Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win 8.1 won't boot (corrupted aswRvrt.sys) - need fixlist.txt [Sol

Started by joanna03 , Feb 23 2019 08:07 AM

  • This topic is locked This topic is locked

#1
joanna03
Posted 23 February 2019 - 08:07 AM

joanna03

    Member

  • Member
  • PipPip
  • 22 posts
My laptop suddenly won't boot anymore, can't get it out of Automatic repair loop. After various attempts (chkdsk, System restore), I checked SrtTrail.txt and it says 'aswRvrt.sys is missing or corrupt'. Saw this is quite a common issue and the way to go is using FRST to scan the system and use a fixlist after. 
I need some guidance with the fixlist, as this is the first time I use FRST and don't want to maybe make things worst with a wrong fixlist.
Here's the FRST.txt:
 

 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.02.2019
Ran by SYSTEM on MININT-SUURDP6 (22-02-2019 07:27:03)
Running from D:\
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [178496 2018-04-19] (ESET, spol. s r.o. -> ESET)
...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
...\Run: [STO Backup Service] => C:\Program Files (x86)\SmarThru Office\BackUpSvr.exe [184320 2009-06-30] ()
...\Run: [STO Launcher Service] => C:\Program Files (x86)\SmarThru Office\x64\LegacyLauncher.exe [381440 2009-06-30] ()
...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\ssmmgr.exe [614400 2009-08-31] ()
...\Run: [IMMON] => C:\Program Files (x86)\IM Magician\Vicamon.exe [143360 2010-09-28] (Vimisoft Studio)
HKLM-x32\...\Run: [IMMONSUPPORT] => "C:\Program Files (x86)\IM Magician\vmonproc.exe" /cls=IMMAGICIAN_CAMERA_MONITOR_I /exe=Vicamon.exe
...\Run: [PaperPort PTD] => C:\Program Files (x86)\Scansoft\PaperPort\pptd40nt.exe [45108 2003-05-20] (ScanSoft, Inc.)
...\Run: [IndexSearch] => C:\Program Files (x86)\Scansoft\PaperPort\IndexSearch.exe [36864 2003-05-20] ()
...\Run: [PP8 Reminder] => C:\Program Files (x86)\Scansoft\PaperPort\WebEreg\NAVBrowser.exe [729088 2003-02-27] (ScanSoft, Inc.)
...\Run: [CheckNDISPort50ac54] => C:\Program Files (x86)\3G Hostless Modem\CheckNDISPort_df.exe [468736 2014-09-20] (ZTE CORPORATION -> )
...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\3G Hostless Modem\CancelAutoPlay_df.exe [447744 2014-09-20] (ZTE CORPORATION -> )
...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [456160 2018-11-22] (Power Software Limited -> Power Software Ltd)
...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
...\RunOnce: [*Restore] => C:\WINDOWS\system32\rstrui.exe [273920 2014-10-28] (Microsoft Corporation)
HKU\.NET v2.0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-28] (Microsoft Corporation)
HKU\.NET v2.0 Classic\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-28] (Microsoft Corporation)
HKU\.NET v4.5\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-28] (Microsoft Corporation)
HKU\.NET v4.5 Classic\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-28] (Microsoft Corporation)
HKU\Classic .NET AppPool\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-28] (Microsoft Corporation)
HKU\DefaultAppPool\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-28] (Microsoft Corporation)
HKU\GuestUser\...\Run: [uTorrent] => C:\Users\GuestUser\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-07-07] (BitTorrent Inc -> BitTorrent Inc.)
HKU\Ioana\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\Ioana\...\Run: [DellSystemDetect] => C:\Users\Ioana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [370 2013-05-25] ()
HKU\Ioana\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-24] (Yahoo! Inc. -> Yahoo! Inc.)
HKU\MSSQL$SQLEXPRESS\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-28] (Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.VMnc] => C:\Windows\SysWOW64\vmnc.dll [360528 2013-02-25] (VMware, Inc. -> VMware, Inc.)
HKLM\...\Drivers32: [VIDC.MPG4] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Drivers32: [VIDC.MP42] => C:\Windows\SysWOW64\mpg4c32.dll [420240 2001-05-11] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Ioana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-11-02]
ShortcutTarget: Dropbox.lnk -> C:\windows\system32\config\systemprofile\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [660768 2007-12-06] (ABBYY Software House -> ABBYY (BIT Software))
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
S2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-18] (AVAST Software s.r.o. -> AVAST Software)
S2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET, spol. s r.o. -> ESET)
S3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2240264 2018-04-19] (ESET, spol. s r.o. -> ESET)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation - pGFX -> Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc. -> McAfee, Inc.)
S2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [62218696 2012-06-28] (Microsoft Corporation -> Microsoft Corporation)
S2 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441288 2012-06-28] (Microsoft Corporation -> Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation)
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 Xerox MFP Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\XrxFaxServer64.exe [230912 2012-01-26] (Xerox)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-02-18] ()
S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [205400 2019-02-18] ()
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [225680 2019-02-18] ()
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196072 2019-02-18] ()
S0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320696 2019-02-18] ()
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [57960 2019-02-18] ()
S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249456 2019-02-18] ()
S1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-02-18] ()
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [167304 2019-02-18] ()
S1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-02-18] ()
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-02-18] ()
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034432 2019-02-18] ()
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474456 2019-02-18] ()
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216784 2019-02-18] ()
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [379952 2019-02-18] ()
S3 BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [600088 2015-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-08-27] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (BoiseTest -> Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows ® Win 7 DDK provider)
S3 dot4usb; C:\Windows\system32\DRIVERS\dot4usb.sys [43944 2013-06-04] (BoiseTest -> Microsoft Corporation)
S1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [137928 2018-04-12] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15872 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
S1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [196112 2018-04-12] (ESET, spol. s r.o. -> ESET)
S1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [108320 2018-04-12] (ESET, spol. s r.o. -> ESET)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [321992 2012-06-28] (Microsoft Corporation -> Microsoft Corporation)
S3 RTL8168; C:\Windows\system32\DRIVERS\Rt630x64.sys [591360 2013-06-18] (Microsoft Windows -> Realtek )
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2013-08-22] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-28] (Microsoft Corporation)
S0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc. -> VMware, Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation -> Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
========================== Drivers MD5 =======================
 
C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\Windows\System32\drivers\ACPI.sys 508526EB2308D259DB8542FF50E9112C
C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\system32\drivers\afd.sys B246BEE99740A2A357E21D863A18774D
C:\Windows\System32\drivers\agp440.sys 20FFFCA6E9870E358DBE402F7DBD3E6C
C:\Windows\System32\DRIVERS\ahcache.sys FE14D249D39368CA62D8DA6BC94AC694
C:\Windows\System32\drivers\amdk8.sys 4A3FAD94DC163A7C145EB7609D38925C
C:\Windows\System32\drivers\amdppm.sys 466133F035543C450C6AC00B8860FDA4
C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\Windows\system32\drivers\appid.sys 2949C9F3F4E8C7A7D2F9F0C115A69C23
C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\Windows\System32\drivers\aswArDisk.sys BFEC40D7A1C705A3DFFBEED0DDBB3A77
C:\Windows\System32\drivers\aswArPot.sys C55C904DA3479E497E1AFCEAAFB6DC00
C:\Windows\System32\drivers\aswbidsdriver.sys 8523BF0BF89A48C8A0872127364176B3
C:\Windows\System32\drivers\aswbidsh.sys DFF4C4315F4A34C7A5AC53A949568F5D
C:\Windows\System32\drivers\aswblog.sys FC9B82AFF13FB55809122D48A7E94D0F
C:\Windows\System32\drivers\aswbuniv.sys 6730350BA3A888441A9728002DD553F3
C:\Windows\System32\drivers\aswHdsKe.sys F9216B7EB09B213B959E95B7D238566A
C:\Windows\System32\drivers\aswKbd.sys 041C5731545C38749825E4FDC1A36645
C:\Windows\System32\drivers\aswMonFlt.sys 358D3504EF8F307DFD129362557ED76C
C:\Windows\System32\drivers\aswRdr2.sys 5BE218DF3F6115072FB2645089FDA301
C:\Windows\System32\drivers\aswRvrt.sys 4F4F437E5507A27C7DB791B771FE5465
C:\Windows\System32\drivers\aswSnx.sys 0B32EBC4D992B2C22B0537802F5A2007
C:\Windows\System32\drivers\aswSP.sys 6151499EBF8B27CA95FACEFAD48B1994
C:\Windows\System32\drivers\aswStm.sys 2C88D232E24ADC6D38BD9F2EB72EE8AF
C:\Windows\System32\drivers\aswVmm.sys 8D24837E2C8623DCF398407B5A07CB79
C:\Windows\system32\DRIVERS\asyncmac.sys 3DB7721F06BC2FEDB25029EA23AB27DA
C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\Windows\system32\DRIVERS\athw8x.sys 2C7676F892E88FD190F08D98048C7C6C
C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\Windows\System32\drivers\BasicRender.sys BF002CF6CA41491665F7D3DCA51B7EFB
C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\Windows\System32\DRIVERS\bowser.sys A9DB66E4A411D06B2EB41B3C39922BD0
C:\Windows\system32\DRIVERS\btfilter.sys 25B35FDD5FE5666DC49CCC0BC6A9AD81
C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\Windows\System32\drivers\BthEnum.sys 12418846B057E4F92FC621F5C6CF737D
C:\Windows\System32\drivers\bthhfenum.sys 272A62B660A48AEF366F8A1836CED19F
C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\Windows\system32\DRIVERS\BthLEEnum.sys D30C67473A2E229662D21F27EAA9AAA5
C:\Windows\System32\drivers\bthmodem.sys EF4B9E7C9AD88C00C18A12B0D22D1894
C:\Windows\System32\drivers\bthpan.sys D0AF91AF656E25AD8617EFA5B52EF457
C:\Windows\System32\Drivers\BTHport.sys B810B2B39CCA90DC6BF42AF1658AE0D1
C:\Windows\System32\Drivers\BTHUSB.sys 52A1B7ECAB4C9EF70FD41241691E09D3
C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\Windows\System32\drivers\cdrom.sys D61EDE3D49B04E703AEC3B111C763F42
C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\Windows\System32\drivers\CLFS.sys 83798256E1662C64991267FB95E1149F
C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\Windows\System32\Drivers\cng.sys 6B3BFBC8A93CA85851CAF9C5ACF89824
C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\Windows\System32\drivers\csc.sys E40884ED6E4FFD6593B800C220261698
C:\Windows\System32\drivers\dam.sys 389C998C64319CD97625B0550E52ECFA
C:\Windows\System32\Drivers\dfsc.sys D1049D4D1311D43F6FCF180CAA5BF78B
C:\Windows\system32\Drivers\DgiVecp.sys 2D589A2C024B2FB238535DB9F7B3597D
C:\Windows\System32\drivers\disk.sys BF6D8575DDF30384939B2D5251F27C1F
C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\Windows\system32\DRIVERS\Dot4.sys C0AA415718DDD13A136E353844628A65
C:\Windows\System32\drivers\Dot4Prt.sys CC88A1D8A39752859101ECCE1F1BC888
C:\Windows\system32\DRIVERS\dot4usb.sys 292ADB7C57B5457F18F2FC06934B0B40
C:\Windows\system32\drivers\drmkaud.sys 00C594D5A1DBD22AD8B2902B9F6EFF94
C:\Windows\System32\drivers\dxgkrnl.sys B49A6DD8166B3D2115B86FD5E7293B9B
C:\Windows\System32\DRIVERS\eamonm.sys 3ED680D059FF1B8B95DA290874C82DD9
C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\Windows\System32\DRIVERS\eelam.sys 2B561CC1C21D613BB530DD0C1A5FDED7
C:\Windows\system32\DRIVERS\ehdrv.sys F6DC653FCBC7460830287D0A0B7288BC
C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\Windows\system32\DRIVERS\epfwwfp.sys 3629B865B720E8728538D5EF7ED0F672
C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\Windows\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265
C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\Windows\System32\drivers\fltmgr.sys E8F02B7A595B9E7F0A38BDB1C40C60A5
C:\Windows\System32\drivers\FsDepends.sys A7C31B168F371E8E6796219F23E354DB
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\Windows\System32\DRIVERS\fvevol.sys 2C8D12C3C6E6FA87795B3328BDA85EB0
C:\Windows\System32\drivers\fxppm.sys 49E44F7804BD7575639A833ADC89A1B4
C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\Windows\System32\Drivers\msgpioclx.sys 8DF1254093B5C354CE725EB6B9B0DE19
C:\Windows\system32\drivers\hcmon.sys 3CC07DAD48FA53193AE2F85DD8200B5E
C:\Windows\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\Windows\System32\drivers\HDAudBus.sys D4B7ED39C7900384D9E5C1283F1E7926
C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\Windows\System32\drivers\hidbth.sys 42F88B57CAE42FC10059C887B3FCFCEA
C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\Windows\System32\drivers\hidusb.sys 49676FEC898AB2A11B157F848269A56E
C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\Windows\System32\drivers\HTTP.sys E45EB7AE6C890F2C8DE8F160AC641C8A
C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\Windows\System32\drivers\i8042prt.sys 49EE0AE9E5B64FFBBD06D55C4984B598
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\Windows\System32\drivers\iaStorA.sys 459016E8A4FA6426EDB5A9456A6E5E58
C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\Windows\system32\DRIVERS\igdkmd64.sys CEFA6BDB4789F3DA003ACBDCC64F5877
C:\Windows\system32\drivers\intelaud.sys B1F193AB8FB72E9FC34B3A39314ED872
C:\Windows\system32\DRIVERS\IntcDAud.sys 87871AB7AC797F922A6F3D4C874CED96
C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\Windows\System32\drivers\intelpep.sys 7AA01AB1C110916825E6E1389F1B9AF2
C:\Windows\System32\drivers\intelppm.sys 24FF99B76037E1449E4E2E6DDF03F417
C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\Windows\System32\drivers\IPMIDrv.sys C800DCD904016B2BF6AB541083770A3A
C:\Windows\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD
C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\Windows\System32\drivers\isapnp.sys 00AD710037F4A4F00CDDD94CBA7BABEA
C:\Windows\System32\drivers\msiscsi.sys 6205F494094FC3DB755CB1139917D058
C:\Windows\System32\drivers\iwdbus.sys DD1F43B86AD84E53203F92FD3EF3AEB6
C:\Windows\System32\drivers\kbdclass.sys 5917AFE4A3F695A54B99C1849C8207FE
C:\Windows\System32\drivers\kbdhid.sys 8CD840A062F6BDF41DDE3ACB96164B72
C:\Windows\System32\drivers\kbldfltr.sys 16D1DB11507C2E4B43E13755325EDED9
C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\Windows\System32\Drivers\ksecdd.sys 304DA394D958BC3B62AF6DF514005B01
C:\Windows\System32\Drivers\ksecpkg.sys A2EA29C09F31A60BF97EF2FF1F4A0DB1
C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\Windows\system32\drivers\luafv.sys B0AF753AF28303BB69C67BD85F06FFC9
C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\Windows\System32\drivers\HECIx64.sys 2BB3EAE2EA641515D4B205CAB29E1624
C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\Windows\System32\drivers\mouclass.sys 08374E4E5B8914DE6067CBA99F61E930
C:\Windows\System32\drivers\mouhid.sys 5FCBAB60598AE119E02B4C27DE6B99EA
C:\Windows\System32\drivers\mountmgr.sys E5E8665272EBCD87A0A632314F0D221D
C:\Windows\System32\drivers\mpsdrv.sys BC08EC552C7238F437902FD300811D7E
C:\Windows\system32\drivers\mrxdav.sys 3F818C1518DA702C8F10259095C9BDE0
C:\Windows\System32\DRIVERS\mrxsmb.sys 58F495747F93F5ED547A08E414168905
C:\Windows\System32\DRIVERS\mrxsmb10.sys AFE6DC2E57E876175BA074AD2CB5594F
C:\Windows\System32\DRIVERS\mrxsmb20.sys B37B58F9F80A51098C42663D5FA5F2BA
C:\Windows\system32\DRIVERS\bridge.sys F3C060444777A59FC63D920719E43CCD
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\Windows\System32\drivers\msisadrv.sys 15552CD43BD9DA6C00659167403D19E6
C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\Windows\system32\DRIVERS\mslldp.sys 51B3AC0560848CD6D65AC2033E293113
C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys E97AB73CF5D6B77783F33B488F027C5F
C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\Windows\System32\Drivers\mup.sys 438EA7A2D8D4F9B8AFB64748ACA70BA8
C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\Windows\system32\DRIVERS\nwifi.sys F3A70F2C79D91B7C95F78E959DEDAD0E
C:\Windows\System32\drivers\ndis.sys FCE3B49118A5431585D8BD884A98CE46
C:\Windows\system32\DRIVERS\ndiscap.sys 8CECC8DA55F3274181FD1EA28AD76664
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 269882812E9A68FFF1AFE1283D428322
C:\Windows\system32\DRIVERS\ndistapi.sys DC1D9F692C2AD84C214584C28501C1F7
C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\Windows\system32\DRIVERS\ndiswan.sys C3755FCF9A0B5C6FE8ED9E873B85D3CE
C:\Windows\system32\DRIVERS\ndiswan.sys C3755FCF9A0B5C6FE8ED9E873B85D3CE
C:\Windows\System32\Drivers\NDProxy.sys 4F5178EEF4CC259F0A8CF56C2F16ADDB
C:\Windows\System32\drivers\Ndu.sys 3083926D1CC5B56EA0786527B557DD1B
C:\Windows\system32\DRIVERS\netaapl64.sys EE00C544C025958AF50C7B199F3C8595
C:\Windows\System32\DRIVERS\netbios.sys AD6A78E25BBC916354753A500C4E73C8
C:\Windows\System32\DRIVERS\netbt.sys 0FE750800DEEE91D22399D081371BA79
C:\Windows\System32\drivers\netvsc63.sys 39935F3D3582A8B3387E9A2ED4C85413
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\Windows\System32\drivers\nsiproxy.sys 018510D88536798852DAE12F9BA6E138
C:\Windows\System32\Drivers\Ntfs.sys D5E28708D2577AC235DEE5819B8381A2
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\Windows\System32\drivers\nv_agp.sys 9D1D5F4A66790A6B6B83B49497DB7A9F
C:\Windows\System32\drivers\parport.sys 57DCE4FB0467986AE78E1C6FC5240D32
C:\Windows\System32\drivers\partmgr.sys BAFF6122CFC9F95CA175AD8C348179A4
C:\Windows\System32\drivers\pci.sys 9C1015B033ABDFC59584F480207AECDD
C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\Windows\System32\drivers\pdc.sys E6B3ACBA06BAF48594557FCCBFA66FD2
C:\Windows\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6
C:\Windows\system32\DRIVERS\raspptp.sys E075CC071022BD4E9BE7C024717C0E0A
C:\Windows\System32\drivers\processr.sys 400E95F70BC0336D206139C930C3F7F6
C:\Windows\system32\DRIVERS\pacer.sys DEF4D00D1E55B1E29138A1541D0B82D3
C:\Windows\system32\drivers\qwavedrv.sys 83868EB2924E6BC21A54337C65D614D1
C:\Windows\System32\DRIVERS\rasacd.sys B337B1F1E82A83E20A1743E008E25C0F
C:\Windows\system32\DRIVERS\AgileVpn.sys D5ECE7E7F349EB3C4B152AFF3577280D
C:\Windows\system32\DRIVERS\rasl2tp.sys 235624C147E3CB4C288D5D3D8E8D64A2
C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\Windows\system32\DRIVERS\rassstp.sys 41F631007A158FEBB67F0E2AD1601BBA
C:\Windows\System32\DRIVERS\rdbss.sys 3560C2D5A5DAC09BF81F5C5CD0029192
C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\Windows\System32\drivers\rdpvideominiport.sys BC8A79C625568DDB7DCA49D0C2741A64
C:\Windows\System32\drivers\rdyboost.sys 468F9F3886DD3320357ECDBFF838DBBF
C:\Windows\System32\Drivers\ReFS.sys F807518801626DB0AB1A422F42DCD40E
C:\Windows\System32\drivers\rfcomm.sys DC66AE45816614D2999DCD3834DCCC4E
C:\Windows\System32\DRIVERS\RsFx0153.sys D82CBE4DAE42763493A62E9DF786B458
C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\Windows\System32\Drivers\RtsUVStor.sys 8EB6DCEB7473C232D8BC9A886E3183AC
C:\Windows\system32\DRIVERS\Rt630x64.sys 19764658C1468C2C0CEF133D28414A6B
C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\Windows\System32\Drivers\SCDEmu.sys 92EAE8DEC1F992DB12AA23D9D55F264A
C:\Windows\System32\DRIVERS\scfilter.sys DEA731D96816F1F67C32F49E4EF248DD
C:\Windows\System32\drivers\sdbus.sys C54B6B2170BF628FD42F799A66956D75
C:\Windows\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\Windows\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\Windows\System32\drivers\serenum.sys 1F0135949A6AD6025F363F80FE268251
C:\Windows\System32\drivers\serial.sys 81633C87B42B63BA484A6177179AC750
C:\Windows\System32\drivers\sermouse.sys 148195AE95D9BC7375A08846439FDAC1
C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\Windows\System32\drivers\spaceport.sys F6AF6499C3788105EA7AF1DA27769A77
C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\Windows\System32\DRIVERS\srv.sys CA62440584866C8435AF39E70C8CDDDD
C:\Windows\System32\DRIVERS\srv2.sys 0E125F0E63DEEFFF1E51147A6E320B3C
C:\Windows\System32\DRIVERS\srvnet.sys D540461FE5B752BCB967FDE979B9E712
C:\Windows\system32\Drivers\SSPORT.sys 0211AB46B73A2623B86C1CFCB30579AB
C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\Windows\System32\drivers\vmstorfl.sys 8B9486B64E5FC17FB9CC04CA10B77A34
C:\Windows\System32\drivers\stornvme.sys 1D5A045F59D216448FCDE3A8D69970E2
C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\Windows\System32\drivers\storvsp.sys B3A905F6E860F1C58264592F8393E322
C:\Windows\System32\drivers\swenum.sys 65454187E0F8B6C0DCECB0287D06EC43
C:\Windows\System32\drivers\tcpip.sys 713486B22199DF02D2FCF04EEAD436F5
C:\Windows\system32\DRIVERS\tcpip.sys 713486B22199DF02D2FCF04EEAD436F5
C:\Windows\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4
C:\Windows\system32\DRIVERS\tdx.sys 576FA545FAB846B06E79B324160DE25C
C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\Windows\system32\drivers\tpm.sys 80A2FC1A089A71F2DBE5D8394FFB009F
C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\Windows\System32\drivers\TsUsbGD.sys 20185BEB7512EDE4EFECDFA148AC9F99
C:\Windows\system32\DRIVERS\tunnel.sys E85916632CD3B9E9B546968DB950BF42
C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\Windows\System32\drivers\ucx01000.sys 42FF91AAAFB5BFA7FE0F5A31E8D83AE3
C:\Windows\System32\DRIVERS\udfs.sys C61EAF8E1E4B2F62BA4FDF457440B2C6
C:\Windows\System32\drivers\UEFI.sys 5DFA6081BE0AE39EA5B3A38CAC6A961F
C:\Windows\System32\drivers\uliagpkx.sys 4EF2D1DCFFC75ADFFFDD471BD9EBEDCC
C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\Windows\System32\Drivers\usbaapl64.sys F957092C63CD71D85903CA0D8370F473
C:\Windows\System32\drivers\usbccgp.sys 621317D14B93CBFBD5694767EFB6B40A
C:\Windows\System32\drivers\usbcir.sys 0139248F6B95CF0D837B5B46A2722D40
C:\Windows\System32\drivers\usbehci.sys C996CBEF922B5653A01E3F50DDCE2F86
C:\Windows\System32\drivers\usbhub.sys E30B159760053C5A1297D2CD08046CD7
C:\Windows\System32\drivers\UsbHub3.sys 5C90D5379B53590FBB24BBAD4FA682EE
C:\Windows\System32\drivers\usbohci.sys A0F0484C97D6441ED6A75D7426ECCC9E
C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\Windows\system32\DRIVERS\usbscan.sys 0F030491BA4A27BD46F8B8ACEEE83F1A
C:\Windows\System32\drivers\USBSTOR.SYS 9D168BFA334D47BE404367EB58D4E130
C:\Windows\System32\drivers\usbuhci.sys FC974B03C8B87455F44F734C8F31A3C8
C:\Windows\System32\Drivers\usbvideo.sys 5C8F604F6DC74177CDD8372D7B1ADFF0
C:\Windows\System32\drivers\USBXHCI.SYS 3413BCA17155F82614A3F18518923475
C:\Windows\system32\DRIVERS\usb8023x.sys B73B55A194BEAF71985211279585A316
C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\Windows\System32\drivers\vhdmp.sys 8ABB4BABF59F092DF0B43778D8FD1884
C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\Windows\System32\drivers\Vid.sys B3E4A4979435A1D68B3F609DDFC3BC6F
C:\Windows\System32\drivers\vmbus.sys 511AD3FF957A0127E6BD336FF6F89C38
C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\Windows\System32\drivers\vmbusr.sys 8BFFE6885F680EE9FE7091A704303F84
C:\Windows\System32\drivers\vmci.sys 6203C901DEFF10631AAD919B3BD1489B
C:\Windows\system32\drivers\VMkbd.sys E75DDD0A4768CF509C80E76B8428A644
C:\Windows\system32\DRIVERS\vmnetadapter.sys AEF53B47E960F227BF7638A6A1A9D5C6
C:\Windows\system32\DRIVERS\vmnetbridge.sys C234A1DC2F06A15B9210787F54253810
C:\Windows\system32\drivers\vmnetuserif.sys 25FBBC8C168AEE1753C330352EA6D009
C:\Windows\system32\drivers\vmx86.sys D37CB37BF3FB6612BCA19D81EFA16122
C:\Windows\System32\drivers\volmgr.sys 436E1A724E7E683F6B612D3D58F04241
C:\Windows\System32\drivers\volmgrx.sys 7DD4EAE2E680948D9AFF3E1B5234C1D3
C:\Windows\System32\drivers\volsnap.sys 17F7B0F2298D97F4B6C7A69511033D3D
C:\Windows\System32\drivers\vpci.sys DAC438FB5FF85A9E72806E2341D5D732
C:\Windows\System32\drivers\vpcivsp.sys BA4D0CF5F303A70BE5F02858CB892BEA
C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\Windows\System32\drivers\vsock.sys EF1E48D431223F670CFFD6169B1A136F
C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys F972436B5ED08069A1E7D623B77C226A
C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\Windows\System32\drivers\vwifibus.sys 71066FF95C487327E44C8AF1B72EBE8B
C:\Windows\system32\DRIVERS\vwififlt.sys 29AB43937FFDA0B0FB56984226E698C6
C:\Windows\system32\DRIVERS\vwifimp.sys 8B8624A93E3F88CB923AEB05B6313227
C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\Windows\system32\DRIVERS\wanarp.sys 0CDC9B605FD262F9C205C8CEE77A65DE
C:\Windows\system32\DRIVERS\wanarp.sys 0CDC9B605FD262F9C205C8CEE77A65DE
C:\Windows\system32\drivers\WdBoot.sys F2E08D1C067FEFC3A42D21FD4810F1D3
C:\Windows\System32\drivers\wdcsam64.sys A556768CC1FA4F36022BEE2F0EDE2566
C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\Windows\system32\drivers\WdFilter.sys E234820E6B84ABA5E84E00227F505AE8
C:\Windows\System32\Drivers\WdNisDrv.sys A74AD6D80AC26E1B5DD276FC927F2BAC
C:\Windows\System32\DRIVERS\wfplwfs.sys B3E08E32BD082100928C6BA18AE5E526
C:\Windows\System32\drivers\wimmount.sys 5F66B7BB330AA80067FC66149A692620
C:\Windows\System32\drivers\WinUsb.sys 3AF1FA17F1C4ACBDB660D8F98B1A9C13
C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
C:\Windows\System32\DRIVERS\wpcfltr.sys A2468CC3509394A33C4C32F99563D845
C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\Windows\System32\drivers\WSDPrint.sys F586F3F1BF962FE9AE4316E0D896B22F
C:\Windows\system32\DRIVERS\WSDScan.sys 58035FD3369879E02D65989C44D27450
C:\Windows\System32\drivers\WudfPf.sys 481286719402E4BAEFEA0604AB1B5113
C:\Windows\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\Windows\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\Windows\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
C:\Windows\System32\drivers\WUDFRd.sys D7B4859227B02BCC1055B279A63C937F
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-02-21 22:08 - 2019-02-21 23:06 - 000000000 ___HD C:\$SysReset
2019-02-21 21:52 - 2019-02-21 21:54 - 000000000 ____D C:\FRST
2019-02-21 06:28 - 2019-02-21 23:26 - 144179200 _____ C:\Windows\System32\config\SOFTWARE
2019-02-21 06:28 - 2019-02-21 21:54 - 013107200 _____ C:\Windows\System32\config\SYSTEM
2019-02-21 06:28 - 2019-02-19 08:28 - 000262144 _____ C:\Windows\System32\config\SECURITY
2019-02-21 06:28 - 2019-02-19 08:28 - 000262144 _____ C:\Windows\System32\config\SAM
2019-02-21 06:28 - 2019-02-18 22:21 - 004718592 _____ C:\Windows\System32\config\DEFAULT
2019-02-19 08:29 - 2019-02-20 22:18 - 000000000 _____ C:\Recovery.txt
2019-02-18 22:15 - 2019-02-18 22:13 - 000362888 _____ C:\Windows\System32\aswBoot.exe
2019-02-12 23:20 - 2019-02-05 18:07 - 003323392 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2019-02-12 23:20 - 2019-02-05 17:43 - 003616768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-12 23:20 - 2019-02-05 16:53 - 002780160 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2019-02-12 23:20 - 2019-02-05 16:44 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-02-12 23:20 - 2019-01-25 17:02 - 025736192 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2019-02-12 23:20 - 2019-01-25 16:32 - 005778944 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2019-02-12 23:20 - 2019-01-25 16:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-12 23:20 - 2019-01-25 15:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2019-02-12 23:20 - 2019-01-25 15:34 - 004858880 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2019-02-12 23:20 - 2019-01-25 15:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-12 23:20 - 2019-01-25 15:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-02-12 23:20 - 2019-01-25 15:22 - 001556480 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2019-02-12 23:20 - 2019-01-25 15:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-12 23:20 - 2019-01-08 22:36 - 001901688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-02-12 23:20 - 2019-01-08 22:27 - 002533920 _____ (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2019-02-12 23:20 - 2019-01-08 19:34 - 001755136 _____ (Microsoft Corporation) C:\Windows\System32\GdiPlus.dll
2019-02-12 23:19 - 2019-01-25 16:38 - 002902528 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2019-02-12 23:19 - 2019-01-25 16:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2019-02-12 23:19 - 2019-01-25 16:24 - 000790016 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2019-02-12 23:19 - 2019-01-25 16:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-02-12 23:19 - 2019-01-25 16:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-02-12 23:19 - 2019-01-25 15:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-02-12 23:19 - 2019-01-25 15:56 - 001033216 _____ (Microsoft Corporation) C:\Windows\System32\inetcomm.dll
