Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win7 CorruptFile cannot repair


  • This topic is locked This topic is locked
2 replies to this topic

#1 brunhilde

brunhilde

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:38 PM

Posted 21 December 2012 - 09:23 PM

I have tried the startup recovery repair options several times to no avail. It automatically boots to the recovery console right when the Windows logo comes up on boot. I then tried running the FSRT scan and here are the results. I would be grateful for any help.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-12-2012
Ran by SYSTEM at 22-12-2012 10:55:28
Running from J:\
Windows 7 Ultimate (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [2779024 2011-03-14] (CANON INC.)
HKLM-x32\...\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2345592 2012-07-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [106496 2010-01-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421160 2011-01-24] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [343168 2011-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [103720 2009-12-14] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" [222504 2010-12-22] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl11] C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe [230696 2011-08-23] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE [452016 2011-01-14] ()
HKU\Jay\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-20] (DT Soft Ltd)
HKU\Jay\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-12] (Microsoft Corporation)
HKU\Jay\...\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin [x]
HKU\Yasuyo\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [1305408 2011-01-20] (DT Soft Ltd)
HKU\Yasuyo\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4283256 2011-05-12] (Microsoft Corporation)
HKU\Yasuyo\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized [17877168 2012-11-08] (Skype Technologies S.A.)
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.11.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\AirStation ??????.lnk
ShortcutTarget: AirStation ??????.lnk -> C:\Program Files (x86)\BUFFALO\WDTool\bwdnotification.exe (BUFFALO INC.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Client Manager V.lnk
ShortcutTarget: Client Manager V.lnk -> C:\Program Files (x86)\BUFFALO\clientmgrv\bin\cmvMain.exe (BUFFALO INC.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe ()
Startup: C:\Users\Jay\Start Menu\Programs\Startup\PCastTV for 地デジ Lite(タスクトレイ).lnk
ShortcutTarget: PCastTV for 地デジ Lite(タスクトレイ).lnk -> C:\Program Files (x86)\BUFFALO\PCastTV_HD\PCastHDTray.exe (BUFFALO INC.)
Startup: C:\Users\Jay\Start Menu\Programs\Startup\?????????????.lnk
ShortcutTarget: ?????????????.lnk -> C:\Program Files\Buffalo\RakUpdate\RakUpdate.exe (BUFFALO INC.)

==================== Services (Whitelisted) ===================

2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe" [7391072 2012-01-30] (AVG Technologies CZ, s.r.o.)
2 avgwd; "C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe" [269520 2011-02-07] (AVG Technologies CZ, s.r.o.)
2 BWH32S; "C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe" [126328 2009-07-08] (BUFFALO INC.)
2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-08-23] ()
2 CyberLink PowerDVD 11.0 Monitor Service; "C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe" [75048 2011-09-01] (CyberLink)
2 CyberLink PowerDVD 11.0 Service; "C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe" [292136 2011-09-01] (CyberLink)
3 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] ()
2 MrnTS_Sync5; "C:\Program Files (x86)\Common Files\Creoapp\MrnTS_Sync5.exe" [263712 2007-06-11] (????????)
3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [145184 2006-10-25] ()
2 TVersityMediaServer; "C:\ProgramData\TVersity\Media Server\MediaServer.exe" [1249064 2011-07-29] ()
2 WirelessDiagnosis; C:\Program Files (x86)\BUFFALO\WDTool\bwdbackground.exe [230776 2011-03-30] (BUFFALO INC.)
2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
2 PS3 Media Server; "C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe" -s "C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.conf" [x]

==================== Drivers (Whitelisted) =====================

3 AVGIDSDriver; C:\Windows\System32\Drivers\AVGIDSDriver.sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. )
0 AVGIDSEH; C:\Windows\System32\Drivers\AVGIDSEH.sys [26704 2011-02-21] (AVG Technologies CZ, s.r.o. )
3 AVGIDSFilter; C:\Windows\System32\Drivers\AVGIDSFilter.sys [29264 2011-02-09] (AVG Technologies CZ, s.r.o. )
1 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [312160 2012-11-11] (AVG Technologies CZ, s.r.o.)
1 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [41552 2011-02-28] (AVG Technologies CZ, s.r.o.)
0 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [37456 2011-03-15] (AVG Technologies CZ, s.r.o.)
1 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [377936 2011-04-04] (AVG Technologies CZ, s.r.o.)
3 Bufeap; C:\Windows\System32\DRIVERS\bufeap64.sys [18944 2010-07-04] (BUFFALO INC.)
3 DTH10_Series; C:\Windows\System32\Drivers\DTH10_Series.sys [125496 2009-11-27] (Cobalt Technologies Co., Ltd.)
1 dtsoftbus01; C:\Windows\System32\Drivers\dtsoftbus01.sys [254528 2011-02-18] (DT Soft Ltd)
0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-02-29] ()
3 libusb0; C:\Windows\System32\Drivers\libusb0.sys [52320 2012-08-29] ()
3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [210944 2012-04-27] ()
3 ucgnsta; C:\Windows\System32\DRIVERS\ucgnstax.sys [987648 2009-08-05] (Ralink Technology Corp.)
2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; \??\C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-09-01] (CyberLink Corp.)
3 ALSysIO; \??\C:\Users\Jay\AppData\Local\Temp\ALSysIO64.sys [x]
3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [x]
3 IntcAzAudAddService; C:\Windows\System32\drivers\RTKVHD64.sys [x]
0 mv91xx; C:\Windows\System32\DRIVERS\mv91xx.sys [x]
3 Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [x]
3 tsusbhub; C:\Windows\System32\drivers\tsusbhub.sys [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-12-22 10:55 - 2012-12-22 10:55 - 00000000 ____D C:\FRST
2012-12-17 06:33 - 2012-12-17 06:33 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{FEB52D66-AA81-4264-A8D0-297C1129C333}
2012-12-17 06:33 - 2012-12-17 06:33 - 00000000 ____D C:\Users\Jay\AppData\Local\{AE046FF9-EDEC-4B52-8930-D73E711E72BE}
2012-12-16 13:25 - 2012-12-16 13:26 - 00000000 ____D C:\Users\Jay\AppData\Local\{9D17042B-1D0C-428A-A4C0-93FD4CA0A268}
2012-12-14 20:03 - 2012-12-14 20:03 - 00000000 ____D C:\Users\Jay\AppData\Local\{7851E552-C317-416A-85B9-F2DCB2CD6B49}
2012-12-14 04:15 - 2012-12-16 13:26 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{DF715C3E-7114-432D-9576-B46F9D9B9736}
2012-12-13 20:14 - 2012-12-13 20:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2012-12-13 20:14 - 2012-12-13 20:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2012-12-13 20:07 - 2012-12-13 20:07 - 00000000 ____D C:\Users\Jay\AppData\Local\{DD6A4EC9-793D-4111-8EB1-56D12ACD5FA8}
2012-12-11 06:17 - 2012-12-11 06:18 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{1B1794DD-42FC-475B-9B8C-14C1A2F51BC0}
2012-12-10 17:27 - 2012-12-10 17:27 - 00000000 ___AH C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2012-12-10 17:27 - 2012-12-10 17:27 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2012-12-10 17:26 - 2012-07-25 20:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-12-10 17:26 - 2012-07-25 20:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-12-10 17:26 - 2012-07-25 18:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-12-10 17:26 - 2012-06-02 06:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-12-10 17:09 - 2012-12-10 17:09 - 00000000 ____D C:\Users\Jay\AppData\Local\{F49FE3E5-644E-4A3E-BE7E-36CAC77EA3D1}
2012-12-09 18:32 - 2012-12-09 18:32 - 00000000 ____D C:\Users\Jay\AppData\Local\{EC86A969-A4A6-4A20-A2D2-11CC8C9EF8C2}
2012-12-09 06:32 - 2012-12-09 06:32 - 00000000 ____D C:\Users\Jay\AppData\Local\{A3BD3D8A-AD75-4869-AFD6-2AD7202FD4B0}
2012-12-08 18:31 - 2012-12-08 18:32 - 00000000 ____D C:\Users\Jay\AppData\Local\{24A53CF5-5776-409E-9EBD-7DE791D3CC46}
2012-12-08 06:31 - 2012-12-08 06:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{225777F9-890F-4645-9CE5-B16551D67308}
2012-12-07 18:31 - 2012-12-07 18:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{8287AA57-F1D8-4E07-84C3-15253915DCF3}
2012-12-07 06:31 - 2012-12-07 06:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{E1478426-C0B3-4113-B177-DF3815721EAF}
2012-12-06 18:30 - 2012-12-06 18:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{E32F3866-3A13-466E-A030-0500206E71BA}
2012-12-05 02:53 - 2012-12-05 02:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{C149B60D-FD78-46D2-8CBE-3C9F08F76193}
2012-12-04 14:53 - 2012-12-04 14:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{491CEE05-8995-4BFE-AD7C-CB3E18108F0B}
2012-12-04 02:53 - 2012-12-04 02:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{B7E21AA6-9DF1-4B84-BAE3-8C02CA9E2DF2}
2012-12-03 14:53 - 2012-12-03 14:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{A1448FBB-CE13-4365-96AF-BC81F50C3440}
2012-12-03 01:14 - 2012-12-03 01:15 - 00000000 ____D C:\Users\Jay\AppData\Local\{546CD61A-110F-4F39-B30B-3EC8AD884000}
2012-11-30 05:37 - 2012-11-30 05:38 - 00000000 ____D C:\Users\Jay\AppData\Local\{1D79730F-59BB-4B59-80BD-C4D3E16DBC71}
2012-11-29 02:59 - 2012-11-29 02:59 - 00000000 ____D C:\Users\Jay\AppData\Local\{4418C7D5-0C2B-4FA1-8578-96A3A6250F13}
2012-11-28 14:59 - 2012-11-28 14:59 - 00000000 ____D C:\Users\Jay\AppData\Local\{46A50999-CDA8-41F7-A0F3-1B1B13C5E31E}
2012-11-27 01:04 - 2012-12-10 17:09 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{D2857AFF-359B-4821-92A9-E55C8130CECF}
2012-11-26 19:41 - 2012-11-26 19:41 - 00000000 ____D C:\Users\Jay\AppData\Local\{70AE0BCC-B339-4C55-A616-3F7D99F05AE0}
2012-11-25 15:03 - 2012-11-26 07:41 - 00000000 ____D C:\Users\Jay\AppData\Local\{00A1A77D-E6BC-4CD1-AFAA-0388B453ED93}
2012-11-24 22:13 - 2012-11-24 22:13 - 00000000 ____D C:\Users\Jay\AppData\Local\{FE739715-C62B-4087-AB38-9E4BD028B16A}
2012-11-23 21:22 - 2012-11-23 21:22 - 00000000 ____D C:\Users\Jay\AppData\Local\{4E50867B-7E84-467B-BFEA-330DA6E43A90}
2012-11-22 04:08 - 2012-11-22 04:08 - 00000000 ____D C:\Users\Jay\AppData\Local\{D0F80378-27EB-431D-A948-94FE3DC9688D}

==================== One Month Modified Files and Folders =======

2012-12-18 01:07 - 2011-09-17 16:28 - 00000000 ____D C:\Users\All Users\McAfee Security Scan
2012-12-18 01:07 - 2011-02-20 06:01 - 00000000 ____D C:\Users\Jay\AppData\Roaming\uTorrent
2012-12-18 01:07 - 2011-02-14 07:51 - 00000000 ____D C:\users\Yasuyo
2012-12-18 01:07 - 2011-02-14 07:20 - 00000000 ____D C:\users\???
2012-12-18 01:07 - 2011-02-13 05:29 - 00000000 ____D C:\Windows\System32\Drivers\AVG
2012-12-18 01:07 - 2011-02-13 03:03 - 00000000 ____D C:\users\Jay
2012-12-18 01:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-12-18 01:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2012-12-18 01:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2012-12-18 01:07 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2012-12-18 01:06 - 2011-03-14 22:34 - 00000000 ____D C:\Users\Yasuyo\AppData\Roaming\Skype
2012-12-17 06:33 - 2012-12-17 06:33 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{FEB52D66-AA81-4264-A8D0-297C1129C333}
2012-12-17 06:33 - 2012-12-17 06:33 - 00000000 ____D C:\Users\Jay\AppData\Local\{AE046FF9-EDEC-4B52-8930-D73E711E72BE}
2012-12-16 20:08 - 2011-03-29 23:11 - 00000000 ____D C:\Users\Yasuyo\Tracing
2012-12-16 20:08 - 2011-02-14 16:44 - 00121992 ____A C:\Users\Yasuyo\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-16 15:09 - 2011-03-05 04:23 - 00000000 ____D C:\Users\Jay\Tracing
2012-12-16 15:09 - 2011-02-13 04:16 - 00121992 ____A C:\Users\Jay\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-16 13:26 - 2012-12-16 13:25 - 00000000 ____D C:\Users\Jay\AppData\Local\{9D17042B-1D0C-428A-A4C0-93FD4CA0A268}
2012-12-16 13:26 - 2012-12-14 04:15 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{DF715C3E-7114-432D-9576-B46F9D9B9736}
2012-12-16 13:25 - 2012-04-14 22:54 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-12-16 13:25 - 2011-05-07 23:11 - 00340383 ____A C:\Windows\SysWOW64\TVersityMediaServer.log
2012-12-14 20:03 - 2012-12-14 20:03 - 00000000 ____D C:\Users\Jay\AppData\Local\{7851E552-C317-416A-85B9-F2DCB2CD6B49}
2012-12-13 22:03 - 2012-04-14 22:54 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-12-13 22:03 - 2011-05-19 06:22 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-12-13 20:14 - 2012-12-13 20:14 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2012-12-13 20:14 - 2012-12-13 20:14 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2012-12-13 20:14 - 2011-03-29 15:05 - 00000953 ____A C:\Users\Public\Desktop\AVG 2011.lnk
2012-12-13 20:14 - 2009-07-13 20:45 - 00018192 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-12-13 20:14 - 2009-07-13 20:45 - 00018192 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-12-13 20:12 - 2011-02-13 03:34 - 00396672 ____A C:\Windows\System32\perfh011.dat
2012-12-13 20:12 - 2011-02-13 03:34 - 00106538 ____A C:\Windows\System32\perfc011.dat
2012-12-13 20:12 - 2009-07-13 21:13 - 01220272 ____A C:\Windows\System32\PerfStringBackup.INI
2012-12-13 20:08 - 2011-02-13 03:03 - 02057536 ____A C:\Windows\WindowsUpdate.log
2012-12-13 20:08 - 2009-07-13 20:51 - 00051304 ____A C:\Windows\setupact.log
2012-12-13 20:07 - 2012-12-13 20:07 - 00000000 ____D C:\Users\Jay\AppData\Local\{DD6A4EC9-793D-4111-8EB1-56D12ACD5FA8}
2012-12-13 20:06 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-12-11 06:18 - 2012-12-11 06:17 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{1B1794DD-42FC-475B-9B8C-14C1A2F51BC0}
2012-12-11 00:26 - 2012-05-05 17:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-12-10 17:40 - 2011-03-13 16:11 - 00000000 ____D C:\Users\Jay\AppData\Roaming\Skype
2012-12-10 17:27 - 2012-12-10 17:27 - 00000000 ___AH C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Coinstaller_Critical.Wdf
2012-12-10 17:27 - 2012-12-10 17:27 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_dc3d_01011.Wdf
2012-12-10 17:09 - 2012-12-10 17:09 - 00000000 ____D C:\Users\Jay\AppData\Local\{F49FE3E5-644E-4A3E-BE7E-36CAC77EA3D1}
2012-12-10 17:09 - 2012-11-27 01:04 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{D2857AFF-359B-4821-92A9-E55C8130CECF}
2012-12-09 18:32 - 2012-12-09 18:32 - 00000000 ____D C:\Users\Jay\AppData\Local\{EC86A969-A4A6-4A20-A2D2-11CC8C9EF8C2}
2012-12-09 06:32 - 2012-12-09 06:32 - 00000000 ____D C:\Users\Jay\AppData\Local\{A3BD3D8A-AD75-4869-AFD6-2AD7202FD4B0}
2012-12-08 18:32 - 2012-12-08 18:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{24A53CF5-5776-409E-9EBD-7DE791D3CC46}
2012-12-08 06:31 - 2012-12-08 06:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{225777F9-890F-4645-9CE5-B16551D67308}
2012-12-07 20:10 - 2012-10-27 22:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-12-07 18:31 - 2012-12-07 18:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{8287AA57-F1D8-4E07-84C3-15253915DCF3}
2012-12-07 16:56 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\LiveKernelReports
2012-12-07 06:31 - 2012-12-07 06:31 - 00000000 ____D C:\Users\Jay\AppData\Local\{E1478426-C0B3-4113-B177-DF3815721EAF}
2012-12-06 18:31 - 2012-12-06 18:30 - 00000000 ____D C:\Users\Jay\AppData\Local\{E32F3866-3A13-466E-A030-0500206E71BA}
2012-12-05 02:53 - 2012-12-05 02:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{C149B60D-FD78-46D2-8CBE-3C9F08F76193}
2012-12-04 14:53 - 2012-12-04 14:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{491CEE05-8995-4BFE-AD7C-CB3E18108F0B}
2012-12-04 02:53 - 2012-12-04 02:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{B7E21AA6-9DF1-4B84-BAE3-8C02CA9E2DF2}
2012-12-03 14:53 - 2012-12-03 14:53 - 00000000 ____D C:\Users\Jay\AppData\Local\{A1448FBB-CE13-4365-96AF-BC81F50C3440}
2012-12-03 01:15 - 2012-12-03 01:14 - 00000000 ____D C:\Users\Jay\AppData\Local\{546CD61A-110F-4F39-B30B-3EC8AD884000}
2012-11-30 05:38 - 2012-11-30 05:37 - 00000000 ____D C:\Users\Jay\AppData\Local\{1D79730F-59BB-4B59-80BD-C4D3E16DBC71}
2012-11-29 02:59 - 2012-11-29 02:59 - 00000000 ____D C:\Users\Jay\AppData\Local\{4418C7D5-0C2B-4FA1-8578-96A3A6250F13}
2012-11-28 14:59 - 2012-11-28 14:59 - 00000000 ____D C:\Users\Jay\AppData\Local\{46A50999-CDA8-41F7-A0F3-1B1B13C5E31E}
2012-11-26 19:41 - 2012-11-26 19:41 - 00000000 ____D C:\Users\Jay\AppData\Local\{70AE0BCC-B339-4C55-A616-3F7D99F05AE0}
2012-11-26 07:52 - 2011-06-20 01:55 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-11-26 07:52 - 2011-06-20 01:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2012-11-26 07:52 - 2011-03-13 16:11 - 00000000 ____D C:\Users\All Users\Skype
2012-11-26 07:41 - 2012-11-25 15:03 - 00000000 ____D C:\Users\Jay\AppData\Local\{00A1A77D-E6BC-4CD1-AFAA-0388B453ED93}
2012-11-26 07:41 - 2012-11-20 03:26 - 00000000 ____D C:\Users\Yasuyo\AppData\Local\{3E201402-1458-4203-9DF1-CBA442E337A8}
2012-11-25 06:15 - 2011-02-26 05:07 - 00000000 ____D C:\Users\Jay\AppData\Roaming\vlc
2012-11-24 22:13 - 2012-11-24 22:13 - 00000000 ____D C:\Users\Jay\AppData\Local\{FE739715-C62B-4087-AB38-9E4BD028B16A}
2012-11-23 21:22 - 2012-11-23 21:22 - 00000000 ____D C:\Users\Jay\AppData\Local\{4E50867B-7E84-467B-BFEA-330DA6E43A90}
2012-11-22 04:08 - 2012-11-22 04:08 - 00000000 ____D C:\Users\Jay\AppData\Local\{D0F80378-27EB-431D-A948-94FE3DC9688D}


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2012-12-16 13:26:29

==================== Memory info ===========================

Percentage of memory in use: 9%
Total physical RAM: 8183.05 MB
Available physical RAM: 7364.89 MB
Total Pagefile: 8181.2 MB
Available Pagefile: 7358.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: () (Fixed) (Total:111.69 GB) (Free:14.1 GB) NTFS
2 Drive d: (WD20EARS) (Fixed) (Total:1863.01 GB) (Free:562.02 GB) NTFS
3 Drive e: (WD15EARS) (Fixed) (Total:1397.26 GB) (Free:418.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: (Seagate320) (Fixed) (Total:298.09 GB) (Free:93.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
5 Drive g: (Seagate1000) (Fixed) (Total:931.51 GB) (Free:7.74 GB) NTFS
6 Drive i: (GRMCULXFRER_EN_DVD) (CDROM) (Total:3.09 GB) (Free:0 GB) UDF
7 Drive j: (USB DISK) (Removable) (Total:3.72 GB) (Free:3.71 GB) FAT32
8 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
9 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 111 GB 0 B
Disk 1 Online 1863 GB 0 B
Disk 2 Online 1397 GB 0 B
Disk 3 Online 298 GB 0 B
Disk 4 Online 931 GB 0 B
Disk 5 Online 3817 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 100 MB 1024 KB
Partition 2 Primary 111 GB 101 MB

==================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y System Rese NTFS Partition 100 MB Healthy

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 111 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1863 GB 1024 KB

==================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D WD20EARS NTFS Partition 1863 GB Healthy

=========================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 1397 GB 1024 KB

==================================================================================

Disk: 2
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 E WD15EARS NTFS Partition 1397 GB Healthy

=========================================================

Partitions of Disk 3:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 298 GB 31 KB

==================================================================================

Disk: 3
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 F Seagate320 NTFS Partition 298 GB Healthy

=========================================================

Partitions of Disk 4:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 1024 KB

==================================================================================

Disk: 4
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 6 G Seagate1000 NTFS Partition 931 GB Healthy

=========================================================

Partitions of Disk 5:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3813 MB 4032 KB

==================================================================================

Disk: 5
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 7 J USB DISK FAT32 Removable 3813 MB Healthy

=========================================================

Last Boot: 2012-12-14 07:03

==================== End Of Log =============================

Edited by Orange Blossom, 22 December 2012 - 04:29 AM.
Moved to log forum. ~ OB


BC AdBot (Login to Remove)

 


#2 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:38 AM

Posted 22 December 2012 - 09:03 AM

Hello brunhilde,

Welcome to the forum.

Please refrain from doing any fix or making any changes to the system from now on until we are done unless you decide you can do the rest on your own. Thank you.

Does the system repair tells you which file is currupted?

Boot to System Recovery Options and run FRST.

Type the following in the edit box after "Search:".

Fs_Rec.sys;RDPWD.sys

Note: The file names should be precise and separated by semicolon (;)

Click Search File(s) button and post the log it makes to your reply.

#3 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:09:38 AM

Posted 25 December 2012 - 09:29 AM

This thread will now be closed due to lack of activity.

If you need this topic reopened, please send me a Private Message and I will reopen it for you.

If you should have a new issue, please start a new topic.

Every one else should start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users