Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

my %hs file is missing [Closed]


  • This topic is locked This topic is locked

#1
arvingavanam

arvingavanam

    New Member

  • Member
  • Pip
  • 5 posts
i have scan with frst now wht should i do??? the frst text is


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013
Ran by SYSTEM on MININT-UNB4H0O on 15-11-2013 19:36:23
Running from H:\
Windows 7 Ultimate (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-29] (AVAST Software)
HKLM\...\Run: [UIExec] - C:\Program Files\Celcom Broadband\UIExec.exe [138552 2010-07-22] ()
HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-11] (Oracle Corporation)
HKLM\...\Run: [AdobeCS5ServiceManager] - "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2013-07-05] (RealNetworks, Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-12] (Microsoft Corporation)
HKLM\...\Run: [SearchSettings] - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [1303360 2013-08-08] (Spigot, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [262656 2010-11-20] (Microsoft Corporation)
HKU\Arvin\...\Run: [Facebook Update] - C:\Users\Arvin\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2012-07-12] (Facebook Inc.)
HKU\Arvin\...\Run: [Spotify Web Helper] - C:\Users\Arvin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [ 2013-05-30] (Spotify Ltd)
AppInit_DLLs: c:\progra~2\bitguard\261694~1.246\{16cdf~1\bitguard.dll [ 2013-09-23] ()
Startup: C:\Users\Arvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> (No File)

========================== Services (Whitelisted) =================

S2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-08-08] (Spigot, Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-29] (AVAST Software)
S2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe [2845664 2013-09-23] ()
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-16] (MAGIX®)
S2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [233344 2012-06-27] ()
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-15] ()
S2 UI Assistant Service; C:\Program Files\Celcom Broadband\AssistantServices.exe [255800 2010-07-22] ()
S2 Update LinkSwift; C:\Program Files\LinkSwift\updateLinkSwift.exe [206624 2013-08-29] (LinkSwift)
S2 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [79872 2012-10-31] (VMware, Inc.)
S2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357016 2012-10-31] (VMware, Inc.)
S2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [721048 2012-10-11] (VMware, Inc.)
S2 VMware NAT Service; C:\Windows\system32\vmnat.exe [435864 2012-10-31] (VMware, Inc.)
S4 FLEXnet Licensing Service;
S3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [x]

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-29] (AVAST Software)
S1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [24408 2012-03-06] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-08-29] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-08-29] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-29] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-29] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-29] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-29] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-29] ()
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-01-28] (Samsung Electronics Co., Ltd.)
S2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-10-11] (VMware, Inc.)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-10] (Hewlett-Packard Development Company, L.P.)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2010-06-02] (MBB Incorporated)
S2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-01-28] (Samsung Electronics)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2009-11-12] (AnchorFree Inc)
S3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25624 2012-10-31] (VMware, Inc.)
S3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2012-10-31] (VMware, Inc.)
S2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2012-10-31] (VMware, Inc.)
S2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [25752 2012-10-31] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-10-11] (VMware, Inc.)
S2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [61848 2012-10-31] (VMware, Inc.)
S0 vsock; C:\Windows\System32\drivers\vsock.sys [61464 2012-10-23] (VMware, Inc.)
S3 CV2K1; system32\DRIVERS\cv2k1.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-13] (Microsoft Corporation)
S2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; No ImagePath

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9EBBBA55060F786F0FCAA3893BFA2806
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys B9FE438B3CAD82B2014710349A2022F7
C:\Windows\System32\Drivers\aswKbd.sys 81E695913FEFD4E23360A69C0F151797
C:\Windows\system32\drivers\aswMonFlt.sys AE5549DD21F6DE06406031EF1D51ACC3
C:\Windows\System32\Drivers\aswrdr2.sys A29EF1A46E110F392588F7395BB55F32
C:\Windows\System32\Drivers\aswRvrt.sys FA72FA503F580C3C628DD8C7D7622E37
C:\Windows\System32\Drivers\aswSnx.sys 4D53349D848C6BADB3D4ACBE98C27676
C:\Windows\System32\Drivers\aswSP.sys 813024DFD54A41B3AFAE2B1E2796CB80
C:\Windows\System32\Drivers\aswTdi.sys 5E18413310134130D7772F0668698CB7
C:\Windows\System32\Drivers\aswVmm.sys A5F637D61719D37A5B4868C385E363C0
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BTHport.sys 1153DE2E4F5941E10C399CB5592F78A1
C:\Windows\System32\Drivers\BTHUSB.sys C81E9413A25A439F436B1D4B6A0CF9E9
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 42F158036BD4C2FF3122BF142E60E6FD
C:\Windows\System32\drivers\CHDRT32.sys B6E7991E3D6146C04C85CD31AF22A381
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\system32\Drivers\DgiVecp.sys 770471DE2550820FEEB7E5D24BF2E273
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 16498EBC04AE9DD07049A8884B205C05
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcmon.sys B6F5AC88A1A1FDD802CB689721D640FE
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HpqKbFiltr.sys 35956140E686D53BF676CF0C778880FC
C:\Windows\System32\DRIVERS\HpqRemHid.sys 115C0933B3ED51DFBEC4449348C8065B
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HSX_DPV.sys 1882827F41DEE51C70E24C567C35BFB5
C:\Windows\System32\DRIVERS\HSXHWAZL.sys A44DDF3BA83E4664BF4DE9220097578C
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbmdm.sys 63B3EFF36272787619C1E773ED581693
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys B7895B4182C0D16F6EFADEB8081E8D36
C:\Windows\System32\Drivers\ksecpkg.sys 5FE1ABF1AF591A3458C9CF24ED9A4D35
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\massfilter.sys 8D9C68FA8B7FBE0E225BDE0BBCD8CE9B
C:\Windows\System32\DRIVERS\mdmxsdk.sys 0CEA2D0D3FA284B85ED5B68365114F76
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netw5v32.sys 58218EC6B61B1169CF54AAB0D00F5FE2
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 5E43D2B0EE64123D4880DFA6626DEFDE
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys 7DB332F85AB7894C69DFB934EEE23EB9
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6
C:\Windows\System32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys CB928D9E6DAF51879DD6BA8D02F01321
C:\Windows\System32\DRIVERS\rimmptsk.sys DF672613FBBCD58C38BB0BC2694BCFB0
C:\Windows\System32\DRIVERS\rimsptsk.sys 9BFB54D3559F2FF7301271D29D383564
C:\Windows\System32\DRIVERS\rixdptsk.sys DCB87DA83CC1010CBC9FC4DC9E395BBC
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 0328BE1C7F1CBA23848179F8762E391C
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\VSTAZL3.SYS E00FDFAFF025E94F9821153750C35A6D
C:\Windows\System32\DRIVERS\VSTDPV3.SYS CEB4E3B6890E1E42DCA6694D9E59E1A0
C:\Windows\System32\DRIVERS\VSTCNXT3.SYS BC0C7EA89194C299F051C24119000E17
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\system32\Drivers\SSPORT.sys 5F77725EC309DE1242D8EFC8E9259A9F
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\taphss.sys 0C3B2A9C4BD2DD9A6C2E4084314DD719
C:\Windows\System32\drivers\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\DRIVERS\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys 9CE253214ACAA5A7D323327D2055EFAA
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys BD9C55D7023C5DE374507ACC7A14E2AC
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys F92DE757E4B7CE9C07C5E65423F3AE3B
C:\Windows\System32\DRIVERS\usbhub.sys 8DC94AEC6A7E644A06135AE7506DC2E9
C:\Windows\system32\drivers\usbohci.sys E185D44FAC515A18D9DEDDC23C2CDF44
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 576096CCBC07E7C4EA4F5E6686D6888F
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 68DF884CF41CDADA664BEB01DAF67E3D
C:\Windows\System32\Drivers\usbvideo.sys 45F4E7BF43DB40A6C6B4D92C76CBC3F2
C:\Windows\System32\DRIVERS\usb8023x.sys AF77716205C97E902E6C5B78DECE2CCA
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vmci.sys 753BD0240B6586ABA0D67A70B3EF44A0
C:\Windows\system32\drivers\VMkbd.sys 840EC98AD70C09F87E2F624320B9C3A3
C:\Windows\System32\DRIVERS\vmnetadapter.sys A267D2321ED281359D301BFEB8202652
C:\Windows\System32\DRIVERS\vmnetbridge.sys 7A4BB278D7860551A716D46349492692
C:\Windows\system32\drivers\vmnetuserif.sys 4214CE8AC6E4E2667E71B9A5E973D590
C:\Windows\System32\Drivers\vmusb.sys AFB10AD9AA91D2F70C9F0E6BDA0D119B
C:\Windows\system32\Drivers\vmx86.sys 6B649BAAF488C8505C613A1159A8D05C
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vsock.sys 4B1B677FC0338C85E1C30BD6F1BFD584
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HSX_CNXT.sys E096FFB754F1E45AE1BDDAC1275AE2C5
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\xaudio.sys 19E7C173B6242AD7521E537AE54768BF
C:\Windows\System32\DRIVERS\yk62x86.sys B07C5B7EFDF936FF93D4F540938725BE
C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys 3862318F85BE7A91957ADA5E814ED58C
C:\Windows\System32\DRIVERS\ZTEusbnmea.sys 3862318F85BE7A91957ADA5E814ED58C
C:\Windows\System32\DRIVERS\ZTEusbser6k.sys 3862318F85BE7A91957ADA5E814ED58C

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-15 19:36 - 2013-11-15 19:36 - 00000000 ____D C:\FRST
2013-10-18 00:27 - 2013-10-18 00:27 - 00000000 ____D C:\Users\Arvin\Downloads\z19111en (1)

==================== One Month Modified Files and Folders =======

2013-11-15 19:36 - 2013-11-15 19:36 - 00000000 ____D C:\FRST
2013-10-20 08:05 - 2013-09-14 05:26 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-20 08:05 - 2013-09-06 20:57 - 00031996 _____ C:\Windows\PFRO.log
2013-10-20 08:03 - 2012-04-26 07:24 - 02065021 _____ C:\Windows\WindowsUpdate.log
2013-10-20 08:02 - 2013-09-05 21:29 - 00255752 _____ C:\Windows\setupact.log
2013-10-20 08:00 - 2012-05-11 23:10 - 00191555 _____ C:\ProgramData\nvModes.001
2013-10-20 05:20 - 2013-03-29 23:07 - 00000000 ____D C:\Users\Arvin\Downloads\Download
2013-10-20 05:15 - 2012-10-13 06:34 - 00468992 ___SH C:\Users\Arvin\Downloads\Thumbs.db
2013-10-20 05:02 - 2012-09-08 19:08 - 00000434 _____ C:\Windows\System32\Drivers\etc\hosts.ics
2013-10-20 01:27 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\tracing
2013-10-20 00:34 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-19 23:47 - 2012-06-30 08:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-19 23:37 - 2013-08-09 19:40 - 00000000 ____D C:\Windows\System32\MRT
2013-10-19 23:34 - 2013-03-11 00:45 - 78106760 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-10-19 23:25 - 2012-04-26 07:45 - 00736218 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-19 23:13 - 2013-01-30 07:01 - 00000000 ____D C:\Scandata
2013-10-18 03:28 - 2013-09-05 22:31 - 00000000 ____D C:\Users\Arvin\AppData\Local\Adobe
2013-10-18 03:27 - 2012-04-27 02:44 - 00000000 ____D C:\ProgramData\Adobe
2013-10-18 03:27 - 2012-04-27 02:42 - 00000000 ____D C:\Program Files\Adobe
2013-10-18 03:27 - 2012-04-27 02:39 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-10-18 00:57 - 2012-06-21 05:32 - 00000228 _____ C:\Windows\ricdb.ini
2013-10-18 00:57 - 2012-06-21 05:32 - 00000081 _____ C:\Windows\System32\RPCS.ini
2013-10-18 00:44 - 2012-05-09 05:37 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-10-18 00:30 - 2013-09-16 22:39 - 00001029 _____ C:\Users\Public\Desktop\InfraRecorder.lnk
2013-10-18 00:29 - 2013-09-05 22:04 - 00061952 ___SH C:\Users\Arvin\Desktop\Thumbs.db
2013-10-18 00:28 - 2005-03-02 21:56 - 00000000 ____D C:\Users\Arvin\Desktop\HELP
2013-10-18 00:28 - 2005-03-02 21:56 - 00000000 ____D C:\Users\Arvin\Desktop\English
2013-10-18 00:27 - 2013-10-18 00:27 - 00000000 ____D C:\Users\Arvin\Downloads\z19111en (1)
2013-10-17 23:34 - 2012-05-05 03:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-10-17 23:34 - 2012-05-05 03:28 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-10-17 23:17 - 2012-05-11 23:10 - 00191555 _____ C:\ProgramData\nvModes.dat
2013-10-17 23:08 - 2012-06-26 05:00 - 00000000 _____ C:\Users\Arvin\AppData\Local\FnF4.txt
2013-10-17 22:59 - 2009-07-13 20:34 - 00028432 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-17 22:59 - 2009-07-13 20:34 - 00028432 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

Some content of TEMP:
====================
C:\Users\Arvin\AppData\Local\Temp\w2bhlp.dll
C:\Users\Arvin\AppData\Local\Temp\WiNToBootic.exe


==================== Known DLLs (Whitelisted) ============

C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!.

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

3
Restore point made on: 2013-10-03 08:03:34
Restore point made on: 2013-10-18 00:01:03
Restore point made on: 2013-10-19 23:12:56

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=Y:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {default}
resumeobject {5079e2fb-9039-11e1-b7a9-e7a59b68c935}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {14b6010b-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b6010b-c487-11e0-8f64-a96e07832137\Winre.wim,{14b6010c-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b6010b-c487-11e0-8f64-a96e07832137\Winre.wim,{14b6010c-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {14b6010f-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b6010f-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60110-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b6010f-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60110-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {14b60113-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b60113-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60114-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b60113-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60114-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {14b60117-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b60117-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60118-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b60117-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60118-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {default}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {current}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {5079e2fb-9039-11e1-b7a9-e7a59b68c935}
nx OptIn

Windows Boot Loader
-------------------
identifier {current}
device ramdisk=[C:]\Recovery\5079e2fd-9039-11e1-b7a9-e7a59b68c935\Winre.wim,{5079e2fe-9039-11e1-b7a9-e7a59b68c935}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\5079e2fd-9039-11e1-b7a9-e7a59b68c935\Winre.wim,{5079e2fe-9039-11e1-b7a9-e7a59b68c935}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {1e6e4f55-8463-11e1-b819-806e6f6e6963}
device partition=E:
path \$WINDOWS.~BT\Windows\system32\winresume.exe
description Windows Setup
locale en-US
inherit {resumeloadersettings}
filedevice partition=E:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Resume from Hibernate
---------------------
identifier {5079e2fb-9039-11e1-b7a9-e7a59b68c935}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Resume from Hibernate
---------------------
identifier {95542855-84f5-11e1-b159-806e6f6e6963}
device partition=E:
path \$WINDOWS.~BT\Windows\system32\winresume.exe
description Windows Setup
locale en-US
inherit {resumeloadersettings}
filedevice partition=E:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=Y:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {14b6010c-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b6010b-c487-11e0-8f64-a96e07832137\boot.sdi

Device options
--------------
identifier {14b60110-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b6010f-c487-11e0-8f64-a96e07832137\boot.sdi

Device options
--------------
identifier {14b60114-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b60113-c487-11e0-8f64-a96e07832137\boot.sdi

Device options
--------------
identifier {14b60118-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b60117-c487-11e0-8f64-a96e07832137\boot.sdi

Device options
--------------
identifier {5079e2fe-9039-11e1-b7a9-e7a59b68c935}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\5079e2fd-9039-11e1-b7a9-e7a59b68c935\boot.sdi


==================== Memory info ===========================

Percentage of memory in use: 22%
Total physical RAM: 2046.37 MB
Available physical RAM: 1584.31 MB
Total Pagefile: 2046.37 MB
Available Pagefile: 1601.46 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:73.14 GB) (Free:13.4 GB) NTFS
Drive e: (data) (Fixed) (Total:75.81 GB) (Free:43.5 GB) NTFS
Drive g: (SENHENG) (CDROM) (Total:0.06 GB) (Free:0 GB) CDFS
Drive h: () (Removable) (Total:7.38 GB) (Free:7.38 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 2AC533C1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=76 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 58A94217)
Partition 1: (Active) - (Size=7 GB) - (Type=0C)


LastRegBack: 2013-09-12 04:53

==================== End Of Log ============================
  • 0

Advertisements


#2
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello arvingavanam,

Welcome to Geekstogo.

Please run FRST again.

Type the following in the Search: box:

LPK.dll

Click Search button.

Post the log (Search.txt) it makes on the USB drive back here.
  • 0

#3
arvingavanam

arvingavanam

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Farbar Recovery Scan Tool (x86) Version: 14-11-2013
Ran by SYSTEM at 2013-11-16 15:47:35
Running from H:\
Boot Mode: Recovery

================== Search: "LPK.DLL" ===================

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_ac34c1dcd20a42b5\lpk.dll
[2013-10-18 00:22] - [2013-06-05 21:03] - 0026112 ____A (Microsoft Corporation) 6AD2C4AE940C3A73C7E5A50B8BBDBDE5

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_ac0e7fd2d22636de\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21664_none_ac2e0f92d20ea1d6\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_ab9c8559b8f68f07\lpk.dll
[2013-10-18 00:22] - [2013-06-05 20:52] - 0026112 ____A (Microsoft Corporation) F632602316001D517F4EF3B53B9A6C33

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_abc2c1b1b8daa369\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17563_none_aba3727db8f1e8b5\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_abda8263b8c87657\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.21402_none_aa867320d4b9809b\lpk.dll
[2013-03-04 09:08] - [2012-12-16 08:29] - 0026112 ____A (Microsoft Corporation) 1953E31A9290333FEEB28A002D92F68A

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20905_none_aa899444d4b6a4c2\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20553_none_aa517c7cd4e1092d\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20498_none_aa2b3c58d4fcfa7d\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.17194_none_a99d83d1bbe314aa\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16763_none_a9bd1577bbcb7cc9\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16444_none_a9d3afe7bbba66c9\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16402_none_a9fcef03bb9bc457\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_a9a96e9bbbd9f2bd\lpk.dll
[2009-07-13 15:25] - [2009-07-13 17:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE

=== End Of Search ===
  • 0

#4
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Hello arvingavanam,

Please download the attached fixlist.txt file to your flashdrive .

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
  • 0

#5
arvingavanam

arvingavanam

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 14-11-2013
Ran by SYSTEM at 2013-11-17 17:17:55 Run:1
Running from H:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
Replace: C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_ac34c1dcd20a42b5\lpk.dll C:\Windows\System32\LPK.dll IS MISSING
*****************

Could not find C:\Windows\System32\LPK.dll IS MISSING
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_ac34c1dcd20a42b5\lpk.dll copied successfully to C:\Windows\System32\LPK.dll IS MISSING

==== End of Fixlog ====
  • 0

#6
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Can you boot up normally now?

Please re run a scan with FRST and post the FRST.txt back here.
  • 0

#7
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 1

#8
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Topic reopened at users request.
  • 0

#9
arvingavanam

arvingavanam

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
i still cant open my windows this is my last frst scan result

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 14-11-2013
Ran by SYSTEM on MININT-35DQ5KG on 25-11-2013 20:17:24
Running from H:\
Windows 7 Ultimate (X86) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968 2013-08-29] (AVAST Software)
HKLM\...\Run: [UIExec] - C:\Program Files\Celcom Broadband\UIExec.exe [138552 2010-07-22] ()
HKLM\...\Run: [QlbCtrl.exe] - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-11] (Oracle Corporation)
HKLM\...\Run: [AdobeCS5ServiceManager] - "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
HKLM\...\Run: [SwitchBoard] - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512 2013-07-05] (RealNetworks, Inc.)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-12] (Microsoft Corporation)
HKLM\...\Run: [SearchSettings] - C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [1303360 2013-08-08] (Spigot, Inc.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-04-30] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] - C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-28] ()
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [262656 2010-11-20] (Microsoft Corporation)
HKU\Arvin\...\Run: [Facebook Update] - C:\Users\Arvin\AppData\Local\Facebook\Update\FacebookUpdate.exe [ 2012-07-12] (Facebook Inc.)
HKU\Arvin\...\Run: [Spotify Web Helper] - C:\Users\Arvin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [ 2013-05-30] (Spotify Ltd)
AppInit_DLLs: c:\progra~2\bitguard\261694~1.246\{16cdf~1\bitguard.dll [ 2013-09-23] ()
Startup: C:\Users\Arvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
ShortcutTarget: Facebook Messenger.lnk -> (No File)

========================== Services (Whitelisted) =================

S2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2013-08-08] (Spigot, Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-29] (AVAST Software)
S2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe [2845664 2013-09-23] ()
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-16] (MAGIX®)
S2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [233344 2012-06-27] ()
S2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-15] ()
S2 UI Assistant Service; C:\Program Files\Celcom Broadband\AssistantServices.exe [255800 2010-07-22] ()
S2 Update LinkSwift; C:\Program Files\LinkSwift\updateLinkSwift.exe [206624 2013-08-29] (LinkSwift)
S2 VMAuthdService; C:\Program Files\VMware\VMware Player\vmware-authd.exe [79872 2012-10-31] (VMware, Inc.)
S2 VMnetDHCP; C:\Windows\system32\vmnetdhcp.exe [357016 2012-10-31] (VMware, Inc.)
S2 VMUSBArbService; C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [721048 2012-10-11] (VMware, Inc.)
S2 VMware NAT Service; C:\Windows\system32\vmnat.exe [435864 2012-10-31] (VMware, Inc.)
S4 FLEXnet Licensing Service;
S3 SwitchBoard; "C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [x]

==================== Drivers (Whitelisted) ====================

S2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [29816 2013-08-29] (AVAST Software)
S1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [24408 2012-03-06] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-08-29] (AVAST Software)
S1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [61680 2013-08-29] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49376 2013-08-29] ()
S1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [770344 2013-08-29] (AVAST Software)
S1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [369584 2013-08-29] (AVAST Software)
S1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [56080 2013-08-29] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [177864 2013-08-29] ()
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-01-28] (Samsung Electronics Co., Ltd.)
S2 hcmon; C:\Windows\system32\drivers\hcmon.sys [41496 2012-10-11] (VMware, Inc.)
S3 HpqRemHid; C:\Windows\System32\DRIVERS\HpqRemHid.sys [7168 2007-07-10] (Hewlett-Packard Development Company, L.P.)
S3 massfilter; C:\Windows\System32\drivers\massfilter.sys [9216 2010-06-02] (MBB Incorporated)
S2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-01-28] (Samsung Electronics)
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2009-11-12] (AnchorFree Inc)
S3 vmkbd; C:\Windows\system32\drivers\VMkbd.sys [25624 2012-10-31] (VMware, Inc.)
S3 VMnetAdapter; C:\Windows\System32\DRIVERS\vmnetadapter.sys [16664 2012-10-31] (VMware, Inc.)
S2 VMnetBridge; C:\Windows\System32\DRIVERS\vmnetbridge.sys [37016 2012-10-31] (VMware, Inc.)
S2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [25752 2012-10-31] (VMware, Inc.)
S3 vmusb; C:\Windows\System32\Drivers\vmusb.sys [31280 2012-10-11] (VMware, Inc.)
S2 vmx86; C:\Windows\system32\Drivers\vmx86.sys [61848 2012-10-31] (VMware, Inc.)
S0 vsock; C:\Windows\System32\drivers\vsock.sys [61464 2012-10-23] (VMware, Inc.)
S3 CV2K1; system32\DRIVERS\cv2k1.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-13] (Microsoft Corporation)
S2 {95808DC4-FA4A-4C74-92FE-5B863F82066B}; No ImagePath

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 9EBBBA55060F786F0FCAA3893BFA2806
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\Drivers\aswFsBlk.sys B9FE438B3CAD82B2014710349A2022F7
C:\Windows\System32\Drivers\aswKbd.sys 81E695913FEFD4E23360A69C0F151797
C:\Windows\system32\drivers\aswMonFlt.sys AE5549DD21F6DE06406031EF1D51ACC3
C:\Windows\System32\Drivers\aswrdr2.sys A29EF1A46E110F392588F7395BB55F32
C:\Windows\System32\Drivers\aswRvrt.sys FA72FA503F580C3C628DD8C7D7622E37
C:\Windows\System32\Drivers\aswSnx.sys 4D53349D848C6BADB3D4ACBE98C27676
C:\Windows\System32\Drivers\aswSP.sys 813024DFD54A41B3AFAE2B1E2796CB80
C:\Windows\System32\Drivers\aswTdi.sys 5E18413310134130D7772F0668698CB7
C:\Windows\System32\Drivers\aswVmm.sys A5F637D61719D37A5B4868C385E363C0
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BTHport.sys 1153DE2E4F5941E10C399CB5592F78A1
C:\Windows\System32\Drivers\BTHUSB.sys C81E9413A25A439F436B1D4B6A0CF9E9
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 42F158036BD4C2FF3122BF142E60E6FD
C:\Windows\System32\drivers\CHDRT32.sys B6E7991E3D6146C04C85CD31AF22A381
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\system32\Drivers\DgiVecp.sys 770471DE2550820FEEB7E5D24BF2E273
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 16498EBC04AE9DD07049A8884B205C05
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcmon.sys B6F5AC88A1A1FDD802CB689721D640FE
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HpqKbFiltr.sys 35956140E686D53BF676CF0C778880FC
C:\Windows\System32\DRIVERS\HpqRemHid.sys 115C0933B3ED51DFBEC4449348C8065B
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HSX_DPV.sys 1882827F41DEE51C70E24C567C35BFB5
C:\Windows\System32\DRIVERS\HSXHWAZL.sys A44DDF3BA83E4664BF4DE9220097578C
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ewusbmdm.sys 63B3EFF36272787619C1E773ED581693
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys B7895B4182C0D16F6EFADEB8081E8D36
C:\Windows\System32\Drivers\ksecpkg.sys 5FE1ABF1AF591A3458C9CF24ED9A4D35
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\drivers\massfilter.sys 8D9C68FA8B7FBE0E225BDE0BBCD8CE9B
C:\Windows\System32\DRIVERS\mdmxsdk.sys 0CEA2D0D3FA284B85ED5B68365114F76
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netw5v32.sys 58218EC6B61B1169CF54AAB0D00F5FE2
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 5E43D2B0EE64123D4880DFA6626DEFDE
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys 7DB332F85AB7894C69DFB934EEE23EB9
C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0
C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6
C:\Windows\System32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys CB928D9E6DAF51879DD6BA8D02F01321
C:\Windows\System32\DRIVERS\rimmptsk.sys DF672613FBBCD58C38BB0BC2694BCFB0
C:\Windows\System32\DRIVERS\rimsptsk.sys 9BFB54D3559F2FF7301271D29D383564
C:\Windows\System32\DRIVERS\rixdptsk.sys DCB87DA83CC1010CBC9FC4DC9E395BBC
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\system32\drivers\sdbus.sys 0328BE1C7F1CBA23848179F8762E391C
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46
C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB
C:\Windows\System32\DRIVERS\VSTAZL3.SYS E00FDFAFF025E94F9821153750C35A6D
C:\Windows\System32\DRIVERS\VSTDPV3.SYS CEB4E3B6890E1E42DCA6694D9E59E1A0
C:\Windows\System32\DRIVERS\VSTCNXT3.SYS BC0C7EA89194C299F051C24119000E17
C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC
C:\Windows\system32\Drivers\SSPORT.sys 5F77725EC309DE1242D8EFC8E9259A9F
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\taphss.sys 0C3B2A9C4BD2DD9A6C2E4084314DD719
C:\Windows\System32\drivers\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\DRIVERS\tcpip.sys 4E8B9BE71B807B3BAEDB7F4243F85E3C
C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101
C:\Windows\System32\drivers\tsusbflt.sys 9CE253214ACAA5A7D323327D2055EFAA
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys BD9C55D7023C5DE374507ACC7A14E2AC
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys F92DE757E4B7CE9C07C5E65423F3AE3B
C:\Windows\System32\DRIVERS\usbhub.sys 8DC94AEC6A7E644A06135AE7506DC2E9
C:\Windows\system32\drivers\usbohci.sys E185D44FAC515A18D9DEDDC23C2CDF44
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 576096CCBC07E7C4EA4F5E6686D6888F
C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A
C:\Windows\System32\DRIVERS\usbuhci.sys 68DF884CF41CDADA664BEB01DAF67E3D
C:\Windows\System32\Drivers\usbvideo.sys 45F4E7BF43DB40A6C6B4D92C76CBC3F2
C:\Windows\System32\DRIVERS\usb8023x.sys AF77716205C97E902E6C5B78DECE2CCA
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vmci.sys 753BD0240B6586ABA0D67A70B3EF44A0
C:\Windows\system32\drivers\VMkbd.sys 840EC98AD70C09F87E2F624320B9C3A3
C:\Windows\System32\DRIVERS\vmnetadapter.sys A267D2321ED281359D301BFEB8202652
C:\Windows\System32\DRIVERS\vmnetbridge.sys 7A4BB278D7860551A716D46349492692
C:\Windows\system32\drivers\vmnetuserif.sys 4214CE8AC6E4E2667E71B9A5E973D590
C:\Windows\System32\Drivers\vmusb.sys AFB10AD9AA91D2F70C9F0E6BDA0D119B
C:\Windows\system32\Drivers\vmx86.sys 6B649BAAF488C8505C613A1159A8D05C
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vsock.sys 4B1B677FC0338C85E1C30BD6F1BFD584
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HSX_CNXT.sys E096FFB754F1E45AE1BDDAC1275AE2C5
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF
C:\Windows\System32\DRIVERS\xaudio.sys 19E7C173B6242AD7521E537AE54768BF
C:\Windows\System32\DRIVERS\yk62x86.sys B07C5B7EFDF936FF93D4F540938725BE
C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys 3862318F85BE7A91957ADA5E814ED58C
C:\Windows\System32\DRIVERS\ZTEusbnmea.sys 3862318F85BE7A91957ADA5E814ED58C
C:\Windows\System32\DRIVERS\ZTEusbser6k.sys 3862318F85BE7A91957ADA5E814ED58C

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-17 17:17 - 2013-06-05 21:03 - 00026112 _____ (Microsoft Corporation) C:\Windows\System32\LPK.dll IS MISSING
2013-11-15 19:36 - 2013-11-15 19:36 - 00000000 ____D C:\FRST

==================== One Month Modified Files and Folders =======

2013-11-15 19:36 - 2013-11-15 19:36 - 00000000 ____D C:\FRST

Some content of TEMP:
====================
C:\Users\Arvin\AppData\Local\Temp\w2bhlp.dll
C:\Users\Arvin\AppData\Local\Temp\WiNToBootic.exe


==================== Known DLLs (Whitelisted) ============

C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!.

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

3
Restore point made on: 2013-10-03 08:03:34
Restore point made on: 2013-10-18 00:01:03
Restore point made on: 2013-10-19 23:12:56

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=Y:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {default}
resumeobject {5079e2fb-9039-11e1-b7a9-e7a59b68c935}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {14b6010b-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b6010b-c487-11e0-8f64-a96e07832137\Winre.wim,{14b6010c-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b6010b-c487-11e0-8f64-a96e07832137\Winre.wim,{14b6010c-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {14b6010f-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b6010f-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60110-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b6010f-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60110-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {14b60113-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b60113-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60114-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b60113-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60114-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {14b60117-c487-11e0-8f64-a96e07832137}
device ramdisk=[C:]\Recovery\14b60117-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60118-c487-11e0-8f64-a96e07832137}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\14b60117-c487-11e0-8f64-a96e07832137\Winre.wim,{14b60118-c487-11e0-8f64-a96e07832137}
systemroot \windows
nx OptIn
winpe Yes

Windows Boot Loader
-------------------
identifier {default}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
recoverysequence {current}
recoveryenabled Yes
osdevice partition=C:
systemroot \Windows
resumeobject {5079e2fb-9039-11e1-b7a9-e7a59b68c935}
nx OptIn

Windows Boot Loader
-------------------
identifier {current}
device ramdisk=[C:]\Recovery\5079e2fd-9039-11e1-b7a9-e7a59b68c935\Winre.wim,{5079e2fe-9039-11e1-b7a9-e7a59b68c935}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[C:]\Recovery\5079e2fd-9039-11e1-b7a9-e7a59b68c935\Winre.wim,{5079e2fe-9039-11e1-b7a9-e7a59b68c935}
systemroot \windows
nx OptIn
winpe Yes

Resume from Hibernate
---------------------
identifier {1e6e4f55-8463-11e1-b819-806e6f6e6963}
device partition=E:
path \$WINDOWS.~BT\Windows\system32\winresume.exe
description Windows Setup
locale en-US
inherit {resumeloadersettings}
filedevice partition=E:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Resume from Hibernate
---------------------
identifier {5079e2fb-9039-11e1-b7a9-e7a59b68c935}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Resume from Hibernate
---------------------
identifier {95542855-84f5-11e1-b159-806e6f6e6963}
device partition=E:
path \$WINDOWS.~BT\Windows\system32\winresume.exe
description Windows Setup
locale en-US
inherit {resumeloadersettings}
filedevice partition=E:
filepath \hiberfil.sys
pae Yes
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=Y:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems Yes

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {14b6010c-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b6010b-c487-11e0-8f64-a96e07832137\boot.sdi

Device options
--------------
identifier {14b60110-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b6010f-c487-11e0-8f64-a96e07832137\boot.sdi

Device options
--------------
identifier {14b60114-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b60113-c487-11e0-8f64-a96e07832137\boot.sdi

Device options
--------------
identifier {14b60118-c487-11e0-8f64-a96e07832137}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\14b60117-c487-11e0-8f64-a96e07832137\boot.sdi

Device options
--------------
identifier {5079e2fe-9039-11e1-b7a9-e7a59b68c935}
description Ramdisk Options
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\5079e2fd-9039-11e1-b7a9-e7a59b68c935\boot.sdi


==================== Memory info ===========================

Percentage of memory in use: 22%
Total physical RAM: 2046.37 MB
Available physical RAM: 1594.79 MB
Total Pagefile: 2046.37 MB
Available Pagefile: 1610.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1950.9 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:73.14 GB) (Free:13.4 GB) NTFS
Drive e: (data) (Fixed) (Total:75.81 GB) (Free:43.5 GB) NTFS
Drive g: (SENHENG) (CDROM) (Total:0.06 GB) (Free:0 GB) CDFS
Drive h: () (Removable) (Total:7.38 GB) (Free:7.38 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 2AC533C1)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=73 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=76 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 58A94217)
Partition 1: (Active) - (Size=7 GB) - (Type=0C)


LastRegBack: 2013-09-12 04:53

==================== End Of Log ============================
  • 0

#10
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Please download the attached fixlist.txt file to your flashdrive .

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
  • 0

#11
arvingavanam

arvingavanam

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 14-11-2013
Ran by SYSTEM at 2013-11-27 20:43:22 Run:2
Running from H:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
Replace: C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_ac34c1dcd20a42b5\lpk.dll C:\Windows\System32\LPK.dll
S2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe [2845664 2013-09-23] ()
C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe
C:\Users\Arvin\AppData\Local\Temp\w2bhlp.dll
C:\Users\Arvin\AppData\Local\Temp\WiNToBootic.exe
*****************

Could not find C:\Windows\System32\LPK.dll
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_ac34c1dcd20a42b5\lpk.dll copied successfully to C:\Windows\System32\LPK.dll
BitGuard => Service deleted successfully.
C:\ProgramData\BitGuard\2.6.1694.246\{16cdff19-861d-48e3-a751-d99a27784753}\BitGuard.exe => Moved successfully.
C:\Users\Arvin\AppData\Local\Temp\w2bhlp.dll => Moved successfully.
C:\Users\Arvin\AppData\Local\Temp\WiNToBootic.exe => Moved successfully.

==== End of Fixlog ====

Tq very much it is working you have maked me a great birthday gift for me TQ
  • 0

#12
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Tq very much it is working you have maked me a great birthday gift for me TQ


You are welcome. We still have a bit to do to make sure your machine is good to go.

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

  • 0

#13
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP