System won't load (aswRvrt.sys) [Solved]
Started by
dinGospo89
, May 19 2017 03:54 PM
This topic is locked
#46
Posted 24 May 2017 - 12:57 PM
dinGospo89
- Topic Starter
-
- Member
-
- 47 posts
Member
#47
Posted 24 May 2017 - 01:00 PM
JSntgRvr
-
- Global Moderator
-
- 11,591 posts
Global Moderator
Open FRST, click on list BCD and drivers MD5, then on Scan. Post the resulting report.
#48
Posted 24 May 2017 - 01:11 PM
dinGospo89
- Topic Starter
-
- Member
-
- 47 posts
Member
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
Ran by SYSTEM on MININT-OP38GC3 (24-05-2017 21:08:01)
Running from G:\
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-14] (Synaptics Incorporated)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [167936 2008-07-06] (PowerISO Computing, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [VitaKeyPdtWzd] => C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3571712 2009-09-22] (Egis Technology Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64
Startup: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk [2014-09-22]
ShortcutTarget: TornTvDownloader.lnk -> (No File)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
S2 ATService; C:\Program Files (x86)\Fingerprint Sensor\AtService.exe [1815800 2009-09-20] (AuthenTec, Inc.)
S2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3449856 2009-09-22] (Egis Technology Inc.)
S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time)
S2 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [638272 2014-06-03] (RealVNC Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [71272 2017-04-25] (Windscribe Limited)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 A310; C:\Windows\System32\DRIVERS\AVerA310USB.sys [32256 2009-05-05] (AVerMedia TECHNOLOGIES, Inc.)
S3 BDASwCap; C:\Windows\System32\drivers\AVerA310Cap.sys [55296 2009-05-05] (AVerMedia TECHNOLOGIES, Inc.)
S1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-08-22] (REALiX™)
S2 int15; C:\Windows\SysWOW64\drivers\int15_64.sys [15656 2008-09-09] ()
S3 Neo_VPN; C:\Windows\System32\DRIVERS\neo_vpn.sys [22784 2016-09-02] (Trust.Zone VPN Project)
S3 nuvotoncir; C:\Windows\System32\DRIVERS\nuvotoncir.sys [48128 2009-06-24] (Nuvoton Technology Corporation)
S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2017-04-20] (The OpenVPN Project)
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AVerA310USB.sys B4955772F5DF0E49E8698BC673484180
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\agrsm64.sys ==> MD5 is legit
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ATSwpWDF.sys F97F384B0361C0DF4266F59F456D2D3E
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\drivers\AVerA310Cap.sys 5D923D480F04B1AAD23C5C562B0AB6F1
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys 91CE0D3DC57DD377E690A2D324022B08
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 30710AEFCE721CEEE0F35EB6A01C263C
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\system32\drivers\HWiNFO64A.SYS D7E0591E2BA1289C875A9D948377441E
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\int15_64.sys 91B61589BB2915E81D436EFE07548507
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\jmcr.sys 80A1DE467ADF200390134D63E359937A
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecpkg.sys ==> MD5 is legit
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys FAF015B07E3A2874A790A39B7D2C579F
C:\Windows\System32\DRIVERS\mrxsmb10.sys 08E2345DF129082BCDFFDC1440F9C00D
C:\Windows\System32\DRIVERS\mrxsmb20.sys 108D87409C5812EF47D81E22843E8C9D
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\neo_vpn.sys 2FEFE1E095146CE1822F00B0FAB3066A
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nuvotoncir.sys 6F09CB36C344B98356978B37BA9AD42B
C:\Windows\System32\drivers\nvhda64v.sys 6E41A4DF26340A07A489B721F9721EC1
C:\Windows\System32\DRIVERS\nvlddmkm.sys 24F526274353FF7BB93D99D238E582DA
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SCDEmu.sys 240CD9582625BC49CC9FA6FCAC883AA0
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 2098B8556D1CEC2ACA9A29CD479E3692
C:\Windows\System32\DRIVERS\srv2.sys D0F73A42040F21F92FD314B42AC5C9E7
C:\Windows\System32\DRIVERS\srvnet.sys 2BA8F3250828CCDB4204ECF2C6F40B6A
C:\Windows\System32\DRIVERS\ssudmdm.sys 91310683D7B6B292B746D60734B59322
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 929C9FA0B18AD2EBC8340591C4BF00FF
C:\Windows\System32\DRIVERS\tapwindscribe0901.sys 267B8DAF6D74CCE8C16C06C0940EB6E8
C:\Windows\System32\drivers\tcpip.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tcpip.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\DRIVERS\usb8023x.sys 70D05EE263568A742D14E1876DF80532
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vncmirror.sys 93F279A2C172562050700A18FA84BE2E
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-23 15:29 - 2017-05-24 07:24 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2017-05-19 22:39 - 2017-05-24 21:08 - 00000000 ____D C:\FRST
2017-05-08 08:38 - 2017-05-08 08:38 - 00019028 _____ C:\Users\Korisnik\Downloads\xxx-return-of-xander-cage-2017-720p.torrent
2017-05-01 10:49 - 2017-05-01 11:12 - 121553339 _____ C:\Users\Korisnik\Downloads\e92fe1a2448e52f99eb723a636a615451487815811-640-360-899-h264.mp4
2017-05-01 09:25 - 2017-05-01 09:25 - 00001075 _____ C:\Users\Public\Desktop\Windscribe.lnk
2017-05-01 09:25 - 2017-05-01 09:25 - 00000000 ____D C:\Users\Korisnik\AppData\Local\Windscribe
2017-05-01 09:23 - 2017-05-01 09:25 - 00000000 ____D C:\Program Files (x86)\Windscribe
2017-05-01 09:23 - 2017-05-01 09:23 - 15105200 _____ (Windscribe ) C:\Users\Korisnik\Downloads\windscribe_windows_1_62_build38.exe
2017-05-01 09:23 - 2017-04-20 18:16 - 00045560 _____ (The OpenVPN Project) C:\Windows\System32\Drivers\tapwindscribe0901.sys
2017-04-26 10:24 - 2017-04-06 07:08 - 00399944 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe
2017-04-24 16:46 - 2017-04-26 10:26 - 00000000 ____D C:\Users\Korisnik\AppData\LocalLow\uTorrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-05-23 20:24 - 2017-03-01 13:23 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\BrowserExtensions
2017-05-23 20:08 - 2016-05-24 02:23 - 00000000 ____D C:\Users\Korisnik\AppData\Local\MalwareProtectionLive
2017-05-23 19:54 - 2015-02-14 04:20 - 00000000 ____D C:\ProgramData\AdPunisher
2017-05-23 18:54 - 2016-02-01 09:19 - 00000000 ____D C:\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98
2017-05-21 22:02 - 2009-07-13 21:32 - 00028672 _____ C:\Windows\System32\config\BCD-Template
2017-05-20 12:28 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2017-05-20 12:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-05-11 12:27 - 2009-07-13 20:45 - 00006080 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-05-11 12:27 - 2009-07-13 20:45 - 00006080 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-05-11 12:26 - 2014-08-21 02:03 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\uTorrent
2017-05-11 11:22 - 2016-12-24 13:12 - 00000000 ____D C:\Users\Korisnik\Downloads\PopcornTime
2017-05-08 08:38 - 2016-02-10 07:17 - 00000000 ___SD C:\Users\Korisnik\AppData\LocalLow\Temp
2017-05-01 09:24 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf
2017-04-26 13:26 - 2014-10-23 13:49 - 00000000 ____D C:\Users\Korisnik\Desktop\2 cd
2017-04-26 10:28 - 2016-07-22 01:54 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2017-04-24 10:05 - 2015-07-01 06:31 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-04-24 08:54 - 2016-12-15 08:05 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2017-04-24 08:47 - 2014-09-23 12:59 - 00001012 __RSH C:\ProgramData\ntuser.pol
==================== Known DLLs (Whitelisted) =========================
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Association (Whitelisted) =============
==================== Restore Points =========================
==================== BCD ================================
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=Y:
path \bootmgr
description Windows Boot Manager
locale en-us
inherit {globalsettings}
default {default}
resumeobject {eb6be27e-288f-11e4-9cad-d2520c9f213e}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30
Windows Boot Loader
-------------------
identifier {9b245ece-3eba-11e7-b063-c5b73e532ab9}
device ramdisk=[C:]\Recovery\eb6be27c-288f-11e4-9cad-d2520c9f213e\Winre.wim,{9b245ecf-3eba-11e7-b063-c5b73e532ab9}
path \windows\system32\winload.exe
description Windows Recovery Environment (recovered)
locale
osdevice ramdisk=[C:]\Recovery\eb6be27c-288f-11e4-9cad-d2520c9f213e\Winre.wim,{9b245ecf-3eba-11e7-b063-c5b73e532ab9}
systemroot \windows
winpe Yes
Windows Boot Loader
-------------------
identifier {default}
device partition=C:
path \windows\system32\winload.exe
description Windows 7
locale en-us
inherit {bootloadersettings}
osdevice partition=C:
systemroot \windows
resumeobject {eb6be27e-288f-11e4-9cad-d2520c9f213e}
nx OptIn
detecthal Yes
winpe No
Resume from Hibernate
---------------------
identifier {eb6be27e-288f-11e4-9cad-d2520c9f213e}
device partition=C:
path \windows\system32\winresume.exe
description Windows Resume Application
locale en-us
inherit {resumeloadersettings}
filepath \hiberfil.sys
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=Y:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-us
inherit {globalsettings}
badmemoryaccess Yes
EMS Settings
------------
identifier {emssettings}
bootems Yes
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
Device options
--------------
identifier {9b245ecf-3eba-11e7-b063-c5b73e532ab9}
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\eb6be27c-288f-11e4-9cad-d2520c9f213e\boot.sdi
Device options
--------------
identifier {eb6be27d-288f-11e4-9cad-d2520c9f213e}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\eb6be27c-288f-11e4-9cad-d2520c9f213e\boot.sdi
==================== Memory info ===========================
Percentage of memory in use: 15%
Total physical RAM: 4060.87 MB
Available physical RAM: 3439.46 MB
Total Virtual: 4059.02 MB
Available Virtual: 3430.5 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:45.13 GB) (Free:2.49 GB) NTFS
Drive e: () (Fixed) (Total:29.3 GB) (Free:21.59 GB) NTFS
Drive g: (Repair disc Windows 7 64-bit) (Removable) (Total:7.41 GB) (Free:7.22 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: D97CD97C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=45.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29.3 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7.4 GB) (Disk ID: 00D4BDAB)
Partition 1: (Active) - (Size=7.4 GB) - (Type=07 NTFS)
LastRegBack: 2017-05-08 11:09
==================== End of FRST.txt ============================
#50
Posted 25 May 2017 - 05:03 AM
dinGospo89
- Topic Starter
-
- Member
-
- 47 posts
Member
I am sorry but i can't seem to understand these steps on your link, too many informations and its confusing me.. Could you like, write me or copy me exact steps what should i do? tnx
#51
Posted 25 May 2017 - 08:47 AM
JSntgRvr
-
- Global Moderator
-
- 11,591 posts
Global Moderator
It is very complicated. The idea is to install Windows as an upgrade, and not as a clean install to preserve your files and drivers, but there are risks involved as you must have the right version DVD or USB disk installation.
Before you do that, enter the BIOS setup utility and see how the configuration for the SATA drive is set, IDE or AHCI, or else?
#52
Posted 25 May 2017 - 09:38 AM
JSntgRvr
-
- Global Moderator
-
- 11,591 posts
Global Moderator
There should be and image file in that computer.
Download the enclosed file. Save it in the same location FRST is saved.
Open FRST as you did before and click on the Fix button. (it should take a while to search for that image.)
A log will be produced, fixlog.txt. Post it in your next reply
Download the enclosed file. Save it in the same location FRST is saved.
Open FRST as you did before and click on the Fix button. (it should take a while to search for that image.)
A log will be produced, fixlog.txt. Post it in your next reply
#53
Posted 25 May 2017 - 12:41 PM
dinGospo89
- Topic Starter
-
- Member
-
- 47 posts
Member
in BIOS stand "SATA Mode: AHCI Mode" but it can be changed to IDE.. and i have one more question, should my D2D settings be set to "enabled" or "disabled"?
bc's i think i have changed that settings when i first tried to search a solution to my problem.. it's enabled right now..
here is fixlog.txt
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by SYSTEM (25-05-2017 20:34:09) Run:9
Running from G:\
Boot Mode: Recovery
==============================================
fixlist content:
*****************
CMD: Dir /a /s Y:\*.wim
CMD: Dir /a /s C:\*.wim
*****************
========= Dir /a /s Y:\*.wim =========
Volume in drive Y is System Reserved
Volume Serial Number is D6DC-DE3F
File Not Found
========= End of CMD: =========
========= Dir /a /s C:\*.wim =========
Volume in drive C has no label.
Volume Serial Number is A6E2-6DBB
Directory of C:\Recovery\eb6be27c-288f-11e4-9cad-d2520c9f213e
11/20/2010 08:42 AM 169,213,970 Winre.wim
1 File(s) 169,213,970 bytes
Directory of C:\Windows\System32\oobe
11/20/2010 07:24 PM 637,042 FirstUXRes.WIM
1 File(s) 637,042 bytes
Directory of C:\Windows\winsxs\amd64_microsoft-windows-setup-component_31bf3856ad364e35_6.1.7601.17514_none_905283bdc3e1d2d8
11/20/2010 07:24 PM 637,042 FirstUXRes.WIM
1 File(s) 637,042 bytes
Total Files Listed:
3 File(s) 170,488,054 bytes
0 Dir(s) 2,677,174,272 bytes free
========= End of CMD: =========
==== End of Fixlog 20:36:31 ====
#54
Posted 25 May 2017 - 05:03 PM
JSntgRvr
-
- Global Moderator
-
- 11,591 posts
Global Moderator
in BIOS stand "SATA Mode: AHCI Mode" but it can be changed to IDE.. and i have one more question, should my D2D settings be set to "enabled" or "disabled"?
bc's i think i have changed that settings when i first tried to search a solution to my problem.. it's enabled right now..
As far as I know, the D2D should be enable.
Some people change the AHCI Mode to IDE, and the issue has been resolved. It is a risk that some people take.
There is no Recovery Image in the computer. I guess You must contact the manufacturer for the Recovery CDs.
#55
Posted 25 May 2017 - 06:36 PM
dinGospo89
- Topic Starter
-
- Member
-
- 47 posts
Member
So i just change to IDE and try to boot it normal way?
And one more thing.. is there any way that i can export my data from a computer (pictures,files) to usb stick and then have someone instal new windows to my laptop?
And one more thing.. is there any way that i can export my data from a computer (pictures,files) to usb stick and then have someone instal new windows to my laptop?
#56
Posted 26 May 2017 - 07:22 PM
JSntgRvr
-
- Global Moderator
-
- 11,591 posts
Global Moderator
You can use Notepad as a browser, copy and paste files from one location to the other. At the Recovery Environment command prompt type Notepad, select File -> Open, and there you go.
#57
Posted 28 May 2017 - 10:42 AM
dinGospo89
- Topic Starter
-
- Member
-
- 47 posts
Member
ok, i will first try to export files, and then change the SATA settings to IDE, it can't be worse as it is now.. can you help me with another issue, on my new laptop with windows 10, on desktop appeared 2 icons called "desktop.ini" im not sure why that happened and not sure if i should just delete them, and another thing is sometimes i get a message that my display driver stopped working and that it's recovered.. is that normal to happen on a brand new computer?
#58
Posted 28 May 2017 - 03:28 PM
JSntgRvr
-
- Global Moderator
-
- 11,591 posts
Global Moderator
Desktop.ini are configuration files, part of Windows System. These files are hidden and it should be one on every folder. They content information such as:
[LocalizedFileNames]
migwiz.lnk=@%SystemRoot%\system32\migwiz\MIGUIRes.dll,-103
-or-
[.ShellClassInfo]
LocalizedResourceName=@%SystemRoot%\system32\shell32.dll,-21769
IconResource=%SystemRoot%\system32\imageres.dll,-183
As System's files, should not be deleted, unless dropped by a virus.
Have you set your folder's options to un-hide system files?
#59
Posted 28 May 2017 - 03:35 PM
dinGospo89
- Topic Starter
-
- Member
-
- 47 posts
Member
I didnt set anything, i bought it new like week ago and after 2 days using it i saw these icons.. i didnt mess with a settings, i got mccaffe antivirus by default and it's telling me that my computer is safe all the time.. i saw someone showing how to hide that icons but i didn't wanted to mess until i check up with you first, bc's you'r the expert..
#60
Posted 28 May 2017 - 04:43 PM
JSntgRvr
-
- Global Moderator
-
- 11,591 posts
Global Moderator
Lets check that.
Please download Farbar Recovery Scan Tool and save it to your desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Double-click to run it. When the tool opens click Yes to disclaimer.
- Make sure that under Optional Scans, there is a checkmark on Addition.txt.
- Press Scan button.
- It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
- The tool will also produce another log (Addition.txt ). Please attach this to your reply.
Similar Topics
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
