Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 machine will not boot

stop error %hs missing C0000135

  • Please log in to reply

#1
Markus_Pioneer

Markus_Pioneer

    New Member

  • Member
  • Pip
  • 2 posts

Dear Community, 

 

I am having some difficulty with a Dell T3600 workstation running Windows 7 (64): it will not boot.

 

Instead it blue screens out with the following error.

 

"STOP: C0000135 The program can't start because %hs is missing from your computer."

 

As per your pinned forum topic 'Unbootable system tutorial..." I created a bootable AVG CD and scanned the machine.

 

IT only found some tracking cookies.

 

I then ran ran up recovery mode and executed FRST64.exe.

 

I will attach the results in the next post.

 

Thanks for any insight or comments you may have.

 

PS I will be away until the 5th of January after today (14:00 UTC), if you could leave the topic open I'd be grateful.

 


  • 0

Advertisements


#2
Markus_Pioneer

Markus_Pioneer

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-12-2014 01
Ran by SYSTEM on MININT-TAL17FH on 23-12-2014 12:44:58
Running from J:\
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2907240 2011-07-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [370584 2012-11-08] (Wave Systems Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2728736 2014-08-04] ()
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Popup] => c:\Program Files (x86)\MegaRAID Storage Manager\MegaPopup\Popup.exe [61440 2012-03-12] (LSI)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MVS Splash] => C:\Program Files (x86)\McAfee\Managed VirusScan\DesktopUI\XTray.exe [480872 2012-11-12] ()
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-13] (Microsoft Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\RichardWhittington\...\Run: [Spotify Web Helper] => C:\Users\RichardWhittington\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-17] (Spotify Ltd)
HKU\RichardWhittington\...\Run: [Akamai NetSession Interface] => C:\Users\RichardWhittington\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\RichardWhittington\...\Run: [DellSystemDetect] => C:\Users\RichardWhittington\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms
Lsa: [Authentication Packages] msv1_0 wvauth
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-29] (Microsoft Corporation)
S2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [225720 2012-11-19] ()
S2 hasplms; C:\Windows\system32\hasplms.exe [4683144 2014-07-14] (SafeNet Inc.)
S2 Live Job Reports 2014 R2; C:\Program Files (x86)\Planit\Live Job Reports 2014 R2\JobReports.WindowService.exe [26112 2014-06-04] (Planit)
S2 Live Job Reports 2015 R1; C:\Program Files (x86)\Planit\Live Job Reports 2015 R1\JobReports.WindowService.exe [29696 2014-12-05] (Planit)
S2 McAfee SiteAdvisor Enterprise Service; C:\Program Files (x86)\McAfee\SiteAdvisor Enterprise\McSACore.exe [161128 2014-03-05] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [242448 2013-12-17] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2013-12-17] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [185280 2013-12-17] (McAfee, Inc.)
S2 MSMFramework; c:\Program Files (x86)\MegaRAID Storage Manager\Framework\VivaldiFramework.exe [69632 2012-03-12] ()
S2 MSSQL$ECSQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ECSQLEXPRESS\MSSQL\Binn\sqlservr.exe [43129288 2012-06-28] (Microsoft Corporation)
S2 myAgtSvc; C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe [296400 2014-04-25] (McAfee, Inc.)
S2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [20480 2012-11-23] ()
S4 SQLAgent$ECSQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.ECSQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [379848 2012-06-28] (Microsoft Corporation)
S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] ()
S2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1758720 2012-11-19] (Wave Systems Corp.)
S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254384 2012-11-08] (Wave Systems Corp.)
S2 RumorServer; "C:\Program Files (x86)\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" /RunDLL=RumorServer.dll;ServiceHost [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2014-07-14] (SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2014-07-14] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2014-07-14] (SafeNet Inc.)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
S3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-22] (Dell Inc.)
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-07-14] (SafeNet Inc.)
S3 InputFilter_Hid_FlexDef2b; C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys [17920 2010-06-18] (Siliten)
S3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [1982952 2011-09-23] (Realtek Semiconductor Corp.)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [180272 2013-12-17] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311600 2013-12-17] (McAfee, Inc.)
S3 mfeavfk01; No ImagePath
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [520056 2013-12-17] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782968 2013-12-17] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [107032 2013-12-17] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344176 2013-12-17] (McAfee, Inc.)
S3 NmPar; C:\Windows\System32\DRIVERS\NmPar.sys [95744 2010-01-19] (Windows ® Codename Longhorn DDK provider)
S0 percsas2; C:\Windows\System32\drivers\percsas2.sys [53584 2012-06-02] (LSI Corporation)
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\aksdf.sys 3190C577746303CA4C65114441192FE2
C:\Windows\System32\DRIVERS\aksfridge.sys 2845A05E5AF65B5C7A143D637F08496D
C:\Windows\System32\DRIVERS\akshasp.sys 35E43EE8FE28CFD581E8CE42847DFE2B
C:\Windows\System32\DRIVERS\akshhl.sys 053B204554F104CB5DC3D94B61BDA458
C:\Windows\System32\DRIVERS\aksusb.sys 8D584711424446969B5E4CB16870A898
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 80B9412C4DE09147581FC935FB4C97AB
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\BthAudioHF.sys 07DCB3C254D584E3949FE2C0EE3963F2
C:\Windows\System32\DRIVERS\BthAvrcp.sys 832B121E4532919CC49F2438F1DCAA21
C:\Windows\System32\DRIVERS\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\drivers\bthav.sys DF07C6D98BA7F81D0571E366B1CD6672
C:\Windows\System32\DRIVERS\dcdbas64.sys E1617EC33B0B88FEC429BF6EB7B9FA52
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\e1c62x64.sys 5DB7CEB8FB44ABF01614E33BAD2056E0
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hardlock.sys 3921C845A24C62CA1F44EEF4826263E9
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\InputFilter_FlexDef2b.sys CAA8BC6737DFA3BF1A50175CFB226788
C:\Windows\System32\drivers\RTDVHD64.sys 38D9BF8B5E7755FC858FD49002F887EE
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 41774FF331F609EF442B7398EE6202B1
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 86614752D2FAE34CCD9E7B2AABA5FBEC
C:\Windows\System32\DRIVERS\mf.sys 8D0E52F36A153D099DE7D5A1E233FAC7
C:\Windows\System32\drivers\mfeapfk.sys E6868E69C56069E44D0FEF306BD5B17D
C:\Windows\System32\drivers\mfeavfk.sys C705DEF5D19EE51B590CE9BEC4F254EC
C:\Windows\System32\drivers\mfefirek.sys FE92670F9C90C59BD4ED29CFBB70BDC5
C:\Windows\System32\drivers\mfehidk.sys D4E5B1BA4942CC5627F55335012D0640
C:\Windows\System32\drivers\mferkdet.sys 93DEBC8AFC761BF6001DD80774EA870D
C:\Windows\System32\drivers\mfewfpk.sys 7178C594DCA97A1A9C3AD924CB138F61
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netvsc60.sys 73CE12B8BDD747B0063CB0A7EF44CEA7
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NmPar.sys 2F48AB72B6D554A41817020171DC53D6
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys A7127E86F9FFE2A53E271B56B2C4CEDF
C:\Windows\System32\DRIVERS\nusb3xhc.sys 49BBEC6F48D5F9284B03ABF3A959B19B
C:\Windows\System32\drivers\nvhda64v.sys 1F07B814C0BB5AABA703ABFF1F31F2E8
C:\Windows\System32\DRIVERS\nvlddmkm.sys D2F4130E60917588A766B5196D54A3D1
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys 946010CDFA91469351B22E2620CEBCD8
C:\Windows\System32\drivers\percsas2.sys 3FE0D7C06C2A62A6B82D529564684E74
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\VMBusVideoM.sys 4CDD7DF58730D23BA9CB5829A6E2ECEA
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys 17C6B51CBCCDED95B3CC14E22791F85E
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 91D3C92A44FC682DD791147604E79152
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys F7FFDF2A1D19A76A87759126B244C816
C:\Windows\System32\DRIVERS\usbhub.sys 245FE7FC634D6A993E682E0A9EBA4ABB
C:\Windows\system32\drivers\usbohci.sys C1A8966E0D09BFB501045105B30D86F2
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 2E682DCE4319A90E02A327F8A427544A
C:\Windows\System32\DRIVERS\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys DF8126BD41180351A093A3AD2FC8903B
C:\Windows\System32\DRIVERS\vpchbus.sys B4A73CA4EF9A02B9738CEA9AD5FE5917
C:\Windows\System32\DRIVERS\vpcnfltr.sys E675FB2B48C54F09895482E2253B289C
C:\Windows\System32\DRIVERS\vpcusb.sys 5FB42082B0D19A0268705F1DD343DF20
C:\Windows\System32\drivers\vpcvmm.sys 207B6539799CC1C112661A9B620DD233
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-23 12:44 - 2014-12-23 12:44 - 00000000 ____D () C:\FRST
2014-12-23 07:34 - 2014-12-23 07:35 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-22 08:53 - 2014-12-22 08:53 - 00003536 ____N () C:\bootsqm.dat
2014-12-22 08:51 - 2014-12-22 08:51 - 00000000 __SHD () C:\found.005
2014-12-19 05:29 - 2014-12-19 05:38 - 00036864 _____ () C:\Users\RichardWhittington\Downloads\Pioneer Quote 0386.xls
2014-12-19 05:26 - 2014-12-19 05:26 - 00031744 _____ () C:\Users\RichardWhittington\Downloads\Pioneer Quote 0386 increased discount.xls
2014-12-16 01:38 - 2014-12-16 01:38 - 00107168 _____ () C:\Users\MarkWood.PIONEEROILTOOLS\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-16 01:38 - 2014-12-16 01:38 - 00000000 ___RD () C:\Users\MarkWood.PIONEEROILTOOLS\Virtual Machines
2014-12-16 01:38 - 2014-12-16 01:38 - 00000000 ____D () C:\Users\MarkWood.PIONEEROILTOOLS\AppData\Roaming\Windows Small Business Server
2014-12-16 01:38 - 2014-12-16 01:38 - 00000000 ____D () C:\Users\MarkWood.PIONEEROILTOOLS\AppData\Roaming\McAfee
2014-12-16 01:38 - 2014-12-16 01:38 - 00000000 ____D () C:\Users\MarkWood.PIONEEROILTOOLS\AppData\Roaming\Adobe
2014-12-16 01:38 - 2014-12-16 01:38 - 00000000 ____D () C:\Users\MarkWood.PIONEEROILTOOLS\AppData\Local\VirtualStore
2014-12-16 01:38 - 2014-12-16 01:38 - 00000000 ____D () C:\Users\MarkWood.PIONEEROILTOOLS\AppData\Local\Planit
2014-12-16 01:37 - 2014-12-16 01:38 - 00000000 ____D () C:\users\MarkWood.PIONEEROILTOOLS
2014-12-16 01:37 - 2014-12-16 01:37 - 00000858 __RSH () C:\Users\MarkWood.PIONEEROILTOOLS\ntuser.pol
2014-12-16 01:37 - 2014-12-16 01:37 - 00000020 ___SH () C:\Users\MarkWood.PIONEEROILTOOLS\ntuser.ini
2014-12-15 12:59 - 2014-12-15 12:59 - 00262192 _____ () C:\Windows\Minidump\121514-22604-01.dmp
2014-12-13 21:58 - 2014-12-22 08:24 - 00005014 _____ () C:\Windows\System32\Tasks\WSCEAA
2014-12-11 09:04 - 2014-11-21 00:38 - 02237952 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-12-11 09:04 - 2014-11-21 00:38 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-12-11 09:04 - 2014-11-21 00:37 - 01409536 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-12-11 09:04 - 2014-11-21 00:37 - 00600576 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 19283456 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 15400960 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 02655232 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00451584 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00281600 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00255488 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-12-11 09:04 - 2014-11-21 00:36 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-12-11 09:04 - 2014-11-21 00:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-12-11 09:04 - 2014-11-20 23:17 - 14364672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-11 09:04 - 2014-11-20 23:17 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-11 09:04 - 2014-11-20 23:17 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-11 09:04 - 2014-11-20 23:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-11 09:04 - 2014-11-20 23:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-11 09:04 - 2014-11-20 23:17 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 13758976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-11 09:04 - 2014-11-20 23:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-11 09:04 - 2014-11-20 23:16 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-11 09:04 - 2014-11-20 23:00 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-12-11 09:04 - 2014-11-20 22:54 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-11 09:04 - 2014-11-20 22:31 - 00441856 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2014-12-11 09:04 - 2014-11-20 22:24 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-11 09:04 - 2014-11-20 22:05 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2014-12-11 09:04 - 2014-11-20 21:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-12-11 05:00 - 2014-12-11 05:00 - 00104296 _____ () C:\Users\RichardWhittington\Downloads\Discovery 1250 - Siemens 810D.mcp
2014-12-11 03:22 - 2014-12-11 03:22 - 00001295 _____ () C:\Users\Public\Desktop\Part Modeler 2015 R1.lnk
2014-12-11 03:22 - 2014-12-11 03:22 - 00001290 _____ () C:\Users\Public\Desktop\Live Job Reports 2015 R1.lnk
2014-12-11 03:10 - 2014-12-11 03:10 - 00001277 _____ () C:\Users\Public\Desktop\Edgecam 2015 R1 Launcher.lnk
2014-12-10 02:12 - 2014-12-10 02:12 - 03540144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-10 01:23 - 2014-11-10 19:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2014-12-10 01:23 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-11-26 06:49 - 2014-11-26 06:49 - 03326785 _____ () C:\Users\RichardWhittington\Downloads\Five Axis.zip
2014-11-25 16:43 - 2014-11-25 16:43 - 00000000 __SHD () C:\found.004
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-22 08:26 - 2013-03-02 08:53 - 01339125 _____ () C:\Windows\WindowsUpdate.log
2014-12-22 08:12 - 2013-03-02 00:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-22 07:04 - 2013-05-03 06:54 - 00000160 _____ () C:\Windows\System32\config\netlogon.ftl
2014-12-22 00:27 - 2014-06-23 06:19 - 00000000 ____D () C:\vero
2014-12-21 23:55 - 2009-07-13 20:45 - 00021312 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-21 23:55 - 2009-07-13 20:45 - 00021312 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-21 23:52 - 2013-08-05 00:29 - 00000000 ____D () C:\Users\RichardWhittington\AppData\Local\Deployment
2014-12-21 23:46 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-21 23:46 - 2009-07-13 20:51 - 00171484 _____ () C:\Windows\setupact.log
2014-12-19 06:02 - 2009-07-13 21:13 - 00000000 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-12-19 03:02 - 2014-11-11 04:59 - 00000000 ____D () C:\Users\RichardWhittington\AppData\Local\Mozilla Firefox
2014-12-18 19:02 - 2014-04-10 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-12-15 12:59 - 2013-05-02 05:46 - 218873472 _____ () C:\Windows\MEMORY.DMP
2014-12-15 12:59 - 2013-05-02 05:46 - 00000000 ____D () C:\Windows\Minidump
2014-12-11 19:22 - 2013-10-21 22:52 - 00000000 ____D () C:\Users\camuser\Documents\Planit
2014-12-11 19:18 - 2013-05-16 15:14 - 00000000 ____D () C:\Users\camuser\AppData\Local\Planit
2014-12-11 05:11 - 2013-05-08 23:10 - 00000000 ____D () C:\Users\Public\Documents\Planit
2014-12-11 03:22 - 2013-05-08 23:10 - 00000000 ____D () C:\Users\RichardWhittington\AppData\Local\Planit
2014-12-11 03:22 - 2013-05-06 04:12 - 00000000 ____D () C:\Program Files (x86)\Planit
2014-12-11 03:14 - 2014-10-22 07:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-11 03:13 - 2013-05-06 04:38 - 00000000 ____D () C:\Program Files\Common Files\Planit
2014-12-11 03:12 - 2013-05-06 04:27 - 00000000 ____D () C:\ProgramData\Planit
2014-12-11 03:07 - 2013-05-06 04:15 - 00000000 ____D () C:\Users\Superuser\AppData\Local\Planit
2014-12-10 02:13 - 2010-11-20 19:47 - 00160038 _____ () C:\Windows\PFRO.log
2014-12-10 02:12 - 2013-03-02 00:02 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 02:12 - 2013-03-02 00:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 00:09 - 2014-01-31 05:18 - 00000000 ____D () C:\EDGECAM
2014-11-26 09:12 - 2013-03-02 00:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
 
Some content of TEMP:
====================
C:\Users\camuser\AppData\Local\Temp\robocopy.exe
C:\Users\MarkWood\AppData\Local\Temp\OfficeSetup.exe
C:\Users\MarkWood\AppData\Local\Temp\SetupHomeBusinessRetail.x86.en-US_HomeBusinessRetail_T69NJ-DPQWF-8Y4KJ-8DXFG-PDHGP_act_1_.exe
C:\Users\RichardWhittington\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\RichardWhittington\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\RichardWhittington\AppData\Local\Temp\fp_pl_pfs_installer-3.exe
C:\Users\RichardWhittington\AppData\Local\Temp\fp_pl_pfs_installer-4.exe
C:\Users\RichardWhittington\AppData\Local\Temp\fp_pl_pfs_installer-5.exe
C:\Users\RichardWhittington\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\RichardWhittington\AppData\Local\Temp\install_flashplayer11x32axau_gtba_chra_dy_aaa_aih.exe
C:\Users\RichardWhittington\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih.exe
C:\Users\RichardWhittington\AppData\Local\Temp\install_reader11_uk_gtba_chra_dy_aaa_aih.exe
C:\Users\RichardWhittington\AppData\Local\Temp\install_reader11_uk_gtba_chra_dy_aaa_aih_1.exe
C:\Users\RichardWhittington\AppData\Local\Temp\install_reader11_uk_gtba_chra_dy_aaa_aih_2.exe
C:\Users\RichardWhittington\AppData\Local\Temp\robocopy.exe
C:\Users\Superuser\AppData\Local\Temp\AcDeltree.exe
C:\Users\Superuser\AppData\Local\Temp\hdinst_x64.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
C:\Windows\System32\kernel32.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\kernel32.dll IS MISSING <==== ATTENTION!
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== Restore Points  =========================
 
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {9c0ecca8-8356-11e2-b1b7-90b11c894d9c}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {9c0ecca8-8356-11e2-b1b7-90b11c894d9c}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{9c0eccab-8356-11e2-b1b7-90b11c894d9c}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{9c0eccab-8356-11e2-b1b7-90b11c894d9c}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {9c0ecca8-8356-11e2-b1b7-90b11c894d9c}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {9c0eccab-8356-11e2-b1b7-90b11c894d9c}
description             Ramdisk Options
ramdisksdidevice        partition=Y:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 10%
Total physical RAM: 8117.75 MB
Available physical RAM: 7267.11 MB
Total Pagefile: 8115.95 MB
Available Pagefile: 7243.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:455.53 GB) (Free:310.23 GB) NTFS
Drive e: (W7SP1_PROFESSIONAL) (CDROM) (Total:5.23 GB) (Free:0 GB) UDF
Drive j: () (Removable) (Total:0.94 GB) (Free:0.92 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (RECOVERY) (Fixed) (Total:10.2 GB) (Free:3.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: A66BBF87)
Partition 1: (Not Active) - (Size=32 MB) - (Type=DE)
Partition 2: (Active) - (Size=10.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 5 (Size: 961 MB) (Disk ID: 29EA8A21)
Partition 1: (Not Active) - (Size=961 MB) - (Type=06)
 
 
LastRegBack: 2014-12-15 01:16
 
==================== End Of Log ============================

  • 0






Similar Topics


Also tagged with one or more of these keywords: stop error, %hs missing, C0000135

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP