Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Startup Recovery Not Working. Please Help


  • This topic is locked This topic is locked
2 replies to this topic

#1 Latharna

Latharna

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:53 PM

Posted 21 September 2014 - 01:45 PM

Hello!  Having a major issue with Windows 7 (x64) startup recovery.  Last week my laptop came up with a corrupt file error when I went to open programs (iTunes, Word, Google).  It would have a window that would pop up with the error and then a small yellow triangle with an exclamation point would display in bottom right corner saying:

"iTunes.exe - Corrupt File  The file or directory C:\\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57 is corrupt and unreadable.  Please run the Chkdsk utility."  Upon seeing this I ran Malwarebytes but came up with nothing.  I decided to restart my computer.  

 

 

Upon restart, Windows did not start properly instead going to a windows recovery option.  I ran the Startup Repair looked like was going to take a while so I eventually just left it running overnight to find it finally completed in the morning.  The repair had failed and the only thing that showed up as an error was the following:

 

Diagnosis and repair details:

Root Cause found:

-----------------------------

Boot manager failed to find OS loader.

 

Repair action: Fire repair

Result: Failed.  Error code = 0X3

Time taken = 187 ms

 

Repair action: Boot configuration data store repair

Result: Failed.  Error code = 0x2

Time taken = 0 ms

 

 

Yesterday, my husband and I attempted to use the Windows 7 disk in hopes of fixing the OS loader problem.  However, we are never given any of the options that most people mention showing up either starting with loading from the hard drive OR loading from the CD/DVD.  We have also tried to run all the options listed when we run the Bootrec in the command prompt screen.  But all attempts to use any of those options have led to failure.  

 

This morning, I ran the Farbar scan recovery tool.  The follow is the result of the scan.  If anyone has any insight on how to proceed in getting my laptop back up and running, please help!  THANK YOU!!  :)

 

 

-Lath

 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by SYSTEM on MININT-M23QJLF on 21-09-2014 11:16:14
Running from e:\
Platform: Windows 7 Home Premium (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2009-08-26] (IDT, Inc.)
HKLM\...\Run: [AlienFX Controller] => C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe [63304 2010-05-21] (Alienware Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [OSD] => c:\Program Files\OSD\Launch.exe [36864 2009-05-12] (HH)
HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,
HKLM-x32\...\Winlogon: [Userinit] userinit.exe, [X]
Winlogon\Notify\FastAccess-x32: C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll ()
HKU\Alien\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_6_602_168_Plugin.exe [701296 2013-02-24] (Adobe Systems Incorporated)
HKU\Alien\...\Policies\system: [LogonHoursAction] 2
HKU\Alien\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Default\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Default User\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\Home.Alien\...\Run: [Google Update] => C:\Users\Home.Alien\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-12-31] (Google Inc.)
HKU\Home.Alien\...\Policies\system: [LogonHoursAction] 2
HKU\Home.Alien\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Lauren\...\Run: [Launch_CC] => c:\Program Files\OSD\Launch_CC.exe [20480 2009-02-19] (Alienware Corporation)
HKU\Lauren\...\Run: [Google Update] => "C:\Users\Lauren\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\Lauren\...\Run: [PlayNC Launcher] => [X]
HKU\Lauren\...\Run: [DisplayFusion] => "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
HKU\Lauren\...\Run: [OscarEditor] => C:\Program Files (x86)\SmartRight8\OscarEditor.exe [3321344 2011-08-09] ()
HKU\Lauren\...\Run: [GoogleChromeAutoLaunch_5A7CED7E60360B541D5D45B04E2E9E47] => C:\Users\Lauren\AppData\Local\Google\Chrome\Application\chrome.exe [852808 2014-09-03] (Google Inc.)
HKU\Lauren\...\Run: [Akamai NetSession Interface] => C:\Users\Lauren\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\Lauren\...\Run: [DellSystemDetect] => C:\Users\Lauren\AppData\Local\Apps\2.0\J64A69AH.MEY\B3WV7CQL.6Z7\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe [254976 2014-04-19] (Dell)
HKU\Lauren\...\Policies\system: [LogonHoursAction] 2
HKU\Lauren\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\Home.Alien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinVNC - Shortcut.lnk
ShortcutTarget: WinVNC - Shortcut.lnk -> C:\Users\Alien\Downloads\HippoVNC\WinVNC.exe (No File)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-1965688842-4039756071-3594313719-1006\User: Group Policy restriction detected <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ac576d174925c1c6\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
S2 CustomSvc; C:\Program Files\OSD\Service1.exe [13312 2009-02-20] ()
S2 FAService; C:\Program Files\Alienware\Command Center\AlienSense\FAService.exe [2409800 2010-04-04] (Sensible Vision )
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ac576d174925c1c6\STacSV64.exe [240640 2009-08-26] (IDT, Inc.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S4 aspnet_state; %SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [X]
S2 AudioEndpointBuilder; %SystemRoot%\System32\Audiosrv.dll [X]
S2 AudioSrv; %SystemRoot%\System32\Audiosrv.dll [X]
S3 AxInstSV; %SystemRoot%\System32\AxInstSV.dll [X]
S2 BFE; %SystemRoot%\System32\bfe.dll [X]
S3 BITS; %SystemRoot%\System32\qmgr.dll [X]
S4 clr_optimization_v2.0.50727_64; %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [X]
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [X]
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [X]
S2 DcomLaunch; %SystemRoot%\system32\rpcss.dll [X]
S2 Dhcp; %SystemRoot%\system32\dhcpcore.dll [X]
S2 DisplayFusionService; "C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe" [X]
S2 Dnscache; %SystemRoot%\System32\dnsrslvr.dll [X]
S2 DPS; %SystemRoot%\system32\dps.dll [X]
S2 EFS; %SystemRoot%\System32\lsass.exe [X]
S3 ehRecvr; %systemroot%\ehome\ehRecvr.exe [X]
S2 eventlog; %SystemRoot%\System32\wevtsvc.dll [X]
S3 Fax; %systemroot%\system32\fxssvc.exe [X]
S3 FLEXnet Licensing Service; "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" [X]
S2 gpsvc; %SystemRoot%\System32\gpsvc.dll [X]
S3 KeyIso; %SystemRoot%\system32\lsass.exe [X]
S2 LanmanServer; %SystemRoot%\system32\srvsvc.dll [X]
S2 MpsSvc; %SystemRoot%\system32\mpssvc.dll [X]
S3 napagent; %SystemRoot%\system32\qagentRT.dll [X]
S3 Netlogon; %systemroot%\system32\lsass.exe [X]
S4 NetMsmqActivator; "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator [X]
S4 NetPipeActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]
S4 NetTcpActivator; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [X]
S3 PolicyAgent; %SystemRoot%\System32\ipsecsvc.dll [X]
S2 ProfSvc; %systemroot%\system32\profsvc.dll [X]
S3 ProtectedStorage; %SystemRoot%\system32\lsass.exe [X]
S3 RasMan; %SystemRoot%\System32\rasmans.dll [X]
S2 RpcSs; %SystemRoot%\system32\rpcss.dll [X]
S2 SamSs; %SystemRoot%\system32\lsass.exe [X]
S2 Schedule; %systemroot%\system32\schedsvc.dll [X]
S3 SessionEnv; %SystemRoot%\system32\sessenv.dll [X]
S2 sppsvc; %SystemRoot%\system32\sppsvc.exe [X]
S2 stisvc; %SystemRoot%\System32\wiaservc.dll [X]
S2 SysMain; %systemroot%\system32\sysmain.dll [X]
S3 TabletInputService; %SystemRoot%\System32\TabSvc.dll [X]
S3 TermService; %SystemRoot%\System32\termsrv.dll [X]
S3 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
S3 VaultSvc; %SystemRoot%\system32\lsass.exe [X]
S3 vds; %SystemRoot%\System32\vds.exe [X]
S3 VSS; %systemroot%\system32\vssvc.exe [X]
S3 WatAdminSvc; %SystemRoot%\system32\Wat\WatAdminSvc.exe [X]
S3 wbengine; "%systemroot%\system32\wbengine.exe" [X]
S3 wcncsvc; %SystemRoot%\System32\wcncsvc.dll [X]
S3 WinRM; %SystemRoot%\system32\WsmSvc.dll [X]
S2 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]
S3 WPDBusEnum; %SystemRoot%\system32\wpdbusenum.dll [X]
S2 wuauserv; %systemroot%\system32\wuaueng.dll [X]
S3 wudfsvc; %SystemRoot%\System32\WUDFSvc.dll [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 CXPLRCAP; C:\Windows\System32\drivers\CxPlrCap.sys [235904 2010-01-06] (Conexant Systems, Inc.)
S1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-08-31] (REALiX™)
S3 MsRPC; No ImagePath
S3 Ntfs; No ImagePath
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.)
S0 ACPI; system32\drivers\ACPI.sys [X]
S3 AcpiPmi; \SystemRoot\system32\drivers\acpipmi.sys [X]
S3 agp440; \SystemRoot\system32\drivers\agp440.sys [X]
S3 bowser; system32\DRIVERS\bowser.sys [X]
S3 CompositeBus; \SystemRoot\system32\drivers\CompositeBus.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 ErrDev; \SystemRoot\system32\drivers\errdev.sys [X]
S0 FltMgr; system32\drivers\fltmgr.sys [X]
S3 HDAudBus; \SystemRoot\system32\drivers\HDAudBus.sys [X]
S3 HTTP; system32\drivers\HTTP.sys [X]
S0 hwpolicy; System32\drivers\hwpolicy.sys [X]
S3 hxsyol; \??\C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [X]
S3 i8042prt; \SystemRoot\system32\drivers\i8042prt.sys [X]
S3 IpFilterDriver; system32\DRIVERS\ipfltdrv.sys [X]
S3 IPMIDRV; \SystemRoot\system32\drivers\IPMIDrv.sys [X]
S3 isapnp; \SystemRoot\system32\drivers\isapnp.sys [X]
S3 kbdclass; system32\DRIVERS\kbdclass.sys [X]
S3 kbdhid; system32\DRIVERS\kbdhid.sys [X]
S0 KSecDD; System32\Drivers\ksecdd.sys [X]
S3 mouclass; system32\DRIVERS\mouclass.sys [X]
S0 mountmgr; System32\drivers\mountmgr.sys [X]
S3 mpio; \SystemRoot\system32\drivers\mpio.sys [X]
S3 msdsm; \SystemRoot\system32\drivers\msdsm.sys [X]
S0 msisadrv; system32\drivers\msisadrv.sys [X]
S1 mssmbios; \SystemRoot\system32\drivers\mssmbios.sys [X]
S3 NdisWan; system32\DRIVERS\ndiswan.sys [X]
S1 NetBT; System32\DRIVERS\netbt.sys [X]
S3 nv_agp; \SystemRoot\system32\drivers\nv_agp.sys [X]
S0 partmgr; System32\drivers\partmgr.sys [X]
S0 pci; system32\drivers\pci.sys [X]
S3 Rasl2tp; system32\DRIVERS\rasl2tp.sys [X]
S1 rdbss; system32\DRIVERS\rdbss.sys [X]
S0 rdyboost; System32\drivers\rdyboost.sys [X]
S3 sdbus; \SystemRoot\system32\drivers\sdbus.sys [X]
S3 sermouse; \SystemRoot\system32\DRIVERS\sermouse.sys [X]
S3 sffdisk; \SystemRoot\system32\drivers\sffdisk.sys [X]
S3 sffp_mmc; \SystemRoot\system32\drivers\sffp_mmc.sys [X]
S3 sffp_sd; \SystemRoot\system32\drivers\sffp_sd.sys [X]
S3 srv; System32\DRIVERS\srv.sys [X]
S3 srv2; System32\DRIVERS\srv2.sys [X]
S3 swenum; \SystemRoot\system32\drivers\swenum.sys [X]
S1 tdx; system32\DRIVERS\tdx.sys [X]
S1 TermDD; \SystemRoot\system32\drivers\termdd.sys [X]
S3 TsUsbFlt; system32\drivers\tsusbflt.sys [X]
S4 udfs; system32\DRIVERS\udfs.sys [X]
S3 uliagpkx; \SystemRoot\system32\drivers\uliagpkx.sys [X]
S3 umbus; system32\DRIVERS\umbus.sys [X]
S3 USBSTOR; system32\DRIVERS\USBSTOR.SYS [X]
S0 vdrvroot; system32\drivers\vdrvroot.sys [X]
S0 volmgr; system32\drivers\volmgr.sys [X]
S0 volmgrx; System32\drivers\volmgrx.sys [X]
S3 WANARP; system32\DRIVERS\wanarp.sys [X]
S1 Wanarpv6; system32\DRIVERS\wanarp.sys [X]
S3 WinUsb; system32\DRIVERS\WinUsb.sys [X]
S3 WmiAcpi; \SystemRoot\system32\drivers\wmiacpi.sys [X]
S3 WudfPf; system32\drivers\WudfPf.sys [X]
S3 WUDFRd; system32\DRIVERS\WUDFRd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-21 11:15 - 2014-09-21 11:16 - 00000000 ____D () C:\FRST
2014-09-20 15:21 - 2014-09-20 15:21 - 00024576 _____ () C:\bcdbackup
2014-09-20 15:21 - 2014-09-20 15:21 - 00021504 ___SH () C:\bcdbackup.LOG
2014-09-16 22:28 - 2014-09-16 22:28 - 00000000 __SHD () C:\found.000
2014-09-16 09:37 - 2014-09-16 09:37 - 00000000 ____D () C:\0a84d8ba5a812d0fa3993a
2014-09-16 09:36 - 2014-09-16 09:36 - 00000000 ____D () C:\e41d21b52402b3f6b0eb220699
2014-09-15 02:00 - 2014-09-15 02:00 - 00000000 ____D () C:\d0981656aa39f0ec18
2014-09-15 02:00 - 2014-09-15 02:00 - 00000000 ____D () C:\4527b9e3a78ae83a2c9a3b6f8e18
2014-09-11 09:16 - 2014-09-15 20:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-11 09:16 - 2014-09-11 09:16 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-10 02:12 - 2014-08-19 10:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-09-10 02:12 - 2014-08-19 09:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 02:12 - 2014-08-18 15:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-09-10 02:12 - 2014-08-18 14:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-09-10 02:12 - 2014-08-18 14:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 02:12 - 2014-08-18 14:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-09-10 02:12 - 2014-08-18 14:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-09-10 02:12 - 2014-08-18 14:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-09-10 02:12 - 2014-08-18 14:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-09-10 02:12 - 2014-08-18 14:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-09-10 02:12 - 2014-08-18 14:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-09-10 02:12 - 2014-08-18 13:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 02:12 - 2014-08-18 13:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 02:12 - 2014-08-18 13:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 02:12 - 2014-08-18 13:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 02:12 - 2014-08-18 13:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-09-10 02:12 - 2014-08-18 13:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-09-10 02:12 - 2014-08-18 13:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 02:12 - 2014-08-18 13:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 02:12 - 2014-08-18 13:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 02:12 - 2014-08-18 13:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-09-10 02:12 - 2014-08-18 13:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-09-10 02:12 - 2014-08-18 13:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-09-10 02:12 - 2014-08-18 13:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 02:12 - 2014-08-18 13:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 02:12 - 2014-08-18 13:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-09-10 02:12 - 2014-08-18 13:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 02:12 - 2014-08-18 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 02:12 - 2014-08-18 12:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-09-10 02:12 - 2014-08-18 12:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 02:12 - 2014-08-18 12:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-09-10 02:12 - 2014-08-18 12:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 02:01 - 2014-06-26 18:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-09-10 02:01 - 2014-06-26 17:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-09 18:51 - 2014-09-04 18:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-09-09 18:51 - 2014-07-06 18:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-09-09 18:51 - 2014-07-06 18:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-09-09 18:51 - 2014-07-06 17:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-09 18:51 - 2014-07-06 17:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-09 18:51 - 2014-07-06 17:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-08-28 02:30 - 2014-08-22 18:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-08-28 02:30 - 2014-08-22 17:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 02:30 - 2014-08-22 16:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-21 11:16 - 2014-09-21 11:15 - 00000000 ____D () C:\FRST
2014-09-20 15:21 - 2014-09-20 15:21 - 00024576 _____ () C:\bcdbackup
2014-09-20 15:21 - 2014-09-20 15:21 - 00021504 ___SH () C:\bcdbackup.LOG
2014-09-17 03:23 - 2014-04-03 12:44 - 00000000 ____D () C:\temp
2014-09-16 22:28 - 2014-09-16 22:28 - 00000000 __SHD () C:\found.000
2014-09-16 09:37 - 2014-09-16 09:37 - 00000000 ____D () C:\0a84d8ba5a812d0fa3993a
2014-09-16 09:37 - 2009-11-02 17:35 - 01089784 _____ () C:\Windows\WindowsUpdate.log
2014-09-16 09:36 - 2014-09-16 09:36 - 00000000 ____D () C:\e41d21b52402b3f6b0eb220699
2014-09-16 09:17 - 2009-11-11 11:28 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965688842-4039756071-3594313719-1000UA.job
2014-09-16 09:11 - 2011-12-31 19:01 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965688842-4039756071-3594313719-1005UA.job
2014-09-16 08:59 - 2014-08-19 20:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\System32\Drivers\MBAMSwissArmy.sys
2014-09-16 07:17 - 2009-11-11 11:28 - 00000860 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965688842-4039756071-3594313719-1000Core.job
2014-09-15 20:31 - 2014-09-11 09:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-15 20:31 - 2009-11-02 19:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-15 15:11 - 2011-12-31 19:01 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1965688842-4039756071-3594313719-1005Core.job
2014-09-15 02:00 - 2014-09-15 02:00 - 00000000 ____D () C:\d0981656aa39f0ec18
2014-09-15 02:00 - 2014-09-15 02:00 - 00000000 ____D () C:\4527b9e3a78ae83a2c9a3b6f8e18
2014-09-14 02:03 - 2009-07-13 20:45 - 00023056 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-14 02:03 - 2009-07-13 20:45 - 00023056 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-11 09:16 - 2014-09-11 09:16 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-10 21:12 - 2009-11-15 15:48 - 00000000 ____D () C:\Users\Lauren\Dance
2014-09-10 03:15 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-09-10 02:43 - 2009-07-13 21:13 - 00782510 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-09-10 02:37 - 2013-08-18 00:00 - 00007095 _____ () C:\Windows\setupact.log
2014-09-10 02:37 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 02:18 - 2009-11-11 20:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 02:11 - 2014-02-26 03:06 - 00775124 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 02:09 - 2013-07-19 07:12 - 00000000 ____D () C:\Windows\System32\MRT
2014-09-10 02:03 - 2009-11-11 11:45 - 101694776 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-09-10 02:01 - 2014-05-06 02:00 - 00000000 ___SD () C:\Windows\System32\CompatTel
2014-09-07 09:34 - 2013-08-02 12:22 - 00000000 ____D () C:\Users\Lauren\Bills
2014-09-04 18:10 - 2014-09-09 18:51 - 00578048 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-09-03 21:15 - 2009-11-15 15:52 - 00000000 ____D () C:\Users\Lauren\Kethry
2014-08-29 02:18 - 2009-07-13 20:45 - 00342832 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-08-25 05:53 - 2009-11-02 17:50 - 00270496 _____ (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2014-08-23 19:56 - 2012-02-19 13:08 - 00000000 ____D () C:\Users\Lauren\Ukulele
2014-08-22 18:07 - 2014-08-28 02:30 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-08-22 17:45 - 2014-08-28 02:30 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 16:59 - 2014-08-28 02:30 - 03163648 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
 
Some content of TEMP:
====================
C:\Users\Lauren\AppData\Local\Temp\helper.exe
C:\Users\Lauren\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Lauren\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Lauren\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Lauren\AppData\Local\Temp\ntdll_dump.dll
C:\Users\Lauren\AppData\Local\Temp\ose00000.exe
C:\Users\Lauren\AppData\Local\Temp\Quarantine.exe
C:\Users\Lauren\AppData\Local\Temp\sqlite3.exe
C:\Users\Lauren\AppData\Local\Temp\uninst.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
C:\Windows\System32\ole32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\ole32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\COMDLG32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\COMDLG32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\IERTUTIL.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\kernel32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\kernel32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\OLEAUT32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\OLEAUT32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\rpcrt4.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\rpcrt4.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\Setupapi.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\Setupapi.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\SHLWAPI.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\SHLWAPI.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\URLMON.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\user32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\user32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\USP10.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\WININET.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\WLDAP32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\WLDAP32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\WS2_32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\WS2_32.dll IS MISSING <==== ATTENTION!
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\User32.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\userinit.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\rpcss.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 16%
Total physical RAM: 3838.36 MB
Available physical RAM: 3218.56 MB
Total Pagefile: 3836.51 MB
Available Pagefile: 3210.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:450.2 GB) (Free:195.36 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: () (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EFB2B7D7)
Partition 1: (Active) - (Size=450.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15.6 GB) - (Type=12)
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
 
LastRegBack: 2014-09-15 23:54
 
==================== End Of Log ============================


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 PM

Posted 26 September 2014 - 01:50 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/549258 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:53 PM

Posted 01 October 2014 - 01:50 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users