Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

System won't load (aswRvrt.sys) [Solved]


  • This topic is locked This topic is locked

#46
dinGospo89

dinGospo89

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
No i can't, gives me same error..
  • 0

Advertisements


#47
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts

Open FRST, click on list BCD and drivers MD5, then on Scan. Post the resulting report.


  • 0

#48
dinGospo89

dinGospo89

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017

Ran by SYSTEM on MININT-OP38GC3 (24-05-2017 21:08:01)

Running from G:\

Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 8

Boot Mode: Recovery

Default: ControlSet001

ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1815848 2009-07-14] (Synaptics Incorporated)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()

HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [167936 2008-07-06] (PowerISO Computing, Inc.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)

HKLM-x32\...\Run: [VitaKeyPdtWzd] => C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3571712 2009-09-22] (Egis Technology Inc.)

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)

Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64

Startup: C:\Users\Korisnik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk [2014-09-22]

ShortcutTarget: TornTvDownloader.lnk ->  (No File)

 

==================== Services (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)

S2 ATService; C:\Program Files (x86)\Fingerprint Sensor\AtService.exe [1815800 2009-09-20] (AuthenTec, Inc.)

S2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3449856 2009-09-22] (Egis Technology Inc.)

S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()

S2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)

S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time)

S2 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [638272 2014-06-03] (RealVNC Ltd)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

S2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [71272 2017-04-25] (Windscribe Limited)

 

===================== Drivers (Whitelisted) ======================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 A310; C:\Windows\System32\DRIVERS\AVerA310USB.sys [32256 2009-05-05] (AVerMedia TECHNOLOGIES, Inc.)

S3 BDASwCap; C:\Windows\System32\drivers\AVerA310Cap.sys [55296 2009-05-05] (AVerMedia TECHNOLOGIES, Inc.)

S1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-08-22] (REALiX™)

S2 int15; C:\Windows\SysWOW64\drivers\int15_64.sys [15656 2008-09-09] ()

S3 Neo_VPN; C:\Windows\System32\DRIVERS\neo_vpn.sys [22784 2016-09-02] (Trust.Zone VPN Project)

S3 nuvotoncir; C:\Windows\System32\DRIVERS\nuvotoncir.sys [48128 2009-06-24] (Nuvoton Technology Corporation)

S3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2017-04-20] (The OpenVPN Project)

 

========================== Drivers MD5 =======================

 

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\AVerA310USB.sys B4955772F5DF0E49E8698BC673484180

C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit

C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit

C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit

C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit

C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit

C:\Windows\system32\drivers\afd.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\agrsm64.sys ==> MD5 is legit

C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit

C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit

C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit

C:\Windows\system32\drivers\appid.sys ==> MD5 is legit

C:\Windows\system32\drivers\arc.sys ==> MD5 is legit

C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit

C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit

C:\Windows\System32\Drivers\ATSwpWDF.sys F97F384B0361C0DF4266F59F456D2D3E

C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit

C:\Windows\System32\drivers\AVerA310Cap.sys 5D923D480F04B1AAD23C5C562B0AB6F1

C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\bowser.sys 91CE0D3DC57DD377E690A2D324022B08

C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit

C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit

C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\circlass.sys ==> MD5 is legit

C:\Windows\System32\CLFS.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit

C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit

C:\Windows\System32\Drivers\cng.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit

C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit

C:\Windows\System32\drivers\csc.sys ==> MD5 is legit

C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ssudbus.sys 30710AEFCE721CEEE0F35EB6A01C263C

C:\Windows\System32\drivers\discache.sys ==> MD5 is legit

C:\Windows\System32\drivers\disk.sys ==> MD5 is legit

C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415

C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit

C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit

C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit

C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit

C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit

C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit

C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit

C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit

C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit

C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit

C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit

C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit

C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Fs_Rec.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit

C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit

C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit

C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A

C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit

C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit

C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\hidir.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit

C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit

C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit

C:\Windows\system32\drivers\HWiNFO64A.SYS D7E0591E2BA1289C875A9D948377441E

C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit

C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit

C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit

C:\Windows\SysWOW64\drivers\int15_64.sys 91B61589BB2915E81D436EFE07548507

C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit

C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit

C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit

C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit

C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\jmcr.sys 80A1DE467ADF200390134D63E359937A

C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit

C:\Windows\System32\Drivers\ksecdd.sys ==> MD5 is legit

C:\Windows\System32\Drivers\ksecpkg.sys ==> MD5 is legit

C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit

C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit

C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit

C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit

C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit

C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit

C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit

C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit

C:\Windows\System32\drivers\modem.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit

C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit

C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit

C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mrxsmb.sys FAF015B07E3A2874A790A39B7D2C579F

C:\Windows\System32\DRIVERS\mrxsmb10.sys 08E2345DF129082BCDFFDC1440F9C00D

C:\Windows\System32\DRIVERS\mrxsmb20.sys 108D87409C5812EF47D81E22843E8C9D

C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit

C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit

C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit

C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit

C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit

C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit

C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit

C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit

C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\neo_vpn.sys 2FEFE1E095146CE1822F00B0FAB3066A

C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\netw5v64.sys 64428DFDAF6E88366CB51F45A79C5F69

C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Ntfs.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\nuvotoncir.sys 6F09CB36C344B98356978B37BA9AD42B

C:\Windows\System32\drivers\nvhda64v.sys 6E41A4DF26340A07A489B721F9721EC1

C:\Windows\System32\DRIVERS\nvlddmkm.sys 24F526274353FF7BB93D99D238E582DA

C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit

C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit

C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit

C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit

C:\Windows\system32\drivers\parport.sys ==> MD5 is legit

C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit

C:\Windows\System32\drivers\pci.sys ==> MD5 is legit

C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit

C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit

C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit

C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit

C:\Windows\system32\drivers\processr.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit

C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit

C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit

C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit

C:\Windows\System32\Drivers\RDPWD.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit

C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit

C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit

C:\Windows\System32\Drivers\SCDEmu.sys 240CD9582625BC49CC9FA6FCAC883AA0

C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\sdbus.sys 111E0EBC0AD79CB0FA014B907B231CF0

C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit

C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit

C:\Windows\system32\drivers\serial.sys ==> MD5 is legit

C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit

C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit

C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit

C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit

C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit

C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit

C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit

C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\srv.sys 2098B8556D1CEC2ACA9A29CD479E3692

C:\Windows\System32\DRIVERS\srv2.sys D0F73A42040F21F92FD314B42AC5C9E7

C:\Windows\System32\DRIVERS\srvnet.sys 2BA8F3250828CCDB4204ECF2C6F40B6A

C:\Windows\System32\DRIVERS\ssudmdm.sys 91310683D7B6B292B746D60734B59322

C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit

C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit

C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\SynTP.sys 929C9FA0B18AD2EBC8340591C4BF00FF

C:\Windows\System32\DRIVERS\tapwindscribe0901.sys 267B8DAF6D74CCE8C16C06C0940EB6E8

C:\Windows\System32\drivers\tcpip.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\tcpip.sys ==> MD5 is legit

C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit

C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit

C:\Windows\System32\drivers\tdtcp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit

C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8

C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit

C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit

C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit

C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit

C:\Windows\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473

C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit

C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\usbehci.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit

C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit

C:\Windows\System32\DRIVERS\usbuhci.sys ==> MD5 is legit

C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50

C:\Windows\System32\DRIVERS\usb8023x.sys 70D05EE263568A742D14E1876DF80532

C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit

C:\Windows\System32\drivers\vga.sys ==> MD5 is legit

C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit

C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit

C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit

C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vncmirror.sys 93F279A2C172562050700A18FA84BE2E

C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit

C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit

C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit

C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit

C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit

C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit

C:\Windows\system32\drivers\wd.sys ==> MD5 is legit

C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit

C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit

C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D

C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit

C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit

C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2017-05-23 15:29 - 2017-05-24 07:24 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0

2017-05-19 22:39 - 2017-05-24 21:08 - 00000000 ____D C:\FRST

2017-05-08 08:38 - 2017-05-08 08:38 - 00019028 _____ C:\Users\Korisnik\Downloads\xxx-return-of-xander-cage-2017-720p.torrent

2017-05-01 10:49 - 2017-05-01 11:12 - 121553339 _____ C:\Users\Korisnik\Downloads\e92fe1a2448e52f99eb723a636a615451487815811-640-360-899-h264.mp4

2017-05-01 09:25 - 2017-05-01 09:25 - 00001075 _____ C:\Users\Public\Desktop\Windscribe.lnk

2017-05-01 09:25 - 2017-05-01 09:25 - 00000000 ____D C:\Users\Korisnik\AppData\Local\Windscribe

2017-05-01 09:23 - 2017-05-01 09:25 - 00000000 ____D C:\Program Files (x86)\Windscribe

2017-05-01 09:23 - 2017-05-01 09:23 - 15105200 _____ (Windscribe ) C:\Users\Korisnik\Downloads\windscribe_windows_1_62_build38.exe

2017-05-01 09:23 - 2017-04-20 18:16 - 00045560 _____ (The OpenVPN Project) C:\Windows\System32\Drivers\tapwindscribe0901.sys

2017-04-26 10:24 - 2017-04-06 07:08 - 00399944 _____ (AVAST Software) C:\Windows\System32\aswBoot.exe

2017-04-24 16:46 - 2017-04-26 10:26 - 00000000 ____D C:\Users\Korisnik\AppData\LocalLow\uTorrent

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2017-05-23 20:24 - 2017-03-01 13:23 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\BrowserExtensions

2017-05-23 20:08 - 2016-05-24 02:23 - 00000000 ____D C:\Users\Korisnik\AppData\Local\MalwareProtectionLive

2017-05-23 19:54 - 2015-02-14 04:20 - 00000000 ____D C:\ProgramData\AdPunisher

2017-05-23 18:54 - 2016-02-01 09:19 - 00000000 ____D C:\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98

2017-05-21 22:02 - 2009-07-13 21:32 - 00028672 _____ C:\Windows\System32\config\BCD-Template

2017-05-20 12:28 - 2009-07-13 19:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy

2017-05-20 12:28 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy

2017-05-11 12:27 - 2009-07-13 20:45 - 00006080 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2017-05-11 12:27 - 2009-07-13 20:45 - 00006080 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2017-05-11 12:26 - 2014-08-21 02:03 - 00000000 ____D C:\Users\Korisnik\AppData\Roaming\uTorrent

2017-05-11 11:22 - 2016-12-24 13:12 - 00000000 ____D C:\Users\Korisnik\Downloads\PopcornTime

2017-05-08 08:38 - 2016-02-10 07:17 - 00000000 ___SD C:\Users\Korisnik\AppData\LocalLow\Temp

2017-05-01 09:24 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf

2017-04-26 13:26 - 2014-10-23 13:49 - 00000000 ____D C:\Users\Korisnik\Desktop\2 cd

2017-04-26 10:28 - 2016-07-22 01:54 - 00000000 ____D C:\ProgramData\YTD Video Downloader

2017-04-24 10:05 - 2015-07-01 06:31 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk

2017-04-24 08:54 - 2016-12-15 08:05 - 00000000 _____ C:\Windows\SysWOW64\last.dump

2017-04-24 08:47 - 2014-09-23 12:59 - 00001012 __RSH C:\ProgramData\ntuser.pol

==================== Known DLLs (Whitelisted) =========================

 

==================== Bamital & volsnap ======================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\dnsapi.dll => MD5 is legit

C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============

 

==================== Restore Points =========================

 

==================== BCD ================================

Windows Boot Manager

--------------------

identifier              {bootmgr}

device                  partition=Y:

path                    \bootmgr

description             Windows Boot Manager

locale                  en-us

inherit                 {globalsettings}

default                 {default}

resumeobject            {eb6be27e-288f-11e4-9cad-d2520c9f213e}

displayorder            {default}

toolsdisplayorder       {memdiag}

timeout                 30

Windows Boot Loader

-------------------

identifier              {9b245ece-3eba-11e7-b063-c5b73e532ab9}

device                  ramdisk=[C:]\Recovery\eb6be27c-288f-11e4-9cad-d2520c9f213e\Winre.wim,{9b245ecf-3eba-11e7-b063-c5b73e532ab9}

path                    \windows\system32\winload.exe

description             Windows Recovery Environment (recovered)

locale                 

osdevice                ramdisk=[C:]\Recovery\eb6be27c-288f-11e4-9cad-d2520c9f213e\Winre.wim,{9b245ecf-3eba-11e7-b063-c5b73e532ab9}

systemroot              \windows

winpe                   Yes

 

Windows Boot Loader

-------------------

identifier              {default}

device                  partition=C:

path                    \windows\system32\winload.exe

description             Windows 7

locale                  en-us

inherit                 {bootloadersettings}

osdevice                partition=C:

systemroot              \windows

resumeobject            {eb6be27e-288f-11e4-9cad-d2520c9f213e}

nx                      OptIn

detecthal               Yes

winpe                   No

Resume from Hibernate

---------------------

identifier              {eb6be27e-288f-11e4-9cad-d2520c9f213e}

device                  partition=C:

path                    \windows\system32\winresume.exe

description             Windows Resume Application

locale                  en-us

inherit                 {resumeloadersettings}

filepath                \hiberfil.sys

Windows Memory Tester

---------------------

identifier              {memdiag}

device                  partition=Y:

path                    \boot\memtest.exe

description             Windows Memory Diagnostic

locale                  en-us

inherit                 {globalsettings}

badmemoryaccess         Yes

EMS Settings

------------

identifier              {emssettings}

bootems                 Yes

 

Debugger Settings

-----------------

identifier              {dbgsettings}

debugtype               Serial

debugport               1

baudrate                115200

RAM Defects

-----------

identifier              {badmemory}

Global Settings

---------------

identifier              {globalsettings}

inherit                 {dbgsettings}

                        {emssettings}

                        {badmemory}

 

Boot Loader Settings

--------------------

identifier              {bootloadersettings}

inherit                 {globalsettings}

                        {hypervisorsettings}

 

Hypervisor Settings

-------------------

identifier              {hypervisorsettings}

hypervisordebugtype     Serial

hypervisordebugport     1

hypervisorbaudrate      115200

Resume Loader Settings

----------------------

identifier              {resumeloadersettings}

inherit                 {globalsettings}

 

Device options

--------------

identifier              {9b245ecf-3eba-11e7-b063-c5b73e532ab9}

ramdisksdidevice        partition=C:

ramdisksdipath          \Recovery\eb6be27c-288f-11e4-9cad-d2520c9f213e\boot.sdi

 

Device options

--------------

identifier              {eb6be27d-288f-11e4-9cad-d2520c9f213e}

description             Ramdisk Options

ramdisksdidevice        partition=C:

ramdisksdipath          \Recovery\eb6be27c-288f-11e4-9cad-d2520c9f213e\boot.sdi

 

==================== Memory info ===========================

 

Percentage of memory in use: 15%

Total physical RAM: 4060.87 MB

Available physical RAM: 3439.46 MB

Total Virtual: 4059.02 MB

Available Virtual: 3430.5 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:45.13 GB) (Free:2.49 GB) NTFS

Drive e: () (Fixed) (Total:29.3 GB) (Free:21.59 GB) NTFS

Drive g: (Repair disc Windows 7 64-bit) (Removable) (Total:7.41 GB) (Free:7.22 GB) NTFS

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: D97CD97C)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=45.1 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=29.3 GB) - (Type=07 NTFS)

 

========================================================

Disk: 1 (Size: 7.4 GB) (Disk ID: 00D4BDAB)

Partition 1: (Active) - (Size=7.4 GB) - (Type=07 NTFS)

 

LastRegBack: 2017-05-08 11:09

 

==================== End of FRST.txt ============================


  • 0

#49
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts

Drivers also read OK. So it seems impossible to identify the file corrupted. I would suggest a repair install. For information see here.


  • 0

#50
dinGospo89

dinGospo89

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

I am sorry but i can't seem to understand these steps on your link, too many informations and its confusing me.. Could you like, write me or copy me exact steps what should i do? tnx


  • 0

#51
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts

It is very complicated. The idea is to install Windows as an upgrade, and not as a clean install to preserve your files and drivers, but there are risks involved as you must have the right version DVD or USB disk installation.

 

Before you do that, enter the BIOS setup utility and see how the configuration for the SATA drive is set, IDE or AHCI, or else?


  • 0

#52
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts
There should be and image file in that computer.
 
Download the enclosed file. Attached File  Fixlist.txt   48bytes   81 downloads Save it in the same location FRST is saved.
Open FRST as you did before and click on the Fix button. (it should take a while to search for that image.)

A log will be produced, fixlog.txt. Post it in your next reply
  • 0

#53
dinGospo89

dinGospo89

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

in BIOS stand "SATA Mode:  AHCI Mode"   but it can be changed to IDE..  and i have one more question, should my D2D settings be set to "enabled" or "disabled"?

bc's i think i have changed that settings when i first tried to search a solution to my problem.. it's enabled right now..

 

here is fixlog.txt

 

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017
Ran by SYSTEM (25-05-2017 20:34:09) Run:9
Running from G:\
Boot Mode: Recovery
==============================================
 
fixlist content:
*****************
CMD: Dir /a /s Y:\*.wim
CMD: Dir /a /s C:\*.wim
*****************
 
 
========= Dir /a /s Y:\*.wim =========
 
 Volume in drive Y is System Reserved
 Volume Serial Number is D6DC-DE3F
File Not Found
 
========= End of CMD: =========
 
 
========= Dir /a /s C:\*.wim =========
 
 Volume in drive C has no label.
 Volume Serial Number is A6E2-6DBB
 
 Directory of C:\Recovery\eb6be27c-288f-11e4-9cad-d2520c9f213e
 
11/20/2010  08:42 AM       169,213,970 Winre.wim
               1 File(s)    169,213,970 bytes
 
 Directory of C:\Windows\System32\oobe
 
11/20/2010  07:24 PM           637,042 FirstUXRes.WIM
               1 File(s)        637,042 bytes
 
 Directory of C:\Windows\winsxs\amd64_microsoft-windows-setup-component_31bf3856ad364e35_6.1.7601.17514_none_905283bdc3e1d2d8
 
11/20/2010  07:24 PM           637,042 FirstUXRes.WIM
               1 File(s)        637,042 bytes
 
     Total Files Listed:
               3 File(s)    170,488,054 bytes
               0 Dir(s)   2,677,174,272 bytes free
 
========= End of CMD: =========
 
 
==== End of Fixlog 20:36:31 ====

  • 0

#54
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts

in BIOS stand "SATA Mode: AHCI Mode" but it can be changed to IDE.. and i have one more question, should my D2D settings be set to "enabled" or "disabled"?

bc's i think i have changed that settings when i first tried to search a solution to my problem.. it's enabled right now..

 

 

As far as I know, the D2D should be enable.

 

Some people change the AHCI Mode to IDE, and the issue has been resolved. It is a risk that some people take.

 

There is no Recovery Image in the computer. I guess You must contact the manufacturer for the Recovery CDs.


  • 0

#55
dinGospo89

dinGospo89

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
So i just change to IDE and try to boot it normal way?
And one more thing.. is there any way that i can export my data from a computer (pictures,files) to usb stick and then have someone instal new windows to my laptop?
  • 0

Advertisements


#56
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts

You can use Notepad as a browser, copy and paste files from one location to the other. At the Recovery Environment command prompt type Notepad, select File -> Open, and there you go.


  • 0

#57
dinGospo89

dinGospo89

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

ok, i will first try to export files, and then change the SATA settings to IDE, it can't be worse as it is now.. can you help me with another issue, on my new laptop with windows 10, on desktop appeared 2 icons called "desktop.ini" im not sure why that happened and not sure if i should just delete them, and another thing is sometimes i get a message that my display driver stopped working and that it's recovered.. is that normal to happen on a brand new computer? 


  • 0

#58
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts

Desktop.ini are configuration files, part of Windows System. These files are hidden and it should be one on every folder. They content information such as:

 

[LocalizedFileNames]
[email protected]%SystemRoot%\system32\migwiz\MIGUIRes.dll,-103
 

-or-

[.ShellClassInfo]
[email protected]%SystemRoot%\system32\shell32.dll,-21769
IconResource=%SystemRoot%\system32\imageres.dll,-183

 

As System's files, should not be deleted, unless dropped by a virus.

 

Have you set your folder's options to un-hide system files?
 


  • 0

#59
dinGospo89

dinGospo89

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
I didnt set anything, i bought it new like week ago and after 2 days using it i saw these icons.. i didnt mess with a settings, i got mccaffe antivirus by default and it's telling me that my computer is safe all the time.. i saw someone showing how to hide that icons but i didn't wanted to mess until i check up with you first, bc's you'r the expert..
  • 0

#60
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 11,037 posts

Lets check that.

 

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another log (Addition.txt ). Please attach this to your reply.

 

 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP