Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot boot Windows (normal or safe mode)


  • This topic is locked This topic is locked
2 replies to this topic

#1 d@rklink

d@rklink

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:51 PM

Posted 12 April 2013 - 07:16 PM

Hello,

 

I hope I can get this issue resolved.  For the past week, McAfee has continually stated that the firewall was inactive on one of my home PCs.  I didn't really think anything of and kept reactivating firewall.  This morning I went to boot the computer and as soon as it got to the loading Windows screen it immediately went to "loading files" and then took me to the startup repair screen.  Startup recovery states that it could not detect a problem but when I view the problem details, it mentioned something about mfewfpk.sys being corrupted.  If I reboot the computer and press F8 to access the boot menu, I cannot use any of the safe mode or debugging options as I just end up right back at the startup recovery window.

 

After some searching on the internet, I found this site and thought that maybe I could get some help.  I have already run FRST64 and here is the log it generated:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-04-2013
Ran by SYSTEM at 12-04-2013 19:50:39
Running from L:\
Windows 7 Home Premium   (X64) OS Language: English(US) 
The current controlset is ControlSet001
 
==================== Registry (Whitelisted) ===================
 
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12681320 2011-08-26] (Realtek Semiconductor)
HKLM\...\Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [57928 2011-09-16] (LogMeIn, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe" [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin [611712 2012-08-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [454160 2012-10-07] (McAfee, Inc.)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey [2387048 2013-03-07] (Microsoft Corp.)
HKLM-x32\...\Run: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey [454160 2012-10-07] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN [3076096 2012-06-06] (Brother Industries, Ltd.)
HKU\Margie\...\Run: [Google Update] "C:\Users\Margie\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-10-18] (Google Inc.)
HKU\Margie\...\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount [33120 2010-08-20] (Alcohol Soft Development Team)
HKU\Margie\...\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [2736128 2011-06-20] (Hewlett-Packard Company)
HKU\Margie\...\Run: [AdobeBridge]  [x]
HKU\Margie\...\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"  /MINIMIZED [969104 2012-12-09] (BitTorrent, Inc.)
HKU\Margie\...\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59872 2012-12-17] (Apple Inc.)
HKU\Margie\...\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59872 2012-12-17] (Apple Inc.)
HKU\Margie\...\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59872 2012-12-17] (Apple Inc.)
HKU\Margie\...\RunOnce: [Application Restart #0] C:\Windows\WindowsMobile\wmdc.exe C:\Windows\WindowsMobile\wmdc.exe /show [660360 2007-05-31] (Microsoft Corporation)
HKU\Margie\...\RunOnce: [Application Restart #1] C:\Users\Margie\AppData\Local\Google\Chrome\Application\chrome.exe  --flag-switches-begin --flag-switches-end --restore-last-session [1312720 2013-03-21] (Google Inc.)
Tcpip\..\Interfaces\{288DB1BD-79CF-4CC2-9B87-B11F3E7C0A2F}: [NameServer]192.168.1.1
Startup: C:\ProgramData\Start Menu\Programs\Startup\CineForm Status.lnk
ShortcutTarget: CineForm Status.lnk -> C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe (GoPro)
Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Subsonic.lnk
ShortcutTarget: Subsonic.lnk -> C:\Program Files (x86)\Subsonic\subsonic-agent.exe ()
Startup: C:\Users\Margie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
 
