3FE10DD2-42EE-4BF4-9BD4-556C047FCAF7}
2013-03-13 16:37 - 2013-03-13 16:37 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{3D5AB5E2-890A-4317-8E5D-4A161E8EDFC7}
2013-03-12 19:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-03-12 19:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-03-12 19:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-03-12 19:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-03-12 14:14 - 2012-07-17 09:09 - 00693976 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-03-12 14:14 - 2012-01-28 18:50 - 00073432 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-03-12 13:46 - 2012-11-24 23:00 - 00021022 ____A C:\Windows\IE10_main.log
2013-03-12 13:45 - 2013-03-12 13:45 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 19221504 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 15407616 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 14317568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-03-12 13:44 - 2013-03-12 13:44 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-03-12 13:44 - 2013-03-12 13:44 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-03-12 13:44 - 2013-03-12 13:44 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-03-12 13:44 - 2013-03-12 13:44 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00526848 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-03-12 13:44 - 2013-03-12 13:44 - 00391680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-03-12 13:44 - 2013-03-12 13:44 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-03-12 13:44 - 2013-03-12 13:44 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-03-12 13:44 - 2013-03-12 13:44 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-03-12 13:44 - 2013-03-12 13:44 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-03-12 13:44 - 2013-03-12 13:44 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-03-12 13:41 - 2013-03-12 13:41 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-12 13:41 - 2013-03-12 13:41 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-12 13:37 - 2013-03-12 13:37 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{7EC92373-18D6-4E1E-87A6-52FA4EF5552F}
2013-03-01 13:18 - 2013-03-01 13:18 - 00547232 ____A C:\Windows\Minidump\030113-36020-01.dmp
2013-03-01 13:18 - 2013-01-15 01:22 - 379721479 ____A C:\Windows\MEMORY.DMP
2013-03-01 13:18 - 2012-02-28 08:54 - 00000000 ____D C:\Windows\Minidump
2013-03-01 12:17 - 2013-03-01 12:16 - 00000000 ____D C:\Users\Martin Papa\AppData\Local\{29B677D1-1E98-45E2-80AB-B15F2AD886F3}
 
==================== Known DLLs (Whitelisted) =================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 15%
Total physical RAM: 4010.14 MB
Available physical RAM: 3391.38 MB
Total Pagefile: 4008.34 MB
Available Pagefile: 3381.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
 
==================== Partitions =============================
 
1 Drive c: () (Fixed) (Total:421.81 GB) (Free:351.34 GB) NTFS
2 Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.76 GB) NTFS
3 Drive f: (Mar 23 2013) (CDROM) (Total:4.38 GB) (Free:4.22 GB) UDF
4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
5 Drive y: () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          465 GB  1024 KB         
 
Partitions of Disk 0:
===============
 
Disk ID: C98AAD37
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary            200 MB  1024 KB
  Partition 2    Primary            421 GB   201 MB
  Partition 0    Extended            28 GB   422 GB
  Partition 4    Logical             28 GB   422 GB
  Partition 3    OEM                 14 GB   451 GB
 
==================================================================================
 
Disk: 0
Partition 1
Type  : 07
Hidden: No
Active: Yes
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     Y                NTFS   Partition    200 MB  Healthy            
 
=========================================================
 
Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     C                NTFS   Partition    421 GB  Healthy            
 
=========================================================
 
Disk: 0
Partition 4
Type  : 07
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     D   LENOVO       NTFS   Partition     28 GB  Healthy            
 
=========================================================
 
Disk: 0
Partition 3
Type  : 12
Hidden: Yes
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 4         LENOVO_PART  NTFS   Partition     14 GB  Healthy    Hidden  
 
=========================================================
============================== MBR Partition Table ==================
 
==============================
Partitions of Disk 0:
===============
Disk ID: C98AAD37
 
Partition 1:
=========
Hex: 80202100079F06190008000000400600
Active: YES
Type: 07 (NTFS)
Size: 200 MB
 
Partition 2:
=========
Hex: 009F071907FEFFFF004806000010BA34
Active: NO
Type: 07 (NTFS)
Size: 422 GB
 
Partition 3:
=========
Hex: 00FEFFFF0FFEFFFF0058C03400E09F03
Active: NO
Type: OF (Extended)
Size: 29 GB
 
Partition 4:
=========
Hex: 00FEFFFF12FEFFFF003860383028D801
Active: NO
Type: 12
Size: 15 GB
 
 
Last Boot: 2012-01-09 12:22
 
==================== End Of Log =============================

Edited by boopme, 25 March 2013 - 02:05 PM.


BC AdBot (Login to Remove)

 


#2 Tunido

Tunido
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:02:43 PM

Posted 25 March 2013 - 02:06 PM

Ran the  gparted-live and found out this 

 

Unable to read the contents of this file system!

Because of this some operations may be unavailable.

The cause might be a missing software package.
The following list of software packages is required for ntfs
file system support: ntfsprogs / ntfs-3g



#3 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:05:43 PM

Posted 26 March 2013 - 03:38 PM

Tunido,

welcome.gif to Bleeping Computer.

My name is Jason and I'll be helping you with your computer problems. You can call me by my screename jntkwx or Jason is fine.

Some things to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please do not attach logs or put logs in code or quote boxes (unless explicitly asked to)
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can also help.
  • Do not run anything while running a fix.
  • If you don't understand a step, please ask for clarification before continuing with any future steps.
  • In the upper right hand corner of the topic you will see the Follow This Topic button. Click on this then choose Receive Notification Immediately and then click Follow This Topic and you will be sent an email once I have posted a response and make the cleaning process faster.

    Note to others: The instructions here are intended for the person who began this topic. If you need help, please create your own topic in the appropriate forum.



    FRST
    • Please download a NEW version of Farbar Recovery Scan Tool and save it to a flash drive.

      Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

      Plug the flash drive into the infected PC.
    • If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

      If you are using Vista or Windows 7 enter System Recovery Options.

      To enter System Recovery Options from the Advanced Boot Options:Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
      To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html



      To enter System Recovery Options by using Windows installation disc:
      • Restart the computer.
      • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
      • Use the arrow keys to select the Repair your computer menu item.
      • Select US as the keyboard language settings, and then click Next.
      • Select the operating system you want to repair, and then click Next.
      • Select your user account an click Next.
      • Insert the installation disc.
      • Restart your computer.
      • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
      • Click Repair your computer.
      • Select US as the keyboard language settings, and then click Next.
      • Select the operating system you want to repair, and then click Next.
      • Select your user account and click Next.
    • On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt


Select Command Prompt

Once in the Command Prompt:

  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Also, why did you try to run gparted? Were you trying to remove a partition?


Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif


#4 jntkwx

jntkwx

  • Malware Response Team
  • 4,339 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:05:43 PM

Posted 03 April 2013 - 06:48 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Regards,
Jason

 

Simple and easy ways to keep your computer safe and secure on the Internet

If I am helping you and have not returned in 48 hours, please feel free to send me a PM with a link to the topic.
My help is free... however, if you wish to show appreciation and support me personally fighting against malware, please consider a donation: btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users