possible trojan infection, cant get to desktop

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

minimustangs

Thread Starter
Joined
Jul 5, 2009
Messages
408
I was brought a Dell inspirion laptop with multiple infections...Zombie News, GUplayer...and others.
Instances of something listed as Trojan:fake.32 also were discovered.

After scanning and cleaning with Malwarebytes, ADWCleaner, And JRT (which initially wouldn't run) system was usable and performing better. System was then cleaned with CCleaner, and I manually removed registry entried for startup programs as part of a general cleaning. After wiping the free space with CCleaner the was a message on the screen that said

Interalt for multicore processors qill be disabled. No bootable devices -- strike F1 to retry boot. F2 for setup utility. Press F5 to run onboard diagnostics.

Can get into desktop in safe mode.
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Welcome.

Tap on F8 during startup. Can you reach the advanced menu?
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
See if you can follow these instructions:

Please download Farbar Recovery Scan Tool and save it to a flash drive.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Plug the flash drive into the infected PC.
  • If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
  • Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html



    To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt

    Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Finished? Any error message?
 

minimustangs

Thread Starter
Joined
Jul 5, 2009
Messages
408
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
Ran by SYSTEM on MININT-KLTDGJD on 26-04-2015 11:42:00
Running from e:\
Platform: WIN_7 (X64) OS Language: English (United States)
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

ATTENTION: Software hive is not loaded.

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 CryptSvc; C:\Windows\system32\cryptsvc.dll [184320 2012-06-02] ()
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] ()
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S3 AeLookupSvc; %SystemRoot%\System32\aelupsvc.dll [X]
S2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\AESTSr64.exe [X]
S3 ALG; %SystemRoot%\System32\alg.exe [X]
S3 AppIDSvc; %SystemRoot%\System32\appidsvc.dll [X]
S3 Appinfo; %SystemRoot%\System32\appinfo.dll [X]
S2 Apple Mobile Device Service; "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [X]
S2 AudioEndpointBuilder; %SystemRoot%\System32\Audiosrv.dll [X]
S2 AudioSrv; %SystemRoot%\System32\Audiosrv.dll [X]
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]
S3 AxInstSV; %SystemRoot%\System32\AxInstSV.dll [X]
S3 BDESVC; %SystemRoot%\System32\bdesvc.dll [X]
S2 BFE; %SystemRoot%\System32\bfe.dll [X]
S2 BITS; %SystemRoot%\System32\qmgr.dll [X]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
S3 Browser; %SystemRoot%\System32\browser.dll [X]
S3 bthserv; %SystemRoot%\system32\bthserv.dll [X]
S3 CertPropSvc; %SystemRoot%\System32\certprop.dll [X]
S4 clr_optimization_v2.0.50727_32; %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [X]
S4 clr_optimization_v2.0.50727_64; %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [X]
S2 clr_optimization_v4.0.30319_32; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [X]
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [X]
S2 cvhsvc; "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" [X]
S2 DcomLaunch; %SystemRoot%\system32\rpcss.dll [X]
S3 defragsvc; %Systemroot%\System32\defragsvc.dll [X]
S2 DellDataVault; "C:\Program Files\Dell\DellDataVault\DellDataVault.exe" [X]
S2 DellDataVaultWiz; "C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe" [X]
S2 Dhcp; %SystemRoot%\system32\dhcpcore.dll [X]
S2 Dnscache; %SystemRoot%\System32\dnsrslvr.dll [X]
S2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [X]
S3 dot3svc; %SystemRoot%\System32\dot3svc.dll [X]
S2 DPS; %SystemRoot%\system32\dps.dll [X]
S2 dubovowi; C:\Users\taylors\AppData\Roaming\4C4C4544-1427309190-4210-8052-B9C04F354E31\jnse9945.tmp [X]
S3 EapHost; %SystemRoot%\System32\eapsvc.dll [X]
S2 EFS; %SystemRoot%\System32\lsass.exe [X]
S3 ehRecvr; %systemroot%\ehome\ehRecvr.exe [X]
S3 ehSched; %systemroot%\ehome\ehsched.exe [X]
S2 eventlog; %SystemRoot%\System32\wevtsvc.dll [X]
S2 EventSystem; %systemroot%\system32\es.dll [X]
S3 Fax; %systemroot%\system32\fxssvc.exe [X]
S3 fdPHost; %SystemRoot%\system32\fdPHost.dll [X]
S3 FDResPub; %SystemRoot%\system32\fdrespub.dll [X]
S2 FontCache; %SystemRoot%\system32\FntCache.dll [X]
S3 FontCache3.0.0.0; %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [X]
S3 GameConsoleService; "C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe" [X]
S2 Garmin Core Update Service; "C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe" [X]
S2 gpsvc; %SystemRoot%\System32\gpsvc.dll [X]
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S3 hidserv; %SystemRoot%\system32\hidserv.dll [X]
S3 HomeGroupListener; %SystemRoot%\system32\ListSvc.dll [X]
S3 HomeGroupProvider; %SystemRoot%\system32\provsvc.dll [X]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [X]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [X]
S2 IAANTMON; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [X]
S3 idsvc; "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" [X]
S2 IKEEXT; %SystemRoot%\System32\ikeext.dll [X]
S3 IPBusEnum; %SystemRoot%\system32\ipbusenum.dll [X]
S2 iphlpsvc; %SystemRoot%\System32\iphlpsvc.dll [X]
S3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]
S3 KeyIso; %SystemRoot%\system32\lsass.exe [X]
S3 KtmRm; %systemroot%\system32\msdtckrm.dll [X]
S2 LanmanServer; %SystemRoot%\system32\srvsvc.dll [X]
S2 LanmanWorkstation; %SystemRoot%\System32\wkssvc.dll [X]
S2 LeapFrog Connect Device Service; "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe" [X]
S3 lltdsvc; %SystemRoot%\System32\lltdsvc.dll [X]
S2 lmhosts; %SystemRoot%\System32\lmhsvc.dll [X]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S4 Mcx2Svc; %SystemRoot%\system32\Mcx2Svc.dll [X]
S2 MMCSS; %SystemRoot%\system32\mmcss.dll [X]
S2 MpsSvc; %SystemRoot%\system32\mpssvc.dll [X]
S3 MSDTC; %SystemRoot%\System32\msdtc.exe [X]
S3 MSiSCSI; %systemroot%\system32\iscsiexe.dll [X]
S3 msiserver; %systemroot%\system32\msiexec.exe /V [X]
S3 napagent; %SystemRoot%\system32\qagentRT.dll [X]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [X]
S3 Netlogon; %systemroot%\system32\lsass.exe [X]
S3 Netman; %SystemRoot%\System32\netman.dll [X]
S3 netprofm; %SystemRoot%\System32\netprofm.dll [X]
S4 NetTcpPortSharing; "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe" [X]
S2 NlaSvc; %SystemRoot%\System32\nlasvc.dll [X]
S2 nsi; %systemroot%\system32\nsisvc.dll [X]
S2 NvtlService; "C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe" [X]
S3 ose; "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [X]
S3 osppsvc; "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" [X]
S3 p2pimsvc; %SystemRoot%\system32\pnrpsvc.dll [X]
S3 p2psvc; %SystemRoot%\system32\p2psvc.dll [X]
S2 PcaSvc; %SystemRoot%\System32\pcasvc.dll [X]
S3 PerfHost; %SystemRoot%\SysWow64\perfhost.exe [X]
S3 pla; %systemroot%\system32\pla.dll [X]
S2 PlugPlay; %SystemRoot%\system32\umpnpmgr.dll [X]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [X]
S3 PNRPAutoReg; %SystemRoot%\system32\pnrpauto.dll [X]
S3 PNRPsvc; %SystemRoot%\system32\pnrpsvc.dll [X]
S3 PolicyAgent; %SystemRoot%\System32\ipsecsvc.dll [X]
S2 Power; %SystemRoot%\system32\umpo.dll [X]
S2 ProfSvc; %systemroot%\system32\profsvc.dll [X]
S3 ProtectedStorage; %SystemRoot%\system32\lsass.exe [X]
S3 QWAVE; %windir%\system32\qwave.dll [X]
S3 RasAuto; %SystemRoot%\System32\rasauto.dll [X]
S3 RasMan; %SystemRoot%\System32\rasmans.dll [X]
S4 RemoteAccess; %SystemRoot%\System32\mprdim.dll [X]
S3 RemoteRegistry; %SystemRoot%\system32\regsvc.dll [X]
S2 RpcEptMapper; %SystemRoot%\System32\RpcEpMap.dll [X]
S3 RpcLocator; %SystemRoot%\system32\locator.exe [X]
S2 RpcSs; %SystemRoot%\system32\rpcss.dll [X]
S2 SamSs; %SystemRoot%\system32\lsass.exe [X]
S3 SCardSvr; %SystemRoot%\System32\SCardSvr.dll [X]
S2 Schedule; %systemroot%\system32\schedsvc.dll [X]
S3 SCPolicySvc; %SystemRoot%\System32\certprop.dll [X]
S3 SDRSVC; %Systemroot%\System32\SDRSVC.dll [X]
S3 seclogon; %windir%\system32\seclogon.dll [X]
S2 SENS; %SystemRoot%\System32\sens.dll [X]
S3 SensrSvc; %SystemRoot%\system32\sensrsvc.dll [X]
S3 SessionEnv; %SystemRoot%\system32\sessenv.dll [X]
S2 sftlist; "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" [X]
S2 SftService; "C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE" [X]
S3 sftvsa; "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" [X]
S2 SharedAccess; %SystemRoot%\System32\ipnathlp.dll [X]
S2 ShellHWDetection; %SystemRoot%\System32\shsvcs.dll [X]
S2 SkypeUpdate; "C:\Program Files (x86)\Skype\Updater\Updater.exe" [X]
S3 SNMPTRAP; %SystemRoot%\System32\snmptrap.exe [X]
S2 Spooler; %SystemRoot%\System32\spoolsv.exe [X]
S2 sppsvc; %SystemRoot%\system32\sppsvc.exe [X]
S3 sppuinotify; %SystemRoot%\system32\sppuinotify.dll [X]
S3 SSDPSRV; %SystemRoot%\System32\ssdpsrv.dll [X]
S3 SstpSvc; %SystemRoot%\system32\sstpsvc.dll [X]
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\STacSV64.exe [X]
S2 stisvc; %SystemRoot%\System32\wiaservc.dll [X]
S2 SupportAssistAgent; "C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe" [X]
S3 swprv; %Systemroot%\System32\swprv.dll [X]
S2 SysMain; %systemroot%\system32\sysmain.dll [X]
S3 TabletInputService; %SystemRoot%\System32\TabSvc.dll [X]
S3 TapiSrv; %SystemRoot%\System32\tapisrv.dll [X]
S3 TBS; %SystemRoot%\System32\tbssvc.dll [X]
S3 TermService; %SystemRoot%\System32\termsrv.dll [X]
S2 Themes; %SystemRoot%\system32\themeservice.dll [X]
S3 THREADORDER; %SystemRoot%\system32\mmcss.dll [X]
S2 TrkWks; %SystemRoot%\System32\trkwks.dll [X]
S2 TrustedInstaller; %SystemRoot%\servicing\TrustedInstaller.exe [X]
S3 UI0Detect; %SystemRoot%\system32\UI0Detect.exe [X]
S3 upnphost; %SystemRoot%\System32\upnphost.dll [X]
S2 UxSms; %SystemRoot%\System32\uxsms.dll [X]
S3 VaultSvc; %SystemRoot%\system32\lsass.exe [X]
S3 vds; %SystemRoot%\System32\vds.exe [X]
S3 VSS; %systemroot%\system32\vssvc.exe [X]
S3 W32Time; %systemroot%\system32\w32time.dll [X]
S3 WatAdminSvc; %SystemRoot%\system32\Wat\WatAdminSvc.exe [X]
S3 wbengine; "%systemroot%\system32\wbengine.exe" [X]
S3 WbioSrvc; %SystemRoot%\System32\wbiosrvc.dll [X]
S3 wcncsvc; %SystemRoot%\System32\wcncsvc.dll [X]
S3 WcsPlugInService; %SystemRoot%\System32\WcsPlugInService.dll [X]
S3 WdiServiceHost; %SystemRoot%\system32\wdi.dll [X]
S3 WdiSystemHost; %SystemRoot%\system32\wdi.dll [X]
S3 WebClient; %SystemRoot%\System32\webclnt.dll [X]
S3 Wecsvc; %SystemRoot%\system32\wecsvc.dll [X]
S3 wercplsupport; %SystemRoot%\System32\wercplsupport.dll [X]
S3 WerSvc; %SystemRoot%\System32\WerSvc.dll [X]
S2 WinDefend; %ProgramFiles%\Windows Defender\mpsvc.dll [X]
S2 Winmgmt; %SystemRoot%\system32\wbem\WMIsvc.dll [X]
S3 WinRM; %SystemRoot%\system32\WsmSvc.dll [X]
S2 Wlansvc; %SystemRoot%\System32\wlansvc.dll [X]
S2 wlidsvc; "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [X]
S2 wltrysvc; "C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe"
S3 wmiApSrv; %systemroot%\system32\wbem\WmiApSrv.exe [X]
S2 WMPNetworkSvc; "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" [X]
S3 WPCSvc; %SystemRoot%\System32\wpcsvc.dll [X]
S3 WPDBusEnum; %SystemRoot%\system32\wpdbusenum.dll [X]
S2 wscsvc; %SystemRoot%\System32\wscsvc.dll [X]
S2 WSearch; %systemroot%\system32\SearchIndexer.exe /Embedding [X]
S2 wuauserv; %systemroot%\system32\wuaueng.dll [X]
S3 wudfsvc; %SystemRoot%\System32\WUDFSvc.dll [X]
S3 WwanSvc; %SystemRoot%\System32\wwansvc.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 aswRvrt; No ImagePath
S0 aswVmm; No ImagePath
S1 Beep; No ImagePath
S3 exfat; No ImagePath
S3 fastfat; No ImagePath
S0 Fs_Rec; No ImagePath
S1 Msfs; No ImagePath
S3 MsRPC; No ImagePath
S3 NDProxy; No ImagePath
S1 Npfs; No ImagePath
S3 Ntfs; No ImagePath
S1 Null; No ImagePath
S3 RDPWD; No ImagePath
S2 secdrv; No ImagePath
S0 spldr; No ImagePath
S3 1394ohci; \SystemRoot\system32\drivers\1394ohci.sys [X]
S0 ACPI; system32\drivers\ACPI.sys [X]
S3 AcpiPmi; \SystemRoot\system32\drivers\acpipmi.sys [X]
S3 adp94xx; \SystemRoot\system32\DRIVERS\adp94xx.sys [X]
S3 adpahci; \SystemRoot\system32\DRIVERS\adpahci.sys [X]
S3 adpu320; \SystemRoot\system32\DRIVERS\adpu320.sys [X]
S1 AFD; \SystemRoot\system32\drivers\afd.sys [X]
S3 agp440; \SystemRoot\system32\drivers\agp440.sys [X]
S3 aliide; \SystemRoot\system32\drivers\aliide.sys [X]
S3 amdide; \SystemRoot\system32\drivers\amdide.sys [X]
S3 AmdK8; \SystemRoot\system32\DRIVERS\amdk8.sys [X]
S3 AmdPPM; \SystemRoot\system32\DRIVERS\amdppm.sys [X]
S3 amdsata; \SystemRoot\system32\drivers\amdsata.sys [X]
S3 amdsbs; \SystemRoot\system32\DRIVERS\amdsbs.sys [X]
S0 amdxata; system32\drivers\amdxata.sys [X]
S3 AppID; \SystemRoot\system32\drivers\appid.sys [X]
S3 arc; \SystemRoot\system32\DRIVERS\arc.sys [X]
S3 arcsas; \SystemRoot\system32\DRIVERS\arcsas.sys [X]
S2 aswHwid; \SystemRoot\system32\drivers\aswHwid.sys [X]
S2 aswMonFlt; \SystemRoot\system32\drivers\aswMonFlt.sys [X]
S1 aswRdr; \SystemRoot\system32\drivers\aswRdr2.sys [X]
S1 aswSnx; \SystemRoot\system32\drivers\aswSnx.sys [X]
S1 aswSP; \SystemRoot\system32\drivers\aswSP.sys [X]
S2 aswStm; \SystemRoot\system32\drivers\aswStm.sys [X]
S3 AsyncMac; system32\DRIVERS\asyncmac.sys [X]
S3 atapi; \SystemRoot\system32\drivers\atapi.sys [X]
S3 b06bdrv; \SystemRoot\system32\DRIVERS\bxvbda.sys [X]
S3 b57nd60a; system32\DRIVERS\b57nd60a.sys [X]
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 BCM43XX; system32\DRIVERS\bcmwl664.sys [X]
S1 blbdrive; system32\DRIVERS\blbdrive.sys [X]
S3 bowser; system32\DRIVERS\bowser.sys [X]
S3 BrFiltLo; \SystemRoot\system32\DRIVERS\BrFiltLo.sys [X]
S3 BrFiltUp; \SystemRoot\system32\DRIVERS\BrFiltUp.sys [X]
S3 Brserid; \SystemRoot\System32\Drivers\Brserid.sys [X]
S3 BrSerWdm; \SystemRoot\System32\Drivers\BrSerWdm.sys [X]
S3 BrUsbMdm; \SystemRoot\System32\Drivers\BrUsbMdm.sys [X]
S3 BrUsbSer; \SystemRoot\System32\Drivers\BrUsbSer.sys [X]
S3 BTHMODEM; \SystemRoot\system32\DRIVERS\bthmodem.sys [X]
S4 cdfs; system32\DRIVERS\cdfs.sys [X]
S1 cdrom; \SystemRoot\system32\drivers\cdrom.sys [X]
S3 circlass; \SystemRoot\system32\DRIVERS\circlass.sys [X]
S0 CLFS; System32\CLFS.sys [X]
S3 CmBatt; system32\DRIVERS\CmBatt.sys [X]
S3 cmdide; \SystemRoot\system32\drivers\cmdide.sys [X]
S0 CNG; System32\Drivers\cng.sys [X]
S0 Compbatt; system32\DRIVERS\compbatt.sys [X]
S3 CompositeBus; \SystemRoot\system32\drivers\CompositeBus.sys [X]
S4 crcdisk; \SystemRoot\system32\DRIVERS\crcdisk.sys [X]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]
S3 DDDriver; system32\drivers\DDDriver64Dcsa.sys [X]
S3 DellProf; system32\drivers\DellProf.sys [X]
S1 DfsC; System32\Drivers\dfsc.sys [X]
S1 discache; System32\drivers\discache.sys [X]
S0 Disk; system32\DRIVERS\disk.sys [X]
S3 Dot4; system32\DRIVERS\Dot4.sys [X]
S3 Dot4Print; \SystemRoot\system32\drivers\Dot4Prt.sys [X]
S3 dot4usb; system32\DRIVERS\dot4usb.sys [X]
S3 drmkaud; system32\drivers\drmkaud.sys [X]
S3 DXGKrnl; \SystemRoot\System32\drivers\dxgkrnl.sys [X]
S3 ebdrv; \SystemRoot\system32\DRIVERS\evbda.sys [X]
S3 elxstor; \SystemRoot\system32\DRIVERS\elxstor.sys [X]
S3 ErrDev; \SystemRoot\system32\drivers\errdev.sys [X]
S3 fdc; \SystemRoot\system32\DRIVERS\fdc.sys [X]
S0 FileInfo; system32\drivers\fileinfo.sys [X]
S3 Filetrace; system32\drivers\filetrace.sys [X]
S3 flpydisk; \SystemRoot\system32\DRIVERS\flpydisk.sys [X]
S0 FltMgr; system32\drivers\fltmgr.sys [X]
S3 FsDepends; System32\drivers\FsDepends.sys [X]
S0 fvevol; System32\DRIVERS\fvevol.sys [X]
S3 gagp30kx; \SystemRoot\system32\DRIVERS\gagp30kx.sys [X]
S3 GEARAspiWDM; system32\DRIVERS\GEARAspiWDM.sys [X]
S3 hcw85cir; \SystemRoot\system32\drivers\hcw85cir.sys [X]
S3 HDAudBus; \SystemRoot\system32\drivers\HDAudBus.sys [X]
S3 HidBatt; \SystemRoot\system32\DRIVERS\HidBatt.sys [X]
S3 HidBth; \SystemRoot\system32\DRIVERS\hidbth.sys [X]
S3 HidIr; \SystemRoot\system32\DRIVERS\hidir.sys [X]
S3 HidUsb; \SystemRoot\system32\drivers\hidusb.sys [X]
S3 HpSAMD; \SystemRoot\system32\drivers\HpSAMD.sys [X]
S3 HTTP; system32\drivers\HTTP.sys [X]
S0 hwpolicy; System32\drivers\hwpolicy.sys [X]
S3 i8042prt; \SystemRoot\system32\drivers\i8042prt.sys [X]
S0 iaStor; system32\DRIVERS\iaStor.sys [X]
S3 iaStorV; \SystemRoot\system32\drivers\iaStorV.sys [X]
S3 igfx; system32\DRIVERS\igdkmd64.sys [X]
S3 iirsp; \SystemRoot\system32\DRIVERS\iirsp.sys [X]
S3 intelide; \SystemRoot\system32\drivers\intelide.sys [X]
S3 intelppm; system32\DRIVERS\intelppm.sys [X]
S3 IpFilterDriver; system32\DRIVERS\ipfltdrv.sys [X]
S3 IPMIDRV; \SystemRoot\system32\drivers\IPMIDrv.sys [X]
S3 IPNAT; System32\drivers\ipnat.sys [X]
S3 IRENUM; system32\drivers\irenum.sys [X]
S3 isapnp; \SystemRoot\system32\drivers\isapnp.sys [X]
S3 iScsiPrt; \SystemRoot\system32\drivers\msiscsi.sys [X]
S3 kbdclass; \SystemRoot\system32\drivers\kbdclass.sys [X]
S3 kbdhid; \SystemRoot\system32\drivers\kbdhid.sys [X]
S0 KSecDD; System32\Drivers\ksecdd.sys [X]
S0 KSecPkg; System32\Drivers\ksecpkg.sys [X]
S3 ksthunk; \SystemRoot\system32\drivers\ksthunk.sys [X]
S3 Leapfrog-USBLAN; system32\DRIVERS\btblan.sys [X]
S2 lltdio; system32\DRIVERS\lltdio.sys [X]
S3 LSI_FC; \SystemRoot\system32\DRIVERS\lsi_fc.sys [X]
S3 LSI_SAS; \SystemRoot\system32\DRIVERS\lsi_sas.sys [X]
S3 LSI_SAS2; \SystemRoot\system32\DRIVERS\lsi_sas2.sys [X]
S3 LSI_SCSI; \SystemRoot\system32\DRIVERS\lsi_scsi.sys [X]
S2 luafv; \SystemRoot\system32\drivers\luafv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 megasas; \SystemRoot\system32\DRIVERS\megasas.sys [X]
S3 MegaSR; \SystemRoot\system32\DRIVERS\MegaSR.sys [X]
S3 Modem; system32\drivers\modem.sys [X]
S3 monitor; system32\DRIVERS\monitor.sys [X]
S3 mouclass; \SystemRoot\system32\drivers\mouclass.sys [X]
S3 mouhid; \SystemRoot\system32\DRIVERS\mouhid.sys [X]
S0 mountmgr; System32\drivers\mountmgr.sys [X]
S3 mpio; \SystemRoot\system32\drivers\mpio.sys [X]
S3 mpsdrv; System32\drivers\mpsdrv.sys [X]
S3 MRxDAV; \SystemRoot\system32\drivers\mrxdav.sys [X]
S3 mrxsmb; system32\DRIVERS\mrxsmb.sys [X]
S3 mrxsmb10; system32\DRIVERS\mrxsmb10.sys [X]
S3 mrxsmb20; system32\DRIVERS\mrxsmb20.sys [X]
S3 msahci; \SystemRoot\system32\drivers\msahci.sys [X]
S3 msdsm; \SystemRoot\system32\drivers\msdsm.sys [X]
S3 mshidkmdf; \SystemRoot\System32\drivers\mshidkmdf.sys [X]
S0 msisadrv; system32\drivers\msisadrv.sys [X]
S3 MSKSSRV; system32\drivers\MSKSSRV.sys [X]
S3 MSPCLOCK; system32\drivers\MSPCLOCK.sys [X]
S3 MSPQM; system32\drivers\MSPQM.sys [X]
S1 mssmbios; \SystemRoot\system32\drivers\mssmbios.sys [X]
S3 MSTEE; system32\drivers\MSTEE.sys [X]
S3 MTConfig; \SystemRoot\system32\DRIVERS\MTConfig.sys [X]
S0 Mup; System32\Drivers\mup.sys [X]
S3 NativeWifiP; system32\DRIVERS\nwifi.sys [X]
S0 NDIS; system32\drivers\ndis.sys [X]
S3 NdisCap; system32\DRIVERS\ndiscap.sys [X]
S3 NdisTapi; system32\DRIVERS\ndistapi.sys [X]
S3 Ndisuio; system32\DRIVERS\ndisuio.sys [X]
S3 NdisWan; system32\DRIVERS\ndiswan.sys [X]
S3 Netaapl; system32\DRIVERS\netaapl64.sys [X]
S1 NetBIOS; system32\DRIVERS\netbios.sys [X]
S1 NetBT; System32\DRIVERS\netbt.sys [X]
S3 nfrd960; \SystemRoot\system32\DRIVERS\nfrd960.sys [X]
S1 nsiproxy; system32\drivers\nsiproxy.sys [X]
S3 nvraid; \SystemRoot\system32\drivers\nvraid.sys [X]
S3 nvstor; \SystemRoot\system32\drivers\nvstor.sys [X]
S3 nv_agp; \SystemRoot\system32\drivers\nv_agp.sys [X]
S3 NWADI; system32\DRIVERS\NWADIenum.sys [X]
S3 NWUSBModem; system32\DRIVERS\nwusbmdm.sys [X]
S3 NWUSBPort; system32\DRIVERS\nwusbser.sys [X]
S3 NWUSBPort2; system32\DRIVERS\nwusbser2.sys [X]
S3 ohci1394; \SystemRoot\system32\drivers\ohci1394.sys [X]
S3 Parport; \SystemRoot\system32\DRIVERS\parport.sys [X]
S0 partmgr; System32\drivers\partmgr.sys [X]
S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X]
S0 pci; system32\drivers\pci.sys [X]
S3 pciide; \SystemRoot\system32\drivers\pciide.sys [X]
S3 pcmcia; \SystemRoot\system32\DRIVERS\pcmcia.sys [X]
S0 pcw; System32\drivers\pcw.sys [X]
S2 PEAUTH; system32\drivers\peauth.sys [X]
S3 PptpMiniport; system32\DRIVERS\raspptp.sys [X]
S3 Processor; \SystemRoot\system32\DRIVERS\processr.sys [X]
S1 Psched; system32\DRIVERS\pacer.sys [X]
S0 PxHlpa64; System32\Drivers\PxHlpa64.sys [X]
S3 ql2300; \SystemRoot\system32\DRIVERS\ql2300.sys [X]
S3 ql40xx; \SystemRoot\system32\DRIVERS\ql40xx.sys [X]
S3 QWAVEdrv; \SystemRoot\system32\drivers\qwavedrv.sys [X]
S3 RasAcd; System32\DRIVERS\rasacd.sys [X]
S3 RasAgileVpn; system32\DRIVERS\AgileVpn.sys [X]
S3 Rasl2tp; system32\DRIVERS\rasl2tp.sys [X]
S3 RasPppoe; system32\DRIVERS\raspppoe.sys [X]
S3 RasSstp; system32\DRIVERS\rassstp.sys [X]
S1 rdbss; system32\DRIVERS\rdbss.sys [X]
S3 rdpbus; \SystemRoot\system32\DRIVERS\rdpbus.sys [X]
S1 RDPCDD; System32\DRIVERS\RDPCDD.sys [X]
S1 RDPENCDD; system32\drivers\rdpencdd.sys [X]
S1 RDPREFMP; system32\drivers\rdprefmp.sys [X]
S0 rdyboost; System32\drivers\rdyboost.sys [X]
S2 rspndr; system32\DRIVERS\rspndr.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]
S3 sbp2port; \SystemRoot\system32\drivers\sbp2port.sys [X]
S3 scfilter; System32\DRIVERS\scfilter.sys [X]
S3 Serenum; \SystemRoot\system32\DRIVERS\serenum.sys [X]
S3 Serial; \SystemRoot\system32\DRIVERS\serial.sys [X]
S3 sermouse; \SystemRoot\system32\DRIVERS\sermouse.sys [X]
S3 sffdisk; \SystemRoot\system32\drivers\sffdisk.sys [X]
S3 sffp_mmc; \SystemRoot\system32\drivers\sffp_mmc.sys [X]
S3 sffp_sd; \SystemRoot\system32\drivers\sffp_sd.sys [X]
S3 sfloppy; \SystemRoot\system32\DRIVERS\sfloppy.sys [X]
S3 Sftfs; system32\DRIVERS\Sftfslh.sys [X]
S3 Sftplay; system32\DRIVERS\Sftplaylh.sys [X]
S3 Sftredir; system32\DRIVERS\Sftredirlh.sys [X]
S3 Sftvol; system32\DRIVERS\Sftvollh.sys [X]
S3 SiSRaid2; \SystemRoot\system32\DRIVERS\SiSRaid2.sys [X]
S3 SiSRaid4; \SystemRoot\system32\DRIVERS\sisraid4.sys [X]
S3 Smb; system32\DRIVERS\smb.sys [X]
S3 srv; System32\DRIVERS\srv.sys [X]
S3 srv2; System32\DRIVERS\srv2.sys [X]
S3 srvnet; System32\DRIVERS\srvnet.sys [X]
S3 stexstor; \SystemRoot\system32\DRIVERS\stexstor.sys [X]
S3 STHDA; system32\DRIVERS\stwrt64.sys [X]
S3 StillCam; system32\DRIVERS\serscan.sys [X]
S3 swenum; \SystemRoot\system32\drivers\swenum.sys [X]
S3 SynTP; system32\DRIVERS\SynTP.sys [X]
S0 Tcpip; System32\drivers\tcpip.sys [X]
S3 TCPIP6; system32\DRIVERS\tcpip.sys [X]
S2 tcpipreg; System32\drivers\tcpipreg.sys [X]
S3 TDPIPE; system32\drivers\tdpipe.sys [X]
S3 TDTCP; system32\drivers\tdtcp.sys [X]
S1 tdx; system32\DRIVERS\tdx.sys [X]
S1 TermDD; \SystemRoot\system32\drivers\termdd.sys [X]
S3 tssecsrv; System32\DRIVERS\tssecsrv.sys [X]
S3 TsUsbFlt; system32\drivers\tsusbflt.sys [X]
S3 tunnel; system32\DRIVERS\tunnel.sys [X]
S3 uagp35; \SystemRoot\system32\DRIVERS\uagp35.sys [X]
S4 udfs; system32\DRIVERS\udfs.sys [X]
S3 uliagpkx; \SystemRoot\system32\drivers\uliagpkx.sys [X]
S3 umbus; \SystemRoot\system32\drivers\umbus.sys [X]
S3 UmPass; \SystemRoot\system32\DRIVERS\umpass.sys [X]
S3 USBAAPL64; System32\Drivers\usbaapl64.sys [X]
S3 usbccgp; system32\DRIVERS\usbccgp.sys [X]
S3 usbcir; \SystemRoot\system32\drivers\usbcir.sys [X]
S3 usbehci; system32\DRIVERS\usbehci.sys [X]
S3 usbhub; system32\DRIVERS\usbhub.sys [X]
S3 usbohci; \SystemRoot\system32\drivers\usbohci.sys [X]
S3 usbprint; system32\DRIVERS\usbprint.sys [X]
S3 usbscan; system32\DRIVERS\usbscan.sys [X]
S3 USBSTOR; system32\DRIVERS\USBSTOR.SYS [X]
S3 usbuhci; system32\DRIVERS\usbuhci.sys [X]
S3 usbvideo; \SystemRoot\System32\Drivers\usbvideo.sys [X]
S0 vdrvroot; system32\drivers\vdrvroot.sys [X]
S3 vga; system32\DRIVERS\vgapnp.sys [X]
S1 VgaSave; \SystemRoot\System32\drivers\vga.sys [X]
S3 vhdmp; \SystemRoot\system32\drivers\vhdmp.sys [X]
S3 viaide; \SystemRoot\system32\drivers\viaide.sys [X]
S0 volmgr; system32\drivers\volmgr.sys [X]
S0 volmgrx; System32\drivers\volmgrx.sys [X]
S0 volsnap; system32\drivers\volsnap.sys [X]
S3 vsmraid; \SystemRoot\system32\DRIVERS\vsmraid.sys [X]
S3 vwifibus; system32\DRIVERS\vwifibus.sys [X]
S1 vwififlt; system32\DRIVERS\vwififlt.sys [X]
S3 vwifimp; system32\DRIVERS\vwifimp.sys [X]
S3 WacomPen; \SystemRoot\system32\DRIVERS\wacompen.sys [X]
S3 WANARP; system32\DRIVERS\wanarp.sys [X]
S1 Wanarpv6; system32\DRIVERS\wanarp.sys [X]
S3 Wd; \SystemRoot\system32\DRIVERS\wd.sys [X]
S0 Wdf01000; system32\drivers\Wdf01000.sys [X]
S1 WfpLwf; system32\DRIVERS\wfplwf.sys [X]
S3 WimFltr; system32\DRIVERS\wimfltr.sys [X]
S3 WIMMount; system32\drivers\wimmount.sys [X]
S3 WinUsb; system32\DRIVERS\WinUsb.sys [X]
S3 WmiAcpi; \SystemRoot\system32\drivers\wmiacpi.sys [X]
S4 ws2ifsl; \SystemRoot\system32\drivers\ws2ifsl.sys [X]
S3 WudfPf; system32\drivers\WudfPf.sys [X]
S3 WUDFRd; system32\DRIVERS\WUDFRd.sys [X]
S3 yukonw7; system32\DRIVERS\yk62x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 11:33 - 2015-04-26 11:41 - 00000000 ____D () C:\FRST
2015-04-25 09:20 - 2015-04-25 09:20 - 00000000 _____ () C:\3590F75ABA9E485486C100C1A9D4FF06RSXSTLRGYNYCNTMO
2015-04-24 21:34 - 2015-04-24 21:34 - 00000000 ____D () C:\RegBackup
2015-04-24 19:43 - 2015-04-24 19:47 - 00000000 ____D () C:\AdwCleaner

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-24 22:22 - 2010-08-15 06:16 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-04-24 22:22 - 2010-08-15 06:16 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-04-23 18:41 - 2010-08-23 18:05 - 00000000 ____D () C:\users\taylors

==================== Known DLLs (Whitelisted) ================

C:\Windows\System32\clbcatq.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\clbcatq.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\ole32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\ole32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\advapi32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\advapi32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\COMDLG32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\COMDLG32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\gdi32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\gdi32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\IERTUTIL.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\IERTUTIL.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\IMAGEHLP.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\IMAGEHLP.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\IMM32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\IMM32.dll IS MISSING <==== ATTENTION!
[2012-12-25 10:00] - [2012-10-04 12:41] - 1161216 ____A () C:\Windows\System32\kernel32.dll
C:\Windows\SysWOW64\kernel32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\LPK.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\MSCTF.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\MSCTF.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\MSVCRT.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\MSVCRT.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\NORMALIZ.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\NORMALIZ.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\NSI.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\NSI.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\OLEAUT32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\OLEAUT32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\PSAPI.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\PSAPI.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\rpcrt4.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\rpcrt4.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\sechost.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\sechost.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\Setupapi.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\Setupapi.dll IS MISSING <==== ATTENTION!
[2012-07-16 09:21] - [2012-06-09 00:43] - 14172672 ____A () C:\Windows\System32\SHELL32.dll
C:\Windows\SysWOW64\SHELL32.dll IS MISSING <==== ATTENTION!
[2011-06-21 20:12] - [2010-11-20 08:27] - 0448512 ____A () C:\Windows\System32\SHLWAPI.dll
C:\Windows\SysWOW64\SHLWAPI.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\URLMON.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\URLMON.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\user32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\user32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\USP10.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\USP10.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\WININET.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\WININET.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\WLDAP32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\WLDAP32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\WS2_32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\WS2_32.dll IS MISSING <==== ATTENTION!
C:\Windows\System32\DifxApi.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\DifxApi.dll IS MISSING <==== ATTENTION!

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\wininit.exe IS MISSING <==== ATTENTION!.
C:\Windows\explorer.exe
[2011-04-28 08:43] - [2011-02-25 01:19] - 2871808 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\explorer.exe No Company Name <===== ATTENTION!

C:\Windows\SysWOW64\explorer.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\svchost.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\services.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\User32.dll IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\User32.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\userinit.exe IS MISSING <==== ATTENTION!.
C:\Windows\SysWOW64\userinit.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\rpcss.dll IS MISSING <==== ATTENTION!.
C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION!.
C:\Windows\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION!.
C:\Windows\System32\winsrv.dll IS MISSING <==== ATTENTION!.

==================== Restore Points =========================

Restore point made on: 2015-04-25 00:07:52
Restore point made on: 2015-04-25 01:00:17

==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 4056.36 MB
Available physical RAM: 3472 MB
Total Pagefile: 4054.51 MB
Available Pagefile: 3532.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:166.14 GB) NTFS
Drive e: (Lexar) (Removable) (Total:7.45 GB) (Free:0.53 GB) FAT32
Drive f: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:8.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 0.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C)

==================== End Of Log ============================
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
Either Ccleaner erased much more than free space, or the file system is corrupted.

Lets run CHKDSK in the Recovery Environment.

It is important to restart the computer back to the Command Prompt, so that Windows may see the right drives.

Enter the System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
  • Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html



    To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt

    Once in the Command Prompt:

  • Type in the following and press Enter.
    .
    bcdedit | find "osdevice"​
  • Note the osdevice partition letter, then type.

    CHKDSK X: /R​
  • Where X is the osdevice letter, and press Enter
  • The tool will start to run.

Upon finished, type exit and press Enter. Restart the computer

Let us know if that helps.
 

minimustangs

Thread Starter
Joined
Jul 5, 2009
Messages
408
When I recieved this on Saturday, it was already in rough shape... I'm running chkdsk now...
 

minimustangs

Thread Starter
Joined
Jul 5, 2009
Messages
408
Not sure how long its supposed to take...its been sitting at 13%,stage 4 of 5, 25 of 332528 files for over an hour..so that should give you an idea....
 

JSntgRvr

José
Retired Moderator and Malware Specialist
Joined
Jul 1, 2003
Messages
18,552
When the File System is corrupted or the hard drive itself has bad sectors and clusters, it may take hours to complete.
 

minimustangs

Thread Starter
Joined
Jul 5, 2009
Messages
408
Hasn't appeared to have progressed at all. Still at 13% etc. Cursor still blinking, under the 1 in 13.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top