Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Lost power during Windows Update reboot - can't boot


  • This topic is locked This topic is locked
3 replies to this topic

#1 esteban008

esteban008

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 16 April 2014 - 02:22 PM

Hi,

 

I'm a new user here (but frequent viewer) and was hoping someone might be able to help me resolve my issue.  I spent the last couple days doing a clean install of Windows 7 on my PC, and got everything to where I wanted it.  Today I was installing some routine Windows Updates and during the reboot install (i.e. "Installing Updates, do not turn off computer") I lost power to the computer due to the power cord not sufficiently being plugged in :-/  Now when I restart the machine I receive the following (seemingly common) blue screen error.

 

STOP: c0000135 The program can't start because %hs is missing from your computer. Try reinstalling the program to fix this problem.

 

I tried the normal F8 options; Startup Repair, Restore, etc. they all fail. I tried using SFC, this fails. I tried chkdsk and everything was fine there. Sadly I keep receiving the same blue screen error.  

 

So... I downloaded FarBar, ran the scan, and obtained the following FRST.txt file.  I notice a couple issues in the file, but am not sure on how to proceed.  I was hoping someone out there might be able to help me with what to do next.

Thank you!

 

FRST.txt...

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-04-2014 01
Ran by SYSTEM on MININT-CNUA5DT on 16-04-2014 11:53:12
Running from F:\
Windows 7 Professional Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe [2697832 2011-07-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1634112 2011-09-07] ()
HKLM\...\Run: [McAfeeUpdaterUI] => C:\Program Files\McAfee\Common Framework\udaterui.exe [333856 2013-09-27] (McAfee, Inc.)
HKLM\...\Run: [ShStatEXE] => C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [243560 2014-01-15] (McAfee, Inc.)
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [262656 2010-11-20] (Microsoft Corporation)
HKLM\...\Policies\Explorer: [UseDefaultTile] 1
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\repair\...\Policies\Explorer\DisallowRun: [1] FpSearch.exe
HKU\repair\...\Policies\Explorer: [DisallowRun] 1
HKU\repair\...\Policies\Explorer: [NoSimpleStartMenu] 1
HKU\tca\...\Policies\Explorer\DisallowRun: [1] FpSearch.exe
HKU\tca\...\Policies\Explorer: [DisallowRun] 1
HKU\tca\...\Policies\Explorer: [NoSimpleStartMenu] 1
HKU\tca\...\Policies\Explorer: [ForceClassicControlPanel] 1
HKU\tca\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
HKU\tca\...\Policies\Explorer: [NoNetHood] 1
HKU\tca\...\Policies\Explorer: [NoCloseDragDropBands] 1
HKU\tca\...\Policies\Explorer: [NoMovingBands] 1
HKU\tca\...\Policies\Explorer: [NoRecentDocsNetHood] 1
HKU\tca\...\Policies\Explorer: [ForceStartMenuLogOff] 1
HKU\tca\...\Policies\Explorer: [Intellimenus] 1
HKU\tca\...\Policies\Explorer: [LockTaskbar] 1
HKU\tca\...\Policies\Explorer: [NoAutoTrayNotify] 1
HKU\tca\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\tca\...\Policies\Explorer: [NoSMBalloonTip] 1
HKU\tca\...\Policies\Explorer: [NoStartMenuMyGames] 1
HKU\tca\...\Policies\Explorer: [NoStartMenuMyMusic] 1
HKU\tca\...\Policies\Explorer: [QuickLaunchEnabled] 1
HKU\tca\...\Policies\Explorer: [ForceRunOnStartMenu] 1
HKU\tca\...\Policies\Explorer: [TaskbarNoAddRemoveToolbar] 1
HKU\tca\...\Policies\Explorer: [TaskbarNoDragToolbar] 1
HKU\tca\...\Policies\Explorer: [TaskbarNoNotification] 1
HKU\tca\...\Policies\Explorer: [TaskbarNoRedock] 1
HKU\tca\...\Policies\Explorer: [TaskbarNoResize] 1
HKU\tca\...\Policies\Explorer: [NoWelcomeScreen] 1
HKU\tca\...\Policies\Explorer: [NoAutorun] 1
HKU\tca\...\Policies\Explorer: [RestrictWelcomeCenter] 1
HKU\tca\...\Policies\Explorer: [NoComputersNearMe] 1
HKU\tca\...\Policies\Explorer: [AlwaysShowClassicMenu] 1
HKU\tca\...\Policies\Explorer: [ClearRecentProgForNewUserInStartMenu] 1
HKU\tca\...\Policies\Explorer: [NoSearchInternetInStartMenu] 1
HKU\tca\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\tca\...\Policies\Explorer: [NoSMConfigurePrograms] 1
HKU\tca\...\Policies\Explorer: [NoPreviewPane] 1
HKU\tca\...\Policies\Explorer: [NoSMMyPictures] 1

========================== Services (Whitelisted) =================

S2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [131072 2011-11-30] (Broadcom Corporation)
S2 CcmExec; C:\Windows\system32\CCM\CcmExec.exe [764768 2009-09-18] (Microsoft Corporation)
S2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [458464 2012-02-02] (Intel® Corporation)
S2 Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [132768 2011-11-09] (Intel Corporation)
S2 jhi_service; C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S2 McAfeeFramework; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [133152 2013-09-27] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [204320 2014-04-15] (McAfee, Inc.)
S2 McTaskManager; C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [208416 2014-01-15] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [174968 2014-04-15] (McAfee, Inc.)
S3 smstsmgr; C:\Windows\system32\CCM\TSManager.exe [246624 2009-09-18] (Microsoft Corporation)
S2 VdmService; C:\GENIE2K\EXEFILES\winvdm.exe [417792 2009-08-26] (Canberra Industries)
S2 CryptSvc; %SystemRoot%\system32\cryptsvc.dll [X]
S2 ftpsvc; %windir%\system32\inetsrv\ftpsvc.dll [X]
S2 IKEEXT; %SystemRoot%\System32\ikeext.dll [X]

==================== Drivers (Whitelisted) ====================

S3 Blfp; C:\Windows\System32\DRIVERS\basp.sys [103936 2011-08-22] (Broadcom Corporation)
S3 CIUSB; C:\Windows\System32\Drivers\ciusb.sys [19165 2012-08-25] (Thesycon GmbH, Germany)
S3 e1cexpress; C:\Windows\System32\DRIVERS\e1c6232.sys [280744 2011-11-30] (Intel Corporation)
S3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHDA.sys [3129768 2012-02-07] (Realtek Semiconductor Corp.)
S0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [13592 2012-02-27] (Intel Corporation)
S3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [348440 2012-02-27] (Intel Corporation)
S3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [792856 2012-02-27] (Intel Corporation)
S3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [46080 2011-11-10] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [134472 2014-04-15] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [236480 2014-04-15] (McAfee, Inc.)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [66408 2014-04-15] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [573136 2014-04-15] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [93144 2014-04-15] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [213872 2014-04-15] (McAfee, Inc.)
S3 NAL; C:\Windows\system32\Drivers\iqvw32.sys [30368 2011-11-09] (Intel Corporation )
S3 PcaMp60; C:\Windows\System32\DRIVERS\PcaMp60.sys [29696 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
S3 prepdrvr; C:\Windows\system32\CCM\prepdrv.sys [20848 2009-09-18] (Microsoft Corporation)
S3 RTL8023xp; C:\Windows\System32\DRIVERS\EG1032xp.sys [71040 2014-04-15] (Linksys, A Division of Cisco Systems, Inc )
S3 SNTNLUSB; C:\Windows\System32\DRIVERS\SNTNLUSB.SYS [38376 2009-09-17] (SafeNet, Inc.)
S3 mfeavfk01; No ImagePath

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-16 11:53 - 2014-04-16 11:53 - 00000000 ____D () C:\FRST
2014-04-16 07:09 - 2014-04-16 07:09 - 00046774 _____ () C:\Windows\MDACSET.log
2014-04-16 07:09 - 2014-04-16 07:09 - 00002074 _____ () C:\Users\tca\Desktop\DataTool.lnk
2014-04-16 07:09 - 2014-04-16 07:09 - 00002067 _____ () C:\Users\tca\Desktop\ELEMENT.lnk
2014-04-16 07:09 - 2014-04-16 07:09 - 00001644 _____ () C:\Windows\ODBCINST.INI
2014-04-16 07:09 - 2014-04-16 07:09 - 00000288 _____ () C:\Windows\ODBC.INI
2014-04-16 07:08 - 2014-04-16 07:08 - 00000000 ____D () C:\Program Files\Promium
2014-04-16 07:08 - 2014-04-16 07:08 - 00000000 ____D () C:\Program Files\Common Files\Business Objects
2014-04-16 07:08 - 2014-04-16 07:08 - 00000000 ____D () C:\Program Files\Business Objects
2014-04-16 02:03 - 2014-04-16 02:03 - 00442836 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-04-16 02:03 - 2014-01-28 18:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2014-04-15 13:34 - 2001-08-24 06:28 - 00000833 _____ () C:\Windows\session.ini
2014-04-15 13:31 - 2014-04-15 13:31 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-04-15 13:31 - 2006-10-26 18:58 - 00030512 _____ (Microsoft Corporation) C:\Windows\System32\mdimon.dll
2014-04-15 13:30 - 2014-04-15 13:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-15 13:30 - 2014-04-15 13:30 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-04-15 13:30 - 2014-04-15 13:30 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-04-15 13:28 - 2014-04-15 13:28 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-04-15 13:27 - 2014-04-15 13:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-15 13:27 - 2014-04-15 13:31 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-15 13:27 - 2014-04-15 13:27 - 00000000 ____D () C:\Users\repair\AppData\Local\Microsoft Help
2014-04-15 13:26 - 2014-04-15 13:26 - 00000000 ____D () C:\Users\repair\AppData\Roaming\McAfee
2014-04-15 11:19 - 2014-04-15 13:34 - 00000462 _____ () C:\Windows\SMSCFG.ini
2014-04-15 11:19 - 2014-04-15 11:20 - 00000000 ____D () C:\Windows\System32\CCM
2014-04-15 11:19 - 2014-04-15 11:19 - 00004764 _____ () C:\Windows\System32\CcmFramework.ini
2014-04-15 11:19 - 2014-04-15 11:19 - 00000621 _____ () C:\Windows\System32\CcmFramework.h
2014-04-15 11:19 - 2014-04-15 11:19 - 00000000 ____D () C:\Windows\ms
2014-04-15 11:04 - 2014-04-15 11:04 - 00262144 _____ () C:\Windows\System32\config\ELAM
2014-04-15 11:03 - 2014-04-15 11:03 - 00573136 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00236480 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00213872 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00174968 _____ (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
2014-04-15 11:03 - 2014-04-15 11:03 - 00134472 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00094080 _____ (McAfee, Inc.) C:\Windows\System32\MfeOtlkAddin.dll
2014-04-15 11:03 - 2014-04-15 11:03 - 00093144 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00066408 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfebopk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00025088 _____ (McAfee, Inc.) C:\Windows\System32\MFEOtlk.dll
2014-04-15 11:03 - 2014-04-15 11:03 - 00010568 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-04-15 11:00 - 2014-04-15 11:00 - 00000000 ____D () C:\Users\tca\AppData\Local\PANalytical_B.V
2014-04-15 10:57 - 2014-04-15 11:03 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-15 10:57 - 2014-04-15 11:03 - 00000000 ____D () C:\Program Files\McAfee
2014-04-15 10:57 - 2014-04-15 10:57 - 06020498 _____ (McAfee, Inc.) C:\Windows\FramePkg.exe
2014-04-15 10:57 - 2014-04-15 10:57 - 00000000 ____D () C:\Users\tca\AppData\Roaming\McAfee
2014-04-15 10:02 - 2014-03-31 08:35 - 00231584 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2014-04-15 09:59 - 2012-06-02 14:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2014-04-15 09:59 - 2012-06-02 14:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2014-04-15 09:59 - 2012-06-02 14:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2014-04-15 09:59 - 2012-06-02 14:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2014-04-15 09:59 - 2012-06-02 14:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2014-04-15 09:59 - 2012-06-02 14:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2014-04-15 09:59 - 2012-06-02 14:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2014-04-15 09:59 - 2012-06-02 14:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2014-04-15 09:59 - 2012-06-02 14:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2014-04-15 09:58 - 2014-04-15 15:25 - 00022974 __RSH () C:\Users\tca\ntuser.pol
2014-04-15 09:58 - 2014-04-15 15:25 - 00000000 ____D () C:\users\tca
2014-04-15 09:58 - 2014-04-15 13:36 - 00108824 _____ () C:\Users\tca\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-15 09:58 - 2014-04-15 09:58 - 00000020 ___SH () C:\Users\tca\ntuser.ini
2014-04-15 09:58 - 2014-04-15 09:58 - 00000000 ____D () C:\Users\tca\AppData\Roaming\Intel Corporation
2014-04-15 09:58 - 2014-04-15 09:58 - 00000000 ____D () C:\Users\tca\AppData\Local\VirtualStore
2014-04-15 09:58 - 2014-04-15 09:58 - 00000000 ____D () C:\ProgramData\GroupPolicy
2014-04-15 09:57 - 2014-04-15 09:57 - 00057560 _____ () C:\Users\repair\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-15 09:57 - 2014-04-15 09:57 - 00000000 ____D () C:\Users\repair\AppData\Roaming\Intel Corporation
2014-04-15 09:56 - 2014-04-15 13:34 - 00039057 __RSH () C:\ProgramData\ntuser.pol
2014-04-15 09:56 - 2014-04-15 09:58 - 00000000 ____D () C:\Windows\System32\appmgmt
2014-04-15 09:56 - 2014-04-15 09:57 - 00000000 ____D () C:\users\repair
2014-04-15 09:56 - 2014-04-15 09:56 - 00003730 __RSH () C:\Users\repair\ntuser.pol
2014-04-15 09:56 - 2014-04-15 09:56 - 00000020 ___SH () C:\Users\repair\ntuser.ini
2014-04-15 09:56 - 2014-04-15 09:56 - 00000000 ____D () C:\Users\repair\AppData\Local\VirtualStore
2014-04-15 09:54 - 2014-04-16 08:01 - 00000112 _____ () C:\Windows\System32\config\netlogon.ftl
2014-04-15 09:52 - 2014-04-15 09:52 - 00000000 ____D () C:\Users\Win7Admin\Desktop\EG1032v3_dr
2014-04-15 09:52 - 2014-04-15 09:45 - 00071040 _____ (Linksys, A Division of Cisco Systems, Inc ) C:\Windows\System32\Drivers\EG1032xp.sys
2014-04-14 12:25 - 2014-04-14 12:25 - 00000000 ____D () C:\Users\Win7Admin\AppData\Local\PANalytical_B.V
2014-04-14 08:36 - 2014-04-14 09:19 - 00000000 ____D () C:\Service
2014-04-10 14:39 - 2014-04-10 14:40 - 00041486 _____ () C:\Windows\iis7.log
2014-04-10 14:39 - 2014-04-10 14:39 - 00000326 _____ () C:\Windows\System32\secedit.log
2014-04-10 14:39 - 2014-04-10 14:39 - 00000000 ____D () C:\Windows\System32\BestPractices
2014-04-10 14:31 - 2014-04-10 14:31 - 00000000 ____D () C:\Users\Win7Admin\Desktop\DETECTOR
2014-04-10 14:14 - 2004-12-01 10:14 - 00598016 _____ (ComponentOne) C:\Windows\System32\vsflex8u.ocx
2014-04-10 14:14 - 1999-12-08 16:17 - 00448216 _____ (VideoSoft) C:\Windows\System32\Vsflex7.ocx
2014-04-10 14:13 - 2002-11-06 10:56 - 00335872 _____ (IDEAL Software® GmbH, Neuss, Germany) C:\Windows\System32\vpex3235.dll
2014-04-10 14:13 - 2002-11-06 10:56 - 00249856 _____ (IDEAL Software® GmbH, Neuss, Germany) C:\Windows\System32\vpdf32.dll
2014-04-10 14:13 - 2002-11-05 15:54 - 00458752 _____ (IDEAL Software® GmbH Neuss, Germany) C:\Windows\System32\VpeCtrl35.ocx
2014-04-10 14:13 - 2002-08-06 08:20 - 00053248 _____ (Compiled by IDEAL Software GmbH, Neuss, Germany) C:\Windows\System32\vzlib32.dll
2014-04-10 14:13 - 2002-07-08 10:17 - 00369664 _____ (Herd Software Entwicklung/ Rudolf-Virchow-Str.8/ D-68642 Bürstadt/ http://www.herdsoft.com/ Telefon:+49-6206-707775/ Telefax:+49-6206-707776) C:\Windows\System32\Dav3_32.dll
2014-04-10 14:13 - 2002-07-08 10:17 - 00143360 _____ (Herd Software Entwicklung/ Rudolf-Virchow-Str.8/ D-68642 Bürstadt/ http://www.herdsoft.com/ eMail:info@herdsoft.com/ Telefon:+49-6206-707775/ Telefax:+49-6206-707776) C:\Windows\System32\leon3_32.dll
2014-04-10 14:13 - 2002-07-04 03:22 - 00039424 _____ (Herd Software Entwicklung/ Rudolf-Virchow-Str.8/ 68642 Bürstadt/ Tel.:+49-6206-707775/ http://www.herdsoft.com) C:\Windows\System32\BarVisD.dll
2014-04-10 14:13 - 2001-06-20 00:11 - 00458752 _____ (Compaq Computer Corporation) C:\Windows\System32\Dformd.dll
2014-04-10 14:13 - 2000-02-29 13:35 - 00006148 _____ () C:\Windows\System32\Drivers\PORTIO.SYS
2014-04-10 14:13 - 1999-05-06 23:00 - 00204296 _____ (Microsoft Corporation) C:\Windows\System32\RICHTX32.OCX
2014-04-10 14:08 - 2014-04-10 14:08 - 00002785 _____ () C:\Users\Public\Desktop\Epsilon 5 Software.lnk
2014-04-10 14:08 - 2014-04-10 14:08 - 00000000 ____D () C:\Program Files\PANalytical
2014-04-10 14:08 - 2014-04-10 14:08 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-04-10 14:07 - 2014-04-15 13:30 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-04-10 14:06 - 2014-04-10 14:06 - 00000000 ____D () C:\Users\Win7Admin\Documents\Downloaded Installations
2014-04-10 14:06 - 2014-04-10 14:06 - 00000000 ____D () C:\Program Files\Common Files\SafeNet Sentinel
2014-04-10 14:03 - 2012-08-25 03:33 - 00019165 _____ (Thesycon GmbH, Germany) C:\Windows\System32\Drivers\ciusb.sys
2014-04-10 13:57 - 2014-04-10 13:57 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-04-10 12:48 - 2014-04-10 12:48 - 00000000 ____D () C:\Program Files\Common Files\Intel Corporation
2014-04-10 12:46 - 2014-04-10 12:46 - 00057560 _____ () C:\Users\Win7Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-10 12:46 - 2014-04-10 12:46 - 00000000 ____D () C:\Users\Win7Admin\AppData\Roaming\Intel Corporation
2014-04-10 12:46 - 2014-04-10 12:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-10 12:44 - 2014-04-10 12:44 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-10 12:44 - 2011-10-05 20:49 - 03721024 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2014-04-10 12:44 - 2011-10-05 20:49 - 02614592 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc.dll
2014-04-10 12:44 - 2011-10-05 20:48 - 02562368 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2014-04-10 12:44 - 2011-10-05 20:48 - 00631616 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshext.dll
2014-04-10 12:44 - 2011-10-05 20:48 - 00618304 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2014-04-10 12:44 - 2011-10-05 20:48 - 00545088 _____ (NVIDIA Corporation) C:\Windows\System32\easyupdatusapiu.dll
2014-04-10 12:44 - 2011-10-05 20:48 - 00112960 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2014-04-10 12:44 - 2011-10-05 20:48 - 00068416 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2014-04-10 12:44 - 2011-10-05 20:48 - 00055616 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshextr.dll
2014-04-10 12:43 - 2014-04-10 12:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-10 12:43 - 2011-10-11 01:42 - 00877376 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco3220102.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 16470336 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv32.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 13013312 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 12010816 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dum.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 10766656 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2014-04-10 12:43 - 2011-10-06 13:36 - 06561088 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2um.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 05306176 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 02806592 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 02344256 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 02084672 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 00974144 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco3220154.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 00877376 _____ (NVIDIA Corporation) C:\Windows\System32\nvgenco3220103.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 00059712 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll
2014-04-10 12:43 - 2011-10-06 13:36 - 00004489 _____ () C:\Windows\System32\nvinfo.pb
2014-04-10 12:43 - 2011-07-07 10:21 - 00139880 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda32v.sys
2014-04-10 12:43 - 2011-07-07 10:21 - 00026216 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap32.dll
2014-04-10 12:42 - 2014-04-10 12:42 - 00000000 ____D () C:\Users\Win7Admin\AppData\Roaming\InstallShield
2014-04-10 12:42 - 2011-11-29 18:30 - 00470808 _____ (Intel Corporation) C:\Windows\System32\Drivers\iaStor.sys
2014-04-10 12:39 - 2014-04-10 12:39 - 00000000 ____D () C:\Windows\Dell
2014-04-10 12:39 - 2014-04-10 12:39 - 00000000 ____D () C:\Users\Win7Admin\AppData\Local\Downloaded Installations
2014-04-10 12:39 - 2014-04-10 12:39 - 00000000 ____D () C:\Program Files\Broadcom
2014-04-10 12:39 - 2011-08-22 14:17 - 00101376 _____ (Broadcom Corporation) C:\Windows\System32\basp.dll
2014-04-10 12:38 - 2011-11-09 16:38 - 00132768 _____ (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
2014-04-10 12:36 - 2011-11-30 14:08 - 00280744 _____ (Intel Corporation) C:\Windows\System32\Drivers\e1c6232.sys
2014-04-10 12:36 - 2011-11-07 00:28 - 00081600 _____ (Intel Corporation) C:\Windows\System32\NicInstC.dll
2014-04-10 12:36 - 2011-11-02 23:54 - 00068264 _____ (Intel Corporation) C:\Windows\System32\e1cmsg.dll
2014-04-10 12:36 - 2011-10-14 11:16 - 00294600 _____ (Intel Corporation) C:\Windows\System32\PROUnstl.exe
2014-04-10 12:36 - 2009-12-23 18:12 - 00003109 _____ () C:\Windows\System32\e1c6232.din
2014-04-10 12:36 - 2009-05-26 08:05 - 00028792 _____ (Intel Corporation) C:\Windows\System32\NicCo36.dll
2014-04-10 12:36 - 2006-01-12 13:52 - 00001904 ____N () C:\Windows\System32\SetupBD.din
2014-04-10 12:34 - 2014-04-10 12:34 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-10 12:34 - 2012-02-27 18:01 - 00792856 _____ (Intel Corporation) C:\Windows\System32\Drivers\iusb3xhc.sys
2014-04-10 12:34 - 2012-02-27 18:01 - 00348440 _____ (Intel Corporation) C:\Windows\System32\Drivers\iusb3hub.sys
2014-04-10 12:34 - 2012-02-27 18:01 - 00013592 _____ (Intel Corporation) C:\Windows\System32\Drivers\iusb3hcs.sys
2014-04-10 12:34 - 2012-02-27 18:00 - 00041984 _____ (Intel Corporation) C:\Windows\System32\Drivers\USB3Ver.dll
2014-04-10 12:34 - 2009-07-15 02:27 - 01461992 _____ (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01009.dll
2014-04-10 12:33 - 2014-04-10 12:33 - 00000000 ____D () C:\ProgramData\Intel
2014-04-10 12:33 - 2014-04-10 12:33 - 00000000 ____D () C:\Program Files\Common Files\postureAgent
2014-04-10 12:33 - 2012-02-21 13:10 - 00015128 _____ () C:\Windows\System32\Drivers\IntelMEFWVer.dll
2014-04-10 12:32 - 2014-04-10 12:42 - 00000000 ____D () C:\Program Files\Intel
2014-04-10 12:32 - 2011-12-06 17:25 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\System32\CSVer.dll
2014-04-10 12:32 - 2011-11-10 01:52 - 00046080 _____ (Intel Corporation) C:\Windows\System32\Drivers\HECI.sys
2014-04-10 12:31 - 2014-04-10 14:14 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-10 12:31 - 2014-04-10 12:31 - 00002038 _____ () C:\RHDSetup.log
2014-04-10 12:31 - 2014-04-10 12:31 - 00000000 ____D () C:\Windows\System32\RTCOM
2014-04-10 12:31 - 2014-04-10 12:31 - 00000000 ____D () C:\Program Files\Realtek
2014-04-10 12:31 - 2014-04-10 12:31 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-04-10 12:31 - 2012-02-07 14:50 - 03129768 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\Drivers\RTDVHDA.sys
2014-04-10 12:31 - 2012-01-31 16:53 - 02766336 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RCoRes.dat
2014-04-10 12:31 - 2012-01-31 16:32 - 02395240 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkPgExt.dll
2014-04-10 12:31 - 2012-01-20 12:07 - 03382888 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkAPO.dll
2014-04-10 12:31 - 2011-12-15 11:39 - 00083560 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoInstII.dll
2014-04-10 12:31 - 2011-12-13 15:58 - 01493608 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtDSndMg.cpl
2014-04-10 12:31 - 2011-12-13 10:01 - 01698408 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-04-10 12:31 - 2011-11-22 15:28 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\System32\RtkCoLDR.dll
2014-04-10 12:31 - 2010-11-08 06:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DHT32.dll
2014-04-10 12:31 - 2010-11-08 06:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\System32\RP3DAA32.dll
2014-04-10 12:27 - 2014-04-10 12:28 - 00000000 ____D () C:\users\Win7Admin
2014-04-10 12:27 - 2014-04-10 12:27 - 00000020 ___SH () C:\Users\Win7Admin\ntuser.ini
2014-04-10 12:27 - 2014-04-10 12:27 - 00000000 __SHD () C:\Recovery
2014-04-10 12:27 - 2014-04-10 12:27 - 00000000 ____D () C:\Users\Win7Admin\AppData\Local\VirtualStore
2014-04-10 11:25 - 2014-04-10 12:27 - 00000000 ____D () C:\Windows\Panther
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Hotfix
2014-04-10 11:25 - 2011-02-15 18:16 - 00000029 ___RH () C:\Windows\version
2014-04-10 11:25 - 2011-02-15 18:16 - 00000013 ____R () C:\Windows\csup.txt
2014-04-10 11:14 - 2014-04-10 11:14 - 00000000 ____D () C:\Windows.old
2014-04-10 10:30 - 2014-04-16 02:27 - 01447826 _____ () C:\Windows\WindowsUpdate.log
2014-04-10 10:27 - 2014-04-10 10:29 - 00001355 _____ () C:\Windows\TSSysprep.log

==================== One Month Modified Files and Folders =======

2014-04-16 11:53 - 2014-04-16 11:53 - 00000000 ____D () C:\FRST
2014-04-16 08:59 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\LogFiles
2014-04-16 08:02 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\inetsrv
2014-04-16 08:01 - 2014-04-15 09:54 - 00000112 _____ () C:\Windows\System32\config\netlogon.ftl
2014-04-16 08:01 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-16 08:01 - 2009-07-13 20:33 - 00421288 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-04-16 08:00 - 2009-07-13 20:39 - 00026685 _____ () C:\Windows\setupact.log
2014-04-16 07:09 - 2014-04-16 07:09 - 00046774 _____ () C:\Windows\MDACSET.log
2014-04-16 07:09 - 2014-04-16 07:09 - 00002074 _____ () C:\Users\tca\Desktop\DataTool.lnk
2014-04-16 07:09 - 2014-04-16 07:09 - 00002067 _____ () C:\Users\tca\Desktop\ELEMENT.lnk
2014-04-16 07:09 - 2014-04-16 07:09 - 00001644 _____ () C:\Windows\ODBCINST.INI
2014-04-16 07:09 - 2014-04-16 07:09 - 00000288 _____ () C:\Windows\ODBC.INI
2014-04-16 07:09 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-16 07:08 - 2014-04-16 07:08 - 00000000 ____D () C:\Program Files\Promium
2014-04-16 07:08 - 2014-04-16 07:08 - 00000000 ____D () C:\Program Files\Common Files\Business Objects
2014-04-16 07:08 - 2014-04-16 07:08 - 00000000 ____D () C:\Program Files\Business Objects
2014-04-16 02:29 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-16 02:27 - 2014-04-10 10:30 - 01447826 _____ () C:\Windows\WindowsUpdate.log
2014-04-16 02:26 - 2010-11-20 13:01 - 00832240 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-04-16 02:03 - 2014-04-16 02:03 - 00442836 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-04-15 15:35 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\rescache
2014-04-15 15:25 - 2014-04-15 09:58 - 00022974 __RSH () C:\Users\tca\ntuser.pol
2014-04-15 15:25 - 2014-04-15 09:58 - 00000000 ____D () C:\users\tca
2014-04-15 13:40 - 2009-07-13 20:34 - 00021088 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 13:40 - 2009-07-13 20:34 - 00021088 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 13:36 - 2014-04-15 09:58 - 00108824 _____ () C:\Users\tca\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-15 13:34 - 2014-04-15 11:19 - 00000462 _____ () C:\Windows\SMSCFG.ini
2014-04-15 13:34 - 2014-04-15 09:56 - 00039057 __RSH () C:\ProgramData\ntuser.pol
2014-04-15 13:33 - 2010-11-20 13:48 - 00005972 _____ () C:\Windows\PFRO.log
2014-04-15 13:31 - 2014-04-15 13:31 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-04-15 13:31 - 2014-04-15 13:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-15 13:31 - 2014-04-15 13:27 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-04-15 13:30 - 2014-04-15 13:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-04-15 13:30 - 2014-04-15 13:30 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-04-15 13:30 - 2014-04-15 13:30 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-04-15 13:30 - 2014-04-10 14:07 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-04-15 13:30 - 2010-11-20 16:47 - 00000000 ____D () C:\Windows\ShellNew
2014-04-15 13:30 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-04-15 13:28 - 2014-04-15 13:28 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 8
2014-04-15 13:28 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\System
2014-04-15 13:28 - 2009-07-13 18:04 - 00000478 _____ () C:\Windows\win.ini
2014-04-15 13:27 - 2014-04-15 13:27 - 00000000 ____D () C:\Users\repair\AppData\Local\Microsoft Help
2014-04-15 13:26 - 2014-04-15 13:26 - 00000000 ____D () C:\Users\repair\AppData\Roaming\McAfee
2014-04-15 11:21 - 2009-07-13 18:37 - 00000000 ___HD () C:\Windows\System32\GroupPolicy
2014-04-15 11:20 - 2014-04-15 11:19 - 00000000 ____D () C:\Windows\System32\CCM
2014-04-15 11:19 - 2014-04-15 11:19 - 00004764 _____ () C:\Windows\System32\CcmFramework.ini
2014-04-15 11:19 - 2014-04-15 11:19 - 00000621 _____ () C:\Windows\System32\CcmFramework.h
2014-04-15 11:19 - 2014-04-15 11:19 - 00000000 ____D () C:\Windows\ms
2014-04-15 11:04 - 2014-04-15 11:04 - 00262144 _____ () C:\Windows\System32\config\ELAM
2014-04-15 11:03 - 2014-04-15 11:03 - 00573136 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfehidk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00236480 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00213872 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00174968 _____ (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
2014-04-15 11:03 - 2014-04-15 11:03 - 00134472 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00094080 _____ (McAfee, Inc.) C:\Windows\System32\MfeOtlkAddin.dll
2014-04-15 11:03 - 2014-04-15 11:03 - 00093144 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00066408 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfebopk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00025088 _____ (McAfee, Inc.) C:\Windows\System32\MFEOtlk.dll
2014-04-15 11:03 - 2014-04-15 11:03 - 00010568 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys
2014-04-15 11:03 - 2014-04-15 11:03 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-04-15 11:03 - 2014-04-15 10:57 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-15 11:03 - 2014-04-15 10:57 - 00000000 ____D () C:\Program Files\McAfee
2014-04-15 11:00 - 2014-04-15 11:00 - 00000000 ____D () C:\Users\tca\AppData\Local\PANalytical_B.V
2014-04-15 10:57 - 2014-04-15 10:57 - 06020498 _____ (McAfee, Inc.) C:\Windows\FramePkg.exe
2014-04-15 10:57 - 2014-04-15 10:57 - 00000000 ____D () C:\Users\tca\AppData\Roaming\McAfee
2014-04-15 09:58 - 2014-04-15 09:58 - 00000020 ___SH () C:\Users\tca\ntuser.ini
2014-04-15 09:58 - 2014-04-15 09:58 - 00000000 ____D () C:\Users\tca\AppData\Roaming\Intel Corporation
2014-04-15 09:58 - 2014-04-15 09:58 - 00000000 ____D () C:\Users\tca\AppData\Local\VirtualStore
2014-04-15 09:58 - 2014-04-15 09:58 - 00000000 ____D () C:\ProgramData\GroupPolicy
2014-04-15 09:58 - 2014-04-15 09:56 - 00000000 ____D () C:\Windows\System32\appmgmt
2014-04-15 09:57 - 2014-04-15 09:57 - 00057560 _____ () C:\Users\repair\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-15 09:57 - 2014-04-15 09:57 - 00000000 ____D () C:\Users\repair\AppData\Roaming\Intel Corporation
2014-04-15 09:57 - 2014-04-15 09:56 - 00000000 ____D () C:\users\repair
2014-04-15 09:56 - 2014-04-15 09:56 - 00003730 __RSH () C:\Users\repair\ntuser.pol
2014-04-15 09:56 - 2014-04-15 09:56 - 00000020 ___SH () C:\Users\repair\ntuser.ini
2014-04-15 09:56 - 2014-04-15 09:56 - 00000000 ____D () C:\Users\repair\AppData\Local\VirtualStore
2014-04-15 09:52 - 2014-04-15 09:52 - 00000000 ____D () C:\Users\Win7Admin\Desktop\EG1032v3_dr
2014-04-15 09:45 - 2014-04-15 09:52 - 00071040 _____ (Linksys, A Division of Cisco Systems, Inc ) C:\Windows\System32\Drivers\EG1032xp.sys
2014-04-14 12:25 - 2014-04-14 12:25 - 00000000 ____D () C:\Users\Win7Admin\AppData\Local\PANalytical_B.V
2014-04-14 09:19 - 2014-04-14 08:36 - 00000000 ____D () C:\Service
2014-04-10 16:07 - 2013-05-23 14:30 - 00000000 ____D () C:\GENIE2K
2014-04-10 14:40 - 2014-04-10 14:39 - 00041486 _____ () C:\Windows\iis7.log
2014-04-10 14:39 - 2014-04-10 14:39 - 00000326 _____ () C:\Windows\System32\secedit.log
2014-04-10 14:39 - 2014-04-10 14:39 - 00000000 ____D () C:\Windows\System32\BestPractices
2014-04-10 14:31 - 2014-04-10 14:31 - 00000000 ____D () C:\Users\Win7Admin\Desktop\DETECTOR
2014-04-10 14:14 - 2014-04-10 12:31 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-04-10 14:13 - 2009-07-13 18:04 - 00000040 _____ () C:\CONFIG.SYS
2014-04-10 14:08 - 2014-04-10 14:08 - 00002785 _____ () C:\Users\Public\Desktop\Epsilon 5 Software.lnk
2014-04-10 14:08 - 2014-04-10 14:08 - 00000000 ____D () C:\Program Files\PANalytical
2014-04-10 14:08 - 2014-04-10 14:08 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-04-10 14:06 - 2014-04-10 14:06 - 00000000 ____D () C:\Users\Win7Admin\Documents\Downloaded Installations
2014-04-10 14:06 - 2014-04-10 14:06 - 00000000 ____D () C:\Program Files\Common Files\SafeNet Sentinel
2014-04-10 13:57 - 2014-04-10 13:57 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-04-10 12:48 - 2014-04-10 12:48 - 00000000 ____D () C:\Program Files\Common Files\Intel Corporation
2014-04-10 12:46 - 2014-04-10 12:46 - 00057560 _____ () C:\Users\Win7Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-10 12:46 - 2014-04-10 12:46 - 00000000 ____D () C:\Users\Win7Admin\AppData\Roaming\Intel Corporation
2014-04-10 12:46 - 2014-04-10 12:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-10 12:44 - 2014-04-10 12:44 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-10 12:44 - 2014-04-10 12:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-10 12:44 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Help
2014-04-10 12:42 - 2014-04-10 12:42 - 00000000 ____D () C:\Users\Win7Admin\AppData\Roaming\InstallShield
2014-04-10 12:42 - 2014-04-10 12:32 - 00000000 ____D () C:\Program Files\Intel
2014-04-10 12:39 - 2014-04-10 12:39 - 00000000 ____D () C:\Windows\Dell
2014-04-10 12:39 - 2014-04-10 12:39 - 00000000 ____D () C:\Users\Win7Admin\AppData\Local\Downloaded Installations
2014-04-10 12:39 - 2014-04-10 12:39 - 00000000 ____D () C:\Program Files\Broadcom
2014-04-10 12:36 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\System32\restore
2014-04-10 12:34 - 2014-04-10 12:34 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2014-04-10 12:33 - 2014-04-10 12:33 - 00000000 ____D () C:\ProgramData\Intel
2014-04-10 12:33 - 2014-04-10 12:33 - 00000000 ____D () C:\Program Files\Common Files\postureAgent
2014-04-10 12:31 - 2014-04-10 12:31 - 00002038 _____ () C:\RHDSetup.log
2014-04-10 12:31 - 2014-04-10 12:31 - 00000000 ____D () C:\Windows\System32\RTCOM
2014-04-10 12:31 - 2014-04-10 12:31 - 00000000 ____D () C:\Program Files\Realtek
2014-04-10 12:31 - 2014-04-10 12:31 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-04-10 12:30 - 2011-02-10 08:03 - 00000000 ____D () C:\dell
2014-04-10 12:28 - 2014-04-10 12:27 - 00000000 ____D () C:\users\Win7Admin
2014-04-10 12:27 - 2014-04-10 12:27 - 00000020 ___SH () C:\Users\Win7Admin\ntuser.ini
2014-04-10 12:27 - 2014-04-10 12:27 - 00000000 __SHD () C:\Recovery
2014-04-10 12:27 - 2014-04-10 12:27 - 00000000 ____D () C:\Users\Win7Admin\AppData\Local\VirtualStore
2014-04-10 12:27 - 2014-04-10 11:25 - 00000000 ____D () C:\Windows\Panther
2014-04-10 11:25 - 2014-04-10 11:25 - 00000000 ____D () C:\Hotfix
2014-04-10 11:25 - 2009-07-13 20:57 - 00025600 ___SH () C:\Windows\System32\config\BCD-Template.LOG
2014-04-10 11:25 - 2009-07-13 20:52 - 00028672 _____ () C:\Windows\System32\config\BCD-Template
2014-04-10 11:25 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\Recovery
2014-04-10 11:14 - 2014-04-10 11:14 - 00000000 ____D () C:\Windows.old
2014-04-10 10:29 - 2014-04-10 10:27 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-04-10 10:28 - 2010-11-20 16:47 - 00000000 ____D () C:\Windows\CSC
2014-04-10 10:27 - 2009-07-13 20:34 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-03-31 08:35 - 2014-04-15 10:02 - 00231584 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

==================== Known DLLs (Whitelisted) ============

C:\Windows\System32\gdi32.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\kernel32.dll IS MISSING <==== ATTENTION!.

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-04-10 14:06:28
Restore point made on: 2014-04-10 14:07:05
Restore point made on: 2014-04-10 14:08:16
Restore point made on: 2014-04-10 14:08:28
Restore point made on: 2014-04-10 14:08:38
Restore point made on: 2014-04-10 14:39:16
Restore point made on: 2014-04-10 14:44:28
Restore point made on: 2014-04-10 14:49:33
Restore point made on: 2014-04-15 09:59:19
Restore point made on: 2014-04-15 10:01:59
Restore point made on: 2014-04-15 13:27:03
Restore point made on: 2014-04-16 02:00:22
Restore point made on: 2014-04-16 07:08:29

==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 4050.39 MB
Available physical RAM: 3397.4 MB
Total Pagefile: 4048.68 MB
Available Pagefile: 3395.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1941.46 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:464.98 GB) (Free:411.33 GB) NTFS
Drive e: (W7SP1_PROFESSIONAL) (CDROM) (Total:4.24 GB) (Free:0 GB) UDF
Drive f: (USB20FD) (Removable) (Total:30.44 GB) (Free:30.44 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:0.73 GB) (Free:0.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 97852E46)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 30 GB) (Disk ID: C3072E18)

Partition: GPT Partition Type.

LastRegBack: 2014-04-10 16:48

==================== End Of Log ============================

 

 


Edited by hamluis, 16 April 2014 - 03:41 PM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 esteban008

esteban008
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:32 PM

Posted 16 April 2014 - 08:08 PM

Mods,

 

You can close out this topic, I was able to resolve the issue.  For others that might stumble on this.  I was able to replace the missing .dll files by renaming c:\windows\winsxs\pending.xml, running sfc /scannow from the repair command prompt, then renaming the the xml file back to pending.xml.  I previously was unable to run sfc due to it thinking there was a 'pending restore', by hiding the pending.xml file I was able to get around this.

 

Thank you!



#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,625 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:32 PM

Posted 21 April 2014 - 02:25 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/531288 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,625 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:32 PM

Posted 26 April 2014 - 02:30 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users