Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Black screen after start up [Closed]

Started by pookie53 , Oct 27 2012 08:12 PM

  • This topic is locked This topic is locked

#1
pookie53
Posted 27 October 2012 - 08:12 PM

pookie53

    New Member

  • Member
  • Pip
  • 4 posts
The other day I turned on my laptop only to find out that it was broken. After start up, my laptop would just go into a black screen with only a cursor. I am unable to do anything but move the cursor. Please help asap
  • 0

Advertisements

#2
Dakeyras
Posted 29 October 2012 - 09:34 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi and welcome to Geeks to Go. :)

From what you have described the root cause could very well be due to a myriad of possibilities...

Anyway for now could you inform myself which exact Operating System your machine has and the make and modal also please...and we will go from there, thank you.
  • 0

#3
pookie53
Posted 29 October 2012 - 12:57 PM

pookie53

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
It runs on window 7 64 bit
  • 0

#4
Dakeyras
Posted 29 October 2012 - 02:44 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

It runs on window 7 64 bit

OK, I would still like to know:-

the make and modal also

As this may bare some relevance if the information is required for any research etc.

For now lets check if the following will reveal anything as follows...

Scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 64-Bit to a Flash/USB drive.

Then insert the Flash/USB drive into your machine....

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:


Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst64.exe and press Enter[/list] Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste the contents of the aforementioned notepad file in your next reply.

  • 0

#5
pookie53
Posted 29 October 2012 - 05:37 PM

pookie53

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
It's a Toshiba satekkute a665-s6090

As for the text document I wasn't sure if i should attach the file or paste it here so I did both just in case


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2012
Ran by SYSTEM at 27-10-2012 22:00:11
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [] [x]
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10134560 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 [896032 2010-03-22] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKLM\...\Run: [ThpSrv] C:\windows\system32\thpsrv /logon [x]
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [x]
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [x]
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [x]
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [x]
HKLM\...\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [x]
HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [x]
HKLM\...\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [x]
HKLM\...\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [x]
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [x]
HKLM-x32\...\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [352256 2010-02-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun [2454840 2010-05-01] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [x]
HKLM-x32\...\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED [3218792 2010-06-02] (Toshiba)
HKLM-x32\...\Run: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" [552960 2010-06-11] (Toshiba)
HKLM-x32\...\Run: [] [x]
HKU\Amber\...\Run: [Google Update] "C:\Users\Amber\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2011-10-22] (Google Inc.)
HKU\Amber\...\Winlogon: [Shell] Explorer.exe
Tcpip\Parameters: [DhcpNameServer] 150.250.1.1 150.250.1.3 150.250.65.39 150.250.65.28
AppInit_DLLs: C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\datamngr.dll C:\PROGRA~2\BEARSH~1\MediaBar\Datamngr\x64\IEBHO.dll

==================== Services (Whitelisted) ===================

2 lxdp_device; C:\windows\system32\lxdpcoms.exe -service [1039872 2007-11-19] ( )
2 NIS; "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation)
2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\PC Checkup\SymcPCCULaunchSvc.exe /s [131512 2012-06-24] (Symantec Corporation)
2 PCCUJobMgr; "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\diMaster.dll" /prefetch:1 [132984 2009-08-29] (Symantec Corporation)

==================== Drivers (Whitelisted) =====================

1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-08] (Symantec Corporation)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20121019.001\IDSvia64.sys [513184 2012-09-06] (Symantec Corporation)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20121021.008\ENG64.SYS [126112 2012-09-12] (Symantec Corporation)
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20121021.008\EX64.SYS [2084000 2012-09-12] (Symantec Corporation)
2 regi; C:\Windows\SysWow64\Drivers\regi.sys [11032 2007-04-17] (InterVideo)
3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
3 SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-07-03] (Symantec Corporation)
1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-26] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]

==================== NetSvcs (Whitelisted) ====================


==================== One Month Created Files and Folders ========

2012-10-26 22:52 - 2012-10-26 22:52 - 00000000 __SHD C:\found.000
2012-10-22 20:06 - 2012-10-22 20:06 - 00000000 ____D C:\Windows\System32\%LOCALAPPDATA%
2012-10-22 09:15 - 2012-10-22 09:15 - 00000000 ____D C:\Users\Amber\AppData\Roaming\Mozilla
2012-10-22 01:33 - 2012-10-22 01:33 - 00000000 ____D C:\Users\Amber\AppData\Local\Symantec
2012-10-09 16:26 - 2012-09-14 11:23 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-10-09 16:26 - 2012-09-14 10:30 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-10-09 16:26 - 2012-08-31 10:02 - 01656688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-10-09 16:26 - 2012-08-30 10:11 - 05505904 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-10-09 16:26 - 2012-08-30 09:18 - 03958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-10-09 16:26 - 2012-08-30 09:18 - 03902832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-10-09 16:26 - 2012-08-24 10:05 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-10-09 16:26 - 2012-08-24 09:10 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-10-09 16:26 - 2012-08-18 07:43 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-10-09 16:26 - 2012-08-18 07:43 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-10-09 16:26 - 2012-08-18 07:43 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-10-09 16:26 - 2012-08-18 07:42 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-10-09 16:26 - 2012-08-18 07:40 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-10-09 16:26 - 2012-08-18 07:37 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-10-09 16:26 - 2012-08-18 07:37 - 00425984 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-10-09 16:26 - 2012-08-18 07:34 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-10-09 16:26 - 2012-08-18 07:22 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 07:22 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:22 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-10-09 16:26 - 2012-08-18 03:19 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-10-09 16:26 - 2012-08-18 03:17 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-10-09 16:26 - 2012-08-18 03:17 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-10-09 16:26 - 2012-08-18 03:17 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 03:09 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 01:12 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-10-09 16:26 - 2012-08-18 01:12 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-10-09 16:26 - 2012-08-18 01:07 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 01:07 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 01:07 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-09 16:26 - 2012-08-18 01:07 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-10-09 16:25 - 2012-08-10 16:53 - 00714752 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-10-09 16:25 - 2012-08-10 15:54 - 00541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-10-09 16:25 - 2012-06-01 21:25 - 01462784 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2012-10-09 16:25 - 2012-06-01 21:25 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2012-10-09 16:25 - 2012-06-01 21:25 - 00140288 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2012-10-09 16:25 - 2012-06-01 20:45 - 01157632 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2012-10-09 16:25 - 2012-06-01 20:45 - 00139264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2012-10-09 16:25 - 2012-06-01 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2012-10-09 15:13 - 2012-10-09 15:13 - 00963984 ____A (BitTorrent, Inc.) C:\Users\Amber\Downloads\uTorrent.exe
2012-10-07 17:20 - 2012-10-07 17:21 - 00000000 ____D C:\Users\All Users\EPSON
2012-10-07 17:20 - 2012-10-07 17:20 - 10212664 ____A C:\Users\Amber\Downloads\epson13308.exe
2012-10-07 17:20 - 2007-12-06 22:08 - 00108032 ____A (SEIKO EPSON CORPORATION) C:\Windows\System32\E_ILMEEA.DLL
2012-10-07 17:20 - 2007-12-06 22:01 - 00081408 ____A (SEIKO EPSON CORPORATION) C:\Windows\System32\E_IBCBEEA.DLL
2012-10-05 17:31 - 2012-10-05 17:31 - 00610640 ____A (FUSENET) C:\Users\Amber\Downloads\GraboidVideoInstaller-3.45 (1).exe
2012-10-05 17:22 - 2012-10-05 17:22 - 00610640 ____A (FUSENET) C:\Users\Amber\Downloads\GraboidVideoInstaller-3.45.exe
2012-10-03 15:02 - 2012-10-03 15:09 - 52276136 ____A C:\Users\Amber\Downloads\DJ3050_J610_231.exe
2012-10-01 21:02 - 2012-10-01 21:02 - 00000693 ____A C:\Users\Amber\Desktop\Amber - Shortcut.lnk
2012-09-27 21:42 - 2012-10-23 09:41 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-09-27 10:50 - 2012-09-27 10:50 - 00000000 ____D C:\Users\Amber\AppData\Roaming\Thomson Learning
2012-09-27 10:50 - 2012-09-27 10:50 - 00000000 ____D C:\Users\Amber\AppData\Local\Thomson Learning
2012-09-27 10:48 - 2012-10-04 09:47 - 00000000 ____D C:\Users\Amber\AppData\Roaming\Diet Analysis Plus 8.0.1
2012-09-27 10:47 - 2012-09-27 10:49 - 00001143 ____A C:\Users\Amber\Desktop\Diet Analysis Plus 8.0.1.lnk
2012-09-27 10:47 - 2012-09-27 10:47 - 00039414 ____A C:\Users\Amber\Desktop\uninst.exe
2012-09-27 10:47 - 2012-09-27 10:47 - 00000000 ____D C:\Users\Public\Documents\xtras
2012-09-27 10:47 - 2012-09-27 10:47 - 00000000 ____D C:\Users\Public\Documents\jre1.5.0_07
2012-09-27 10:47 - 2012-09-27 10:47 - 00000000 ____D C:\Users\Public\Documents\dwsmedia
2012-09-27 10:47 - 2012-09-27 10:47 - 00000000 ____D C:\Users\Public\Documents\DAplusRunner
2012-09-27 10:47 - 2012-09-27 10:47 - 00000000 ____D C:\Users\Public\Documents\apache-tomcat-5.5.17


==================== 3 Months Modified Files ==================

2012-10-27 17:43 - 2009-07-13 20:51 - 00048141 ____A C:\Windows\setupact.log
2012-10-27 10:34 - 2010-08-29 20:44 - 00002235 ____A C:\Users\Amber\Desktop\Google Chrome.lnk
2012-10-24 09:23 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-10-24 01:40 - 2011-01-16 12:49 - 01189976 ____A C:\Windows\WindowsUpdate.log
2012-10-23 09:41 - 2012-09-27 21:42 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-10-23 09:41 - 2011-12-01 10:50 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2631615977-3902436587-3559188291-1001UA.job
2012-10-23 09:41 - 2011-08-20 13:06 - 00000928 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2631615977-3902436587-3559188291-1001UA.job
2012-10-23 09:41 - 2010-08-29 20:44 - 00000912 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-10-22 23:09 - 2009-07-13 20:45 - 00016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-10-22 23:08 - 2009-07-13 20:45 - 00016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-10-22 22:18 - 2010-08-29 20:44 - 00000908 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-10-21 16:08 - 2011-12-01 10:49 - 00000856 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2631615977-3902436587-3559188291-1001Core.job
2012-10-20 22:46 - 2011-08-20 13:06 - 00000906 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2631615977-3902436587-3559188291-1001Core.job
2012-10-10 18:29 - 2009-07-13 21:13 - 00780196 ____A C:\Windows\System32\PerfStringBackup.INI
2012-10-10 06:15 - 2012-05-03 19:33 - 00696760 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-10-10 06:15 - 2011-10-13 06:51 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-10-09 23:05 - 2011-07-28 17:34 - 65309168 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-10-09 23:05 - 2009-07-13 18:34 - 00000499 ____A C:\Windows\win.ini
2012-10-09 15:13 - 2012-10-09 15:13 - 00963984 ____A (BitTorrent, Inc.) C:\Users\Amber\Downloads\uTorrent.exe
2012-10-07 17:20 - 2012-10-07 17:20 - 10212664 ____A C:\Users\Amber\Downloads\epson13308.exe
2012-10-05 17:31 - 2012-10-05 17:31 - 00610640 ____A (FUSENET) C:\Users\Amber\Downloads\GraboidVideoInstaller-3.45 (1).exe
2012-10-05 17:22 - 2012-10-05 17:22 - 00610640 ____A (FUSENET) C:\Users\Amber\Downloads\GraboidVideoInstaller-3.45.exe
2012-10-03 15:09 - 2012-10-03 15:02 - 52276136 ____A C:\Users\Amber\Downloads\DJ3050_J610_231.exe
2012-10-01 21:02 - 2012-10-01 21:02 - 00000693 ____A C:\Users\Amber\Desktop\Amber - Shortcut.lnk
2012-09-27 10:49 - 2012-09-27 10:47 - 00001143 ____A C:\Users\Amber\Desktop\Diet Analysis Plus 8.0.1.lnk
2012-09-27 10:47 - 2012-09-27 10:47 - 00039414 ____A C:\Users\Amber\Desktop\uninst.exe
2012-09-26 16:31 - 2011-01-16 13:57 - 00066232 ____A C:\Users\Amber\AppData\Local\GDIPFONTCACHEV1.DAT
2012-09-23 14:51 - 2012-09-23 14:51 - 00015625 ____A C:\Users\Amber\Downloads\[kat.ph]rio.2011.r5.xvid.maxspeed.torrent
2012-09-23 14:50 - 2012-09-23 14:50 - 00014766 ____A C:\Users\Amber\Downloads\[kat.ph]30.minutes.or.less.2011.bdrip.xvid.hdt (1).torrent
2012-09-23 14:49 - 2012-09-23 14:49 - 00029653 ____A C:\Users\Amber\Downloads\[kat.ph]the.lucky.one.2012.bdrip.xvid.amiable.torrent
2012-09-23 14:49 - 2012-09-23 14:49 - 00014885 ____A C:\Users\Amber\Downloads\[kat.ph]the.five.year.engagement.2012.unrated.dvdrip.xvid.absurdity.torrent
2012-09-23 14:48 - 2012-09-23 14:48 - 00114880 ____A C:\Users\Amber\Downloads\[kat.ph]snow.white.and.the.huntsman.2012.extended.bdrip.xvid.amiable.torrent
2012-09-23 14:44 - 2012-09-23 14:44 - 00094999 ____A C:\Users\Amber\Downloads\[kat.ph]the.avengers.2012.dvdrip.xvid.nydic.torrent
2012-09-23 14:44 - 2012-09-23 14:44 - 00058612 ____A C:\Users\Amber\Downloads\[kat.ph]the.amazing.spiderman.2012.hdcam.x264.aac.unique.torrent
2012-09-23 14:43 - 2012-09-23 14:43 - 00029442 ____A C:\Users\Amber\Downloads\[kat.ph]magic.mike.2012.r5.dvdrip.xvid.resistance.torrent
2012-09-23 14:42 - 2012-09-23 14:42 - 00015078 ____A C:\Users\Amber\Downloads\[kat.ph]50.shades.of.grey.mobi.reader.included.torrent
2012-09-21 23:27 - 2012-09-21 23:27 - 00271480 ____A C:\Windows\Minidump\092212-34569-01.dmp
2012-09-21 23:27 - 2011-03-29 14:24 - 312792182 ____A C:\Windows\MEMORY.DMP
2012-09-18 23:40 - 2010-08-29 21:00 - 00019516 ____A C:\Windows\PFRO.log
2012-09-16 13:04 - 2012-09-16 13:04 - 00010654 ____A C:\Users\Amber\Downloads\rss
2012-09-14 11:23 - 2012-10-09 16:26 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2012-09-14 10:30 - 2012-10-09 16:26 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2012-09-12 18:28 - 2012-09-12 18:28 - 03129856 ____A C:\Users\Amber\Downloads\Chapter_1.ppt
2012-09-05 06:02 - 2011-11-03 16:29 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2012-08-31 10:02 - 2012-10-09 16:26 - 01656688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-08-30 10:11 - 2012-10-09 16:26 - 05505904 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-08-30 09:18 - 2012-10-09 16:26 - 03958128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-08-30 09:18 - 2012-10-09 16:26 - 03902832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-08-28 17:48 - 2012-08-28 17:48 - 01130614 ____A C:\Users\Amber\Downloads\Bradford Dissolvable Agent (2).exe
2012-08-24 10:05 - 2012-10-09 16:26 - 00220160 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-08-24 10:05 - 2012-09-21 20:23 - 01501696 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-08-24 10:05 - 2012-09-21 20:23 - 01197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-08-24 10:05 - 2012-09-21 20:23 - 00134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-08-24 10:03 - 2012-09-21 20:23 - 01026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 09375744 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 00736256 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 00097792 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 00082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-08-24 10:02 - 2012-09-21 20:23 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-08-24 10:01 - 2012-09-21 20:23 - 12404736 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-08-24 10:01 - 2012-09-21 20:23 - 02458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-08-24 10:01 - 2012-09-21 20:23 - 00445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-08-24 10:01 - 2012-09-21 20:23 - 00256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-08-24 10:01 - 2012-09-21 20:23 - 00247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-08-24 09:59 - 2012-09-21 20:23 - 00012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-08-24 09:10 - 2012-10-09 16:26 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-08-24 09:10 - 2012-09-21 20:23 - 01230848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-08-24 09:10 - 2012-09-21 20:23 - 00981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-08-24 09:10 - 2012-09-21 20:23 - 00132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-08-24 09:09 - 2012-09-21 20:23 - 06029824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-08-24 09:09 - 2012-09-21 20:23 - 00627200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-08-24 09:09 - 2012-09-21 20:23 - 00606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2012-08-24 09:09 - 2012-09-21 20:23 - 00067584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-08-24 09:09 - 2012-09-21 20:23 - 00064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 11019776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 02072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 00381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 00185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 00048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-08-24 09:08 - 2012-09-21 20:23 - 00044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-08-24 09:06 - 2012-09-21 20:23 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-08-24 08:45 - 2012-09-21 20:23 - 00482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-08-24 08:02 - 2012-09-21 20:23 - 01638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-08-24 08:01 - 2012-09-21 20:23 - 00386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-08-24 07:27 - 2012-09-21 20:23 - 01638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-08-23 20:25 - 2012-06-06 07:43 - 00001200 ____A C:\Users\Public\Desktop\GOM Player.lnk
2012-08-22 23:53 - 2012-08-22 23:53 - 73906837 ____A C:\Users\Amber\Downloads\acorns are yum. - Acorns Are YUM.zip
2012-08-18 07:43 - 2012-10-09 16:26 - 00362496 ____A (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2012-08-18 07:43 - 2012-10-09 16:26 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\wow64.dll
2012-08-18 07:43 - 2012-10-09 16:26 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2012-08-18 07:42 - 2012-10-09 16:26 - 00215040 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2012-08-18 07:40 - 2012-10-09 16:26 - 00016384 ____A (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2012-08-18 07:37 - 2012-10-09 16:26 - 01162240 ____A (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2012-08-18 07:37 - 2012-10-09 16:26 - 00425984 ____A (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2012-08-18 07:34 - 2012-10-09 16:26 - 00338432 ____A (Microsoft Corporation) C:\Windows\System32\conhost.exe
2012-08-18 07:22 - 2012-10-09 16:26 - 00006144 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00005120 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004608 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-18 07:22 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2012-08-18 03:22 - 2012-10-09 16:26 - 00014336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2012-08-18 03:19 - 2012-10-09 16:26 - 00025600 ____A (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2012-08-18 03:17 - 2012-10-09 16:26 - 01114112 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2012-08-18 03:17 - 2012-10-09 16:26 - 00274944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2012-08-18 03:17 - 2012-10-09 16:26 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00005120 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-18 03:09 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2012-08-18 01:12 - 2012-10-09 16:26 - 00007680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2012-08-18 01:12 - 2012-10-09 16:26 - 00002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2012-08-18 01:07 - 2012-10-09 16:26 - 00006144 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2012-08-18 01:07 - 2012-10-09 16:26 - 00004608 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-18 01:07 - 2012-10-09 16:26 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-18 01:07 - 2012-10-09 16:26 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2012-08-15 23:39 - 2009-07-13 20:45 - 00296256 ____A C:\Windows\System32\FNTCACHE.DAT
2012-08-14 07:59 - 2012-08-14 07:59 - 00358779 ____A (${TXT_VI_COMPANY_NAME}) C:\Users\Amber\Downloads\DtsFilterSetup.exe
2012-08-10 16:53 - 2012-10-09 16:25 - 00714752 ____A (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2012-08-10 15:54 - 2012-10-09 16:25 - 00541184 ____A (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2012-08-02 17:35 - 2012-08-02 17:35 - 00359643 ____A C:\Users\Amber\Downloads\[kat.ph]50.50.2011.720p.bluray.x264.refined.torrent
2012-08-02 17:34 - 2012-08-02 17:34 - 00057745 ____A C:\Users\Amber\Downloads\[kat.ph]all.good.things.2010.proper.limited.bdrip.xvid.nodlabs.torrent
2012-08-02 17:32 - 2012-08-02 17:32 - 00015176 ____A C:\Users\Amber\Downloads\[kat.ph]brothers.2009.720p.brrip.x264.700mb.yify.torrent
2012-08-02 17:29 - 2012-08-02 17:29 - 00045541 ____A C:\Users\Amber\Downloads\[kat.ph]the.bounty.hunter.2010.720p.bluray.x264.metis.torrent
2012-08-02 17:25 - 2012-08-02 17:25 - 00014954 ____A C:\Users\Amber\Downloads\[kat.ph]twelve.2010.dvdrip.eng.fxg.torrent
2012-08-02 17:25 - 2012-08-02 17:25 - 00014740 ____A C:\Users\Amber\Downloads\[kat.ph]raising.helen.2004.dvdrip.xvid.blitzkrieg.avi.torrent
2012-08-02 17:24 - 2012-08-02 17:24 - 00012950 ____A C:\Users\Amber\Downloads\[kat.ph]the-next-three-days-2010-dvdrip-xvid-maxspeed.torrent
2012-08-02 09:55 - 2012-09-12 13:59 - 00574464 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2012-08-02 09:05 - 2012-09-12 13:59 - 00490496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll

==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================


==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 3890.67 MB
Available physical RAM: 3338.06 MB
Total Pagefile: 3888.82 MB
Available Pagefile: 3326.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (TI105957W0F) (Fixed) (Total:452.7 GB) (Free:136.5 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: () (Removable) (Total:7.45 GB) (Free:6.24 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 7648 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 1500 MB 1024 KB
Partition 2 Primary 452 GB 1501 MB
Partition 3 Primary 11 GB 454 GB

==================================================================================

Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D System NTFS Partition 1500 MB Healthy Hidden

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C TI105957W0F NTFS Partition 452 GB Healthy

=========================================================

Disk: 0
Partition 3
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No

There is no volume associated with this partition.

=========================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7646 MB 1132 KB

==================================================================================

Disk: 1
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F FAT32 Removable 7646 MB Healthy

=========================================================

Last Boot: 2012-10-22 02:52

==================== End Of Log =============================

Attached Files

  • Attached File  FRST.txt   43.13KB   185 downloads

  • 0

#6
Dakeyras
Posted 30 October 2012 - 01:29 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

It's a Toshiba satekkute a665-s6090

Thanks for the clarification....Is that correct or did you mean a Satellite A665-S6090 ?

As for the text document I wasn't sure if i should attach the file or paste it here so I did both just in case

OK and not a problem. In future merely post the contents of anything I ask for and if anything requires to be attached I will advise such etc.

Now with regard to your machine it certainly appears the use of P2P software may be the source of the problems but I will mention more about this another time.

There does appear to be a suspect partition on your machines installed Hard-Drive which may be malicious or not but we can address that later on. My main concern is there appears to be no System Restore points that can be invoked, however we will see if able to boot your machine by invoking the the last boot date. This may work or not but worth a try non the less...

Custom FRST Script:

  • Open notepad (Start >> All Programs >> Accessories >> Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). 

    Start
Last Boot: 2012-10-22 02:52
End
  • Save it on the flashdrive as fixlist.txt
  • Now please enter System Recovery Options then select Command Prompt.
  • Run FRST64 again as outlined in my prior post and then press the Fix button just once and wait.
  • The tool will make a log on the flashdrive (Fixlog.txt). Please copy and paste the contents of the aforementioned notepad file in your next reply
  • Reboot your machiune back into Normal Mode if able.

  • 0

#7
pookie53
Posted 31 October 2012 - 09:08 AM

pookie53

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Yeah I meant Satellite A665-S6090. After the fix I tried rebooting into normal mode but a black screen still appears.
Here's the fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-10-2012
Ran by SYSTEM at 2012-10-31 10:58:58 Run:2
Running from F:\

==============================================

DEFAULT hive was successfully copied to System32\config\HiveBackup
DEFAULT hive was successfully restored from registry back up.
SAM hive was successfully copied to System32\config\HiveBackup
SAM hive was successfully restored from registry back up.
SECURITY hive was successfully copied to System32\config\HiveBackup
SECURITY hive was successfully restored from registry back up.
SOFTWARE hive was successfully copied to System32\config\HiveBackup
SOFTWARE hive was successfully restored from registry back up.
SYSTEM hive was successfully copied to System32\config\HiveBackup
SYSTEM hive was successfully restored from registry back up.

==== End of Fixlog ====
  • 0

#8
Dakeyras
Posted 31 October 2012 - 03:14 PM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

Do you have a Windows 7 64 Bit Installation DVD at all ?

In the meantime carry out the below please...

Windows 7 LKGC:

Start-up you computer and during the POST(Power On Self Test) sequence continually depress Function Key 8(F8) to bring up the Advanced Boot Options screen.

Use the arrow keys to scroll down and select Last Know Good Configuration (advanced) and hit the Enter/Return key.

Your computer should now reboot back into Normal Mode. If all is fine merely let myself know and or if not etc.
  • 0

#9
Dakeyras
Posted 04 November 2012 - 09:13 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP