Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Failed to Start, System Repair Can't Discover Problem


  • This topic is locked This topic is locked
3 replies to this topic

#1 mlanno

mlanno

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:05:32 AM

Posted 15 August 2015 - 05:49 PM

Hello
I just got back from my honeymoon and found my PC broken :(. A little googling allowed me to stumble upon this thread: http://www.bleepingcomputer.com/forums/t/448339/windows-failed-to-start-system-repair-cant-discover-problem/

. I followed the advice all the way up to the formation of the FRST file on the flash drive. I've pasted the results. Can someone please help me get my computer usable again? Thanks!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:14-08-2015 01
Ran by SYSTEM on MININT-67RQRNF (15-08-2015 19:42:19)
Running from f:\
Platform: Windows 7 Ultimate (X86) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [USB3MON] => C:\Program Files\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-20] (Intel Corporation)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-11] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-04-06] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCEPServiceManager] => C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKU\htpc\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2015-03-12] (Google Inc.)
HKU\htpc\...\Run: [Dropbox Update] => C:\Users\htpc\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-20] (Dropbox, Inc.)
HKU\htpc\...\RunOnce: [Application Restart #0] => C:\Program Files\Google\Chrome\Application\chrome.exe [813896 2015-07-13] (Google Inc.)
Startup: C:\Users\htpc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CouchPotato.lnk [2015-05-29]
ShortcutTarget: CouchPotato.lnk ->  (No File)
Startup: C:\Users\htpc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-03-13]
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\htpc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SABnzbd.lnk [2015-03-12]
ShortcutTarget: SABnzbd.lnk -> C:\Program Files\SABnzbd\SABnzbd.exe ()
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 chromoting; C:\Program Files\Google\Chrome Remote Desktop\44.0.2403.25\remoting_host.exe [69448 2015-05-28] (Google Inc.)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1867448 2015-07-01] (Microsoft Corporation)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [280840 2015-03-19] (Intel Corporation)
S3 ICCS; C:\Program Files\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [171072 2012-09-18] (Intel Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [293128 2015-03-19] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [686528 2014-01-31] (Intel® Corporation)
S2 Intel® ME Service; C:\Program Files\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-20] (Intel Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [190256 2014-08-25] ()
S3 iumsvc; C:\Program Files\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
S2 jhi_service; C:\Program Files\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 MySQL; C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe [11035136 2015-01-19] ()
S2 NzbDrone; C:\ProgramData\NzbDrone\bin\nzbdrone.console.exe [24064 2015-07-20] (sonarr.tv)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AsrDrv101; C:\Windows\system32\Drivers\AsrDrv101.sys [19720 2015-03-12] (ASRock Incorporation)
S0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [38152 2013-08-02] (ASRock Inc.)
S0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [521576 2014-05-28] (Intel Corporation)
S0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [24424 2014-05-28] (Intel Corporation)
S3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [22728 2014-05-27] ()
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [37576 2014-05-27] ()
S0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2014-02-20] (Intel Corporation)
S3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [364528 2014-02-20] (Intel Corporation)
S3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [800240 2014-02-20] (Intel Corporation)
S3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [111904 2014-09-30] (Intel Corporation)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2040-02-05 22:28 - 2015-03-19 16:00 - 01986560 _____ (Intel Corporation) C:\Windows\System32\igfxLHM.dll
2040-02-05 22:28 - 2015-03-19 16:00 - 00622080 _____ (Intel Corporation) C:\Windows\System32\igfxDH.dll
2040-02-05 22:28 - 2015-03-19 16:00 - 00293128 _____ (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
2040-02-05 22:28 - 2015-03-19 16:00 - 00261896 _____ (Intel Corporation) C:\Windows\System32\igfxEM.exe
2040-02-05 22:28 - 2015-03-19 16:00 - 00247296 _____ (Intel Corporation) C:\Windows\System32\igfxDI.dll
2040-02-05 22:28 - 2015-03-19 16:00 - 00211208 _____ (Intel Corporation) C:\Windows\System32\igfxHK.exe
2040-02-05 22:28 - 2014-05-21 00:31 - 00187348 __RSH C:\Windows\System32\resTHA.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00180164 __RSH C:\Windows\System32\resELL.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00176020 __RSH C:\Windows\System32\resRUS.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00161876 __RSH C:\Windows\System32\resARA.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00161332 __RSH C:\Windows\System32\resHEB.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00161268 __RSH C:\Windows\System32\resJPN.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00156692 __RSH C:\Windows\System32\resFRA.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00156676 __RSH C:\Windows\System32\resHUN.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00154980 __RSH C:\Windows\System32\resKOR.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00154884 __RSH C:\Windows\System32\resITA.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00154884 __RSH C:\Windows\System32\resDEU.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00154724 __RSH C:\Windows\System32\resROM.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00154612 __RSH C:\Windows\System32\resESN.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00154180 __RSH C:\Windows\System32\resPLK.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00154036 __RSH C:\Windows\System32\resSKY.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00153844 __RSH C:\Windows\System32\resNLD.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00153284 __RSH C:\Windows\System32\resPTB.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00153140 __RSH C:\Windows\System32\resTRK.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00153108 __RSH C:\Windows\System32\resCSY.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00152980 __RSH C:\Windows\System32\resPTG.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00152564 __RSH C:\Windows\System32\resFIN.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00152132 __RSH C:\Windows\System32\resHRV.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00151684 __RSH C:\Windows\System32\resSVE.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00151508 __RSH C:\Windows\System32\resSLV.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00150580 __RSH C:\Windows\System32\resNOR.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00150068 __RSH C:\Windows\System32\resDAN.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00148756 __RSH C:\Windows\System32\resENU.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00146980 __RSH C:\Windows\System32\resCHT.cui
2040-02-05 22:28 - 2014-05-21 00:31 - 00146148 __RSH C:\Windows\System32\resCHS.cui
2040-02-05 22:28 - 2014-05-21 00:30 - 02108679 _____ C:\Windows\System32\iglhxa32.cpa
2040-02-05 22:28 - 2014-05-21 00:30 - 00364504 _____ (Intel® Corporation) C:\Windows\System32\Drivers\IntcDAud.sys
2040-02-05 22:28 - 2014-05-21 00:30 - 00153600 _____ (Intel Corporation) C:\Windows\System32\igfxCoIn_v3621.dll
2040-02-05 22:28 - 2014-05-21 00:30 - 00094208 _____ C:\Windows\System32\IccLibDll.dll
2040-02-05 22:28 - 2014-05-21 00:30 - 00044474 _____ C:\Windows\System32\iglhxg32.vp
2040-02-05 22:28 - 2014-05-21 00:30 - 00044235 _____ C:\Windows\System32\iglhxo32.vp
2040-02-05 22:28 - 2014-05-21 00:30 - 00044053 _____ C:\Windows\System32\iglhxo32_dev.vp
2040-02-05 22:28 - 2014-05-21 00:30 - 00043760 _____ C:\Windows\System32\iglhxg32_dev.vp
2040-02-05 22:28 - 2014-05-21 00:30 - 00043270 _____ C:\Windows\System32\iglhxc32.vp
2040-02-05 22:28 - 2014-05-21 00:30 - 00042654 _____ C:\Windows\System32\iglhxc32_dev.vp
2040-02-05 22:28 - 2014-05-21 00:30 - 00001125 _____ C:\Windows\System32\iglhxa32.vp
2040-02-05 22:28 - 2014-05-21 00:30 - 00000895 _____ C:\Windows\System32\Gfxv2_0.exe.config
2040-02-05 22:28 - 2014-05-21 00:30 - 00000895 _____ C:\Windows\System32\DPTopologyAppv2_0.exe.config
2040-02-05 22:28 - 2014-05-21 00:30 - 00000895 _____ C:\Windows\System32\CustomModeAppv2_0.exe.config
2040-02-05 22:28 - 2014-05-21 00:30 - 00000889 _____ C:\Windows\System32\CustomModeApp.exe.config
2040-02-05 22:28 - 2014-02-20 21:56 - 01461992 _____ (Microsoft Corporation) C:\Windows\System32\WdfCoInstaller01009.dll
2040-02-05 22:28 - 2014-02-20 21:56 - 00800240 _____ (Intel Corporation) C:\Windows\System32\Drivers\iusb3xhc.sys
2040-02-05 22:28 - 2014-02-20 21:56 - 00364528 _____ (Intel Corporation) C:\Windows\System32\Drivers\iusb3hub.sys
2040-02-05 22:28 - 2014-02-20 21:56 - 00016880 _____ (Intel Corporation) C:\Windows\System32\Drivers\iusb3hcs.sys
2015-08-15 19:42 - 2015-08-15 19:42 - 00000000 ____D C:\FRST
2015-08-11 22:00 - 2015-07-30 05:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 12:15 - 2015-07-28 12:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
2015-08-11 12:15 - 2015-07-28 12:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\System32\appraiser.dll
2015-08-11 12:15 - 2015-07-28 12:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\System32\invagent.dll
2015-08-11 12:15 - 2015-07-28 12:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\System32\generaltel.dll
2015-08-11 12:15 - 2015-07-28 12:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\System32\devinv.dll
2015-08-11 12:15 - 2015-07-28 12:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2015-08-11 12:15 - 2015-07-28 12:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\acmigration.dll
2015-08-11 12:15 - 2015-07-28 11:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2015-08-11 12:15 - 2015-07-20 09:56 - 02943488 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-08-11 12:15 - 2015-07-20 09:56 - 02061312 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-08-11 12:15 - 2015-07-20 09:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-08-11 12:15 - 2015-07-20 09:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-08-11 12:15 - 2015-07-20 09:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-08-11 12:15 - 2015-07-20 09:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-08-11 12:15 - 2015-07-20 09:56 - 00073728 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2015-08-11 12:15 - 2015-07-20 09:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2015-08-11 12:15 - 2015-07-20 09:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-08-11 12:15 - 2015-07-20 09:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2015-08-11 12:15 - 2015-07-20 09:56 - 00011776 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2015-08-11 12:15 - 2015-07-15 09:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2015-08-11 12:15 - 2015-07-15 09:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-08-11 12:15 - 2015-07-15 09:59 - 00137664 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-08-11 12:15 - 2015-07-15 09:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mountmgr.sys
2015-08-11 12:15 - 2015-07-15 09:59 - 00067520 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2015-08-11 12:15 - 2015-07-15 09:56 - 01308160 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2015-08-11 12:15 - 2015-07-15 09:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2015-08-11 12:15 - 2015-07-15 09:55 - 00400896 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2015-08-11 12:15 - 2015-07-15 09:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2015-08-11 12:15 - 2015-07-15 09:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2015-08-11 12:15 - 2015-07-15 09:55 - 00100352 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2015-08-11 12:15 - 2015-07-15 09:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2015-08-11 12:15 - 2015-07-15 09:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2015-08-11 12:15 - 2015-07-15 09:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2015-08-11 12:15 - 2015-07-15 09:55 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2015-08-11 12:15 - 2015-07-15 09:54 - 01061376 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-08-11 12:15 - 2015-07-15 09:54 - 00655360 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2015-08-11 12:15 - 2015-07-15 09:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-08-11 12:15 - 2015-07-15 09:54 - 00262656 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2015-08-11 12:15 - 2015-07-15 09:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-08-11 12:15 - 2015-07-15 09:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2015-08-11 12:15 - 2015-07-15 09:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2015-08-11 12:15 - 2015-07-15 09:54 - 00038912 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2015-08-11 12:15 - 2015-07-15 09:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2015-08-11 12:15 - 2015-07-15 09:54 - 00022528 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2015-08-11 12:15 - 2015-07-15 09:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2015-08-11 12:15 - 2015-07-15 09:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\System32\msmmsp.dll
2015-08-11 12:15 - 2015-07-15 09:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2015-08-11 12:15 - 2015-07-15 09:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2015-08-11 12:15 - 2015-07-15 09:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2015-08-11 12:15 - 2015-07-15 09:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2015-08-11 12:15 - 2015-07-15 09:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2015-08-11 12:15 - 2015-07-15 08:36 - 00225792 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2015-08-11 12:15 - 2015-07-15 08:36 - 00124416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2015-08-11 12:15 - 2015-07-15 08:36 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2015-08-11 12:15 - 2015-07-09 09:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\System32\notepad.exe
2015-08-11 12:15 - 2015-07-09 09:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-11 12:15 - 2015-07-01 12:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\System32\WebClnt.dll
2015-08-11 12:15 - 2015-07-01 12:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\System32\davclnt.dll
2015-08-11 12:14 - 2015-07-30 09:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2015-08-11 12:14 - 2015-07-30 09:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2015-08-11 12:14 - 2015-07-30 09:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2015-08-11 12:14 - 2015-07-30 09:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2015-08-11 12:14 - 2015-07-30 09:57 - 00034304 _____ (Adobe Systems) C:\Windows\System32\atmlib.dll
2015-08-11 12:14 - 2015-07-30 09:57 - 00026624 _____ (Microsoft Corporation) C:\Windows\System32\lpk.dll
2015-08-11 12:14 - 2015-07-30 09:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\System32\dciman32.dll
2015-08-11 12:14 - 2015-07-30 08:52 - 02384384 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-08-11 12:14 - 2015-07-30 08:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\System32\atmfd.dll
2015-08-11 12:14 - 2015-07-20 16:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-08-11 12:14 - 2015-07-16 12:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-08-11 12:14 - 2015-07-16 12:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-08-11 12:14 - 2015-07-16 12:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-08-11 12:14 - 2015-07-16 11:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-08-11 12:14 - 2015-07-16 11:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-08-11 12:14 - 2015-07-16 11:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-08-11 12:14 - 2015-07-16 11:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-08-11 12:14 - 2015-07-16 11:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-08-11 12:14 - 2015-07-16 11:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-08-11 12:14 - 2015-07-16 11:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-08-11 12:14 - 2015-07-16 11:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-08-11 12:14 - 2015-07-16 11:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-08-11 12:14 - 2015-07-16 11:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-08-11 12:14 - 2015-07-16 11:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-08-11 12:14 - 2015-07-16 11:39 - 00102912 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-08-11 12:14 - 2015-07-16 11:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-08-11 12:14 - 2015-07-16 11:32 - 00667648 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-08-11 12:14 - 2015-07-16 11:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-08-11 12:14 - 2015-07-16 11:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-08-11 12:14 - 2015-07-16 11:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-08-11 12:14 - 2015-07-16 11:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-08-11 12:14 - 2015-07-16 11:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-08-11 12:14 - 2015-07-16 11:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2015-08-11 12:14 - 2015-07-16 11:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-08-11 12:14 - 2015-07-16 11:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\System32\rdvidcrl.dll
2015-08-11 12:14 - 2015-07-16 11:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2015-08-11 12:14 - 2015-07-16 11:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-08-11 12:14 - 2015-07-16 11:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-08-11 12:14 - 2015-07-16 11:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-08-11 12:14 - 2015-07-16 11:06 - 00685568 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-08-11 12:14 - 2015-07-16 11:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-08-11 12:14 - 2015-07-16 10:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-08-11 12:14 - 2015-07-16 10:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-08-11 12:14 - 2015-07-16 10:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-08-11 12:14 - 2015-07-16 07:14 - 00355840 _____ (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2015-08-11 12:14 - 2015-07-14 18:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2015-08-11 12:14 - 2015-07-14 18:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2015-08-11 12:14 - 2015-07-14 18:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\basesrv.dll
2015-08-11 12:14 - 2015-07-14 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml6r.dll
2015-08-11 12:14 - 2015-07-14 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\msxml3r.dll
2015-08-11 12:14 - 2015-07-10 09:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2015-08-11 12:14 - 2015-05-09 10:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\System32\mcupdate_GenuineIntel.dll
2015-07-24 00:25 - 2015-07-24 00:25 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-12 03:21 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\LogFiles
2015-08-11 22:20 - 2015-03-12 14:31 - 00000000 ___SD C:\Windows\System32\CompatTel
2015-08-11 22:20 - 2015-03-12 14:31 - 00000000 ____D C:\Windows\System32\appraiser
2015-08-11 22:20 - 2015-03-12 07:56 - 00009704 _____ C:\Windows\System32\Gms.log
2015-08-11 22:20 - 2015-03-12 05:19 - 01204183 _____ C:\Windows\WindowsUpdate.log
2015-08-11 22:17 - 2015-05-29 07:32 - 00000000 ____D C:\Program Files\headphones
2015-08-11 22:16 - 2009-07-13 20:34 - 00010096 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-11 22:16 - 2009-07-13 20:34 - 00010096 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-11 22:01 - 2015-03-12 08:01 - 129304528 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2015-08-11 22:01 - 2015-03-12 08:01 - 00000000 ____D C:\Windows\System32\MRT
2015-08-11 21:57 - 2015-03-12 05:55 - 00000000 ____D C:\ProgramData\NzbDrone
2015-08-11 21:00 - 2015-03-12 07:58 - 00000000 ____D C:\Users\htpc\AppData\Local\Adobe
2015-08-11 13:05 - 2015-03-12 07:44 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-28 17:40 - 2015-03-13 13:10 - 00000000 ___RD C:\Users\htpc\Dropbox
2015-07-28 17:40 - 2015-03-12 07:58 - 00000000 ____D C:\Users\htpc\AppData\Roaming\Dropbox
2015-07-25 06:45 - 2015-04-04 22:00 - 00000000 ___SD C:\Windows\System32\GWX
2015-07-24 00:27 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-24 00:24 - 2015-05-31 16:21 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-07-20 22:21 - 2015-03-12 04:27 - 00796146 _____ C:\Windows\System32\PerfStringBackup.INI
2015-07-20 22:16 - 2009-07-13 20:39 - 00098737 _____ C:\Windows\setupact.log
2015-07-20 22:16 - 2009-07-13 20:33 - 03859960 _____ C:\Windows\System32\FNTCACHE.DAT
2015-07-20 22:15 - 2015-03-12 07:47 - 00272526 _____ C:\Windows\PFRO.log
 
Some files in TEMP:
====================
C:\Users\htpc\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxqhfuq.dll
C:\Users\htpc\AppData\Local\Temp\vlc-2.2.1-win32.exe
 
==================== Known DLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2015-05-12 21:57] - [2015-04-12 19:19] - 0259072 ____A (Microsoft Corporation) 0780A42DBD7D9969F9BF4A19AA4285B5
 
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Restore Points  =========================
 
Restore point made on: 2015-07-20 22:00:17
Restore point made on: 2015-07-24 10:14:13
Restore point made on: 2015-07-28 10:31:45
Restore point made on: 2015-07-28 22:00:17
Restore point made on: 2015-08-04 02:35:20
Restore point made on: 2015-08-11 12:13:43
Restore point made on: 2015-08-11 22:00:21
 
==================== Memory info =========================== 
 
Percentage of memory in use: 13%
Total physical RAM: 3789.16 MB
Available physical RAM: 3280.59 MB
Total Virtual: 3787.44 MB
Available Virtual: 3288.98 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:117.28 GB) (Free:80.36 GB) NTFS
Drive d: (Iomega HDD) (Fixed) (Total:931.51 GB) (Free:107.49 GB) NTFS
Drive f: (UNTITLED) (Removable) (Total:7.45 GB) (Free:7.42 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 117.4 GB) (Disk ID: 72D14C2F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117.3 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B37D8CCB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
 
LastRegBack: 2015-08-11 19:03
 
==================== End of log ============================

Edited by hamluis, 16 August 2015 - 06:53 AM.
Moved from Win 7 to MRL - Hamluis.


BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:32 AM

Posted 17 August 2015 - 12:48 PM

Greetings mlanno and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far.

Can you recall the date when you last knew your computer was fine?

BTW, congrats and sorry you came home to this mess!

Edited by Oh My!, 17 August 2015 - 12:49 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:32 AM

Posted 20 August 2015 - 09:12 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:32 AM

Posted 22 August 2015 - 08:38 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users