Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

%hs is missing

Started by Kirito8 , Nov 01 2014 03:45 AM

  • This topic is locked This topic is locked

#1
Kirito8
Posted 01 November 2014 - 03:45 AM

Kirito8

    New Member

  • Member
  • Pip
  • 3 posts
I was just using my laptop in the morning at a good state but when i wanted to use it again at night it suddenly stop working and shows %hs is missing what should i do to fix it please help me guys i haven't backed up my laptop at all
  • 0

Advertisements

#2
Dakeyras
Posted 01 November 2014 - 06:42 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi and welcome to Geeks to Go. :)

The problem could be due to a myriad of possibilities and not necessarily malicious. However I will check for you what can be done, with this in mind can you inform myself which exact Operating System your machine has please. Also can you recall what you were doing when the machine last booted up, as in updated any software for example before powering it down ?
  • 0

#3
Kirito8
Posted 01 November 2014 - 10:20 AM

Kirito8

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

my laptop is hp with 32 bit using windows 7

i last booted my laptop on wednesday night when the %hs appeared all of a sudden

haven't done any software update yet, stays with 7

i tried using farbar which everybody used it too but i am clueless as what to do next


  • 0

#4
Dakeyras
Posted 01 November 2014 - 11:24 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi. :)

my laptop is hp with 32 bit using windows 7
i last booted my laptop on wednesday night when the %hs appeared all of a sudden
haven't done any software update yet, stays with 7

Acknowledged.

i tried using farbar which everybody used it too but i am clueless as what to do next

Fair play, delete your current version of the Farbar Recovery Scan Tool as it is updated on a regular basis, then...

Re-scan with Farbar Recovery Scan Tool:

Please download and save Farbar Recovery Scan Tool 32-Bit to a Flash/USB drive.

Then insert the Flash/USB drive into your problem machine....

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe and press Enter
Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste the contents of the aforementioned notepad file in your next reply.

  • 0

#5
Kirito8
Posted 02 November 2014 - 08:17 AM

Kirito8

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2014
Ran by SYSTEM on MININT-6KLDA84 on 02-11-2014 21:17:52
Running from I:\
Platform: Windows 7 Home Premium (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
S2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-09] (Kaspersky Lab ZAO)
S2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 vToolbarUpdater14.0.1; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [945480 2013-08-04] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 athur; C:\Windows\System32\DRIVERS\athur.sys [1500160 2010-01-04] (Atheros Communications, Inc.)
S1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [31576 2013-08-04] (AVG Technologies)
S0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [47456 2013-09-03] (Baidu, Inc.)
S0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2013-12-10] (Kaspersky Lab ZAO)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [597600 2014-05-21] (Kaspersky Lab ZAO)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [25696 2013-12-10] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [25696 2013-10-11] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [25696 2013-10-11] (Kaspersky Lab ZAO)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [44000 2013-08-27] (Kaspersky Lab ZAO)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [145040 2013-08-27] (Kaspersky Lab ZAO)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-05-21] (Kaspersky Lab ZAO)
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\3.7.0.0\PCFApiUtil.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys ==> MD5 is legit
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atikmdag.sys 7C89A150DA6164DCE968FB372381F2A9
C:\Windows\System32\DRIVERS\atikmpag.sys EA3726846F20AF390CFB0964C78E8A54
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Apfiltr.sys E8A8E6072CB7E2032E85E7735DAA511F
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athur.sys D79A49FC67421C7BB7DCBD188A442288
C:\Windows\System32\drivers\AtihdW73.sys 6ADC42CF4A6AB84975CA63DCCFAAF5D8
C:\Windows\system32\drivers\avgtpx86.sys 139723C3A6EB619CBD62ABB437E930DF
C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl6.sys 9E91D8D6B1E60DCFBEFD5AFBA3E7A108
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\drivers\Bhbase.sys E31BA3DC84CAE33ED6ED98201913EC1C
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\BthEnum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BTHport.sys 195C41CC67E9E1CEDD960CCB74925920
C:\Windows\System32\Drivers\BTHUSB.sys 43B3206DD654E783AA7E4EAD340A43B8
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 247B4CE2DAB1160CD422D532D5241E1F
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys 2B3BF55BA74EB8118F67AB2B450B8EA9
C:\Windows\System32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05
C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 185ADA973B5020655CEE342059A86CBB
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECI.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys F4037A3FEDB92DD97C95F320766EA5C9
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Impcd.sys E3C36AC5AE87EC970AE8EA2A93D59AE1
C:\Windows\System32\drivers\RTKVHDA.sys 516E2292F266C2F30089B5479C355858
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kl1.sys 871C226234A48C24DFE7478F36C0050C
C:\Windows\System32\DRIVERS\klif.sys 3D4FC0A34DFDDB931D65001839D73A5F
C:\Windows\System32\DRIVERS\klim6.sys 039FB019C92A16A54FE527D93B0CFB96
C:\Windows\System32\DRIVERS\klkbdflt.sys 249A266AF74ADE44AE8424E78D145E09
C:\Windows\System32\DRIVERS\klmouflt.sys 035724BA6D5676B76FD3AFB66AB4F1E3
C:\Windows\System32\DRIVERS\kltdi.sys 8FD802F86D4AB3FB329B8E51517BFF2A
C:\Windows\System32\DRIVERS\kneps.sys 8F932DF10408BCABA2FCF6163C843F8E
C:\Windows\System32\Drivers\ksecdd.sys B7895B4182C0D16F6EFADEB8081E8D36
C:\Windows\System32\Drivers\ksecpkg.sys D30159AC9237519FBC62C6EC247D2D46
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25
C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC
C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28u.sys 27EE4B406E2F26F6117A9A420BD4CB65
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B
C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys CB928D9E6DAF51879DD6BA8D02F01321
C:\Windows\System32\Drivers\RimUsb.sys 0F6756EF8BDA6DFA7BE50465C83132BB
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt86win7.sys EB0C65D79C94A5BA9713AB18E48874DB
C:\Windows\System32\drivers\RTSTOR.SYS 4501C8FE11DF3192FB68D0D595EA94CC
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 112127C3B2E64D7680CC39CD0A39DD7E
C:\Windows\System32\DRIVERS\srv2.sys E5DD784A4EE5EBC72A86C677C988FCDB
C:\Windows\System32\DRIVERS\srvnet.sys CDBE627E16CC9E98F343D73F8E81D258
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SynTP.sys 92B2F8252E45D234288CB52E7DB93093
C:\Windows\System32\drivers\tcpip.sys 7C0507D2391AF5933600CBCED799F277
C:\Windows\System32\DRIVERS\tcpip.sys 7C0507D2391AF5933600CBCED799F277
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl.sys EC1C23779BB41A8B2AB2AA6FCE308BDE
C:\Windows\system32\drivers\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbehci.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbhub.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 45F4E7BF43DB40A6C6B4D92C76CBC3F2
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7
C:\Windows\System32\DRIVERS\vwifimp.sys A3F04CBEA6C2A10E6CB01F8B47611882
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam.sys D6EFAF429FD30C5DF613D220E344CCE7
C:\Windows\System32\drivers\Wdf01000.sys A840213F1ACDCC175B4D1D5AAEAC0D7A
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys A67E5F9A400F3BD1BE3D80613B45F708
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070
C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-30 14:50 - 2014-11-02 21:17 - 00000000 ____D () C:\FRST
2014-10-29 06:45 - 2014-10-29 06:45 - 303912294 _____ () C:\Windows\MEMORY.DMP
2014-10-25 08:02 - 2014-10-25 08:02 - 00013063 _____ () C:\Users\PERSONAL\Downloads\[Chyuu] Nanatsu no Taizai - 03 [720p][4289E1FA].mkv.torrent
2014-10-23 05:37 - 2014-10-23 05:37 - 00029662 _____ () C:\Users\PERSONAL\Downloads\[DeadFish] Amagi Brilliant Park - 03 [720p][AAC].mp4.torrent
2014-10-23 05:37 - 2014-10-23 05:37 - 00025122 _____ () C:\Users\PERSONAL\Downloads\[DeadFish] Amagi Brilliant Park - 02 [720p][AAC].mp4.torrent
2014-10-19 03:54 - 2014-10-30 15:33 - 00000000 ____D () C:\Program Files\Rainmeter
2014-10-19 03:48 - 2014-10-29 21:38 - 00000000 ____D () C:\Users\PERSONAL\AppData\Roaming\Rainmeter
2014-10-19 03:48 - 2014-10-19 03:48 - 00000000 ____D () C:\Users\PERSONAL\Documents\Rainmeter
2014-10-19 03:46 - 2014-10-19 03:46 - 00916480 _____ () C:\Windows\expstart.exe
2014-10-19 03:45 - 2010-11-20 04:17 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.backup.exe
2014-10-19 03:37 - 2014-10-19 03:37 - 00000000 ____D () C:\Program Files\themes
2014-10-13 02:32 - 2014-10-13 02:32 - 00147864 _____ () C:\Windows\Minidump\101314-15506-01.dmp
2014-10-12 05:39 - 2014-10-12 05:39 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-12 05:39 - 2014-07-24 21:55 - 00096680 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge.dll
2014-10-12 05:39 - 2014-07-24 21:49 - 00272808 _____ (Oracle Corporation) C:\Windows\System32\javaws.exe
2014-10-12 05:39 - 2014-07-24 21:49 - 00175528 _____ (Oracle Corporation) C:\Windows\System32\javaw.exe
2014-10-12 05:39 - 2014-07-24 21:49 - 00175528 _____ (Oracle Corporation) C:\Windows\System32\java.exe
2014-10-12 05:38 - 2014-10-12 05:39 - 00005635 _____ () C:\Windows\System32\jupdate-1.7.0_67-b01.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 21:39 - 2013-07-28 21:17 - 00000000 ____D () C:\users\PERSONAL
2014-10-29 21:39 - 2009-07-13 23:49 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-29 21:39 - 2009-07-13 20:52 - 00000000 ____D () C:\Windows\Offline Web Pages
2014-10-29 21:39 - 2009-07-13 20:52 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-29 21:39 - 2009-07-13 18:37 - 00000000 __RSD () C:\Windows\Media
2014-10-29 21:39 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\wfp
2014-10-29 21:39 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\schemas
2014-10-29 21:39 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\rescache
2014-10-29 21:39 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-29 21:38 - 2014-02-26 04:04 - 00000000 ____D () C:\Users\PERSONAL\AppData\Roaming\SupTab
2014-10-29 21:38 - 2013-08-04 21:38 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2014-10-29 21:38 - 2013-08-04 01:04 - 00000000 ____D () C:\Users\PERSONAL\AppData\Roaming\uTorrent
2014-10-29 21:38 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\AppCompat
2014-10-29 21:38 - 2009-07-13 18:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-29 21:37 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\registration
2014-10-29 21:34 - 2013-08-29 02:14 - 00000000 ____D () C:\Users\PERSONAL\AppData\Roaming\Skype
2014-10-29 21:34 - 2013-08-26 05:14 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-10-29 21:34 - 2013-08-04 00:07 - 00000000 __RHD () C:\MSOCache
2014-10-29 21:34 - 2013-08-04 00:07 - 00000000 ____D () C:\Users\PERSONAL\Downloads\Applications
2014-10-29 05:02 - 2013-09-06 23:18 - 00004096 ___SH () C:\radial.cdb
2014-10-26 05:40 - 2013-09-19 18:37 - 00000000 ____D () C:\Windows\System32\MRT
2014-10-26 04:50 - 2013-07-29 11:11 - 01226970 _____ () C:\Windows\WindowsUpdate.log
2014-10-26 00:50 - 2013-07-28 21:19 - 00330666 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-10-26 00:36 - 2009-07-13 20:34 - 00019312 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-26 00:36 - 2009-07-13 20:34 - 00019312 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-26 00:28 - 2014-09-04 03:41 - 00000374 _____ () C:\Windows\System32\Drivers\etc\hosts.ics
2014-10-26 00:28 - 2009-07-13 20:39 - 00165753 _____ () C:\Windows\setupact.log
2014-10-25 23:04 - 2013-08-03 02:02 - 01092504 _____ () C:\Windows\PFRO.log
2014-10-24 22:32 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\System32\NDF
2014-10-23 05:02 - 2014-05-09 04:21 - 00000000 ____D () C:\Users\PERSONAL\Downloads\New OP
2014-10-22 04:20 - 2014-03-04 03:13 - 00000000 ____D () C:\Users\PERSONAL\AppData\Local\CrashDumps
2014-10-19 03:37 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Resources
2014-10-18 06:12 - 2014-09-15 06:01 - 00000000 ____D () C:\ProgramData\Freemake
2014-10-18 06:12 - 2014-09-15 06:01 - 00000000 ____D () C:\Program Files\Freemake
2014-10-15 02:03 - 2013-09-07 19:54 - 00000000 ____D () C:\Users\PERSONAL\AppData\Local\CSO
2014-10-13 03:16 - 2014-05-03 03:37 - 00000443 _____ () C:\Users\PERSONAL\AppData\Local\UserProducts.xml
2014-10-13 02:32 - 2013-08-23 18:31 - 00000000 ____D () C:\Windows\Minidump
2014-10-12 05:39 - 2013-09-13 04:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-12 05:39 - 2013-09-13 04:22 - 00000000 ____D () C:\Program Files\Java

Some content of TEMP:
====================
C:\Users\PERSONAL\AppData\Local\Temp\1_flashplayer.exe
C:\Users\PERSONAL\AppData\Local\Temp\appshat-distribution.exe
C:\Users\PERSONAL\AppData\Local\Temp\Baidu_Secure_SystemUp_3.7.1.41942.exe
C:\Users\PERSONAL\AppData\Local\Temp\bi_bridge.exe
C:\Users\PERSONAL\AppData\Local\Temp\BlackBerryDeviceManager.exe
C:\Users\PERSONAL\AppData\Local\Temp\BlackBerryLauncher.exe
C:\Users\PERSONAL\AppData\Local\Temp\DeltaTB.exe
C:\Users\PERSONAL\AppData\Local\Temp\DownloadManager.exe
C:\Users\PERSONAL\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\PERSONAL\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.14.exe
C:\Users\PERSONAL\AppData\Local\Temp\htmlayout.dll
C:\Users\PERSONAL\AppData\Local\Temp\i4jdel0.exe
C:\Users\PERSONAL\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\PERSONAL\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\PERSONAL\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\PERSONAL\AppData\Local\Temp\LemurLeap_sm.exe
C:\Users\PERSONAL\AppData\Local\Temp\ose00000.exe
C:\Users\PERSONAL\AppData\Local\Temp\PC_Faster_Setup_Mini_I01_S.exe
C:\Users\PERSONAL\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\PERSONAL\AppData\Local\Temp\Setup-D2502DD2B71B5-0FAC.exe
C:\Users\PERSONAL\AppData\Local\Temp\Setup-D2502DD2B71B5.exe
C:\Users\PERSONAL\AppData\Local\Temp\SkypeSetup.exe
C:\Users\PERSONAL\AppData\Local\Temp\tmAss_up.exe
C:\Users\PERSONAL\AppData\Local\Temp\tmp30A9.exe
C:\Users\PERSONAL\AppData\Local\Temp\toolbar26853746.exe
C:\Users\PERSONAL\AppData\Local\Temp\toolbar27421949.exe
C:\Users\PERSONAL\AppData\Local\Temp\uninstall26895040.exe
C:\Users\PERSONAL\AppData\Local\Temp\uninstall34069713.exe
C:\Users\PERSONAL\AppData\Local\Temp\uninstall34082786.exe
C:\Users\PERSONAL\AppData\Local\Temp\uninstall34082817.exe
C:\Users\PERSONAL\AppData\Local\Temp\UpdateCheckerSetup.exe


==================== Known DLLs (Whitelisted) ============

C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!.

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Restore Points  =========================

Restore point made on: 2014-10-26 04:51:36

==================== Memory info ===========================

Percentage of memory in use: 25%
Total physical RAM: 1973.86 MB
Available physical RAM: 1464.47 MB
Total Pagefile: 1973.86 MB
Available Pagefile: 1529.2 MB
Total Virtual: 2047.88 MB
Available Virtual: 1952.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:45.72 GB) NTFS
Drive d: (New Volume) (Fixed) (Total:195.31 GB) (Free:93.15 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:172.79 GB) (Free:73.57 GB) NTFS
Drive i: (RYAN) (Fixed) (Total:931.28 GB) (Free:778.54 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 28D5F473)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=172.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=195.3 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 17D825F8)
Partition 1: (Active) - (Size=931.5 GB) - (Type=0C)


LastRegBack: 2014-10-28 05:19

==================== End Of Log ============================

 

this is the text that i obtained after scanning it


  • 0

#6
Dakeyras
Posted 02 November 2014 - 08:48 AM

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,772 posts
Hi,

It has come to my attention that you are currently being assisted here. So by yourself being impatient and posting for assistance in multiple forums you have wasted the time I spent researching on your behalf. There are few enough trained Anti-Malware helpers as it is without our volunteer time being wasted plus receiving help from more than one source simultaneously would undoubtedly further exacerbate your machines overall issues.

My friendly advise for the future if you ever require assistance again, choose one forum only and wait patiently for a response and stick with that topic only.

This topic is now closed.
  • 1
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP