Police virus - wont boot - Farbar log [Solved] - Computer Won't Boot

Hey guys

Unfortunately I've been hit by the typical police/fbi virus (this one is the danish targeted one).

I cannot boot into any of the safe modes, and I've had trouble making a live-usb of kaspersky or dr. web because my only other pc is with mac os x.

HitmanPro.Kickstart did not find anything.

I however were able to go into recovery and run Farbar Recovery Scan Tool.

I've attached the logfile and I hope someone would be so kind to give me a helping hand of what my fixlist.txt should look like.

Thank you very much in advance.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 (ATTENTION: ====> FRST version is 27 days old and could be outdated)
Ran by SYSTEM on MININT-50QEU3G on 09-04-2014 18:47:08
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11369576 2010-08-10] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2586504 2010-08-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AllShare Play] - C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [399264 2012-08-29] (Samsung Electronics)
HKLM-x32\...\Run: [F-Secure Manager] - C:\Program Files (x86)\Fullrate\Common\FSM32.EXE [199264 2009-08-05] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure TNB] - C:\Program Files (x86)\Fullrate\FSGUI\TNBUtil.exe [2349664 2009-08-05] (F-Secure Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-03-31] (Ask)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-01] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\Corfitz\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\Corfitz\...\Run: [WebCake Desktop] - C:\Users\Corfitz\AppData\Roaming\Betcat\WebCakeDesktop.exe
Startup: C:\Users\Corfitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> (No File)
Startup: C:\Users\Corfitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\j6eeezjlc.lnk
ShortcutTarget: j6eeezjlc.lnk -> C:\ProgramData\cljzeee6j.cpp (Microsoft Corporation)
Startup: C:\Users\Corfitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Corfitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Screen Clipper and Launcher til OneNote 2007.lnk
ShortcutTarget: Screen Clipper and Launcher til OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Corfitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
ShortcutTarget: tcbhn.lnk -> (No File)

==================== Services (Whitelisted) =================

S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-01-27] (Just Develop It)
S2 DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [574464 2013-12-19] ()
S2 DefaultTabUpdate; C:\Users\Corfitz\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2012-10-05] ()
S2 F-Secure Gatekeeper Handler Starter; C:\Program Files (x86)\Fullrate\Anti-Virus\fsgk32st.exe [215648 2009-08-05] (F-Secure Corporation)
S3 FSDFWD; C:\Program Files (x86)\Fullrate\FWES\Program\fsdfwd.exe [844384 2011-03-24] (F-Secure Corporation)
S2 FSMA; C:\Program Files (x86)\Fullrate\Common\FSMA32.EXE [186976 2009-08-05] (F-Secure Corporation)
S3 FSORSPClient; C:\Program Files (x86)\Fullrate\ORSP Client\fsorsp.exe [60352 2013-06-06] (F-Secure Corporation)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-04-09] (SurfRight B.V.)
S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [508016 2014-01-14] (Cherished Technololgy LIMITED)
S3 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2012-06-14] (Wajam)
S2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [425104 2014-02-26] (Taiwan Shui Mu Chih Ching Technology Limited.)
S2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [501904 2014-02-26] (Cherished Technololgy LIMITED)
S2 WebCake Desktop Updater; C:\Program Files (x86)\WADesktop.Updater.exe [X]
S2 Winmgmt; C:\PROGRA~3\j6eeezjlc.zvv [X]

==================== Drivers (Whitelisted) ====================

S3 F-Secure Gatekeeper; C:\Program Files (x86)\Fullrate\Anti-Virus\minifilter\fsgk.sys [202176 2013-07-10] (F-Secure Corporation)
S1 F-Secure HIPS; C:\Program Files (x86)\Fullrate\HIPS\drivers\fshs.sys [57920 2009-08-05] (F-Secure Corporation)
S0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2012-08-15] ()
S0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42672 2011-08-17] ()
S1 FSES; C:\Windows\System32\drivers\fses.sys [45624 2011-03-24] (F-Secure Corporation)
S1 FSFW; C:\Windows\System32\drivers\fsdfw.sys [94312 2013-05-02] (F-Secure Corporation)
S1 fsvista; C:\Program Files (x86)\Fullrate\Anti-Virus\minifilter\fsvista.sys [14904 2009-08-05] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-04-09] ()
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-12-23] (Windows ® 2003 DDK 3790 provider)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-09 07:48 - 2014-04-09 18:47 - 00000000 ____D () C:\FRST
2014-04-09 00:53 - 2014-04-09 00:53 - 00000000 ____D () C:\Program Files\HitmanPro
2014-04-08 23:23 - 2014-04-09 00:53 - 00032512 _____ () C:\Windows\System32\Drivers\hitmanpro37.sys
2014-04-08 23:11 - 2014-04-08 23:23 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-07 23:34 - 2014-04-07 23:34 - 00000000 __SHD () C:\found.001
2014-04-07 05:01 - 2014-04-07 05:07 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-04-07 04:56 - 2014-04-07 04:56 - 00003298 _____ () C:\Windows\System32\Tasks\{F6B84BB2-13D8-4460-8132-7B918BDA1734}
2014-04-07 04:15 - 2014-04-07 04:15 - 00009800 ____N () C:\bootsqm.dat
2014-04-07 00:58 - 2014-04-07 00:58 - 00000000 ____D () C:\Windows\System32\SPReview
2014-03-14 04:18 - 2014-03-14 04:18 - 00000169 _____ () C:\Users\Corfitz\Desktop\Google.url
2014-03-10 00:20 - 2014-04-09 01:08 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro

==================== One Month Modified Files and Folders =======

2014-04-09 18:47 - 2014-04-09 07:48 - 00000000 ____D () C:\FRST
2014-04-09 05:18 - 2013-12-27 12:01 - 03958505 _____ () C:\action.log
2014-04-09 05:17 - 2014-02-26 22:02 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-04-09 05:17 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-09 05:17 - 2009-07-13 20:51 - 00076909 _____ () C:\Windows\setupact.log
2014-04-09 05:08 - 2014-02-05 19:54 - 00000388 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-04-09 05:07 - 2012-08-10 13:08 - 00000000 ____D () C:\Users\Corfitz\AppData\Roaming\Dropbox
2014-04-09 05:07 - 2012-08-03 05:40 - 00000000 ____D () C:\Users\Corfitz\AppData\Roaming\BrowserCompanion
2014-04-09 05:07 - 2012-02-16 09:59 - 00000930 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-09 05:06 - 2014-02-12 13:23 - 00001368 _____ () C:\Users\Corfitz\Desktop\Gratis! Rens din Registry.lnk
2014-04-09 05:06 - 2012-04-03 22:01 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-09 05:06 - 2012-01-24 02:10 - 00000414 _____ () C:\Windows\Tasks\Final Media Player Update Checker.job
2014-04-09 05:05 - 2013-02-03 02:08 - 00000288 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-04-09 01:19 - 2010-08-28 13:51 - 01868511 _____ () C:\Windows\WindowsUpdate.log
2014-04-09 01:08 - 2014-03-10 00:20 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-04-09 00:58 - 2009-07-13 20:45 - 00014144 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-09 00:58 - 2009-07-13 20:45 - 00014144 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-09 00:53 - 2014-04-09 00:53 - 00000000 ____D () C:\Program Files\HitmanPro
2014-04-09 00:53 - 2014-04-08 23:23 - 00032512 _____ () C:\Windows\System32\Drivers\hitmanpro37.sys
2014-04-09 00:42 - 2012-08-31 02:17 - 00000000 ___RD () C:\Users\Corfitz\Dropbox
2014-04-09 00:42 - 2012-02-16 09:59 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-08 23:23 - 2014-04-08 23:11 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-04-08 23:23 - 2012-10-05 13:18 - 00000000 ____D () C:\Program Files (x86)\DefaultTab
2014-04-07 23:34 - 2014-04-07 23:34 - 00000000 __SHD () C:\found.001
2014-04-07 05:13 - 2012-09-19 23:00 - 00000000 ____D () C:\Users\Corfitz\AppData\Roaming\Skype
2014-04-07 05:07 - 2014-04-07 05:01 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-04-07 05:01 - 2013-02-03 02:08 - 00000280 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-04-07 04:56 - 2014-04-07 04:56 - 00003298 _____ () C:\Windows\System32\Tasks\{F6B84BB2-13D8-4460-8132-7B918BDA1734}
2014-04-07 04:45 - 2013-07-25 23:03 - 00000000 ____D () C:\Windows\System32\MRT
2014-04-07 04:45 - 2012-09-05 10:23 - 00000000 ____D () C:\AllShare Play
2014-04-07 04:44 - 2013-03-17 11:09 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-04-07 04:15 - 2014-04-07 04:15 - 00009800 ____N () C:\bootsqm.dat
2014-04-07 03:21 - 2011-03-22 11:57 - 00229532 _____ () C:\Windows\PFRO.log
2014-04-07 03:08 - 2013-07-02 02:58 - 00000000 ____D () C:\Program Files (x86)\WebCake
2014-04-07 01:33 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\System32\FxsTmp
2014-04-07 00:58 - 2014-04-07 00:58 - 00000000 ____D () C:\Windows\System32\SPReview
2014-04-01 12:37 - 2012-02-16 09:59 - 00003930 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-01 12:37 - 2012-02-16 09:59 - 00003678 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-31 23:07 - 2011-03-24 02:26 - 00170255 _____ () C:\Users\Corfitz\danid.log
2014-03-31 23:06 - 2010-08-28 14:24 - 00478138 _____ () C:\Windows\System32\perfh006.dat
2014-03-31 23:06 - 2010-08-28 14:24 - 00083598 _____ () C:\Windows\System32\perfc006.dat
2014-03-31 23:06 - 2009-07-13 21:13 - 01288574 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-03-30 23:14 - 2011-03-21 11:02 - 00000000 ____D () C:\users\Corfitz
2014-03-30 23:13 - 2011-03-24 02:26 - 01068895 _____ () C:\Users\Corfitz\danid.log.1
2014-03-29 11:28 - 2011-03-22 12:04 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-03-28 00:01 - 2011-07-02 13:35 - 00000000 ____D () C:\Users\Corfitz\Documents\Youcam
2014-03-18 23:20 - 2011-03-30 08:14 - 90015360 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-03-17 01:12 - 2012-02-16 10:00 - 00002341 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 04:44 - 2014-02-05 22:26 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-03-14 04:41 - 2012-05-13 22:24 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 04:41 - 2012-05-13 22:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 04:18 - 2014-03-14 04:18 - 00000169 _____ () C:\Users\Corfitz\Desktop\Google.url
2014-03-14 04:17 - 2012-01-26 08:04 - 00000000 ____D () C:\Users\Corfitz\Desktop\Mapper
2014-03-14 02:47 - 2011-08-10 10:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 00:44 - 2012-04-03 22:01 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 00:44 - 2012-04-03 22:01 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 00:44 - 2011-06-08 08:07 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Corfitz\AppData\Local\Temp\00FF7270.dll
C:\Users\Corfitz\AppData\Local\Temp\028113BA.dll
C:\Users\Corfitz\AppData\Local\Temp\02F30568.dll
C:\Users\Corfitz\AppData\Local\Temp\03AC9AC1.dll
C:\Users\Corfitz\AppData\Local\Temp\03AEAA7F.dll
C:\Users\Corfitz\AppData\Local\Temp\0B034A45.dll
C:\Users\Corfitz\AppData\Local\Temp\0B227571.dll
C:\Users\Corfitz\AppData\Local\Temp\0B23B9EB.dll
C:\Users\Corfitz\AppData\Local\Temp\0C421DEC.dll
C:\Users\Corfitz\AppData\Local\Temp\0C57C170.dll
C:\Users\Corfitz\AppData\Local\Temp\0C89D710.dll
C:\Users\Corfitz\AppData\Local\Temp\0F1A2C73.dll
C:\Users\Corfitz\AppData\Local\Temp\0F1BF986.dll
C:\Users\Corfitz\AppData\Local\Temp\15CFA402.dll
C:\Users\Corfitz\AppData\Local\Temp\16FA5B06.dll
C:\Users\Corfitz\AppData\Local\Temp\16FD5F4E.dll
C:\Users\Corfitz\AppData\Local\Temp\1739FDAD.dll
C:\Users\Corfitz\AppData\Local\Temp\176D2266.dll
C:\Users\Corfitz\AppData\Local\Temp\17705C56.dll
C:\Users\Corfitz\AppData\Local\Temp\17716E70.dll
C:\Users\Corfitz\AppData\Local\Temp\1AE932AB.dll
C:\Users\Corfitz\AppData\Local\Temp\1C1BF16E.dll
C:\Users\Corfitz\AppData\Local\Temp\1DCE6CB7.dll
C:\Users\Corfitz\AppData\Local\Temp\1F860FDA.dll
C:\Users\Corfitz\AppData\Local\Temp\231E0B98.dll
C:\Users\Corfitz\AppData\Local\Temp\248A1A2F.dll
C:\Users\Corfitz\AppData\Local\Temp\248B2F06.dll
C:\Users\Corfitz\AppData\Local\Temp\24C80C29.dll
C:\Users\Corfitz\AppData\Local\Temp\24E43DDB.dll
C:\Users\Corfitz\AppData\Local\Temp\24ED1B65.dll
C:\Users\Corfitz\AppData\Local\Temp\24F0BA12.dll
C:\Users\Corfitz\AppData\Local\Temp\24F8B3D8.dll
C:\Users\Corfitz\AppData\Local\Temp\261BE538.dll
C:\Users\Corfitz\AppData\Local\Temp\28F450BA.dll
C:\Users\Corfitz\AppData\Local\Temp\29060CE7.dll
C:\Users\Corfitz\AppData\Local\Temp\2B5D419A.dll
C:\Users\Corfitz\AppData\Local\Temp\2DB7A620.dll
C:\Users\Corfitz\AppData\Local\Temp\2DBBAA14.dll
C:\Users\Corfitz\AppData\Local\Temp\2DBFF8B7.dll
C:\Users\Corfitz\AppData\Local\Temp\2DC28E45.dll
C:\Users\Corfitz\AppData\Local\Temp\2DCF8F7E.dll
C:\Users\Corfitz\AppData\Local\Temp\2DE8DE86.dll
C:\Users\Corfitz\AppData\Local\Temp\2DED444C.dll
C:\Users\Corfitz\AppData\Local\Temp\2F0C4A67.dll
C:\Users\Corfitz\AppData\Local\Temp\2F0C9AAC.dll
C:\Users\Corfitz\AppData\Local\Temp\2F0EF6C1.dll
C:\Users\Corfitz\AppData\Local\Temp\2F107BC7.dll
C:\Users\Corfitz\AppData\Local\Temp\3070C939.dll
C:\Users\Corfitz\AppData\Local\Temp\30720ABB.dll
C:\Users\Corfitz\AppData\Local\Temp\3076033F.dll
C:\Users\Corfitz\AppData\Local\Temp\307F62C9.dll
C:\Users\Corfitz\AppData\Local\Temp\311DA8D6.dll
C:\Users\Corfitz\AppData\Local\Temp\33B9E4A2.dll
C:\Users\Corfitz\AppData\Local\Temp\33C07155.dll
C:\Users\Corfitz\AppData\Local\Temp\3541C518.dll
C:\Users\Corfitz\AppData\Local\Temp\35985919.dll
C:\Users\Corfitz\AppData\Local\Temp\363C3FDE.dll
C:\Users\Corfitz\AppData\Local\Temp\363FE05C.dll
C:\Users\Corfitz\AppData\Local\Temp\36428661.dll
C:\Users\Corfitz\AppData\Local\Temp\36F6B510.dll
C:\Users\Corfitz\AppData\Local\Temp\39F173FB.dll
C:\Users\Corfitz\AppData\Local\Temp\39F642EE.dll
C:\Users\Corfitz\AppData\Local\Temp\3A7AB0B1.dll
C:\Users\Corfitz\AppData\Local\Temp\412A4B7B.dll
C:\Users\Corfitz\AppData\Local\Temp\412E37F4.dll
C:\Users\Corfitz\AppData\Local\Temp\41347EEA.dll
C:\Users\Corfitz\AppData\Local\Temp\41C8D124.dll
C:\Users\Corfitz\AppData\Local\Temp\427ECEF8.dll
C:\Users\Corfitz\AppData\Local\Temp\42A3270E.dll
C:\Users\Corfitz\AppData\Local\Temp\44D1E33E.dll
C:\Users\Corfitz\AppData\Local\Temp\44D998F5.dll
C:\Users\Corfitz\AppData\Local\Temp\465A729C.dll
C:\Users\Corfitz\AppData\Local\Temp\4724BE9B.dll
C:\Users\Corfitz\AppData\Local\Temp\47AEA635.dll
C:\Users\Corfitz\AppData\Local\Temp\47B49DF9.dll
C:\Users\Corfitz\AppData\Local\Temp\47B635F3.dll
C:\Users\Corfitz\AppData\Local\Temp\47B70DE9.dll
C:\Users\Corfitz\AppData\Local\Temp\48B87E56.dll
C:\Users\Corfitz\AppData\Local\Temp\4A14BC32.dll
C:\Users\Corfitz\AppData\Local\Temp\4A191A3F.dll
C:\Users\Corfitz\AppData\Local\Temp\4A1A9DAB.dll
C:\Users\Corfitz\AppData\Local\Temp\4B7D60EB.dll
C:\Users\Corfitz\AppData\Local\Temp\4B8206D3.dll
C:\Users\Corfitz\AppData\Local\Temp\4C4C7F88.dll
C:\Users\Corfitz\AppData\Local\Temp\4C5863BD.dll
C:\Users\Corfitz\AppData\Local\Temp\4DE9EB31.dll
C:\Users\Corfitz\AppData\Local\Temp\4E36F28F.dll
C:\Users\Corfitz\AppData\Local\Temp\56725F84.dll
C:\Users\Corfitz\AppData\Local\Temp\56832536.dll
C:\Users\Corfitz\AppData\Local\Temp\5684DC9C.dll
C:\Users\Corfitz\AppData\Local\Temp\56853836.dll
C:\Users\Corfitz\AppData\Local\Temp\56F0BE28.dll
C:\Users\Corfitz\AppData\Local\Temp\5705B55D.dll
C:\Users\Corfitz\AppData\Local\Temp\570FD34F.dll
C:\Users\Corfitz\AppData\Local\Temp\58435FF8.dll
C:\Users\Corfitz\AppData\Local\Temp\591141CD.dll
C:\Users\Corfitz\AppData\Local\Temp\5C862ADA.dll
C:\Users\Corfitz\AppData\Local\Temp\5CB19384.dll
C:\Users\Corfitz\AppData\Local\Temp\5EF6909A.dll
C:\Users\Corfitz\AppData\Local\Temp\5EF947B2.dll
C:\Users\Corfitz\AppData\Local\Temp\5EFA0F55.dll
C:\Users\Corfitz\AppData\Local\Temp\5EFF61B3.dll
C:\Users\Corfitz\AppData\Local\Temp\5F02AE6B.dll
C:\Users\Corfitz\AppData\Local\Temp\60BC0C8A.dll
C:\Users\Corfitz\AppData\Local\Temp\611F9271.dll
C:\Users\Corfitz\AppData\Local\Temp\62FD1DD1.dll
C:\Users\Corfitz\AppData\Local\Temp\630A341B.dll
C:\Users\Corfitz\AppData\Local\Temp\6313D8E4.dll
C:\Users\Corfitz\AppData\Local\Temp\63AE41CD.dll
C:\Users\Corfitz\AppData\Local\Temp\63B69F7D.dll
C:\Users\Corfitz\AppData\Local\Temp\641B7C6B.dll
C:\Users\Corfitz\AppData\Local\Temp\6663B045.dll
C:\Users\Corfitz\AppData\Local\Temp\66C84D2A.dll
C:\Users\Corfitz\AppData\Local\Temp\66CD076A.dll
C:\Users\Corfitz\AppData\Local\Temp\66CE7F47.dll
C:\Users\Corfitz\AppData\Local\Temp\678FC81F.dll
C:\Users\Corfitz\AppData\Local\Temp\679348B7.dll
C:\Users\Corfitz\AppData\Local\Temp\683CCB5C.dll
C:\Users\Corfitz\AppData\Local\Temp\690CB529.dll
C:\Users\Corfitz\AppData\Local\Temp\6A5E213F.dll
C:\Users\Corfitz\AppData\Local\Temp\6B3493D7.dll
C:\Users\Corfitz\AppData\Local\Temp\6B36E6C8.dll
C:\Users\Corfitz\AppData\Local\Temp\6B37EEDD.dll
C:\Users\Corfitz\AppData\Local\Temp\6B37FC52.dll
C:\Users\Corfitz\AppData\Local\Temp\6B39727C.dll
C:\Users\Corfitz\AppData\Local\Temp\6E5EC1B0.dll
C:\Users\Corfitz\AppData\Local\Temp\6E62D738.dll
C:\Users\Corfitz\AppData\Local\Temp\6E65E69B.dll
C:\Users\Corfitz\AppData\Local\Temp\6F26E0D6.dll
C:\Users\Corfitz\AppData\Local\Temp\71EE9063.dll
C:\Users\Corfitz\AppData\Local\Temp\724C6C58.dll
C:\Users\Corfitz\AppData\Local\Temp\7264C8C5.dll
C:\Users\Corfitz\AppData\Local\Temp\7268E18D.dll
C:\Users\Corfitz\AppData\Local\Temp\726CEF71.dll
C:\Users\Corfitz\AppData\Local\Temp\74B0F1C7.dll
C:\Users\Corfitz\AppData\Local\Temp\765436F8.dll
C:\Users\Corfitz\AppData\Local\Temp\78AC4C8C.dll
C:\Users\Corfitz\AppData\Local\Temp\78B971D7.dll
C:\Users\Corfitz\AppData\Local\Temp\79CD34FC.dll
C:\Users\Corfitz\AppData\Local\Temp\7CAEA0D2.dll
C:\Users\Corfitz\AppData\Local\Temp\7CB0B3E6.dll
C:\Users\Corfitz\AppData\Local\Temp\7CF23438.dll
C:\Users\Corfitz\AppData\Local\Temp\7CF9EC09.dll
C:\Users\Corfitz\AppData\Local\Temp\7EE46C31.dll
C:\Users\Corfitz\AppData\Local\Temp\7z.dll
C:\Users\Corfitz\AppData\Local\Temp\83D5E629.dll
C:\Users\Corfitz\AppData\Local\Temp\85153146.dll
C:\Users\Corfitz\AppData\Local\Temp\8519B0D3.dll
C:\Users\Corfitz\AppData\Local\Temp\89053C48.dll
C:\Users\Corfitz\AppData\Local\Temp\8AF6417C.dll
C:\Users\Corfitz\AppData\Local\Temp\8AFA0934.dll
C:\Users\Corfitz\AppData\Local\Temp\8AFA21AD.dll
C:\Users\Corfitz\AppData\Local\Temp\8AFA3352.dll
C:\Users\Corfitz\AppData\Local\Temp\8AFD23B4.dll
C:\Users\Corfitz\AppData\Local\Temp\8E88615E.dll
C:\Users\Corfitz\AppData\Local\Temp\8F8BB3E3.dll
C:\Users\Corfitz\AppData\Local\Temp\9127263E.dll
C:\Users\Corfitz\AppData\Local\Temp\9129A970.dll
C:\Users\Corfitz\AppData\Local\Temp\92F43EA5.dll
C:\Users\Corfitz\AppData\Local\Temp\92F5EBB4.dll
C:\Users\Corfitz\AppData\Local\Temp\93119D34.dll
C:\Users\Corfitz\AppData\Local\Temp\9411312F.dll
C:\Users\Corfitz\AppData\Local\Temp\941584A0.dll
C:\Users\Corfitz\AppData\Local\Temp\95062694.dll
C:\Users\Corfitz\AppData\Local\Temp\991472C1.dll
C:\Users\Corfitz\AppData\Local\Temp\9916D5F6.dll
C:\Users\Corfitz\AppData\Local\Temp\9F5FF83F.dll
C:\Users\Corfitz\AppData\Local\Temp\9F7D8158.dll
C:\Users\Corfitz\AppData\Local\Temp\A026F61A.dll
C:\Users\Corfitz\AppData\Local\Temp\A1AE3B9D.dll
C:\Users\Corfitz\AppData\Local\Temp\A1C4FA2E.dll
C:\Users\Corfitz\AppData\Local\Temp\A1EBDD07.dll
C:\Users\Corfitz\AppData\Local\Temp\A87D0A23.dll
C:\Users\Corfitz\AppData\Local\Temp\A886DAE0.dll
C:\Users\Corfitz\AppData\Local\Temp\A88E32A9.dll
C:\Users\Corfitz\AppData\Local\Temp\A8F706B3.dll
C:\Users\Corfitz\AppData\Local\Temp\A8FAEE1B.dll
C:\Users\Corfitz\AppData\Local\Temp\AAE753F7.dll
C:\Users\Corfitz\AppData\Local\Temp\AdbeRdr1010_da_DK.exe
C:\Users\Corfitz\AppData\Local\Temp\AEB51311.dll
C:\Users\Corfitz\AppData\Local\Temp\AEB901C9.dll
C:\Users\Corfitz\AppData\Local\Temp\AFCEF521.dll
C:\Users\Corfitz\AppData\Local\Temp\AFE14D47.dll
C:\Users\Corfitz\AppData\Local\Temp\AFE6091B.dll
C:\Users\Corfitz\AppData\Local\Temp\ApnStub.exe
C:\Users\Corfitz\AppData\Local\Temp\B041E314.dll
C:\Users\Corfitz\AppData\Local\Temp\B163AC7B.dll
C:\Users\Corfitz\AppData\Local\Temp\B2B1D1BE.dll
C:\Users\Corfitz\AppData\Local\Temp\B2B68B3A.dll
C:\Users\Corfitz\AppData\Local\Temp\B2BA397B.dll
C:\Users\Corfitz\AppData\Local\Temp\B66E0076.dll
C:\Users\Corfitz\AppData\Local\Temp\B671BE0D.dll
C:\Users\Corfitz\AppData\Local\Temp\B675B36E.dll
C:\Users\Corfitz\AppData\Local\Temp\B7CFA0F2.dll
C:\Users\Corfitz\AppData\Local\Temp\B9E6290C.dll
C:\Users\Corfitz\AppData\Local\Temp\B9FC8F01.dll
C:\Users\Corfitz\AppData\Local\Temp\BackupSetup.exe
C:\Users\Corfitz\AppData\Local\Temp\BBD87DD0.dll
C:\Users\Corfitz\AppData\Local\Temp\BE223F69.dll
C:\Users\Corfitz\AppData\Local\Temp\C418C0DF.dll
C:\Users\Corfitz\AppData\Local\Temp\C5692EAC.dll
C:\Users\Corfitz\AppData\Local\Temp\C5B5D66C.dll
C:\Users\Corfitz\AppData\Local\Temp\C5B925CB.dll
C:\Users\Corfitz\AppData\Local\Temp\CF0105CF.dll
C:\Users\Corfitz\AppData\Local\Temp\CF0954F2.dll
C:\Users\Corfitz\AppData\Local\Temp\CF88543C.dll
C:\Users\Corfitz\AppData\Local\Temp\coupish-babylon.exe
C:\Users\Corfitz\AppData\Local\Temp\D0320DB6.dll
C:\Users\Corfitz\AppData\Local\Temp\D03507A9.dll
C:\Users\Corfitz\AppData\Local\Temp\D03508D1.dll
C:\Users\Corfitz\AppData\Local\Temp\D03512A1.dll
C:\Users\Corfitz\AppData\Local\Temp\D0355CF9.dll
C:\Users\Corfitz\AppData\Local\Temp\D03587EF.dll
C:\Users\Corfitz\AppData\Local\Temp\D03A16BA.dll
C:\Users\Corfitz\AppData\Local\Temp\D3E1FDFF.dll
C:\Users\Corfitz\AppData\Local\Temp\D4443E52.dll
C:\Users\Corfitz\AppData\Local\Temp\D45056D6.dll
C:\Users\Corfitz\AppData\Local\Temp\D8597B7F.dll
C:\Users\Corfitz\AppData\Local\Temp\D8B43A16.dll
C:\Users\Corfitz\AppData\Local\Temp\D8B7ACB5.dll
C:\Users\Corfitz\AppData\Local\Temp\D93F52F6.dll
C:\Users\Corfitz\AppData\Local\Temp\DA4DBF57.dll
C:\Users\Corfitz\AppData\Local\Temp\DA4E5358.dll
C:\Users\Corfitz\AppData\Local\Temp\DDF63B85.dll
C:\Users\Corfitz\AppData\Local\Temp\DE23442D.dll
C:\Users\Corfitz\AppData\Local\Temp\DE49A423.dll
C:\Users\Corfitz\AppData\Local\Temp\DE4EC18E.dll
C:\Users\Corfitz\AppData\Local\Temp\DF3EB5C4.dll
C:\Users\Corfitz\AppData\Local\Temp\DF432A69.dll
C:\Users\Corfitz\AppData\Local\Temp\DF440372.dll
C:\Users\Corfitz\AppData\Local\Temp\DF4968E7.dll
C:\Users\Corfitz\AppData\Local\Temp\DF636B4B.dll
C:\Users\Corfitz\AppData\Local\Temp\DivXInstaller.exe
C:\Users\Corfitz\AppData\Local\Temp\E1EEB4F5.dll
C:\Users\Corfitz\AppData\Local\Temp\E1FE3CE1.dll
C:\Users\Corfitz\AppData\Local\Temp\E2FF659A.dll
C:\Users\Corfitz\AppData\Local\Temp\E31570F1.dll
C:\Users\Corfitz\AppData\Local\Temp\E31BC125.dll
C:\Users\Corfitz\AppData\Local\Temp\E33D1FAD.dll
C:\Users\Corfitz\AppData\Local\Temp\E38425FB.dll
C:\Users\Corfitz\AppData\Local\Temp\E38A6F32.dll
C:\Users\Corfitz\AppData\Local\Temp\E3A3F665.dll
C:\Users\Corfitz\AppData\Local\Temp\E3B1BB93.dll
C:\Users\Corfitz\AppData\Local\Temp\E5E06177.dll
C:\Users\Corfitz\AppData\Local\Temp\E73C295A.dll
C:\Users\Corfitz\AppData\Local\Temp\E76F2A3A.dll
C:\Users\Corfitz\AppData\Local\Temp\E7715DC3.dll
C:\Users\Corfitz\AppData\Local\Temp\E7729788.dll
C:\Users\Corfitz\AppData\Local\Temp\E7748749.dll
C:\Users\Corfitz\AppData\Local\Temp\E77916EC.dll
C:\Users\Corfitz\AppData\Local\Temp\E781B194.dll
C:\Users\Corfitz\AppData\Local\Temp\E789DCBA.dll
C:\Users\Corfitz\AppData\Local\Temp\E78C7442.dll
C:\Users\Corfitz\AppData\Local\Temp\E78F53DA.dll
C:\Users\Corfitz\AppData\Local\Temp\E791E176.dll
C:\Users\Corfitz\AppData\Local\Temp\E79D297A.dll
C:\Users\Corfitz\AppData\Local\Temp\EB6EC456.dll
C:\Users\Corfitz\AppData\Local\Temp\ECDD18FA.dll
C:\Users\Corfitz\AppData\Local\Temp\ECE4F9D4.dll
C:\Users\Corfitz\AppData\Local\Temp\ECE5ADF6.dll
C:\Users\Corfitz\AppData\Local\Temp\ECE98CB6.dll
C:\Users\Corfitz\AppData\Local\Temp\ED281981.dll
C:\Users\Corfitz\AppData\Local\Temp\ED78F9A8.dll
C:\Users\Corfitz\AppData\Local\Temp\F0B0F09D.dll
C:\Users\Corfitz\AppData\Local\Temp\F0B3F5CD.dll
C:\Users\Corfitz\AppData\Local\Temp\F0B97589.dll
C:\Users\Corfitz\AppData\Local\Temp\F2081CE4.dll
C:\Users\Corfitz\AppData\Local\Temp\F2D0D8FD.dll
C:\Users\Corfitz\AppData\Local\Temp\F2D3AB9A.dll
C:\Users\Corfitz\AppData\Local\Temp\F3DD421F.dll
C:\Users\Corfitz\AppData\Local\Temp\F5389745.dll
C:\Users\Corfitz\AppData\Local\Temp\F540637B.dll
C:\Users\Corfitz\AppData\Local\Temp\F90DBB41.dll
C:\Users\Corfitz\AppData\Local\Temp\F90DF60D.dll
C:\Users\Corfitz\AppData\Local\Temp\FCA34B6A.dll
C:\Users\Corfitz\AppData\Local\Temp\FEEBCECD.dll
C:\Users\Corfitz\AppData\Local\Temp\FF87363F.dll
C:\Users\Corfitz\AppData\Local\Temp\fsprod.dll
C:\Users\Corfitz\AppData\Local\Temp\fssfm.dll
C:\Users\Corfitz\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Corfitz\AppData\Local\Temp\i4jdel0.exe
C:\Users\Corfitz\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Corfitz\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Corfitz\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Corfitz\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Corfitz\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Corfitz\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Corfitz\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Corfitz\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Corfitz\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Corfitz\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Corfitz\AppData\Local\Temp\Mobogenie_Setup_2.1.37_506.exe
C:\Users\Corfitz\AppData\Local\Temp\NEWA7F7.tmp.exe
C:\Users\Corfitz\AppData\Local\Temp\p596pwux.dll
C:\Users\Corfitz\AppData\Local\Temp\preconfig.exe
C:\Users\Corfitz\AppData\Local\Temp\scs.exe
C:\Users\Corfitz\AppData\Local\Temp\setup.exe
C:\Users\Corfitz\AppData\Local\Temp\SHSetup.exe
C:\Users\Corfitz\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Corfitz\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Corfitz\AppData\Local\Temp\Toolbar_Downius.exe
C:\Users\Corfitz\AppData\Local\Temp\Updater.exe
C:\Users\Corfitz\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Corfitz\AppData\Local\Temp\wajam_install.exe
C:\Users\Corfitz\AppData\Local\Temp\_ReMarkit_up.exe

==================== Known DLLs (Whitelisted) ================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2014-04-07 00:58:45
Restore point made on: 2014-04-07 02:05:14
Restore point made on: 2014-04-07 05:02:26

==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 4028.61 MB
Available physical RAM: 3410.53 MB
Total Pagefile: 4026.76 MB
Available Pagefile: 3403.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:113 GB) (Free:51.46 GB) NTFS
Drive d: () (Fixed) (Total:166.77 GB) (Free:166.68 GB) NTFS
Drive f: (SAMSUNG_REC) (Fixed) (Total:18.22 GB) (Free:0.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (USB) (Removable) (Total:7.51 GB) (Free:7.5 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: FA62C07F)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

LastRegBack: 2014-04-07 02:35

==================== End Of Log ============================

Attached Files

FRST.txt 30.16KB 217 downloads

Police virus - wont boot - Farbar log [Solved]

#1
tewic

Posted 09 April 2014 - 01:53 PM

Attached Files

Advertisements

#2
Valinorum

Posted 09 April 2014 - 02:02 PM

#3
tewic

Posted 10 April 2014 - 09:39 AM

#4
Valinorum

Posted 10 April 2014 - 09:49 AM

#5
Essexboy

Posted 10 April 2014 - 10:41 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Police virus - wont boot - Farbar log [Solved]

#1 tewic Posted 09 April 2014 - 01:53 PM

Attached Files

Advertisements

#2 Valinorum Posted 09 April 2014 - 02:02 PM

#3 tewic Posted 10 April 2014 - 09:39 AM

#4 Valinorum Posted 10 April 2014 - 09:49 AM

#5 Essexboy Posted 10 April 2014 - 10:41 AM

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
tewic

Posted 09 April 2014 - 01:53 PM

#2
Valinorum

Posted 09 April 2014 - 02:02 PM

#3
tewic

Posted 10 April 2014 - 09:39 AM

#4
Valinorum

Posted 10 April 2014 - 09:49 AM

#5
Essexboy

Posted 10 April 2014 - 10:41 AM