==================== Services (Whitelisted) ===================
 
2 astcc; C:\Windows\SysWow64\astsrv.exe [57344 2008-05-19] (Nalpeiron Ltd.)
2 BingDesktopUpdate; "C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe" [168536 2013-03-07] (Microsoft Corp.)
4 HomeNetSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [220856 2012-10-07] (McAfee, Inc.)
2 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe" [375728 2012-11-11] (LogMeIn, Inc.)
2 LMIMaint; "C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe" [147888 2012-11-11] (LogMeIn, Inc.)
2 LogMeIn; "C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe" [407424 2011-09-16] (LogMeIn, Inc.)
4 McMPFSvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [220856 2012-10-07] (McAfee, Inc.)
2 McNaiAnn; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [220856 2012-10-07] (McAfee, Inc.)
3 McODS; "C:\Program Files\McAfee\VirusScan\mcods.exe" [378952 2012-11-22] (McAfee, Inc.)
2 mcpltsvc; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [220856 2012-10-07] (McAfee, Inc.)
4 McProxy; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [220856 2012-10-07] (McAfee, Inc.)
2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1007288 2012-10-06] (McAfee, Inc.)
4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [218320 2012-11-09] (McAfee, Inc.)
2 mfevtp; "C:\Windows\system32\mfevtps.exe" [182312 2012-12-26] (McAfee, Inc.)
4 MSK80Service; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [220856 2012-10-07] (McAfee, Inc.)
2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
2 Subsonic; C:\Program Files (x86)\Subsonic\subsonic-service.exe [174592 2011-08-11] ()
 
==================== Drivers (Whitelisted) =====================
 
3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [69672 2012-11-09] (McAfee, Inc.)
3 copperhd; C:\Windows\System32\Drivers\copperhd.sys [13824 2006-05-24] (Razer (Asia-Pacific) Pte Ltd)
3 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2011-09-16] (LogMeIn, Inc.)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [178840 2012-11-09] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [309400 2012-11-09] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [515528 2012-11-09] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [771096 2012-12-26] (McAfee, Inc.)
3 mfencbdc; C:\Windows\System32\Drivers\mfencbdc.sys [328976 2012-11-01] (McAfee, Inc.)
3 mfencrk; C:\Windows\System32\Drivers\mfencrk.sys [97208 2012-11-01] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [339776 2012-12-26] ()
0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-10-19] (Duplex Secure Ltd.)
3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [x]
4 LMIRfsClientNP;  [x]
3 mfeavfk01;  [x]
 
==================== NetSvcs (Whitelisted) ====================
 
 
==================== One Month Created Files and Folders ========
 
2013-04-10 23:00 - 2013-02-21 02:30 - 01766912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-04-10 23:00 - 2013-02-21 02:30 - 01129984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-04-10 23:00 - 2013-02-21 02:29 - 14323200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-04-10 23:00 - 2013-02-21 02:29 - 13761024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-04-10 23:00 - 2013-02-21 02:29 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-04-10 23:00 - 2013-02-21 02:29 - 02046464 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-04-10 23:00 - 2013-02-21 02:29 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-04-10 23:00 - 2013-02-21 02:29 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-04-10 23:00 - 2013-02-21 02:29 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-04-10 23:00 - 2013-02-21 02:29 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-04-10 23:00 - 2013-02-21 02:29 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-04-10 23:00 - 2013-02-21 02:29 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-04-10 23:00 - 2013-02-21 02:29 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-04-10 23:00 - 2013-02-21 02:15 - 02240512 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-04-10 23:00 - 2013-02-21 02:15 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-04-10 23:00 - 2013-02-21 02:14 - 19230208 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-04-10 23:00 - 2013-02-21 02:14 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-04-10 23:00 - 2013-02-21 02:14 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-04-10 23:00 - 2013-02-21 02:14 - 02647040 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-04-10 23:00 - 2013-02-21 02:14 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-04-10 23:00 - 2013-02-21 02:14 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-04-10 23:00 - 2013-02-21 02:14 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-04-10 23:00 - 2013-02-21 02:14 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-04-10 23:00 - 2013-02-21 02:14 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-04-10 23:00 - 2013-02-21 02:14 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-04-10 23:00 - 2013-02-21 02:14 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-04-10 23:00 - 2013-02-21 02:14 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-04-10 23:00 - 2013-02-19 04:01 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-04-10 23:00 - 2013-02-19 03:42 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-04-10 23:00 - 2013-02-19 03:10 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-04-10 23:00 - 2013-02-19 02:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-04-10 01:48 - 2013-03-18 22:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-04-10 01:48 - 2013-03-18 21:46 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-04-10 01:48 - 2013-03-18 21:04 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-04-10 01:48 - 2013-03-18 21:04 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-04-10 01:48 - 2013-03-18 20:47 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-04-10 01:48 - 2013-03-18 19:06 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-04-10 01:48 - 2013-03-01 22:04 - 01655656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2013-04-10 01:48 - 2013-02-28 19:36 - 03153408 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-04-10 01:48 - 2013-01-23 22:01 - 00223752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2013-04-06 13:02 - 2013-04-06 13:02 - 00015194 ____A C:\Users\Margie\Documents\FountainsatBellagio.wlmp
2013-04-04 17:21 - 2013-04-07 06:31 - 00000000 ____D C:\Users\Margie\Desktop\Owls
2013-04-03 07:09 - 2013-04-03 07:09 - 00276144 ____A C:\Windows\Minidump\040313-53258-01.dmp
2013-04-01 23:02 - 2013-04-01 23:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-04-01 23:02 - 2013-04-01 23:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-04-01 23:02 - 2013-04-01 23:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-04-01 23:02 - 2013-04-01 23:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-04-01 23:02 - 2013-04-01 23:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-04-01 23:02 - 2013-04-01 23:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-04-01 23:02 - 2013-04-01 23:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-04-01 23:02 - 2013-04-01 23:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-04-01 23:02 - 2013-04-01 23:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-04-01 23:00 - 2013-04-01 23:04 - 00007201 ____A C:\Windows\IE10_main.log
2013-03-29 07:12 - 2013-03-30 11:10 - 02086065 ____A C:\Users\Margie\Documents\Headquarters.wlmp
2013-03-28 05:03 - 2013-03-28 16:28 - 00000000 ____D C:\Users\Margie\Desktop\100GOPRO
2013-03-26 06:57 - 2013-03-26 06:57 - 00000000 ____A C:\Users\Margie\Sti_Trace.log
2013-03-26 06:56 - 2013-03-26 06:56 - 00000000 ____D C:\Users\Margie\AppData\Roaming\ControlCenter4
2013-03-26 06:42 - 2013-03-26 06:42 - 00002144 ____A C:\Users\Public\Desktop\Brother Creative Center.lnk
2013-03-26 06:40 - 2013-03-26 06:40 - 00000000 ____D C:\ProgramData\ControlCenter4
2013-03-26 06:40 - 2013-03-26 06:40 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2013-03-26 06:40 - 2013-03-26 06:40 - 00000000 ____D C:\Program Files (x86)\Browny02
2013-03-26 06:40 - 2012-07-05 03:49 - 01441280 ____A (Brother Industries, Ltd.) C:\Windows\System32\BrWi211a.dll
2013-03-26 06:40 - 2012-07-05 03:32 - 00084480 ____A (Brother Industries, Ltd.) C:\Windows\System32\BrNetSti.dll
2013-03-26 06:40 - 2012-03-18 20:09 - 00316928 ____A (brother) C:\Windows\System32\NSSRH64.dll
2013-03-26 06:40 - 2010-09-23 00:14 - 00058880 ____A (Brother Industries,Ltd.) C:\Windows\System32\BrWiaNCp.dll
2013-03-26 06:40 - 2010-09-23 00:13 - 00051712 ____A (Brother Industries,Ltd) C:\Windows\System32\Brnsplg.dll
2013-03-26 06:40 - 2010-04-01 02:27 - 00278528 ____A (Brother Industries, Ltd.) C:\Windows\System32\BrJDec.dll
2013-03-26 06:40 - 2005-04-21 20:36 - 00143360 ____A C:\Windows\System32\BrSNMP64.dll
2013-03-26 06:37 - 2013-03-26 06:38 - 00000000 ____D C:\Users\Margie\Downloads\install
2013-03-26 06:36 - 2013-03-26 06:36 - 141090064 ____A (A.I.SOFT,INC.) C:\Users\Margie\Downloads\MFC-J435W-inst-C1-usa.EXE
2013-03-25 12:39 - 2013-03-25 12:39 - 04546560 ____A (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2013-03-22 17:07 - 2013-03-22 17:07 - 00266821 ____A C:\Users\Margie\Documents\windowtree.wlmp
2013-03-20 11:59 - 2013-02-11 20:12 - 00019968 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys
2013-03-19 17:04 - 2013-03-19 17:04 - 00096320 ____A C:\Users\Margie\Documents\4hrWindow.wlmp
2013-03-18 19:26 - 2013-03-19 16:58 - 00385848 ____A C:\Users\Margie\Documents\SnowClouds.wlmp
2013-03-16 14:20 - 2013-03-16 14:20 - 00060842 ____A C:\Users\Margie\Documents\Vegas.wlmp
2013-03-16 13:20 - 2013-03-16 13:58 - 00000000 ____D C:\Users\Margie\Desktop\instagram vegas
2013-03-16 11:32 - 2013-03-16 11:32 - 00000000 ____D C:\Users\Margie\Desktop\renamer
2013-03-16 11:26 - 2013-03-16 11:27 - 10699970 ____A C:\Users\Margie\Downloads\advanced_renamer_portable (1).zip
2013-03-15 21:21 - 2013-03-15 21:21 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
 
 
==================== One Month Modified Files and Folders =======
 
2013-04-10 23:23 - 2011-10-18 17:44 - 01865433 ____A C:\Windows\WindowsUpdate.log
2013-04-10 23:22 - 2011-10-27 03:55 - 00000000 ____D C:\ProgramData\LogMeIn
2013-04-10 23:17 - 2012-05-20 10:26 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-04-10 23:02 - 2011-10-18 15:51 - 72702784 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-04-10 23:01 - 2011-10-19 15:35 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-04-10 22:50 - 2011-10-18 15:42 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3600618329-4101588026-1006131955-1001UA.job
2013-04-10 21:57 - 2013-03-02 15:28 - 00000000 ____D C:\Users\Margie\AppData\Local\Windows Live
2013-04-10 21:00 - 2011-10-19 15:25 - 00000000 ____D C:\Users\Margie\AppData\Roaming\Dropbox
2013-04-10 01:57 - 2011-10-18 15:42 - 00000860 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3600618329-4101588026-1006131955-1001Core.job
2013-04-07 12:49 - 2009-07-13 20:45 - 00015664 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-04-07 12:49 - 2009-07-13 20:45 - 00015664 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-04-07 06:31 - 2013-04-04 17:21 - 00000000 ____D C:\Users\Margie\Desktop\Owls
2013-04-06 13:02 - 2013-04-06 13:02 - 00015194 ____A C:\Users\Margie\Documents\FountainsatBellagio.wlmp
2013-04-04 12:51 - 2011-10-19 15:26 - 00000000 ___RD C:\Users\Margie\Dropbox
2013-04-03 16:48 - 2012-08-25 19:13 - 00000000 ____D C:\Users\Margie\AppData\Roaming\uTorrent
2013-04-03 16:11 - 2011-10-28 04:18 - 00000000 ____D C:\subsonic
2013-04-03 07:14 - 2009-07-13 21:13 - 00730448 ____A C:\Windows\System32\PerfStringBackup.INI
2013-04-03 07:09 - 2013-04-03 07:09 - 00276144 ____A C:\Windows\Minidump\040313-53258-01.dmp
2013-04-03 07:09 - 2012-01-09 16:07 - 00000000 ____D C:\Windows\Minidump
2013-04-03 07:09 - 2012-01-09 16:06 - 844554290 ____A C:\Windows\MEMORY.DMP
2013-04-03 07:09 - 2011-11-02 07:39 - 00049647 ____A C:\Windows\setupact.log
2013-04-03 07:09 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-04-03 07:06 - 2012-08-26 06:45 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-04-02 00:17 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-04-01 23:26 - 2011-10-18 18:41 - 00000000 ____D C:\Windows\Panther
2013-04-01 23:23 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-04-01 23:04 - 2013-04-01 23:00 - 00007201 ____A C:\Windows\IE10_main.log
2013-04-01 23:02 - 2013-04-01 23:02 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-04-01 23:02 - 2013-04-01 23:02 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-04-01 23:02 - 2013-04-01 23:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-04-01 23:02 - 2013-04-01 23:02 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-04-01 23:02 - 2013-04-01 23:02 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-04-01 23:02 - 2013-04-01 23:02 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-04-01 23:02 - 2013-04-01 23:02 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-04-01 23:02 - 2013-04-01 23:02 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-04-01 23:02 - 2013-04-01 23:02 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-04-01 23:02 - 2013-04-01 23:02 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-04-01 23:02 - 2013-04-01 23:02 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-03-30 11:10 - 2013-03-29 07:12 - 02086065 ____A C:\Users\Margie\Documents\Headquarters.wlmp
2013-03-28 16:28 - 2013-03-28 05:03 - 00000000 ____D C:\Users\Margie\Desktop\100GOPRO
2013-03-26 06:57 - 2013-03-26 06:57 - 00000000 ____A C:\Users\Margie\Sti_Trace.log
2013-03-26 06:57 - 2011-10-18 14:49 - 00000000 ____D C:\users\Margie
2013-03-26 06:56 - 2013-03-26 06:56 - 00000000 ____D C:\Users\Margie\AppData\Roaming\ControlCenter4
2013-03-26 06:42 - 2013-03-26 06:42 - 00002144 ____A C:\Users\Public\Desktop\Brother Creative Center.lnk
2013-03-26 06:42 - 2013-02-18 18:47 - 00006613 ____A C:\Windows\BRPARAM.INI
2013-03-26 06:40 - 2013-03-26 06:40 - 00000000 ____D C:\ProgramData\ControlCenter4
2013-03-26 06:40 - 2013-03-26 06:40 - 00000000 ____D C:\Program Files (x86)\ControlCenter4
2013-03-26 06:40 - 2013-03-26 06:40 - 00000000 ____D C:\Program Files (x86)\Browny02
2013-03-26 06:40 - 2013-02-18 18:46 - 00000000 ____D C:\Program Files (x86)\Brother
2013-03-26 06:38 - 2013-03-26 06:37 - 00000000 ____D C:\Users\Margie\Downloads\install
2013-03-26 06:36 - 2013-03-26 06:36 - 141090064 ____A (A.I.SOFT,INC.) C:\Users\Margie\Downloads\MFC-J435W-inst-C1-usa.EXE
2013-03-25 12:39 - 2013-03-25 12:39 - 04546560 ____A (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2013-03-22 17:07 - 2013-03-22 17:07 - 00266821 ____A C:\Users\Margie\Documents\windowtree.wlmp
2013-03-20 23:18 - 2011-11-02 07:39 - 00072662 ____A C:\Windows\PFRO.log
2013-03-19 17:04 - 2013-03-19 17:04 - 00096320 ____A C:\Users\Margie\Documents\4hrWindow.wlmp
2013-03-19 16:58 - 2013-03-18 19:26 - 00385848 ____A C:\Users\Margie\Documents\SnowClouds.wlmp
2013-03-18 22:04 - 2013-04-10 01:48 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-03-18 21:46 - 2013-04-10 01:48 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-03-18 21:04 - 2013-04-10 01:48 - 03968856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-03-18 21:04 - 2013-04-10 01:48 - 03913560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-03-18 20:47 - 2013-04-10 01:48 - 00006656 ____A (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-03-18 19:06 - 2013-04-10 01:48 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-03-17 04:58 - 2012-01-15 11:57 - 00000000 ____D C:\Users\Margie\AppData\Roaming\HpUpdate
2013-03-16 14:20 - 2013-03-16 14:20 - 00060842 ____A C:\Users\Margie\Documents\Vegas.wlmp
2013-03-16 13:58 - 2013-03-16 13:20 - 00000000 ____D C:\Users\Margie\Desktop\instagram vegas
2013-03-16 12:36 - 2012-10-24 16:02 - 00007168 ____A C:\My3DGraph.grf
2013-03-16 11:43 - 2012-10-24 15:57 - 00000000 ____D C:\Users\Margie\AppData\Local\GoPro
2013-03-16 11:32 - 2013-03-16 11:32 - 00000000 ____D C:\Users\Margie\Desktop\renamer
2013-03-16 11:27 - 2013-03-16 11:26 - 10699970 ____A C:\Users\Margie\Downloads\advanced_renamer_portable (1).zip
2013-03-15 21:22 - 2012-09-20 17:47 - 00174080 __ASH C:\Users\Margie\Desktop\Thumbs.db
2013-03-15 21:21 - 2013-03-15 21:21 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
 
 
==================== Known DLLs (Whitelisted) =================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 10%
Total physical RAM: 8189.09 MB
Available physical RAM: 7336.55 MB
Total Pagefile: 8187.24 MB
Available Pagefile: 7335.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
 
==================== Partitions =============================
 
1 Drive c: () (Fixed) (Total:931.41 GB) (Free:715.46 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: () (Fixed) (Total:1863.01 GB) (Free:677.9 GB) NTFS
3 Drive f: (GRMCHPXFREO_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
8 Drive k: (My Book) (Fixed) (Total:931.28 GB) (Free:88.42 GB) FAT32
9 Drive l: (ADATA) (Removable) (Total:14.71 GB) (Free:9.49 GB) FAT32
10 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
11 Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online          931 GB      0 B         
  Disk 1    Online         1863 GB      0 B         
  Disk 2    No Media           0 B      0 B         
  Disk 3    No Media           0 B      0 B         
  Disk 4    No Media           0 B      0 B         
  Disk 5    No Media           0 B      0 B         
  Disk 6    Online          931 GB      0 B         
  Disk 7    Online           14 GB      0 B         
 
Partitions of Disk 0:
===============
 
Disk ID: 81E3670E
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary            100 MB  1024 KB
  Partition 2    Primary            931 GB   101 MB
 
==================================================================================
 
Disk: 0
Partition 1
Type  : 07
Hidden: No
Active: Yes
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     Y   System Rese  NTFS   Partition    100 MB  Healthy            
 
=========================================================
 
Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     C                NTFS   Partition    931 GB  Healthy            
 
=========================================================
 
Partitions of Disk 1:
===============
 
Disk ID: 9E853DAD
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary           1863 GB  1024 KB
 
==================================================================================
 
Disk: 1
Partition 1
Type  : 07
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     D                NTFS   Partition   1863 GB  Healthy            
 
=========================================================
 
Partitions of Disk 6:
===============
 
Disk ID: E8900690
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary            931 GB    31 KB
 
==================================================================================
 
Disk: 6
Partition 1
Type  : 0C
Hidden: No
Active: No
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 8     K   My Book      FAT32  Partition    931 GB  Healthy            
 
=========================================================
 
Partitions of Disk 7:
===============
 
Disk ID: 00000000
 
  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary             14 GB    64 KB
 
==================================================================================
 
Disk: 7
Partition 1
Type  : 0C
Hidden: No
Active: Yes
 
  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 9     L   ADATA        FAT32  Removable     14 GB  Healthy            
 
=========================================================
============================== MBR Partition Table ==================
 
==============================
Partitions of Disk 0:
===============
Disk ID: 81E3670E
 
Partition 1:
=========
Hex: 8020210007A3130D0008000000200300
Active: YES
Type: 07 (NTFS)
Size: 100 MB
 
Partition 2:
=========
Hex: 00A3140D07EFFFFF0028030000386D74
Active: NO
Type: 07 (NTFS)
Size: 931 GB
 
==============================
Partitions of Disk 1:
===============
Disk ID: 9E853DAD
 
Partition 1:
=========
Hex: 0020210007FEFFFF000800000078E0E8
Active: NO
Type: 07 (NTFS)
Size: -198626508800 byte
 
==============================
Partitions of Disk 6:
===============
Disk ID: E8900690
 
Partition 1:
=========
Hex: 000101000CFEFFFF3F00000082597074
Active: NO
Type: 0C
Size: 932 GB
 
==============================
Partitions of Disk 7:
===============
Disk ID: 00000000
 
Partition 1:
=========
Hex: 800180000CFEFFFF80000000803FD701
Active: YES
Type: 0C
Size: 15 GB
 
 
Last Boot: 2013-04-03 20:26
 
==================== End Of Log =============================


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:51 PM

Posted 17 April 2013 - 07:20 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/491556 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:51 PM

Posted 22 April 2013 - 07:25 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users