2019-02-12 23:19 - 2019-01-25 15:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2019-02-12 23:19 - 2019-01-25 15:36 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-02-12 23:19 - 2019-01-25 15:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-02-12 23:19 - 2019-01-25 15:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2019-02-12 23:19 - 2019-01-25 15:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-02-12 23:19 - 2019-01-25 15:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-02-12 23:19 - 2019-01-11 17:36 - 000058880 _____ (Microsoft Corporation) C:\Windows\System32\mf3216.dll
2019-02-12 23:19 - 2019-01-11 17:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-12 23:19 - 2019-01-11 17:18 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-12 23:19 - 2019-01-08 22:24 - 007371512 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2019-02-12 23:19 - 2019-01-08 19:34 - 000134656 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 23:19 - 2019-01-08 19:21 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-02-12 23:19 - 2019-01-08 19:21 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-12 23:19 - 2019-01-07 20:54 - 000032896 ____C (Microsoft Corporation) C:\Windows\System32\Drivers\hidparse.sys
2019-02-12 23:19 - 2019-01-07 17:22 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-12 23:19 - 2019-01-07 17:22 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-02-12 23:19 - 2019-01-05 09:48 - 004168704 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2019-02-12 23:19 - 2019-01-05 09:47 - 000684032 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2019-02-12 23:19 - 2019-01-05 09:46 - 000243200 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2019-02-12 23:19 - 2018-12-27 09:57 - 000805376 _____ (Microsoft Corporation) C:\Windows\System32\winhttp.dll
2019-02-12 23:19 - 2018-12-27 08:30 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-02-12 23:19 - 2018-12-08 08:01 - 000513376 _____ C:\Windows\SysWOW64\locale.nls
2019-02-12 23:19 - 2018-12-08 08:01 - 000513376 _____ C:\Windows\System32\locale.nls
2019-02-12 23:19 - 2018-12-02 02:08 - 000179712 _____ (Microsoft Corporation) C:\Windows\System32\itss.dll
2019-02-12 23:19 - 2018-12-01 08:44 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-02-12 23:19 - 2018-10-12 05:19 - 000998480 _____ (Microsoft Corporation) C:\Windows\System32\ucrtbase.dll
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-02-21 23:08 - 2013-08-22 07:36 - 000000000 __RSD C:\Windows\Media
2019-02-21 23:08 - 2013-08-22 07:36 - 000000000 ____D C:\Windows\SysWOW64\ras
2019-02-21 23:08 - 2013-08-22 07:36 - 000000000 ____D C:\Windows\System32\ras
2019-02-21 23:08 - 2013-08-22 07:36 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-02-21 23:06 - 2018-12-13 06:39 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2019-02-21 23:06 - 2015-08-30 23:03 - 000000000 ____D C:\Program Files (x86)\3G Hostless Modem
2019-02-21 23:06 - 2014-01-04 09:35 - 000000000 ____D C:\Users\GuestUser\AppData\Roaming\vlc
2019-02-21 23:05 - 2013-08-22 07:36 - 000000000 ____D C:\Windows\rescache
2019-02-21 23:05 - 2013-08-22 05:36 - 000000000 ____D C:\Windows\System32\Sysprep
2019-02-21 23:05 - 2013-08-22 05:36 - 000000000 ____D C:\Windows\Inf
2019-02-18 22:21 - 2013-08-22 06:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-18 22:14 - 2018-11-27 01:09 - 000474456 _____ C:\Windows\System32\Drivers\aswSP.sys
2019-02-18 22:14 - 2018-11-27 01:09 - 000379952 _____ C:\Windows\System32\Drivers\aswVmm.sys
2019-02-18 22:14 - 2018-11-27 01:09 - 000249456 _____ C:\Windows\System32\Drivers\aswHdsKe.sys
2019-02-18 22:14 - 2018-11-27 01:09 - 000216784 _____ C:\Windows\System32\Drivers\aswStm.sys
2019-02-18 22:14 - 2018-11-27 01:09 - 000167304 _____ C:\Windows\System32\Drivers\aswMonFlt.sys
2019-02-18 22:14 - 2018-11-27 01:09 - 000112312 _____ C:\Windows\System32\Drivers\aswRdr2.sys
2019-02-18 22:14 - 2018-11-27 01:09 - 000087944 _____ C:\Windows\System32\Drivers\aswRvrt.sys
2019-02-18 22:14 - 2018-11-27 01:09 - 000042288 _____ C:\Windows\System32\Drivers\aswKbd.sys
2019-02-18 22:13 - 2019-01-06 22:28 - 000037104 _____ C:\Windows\System32\Drivers\aswArDisk.sys
2019-02-18 22:13 - 2018-11-27 01:09 - 001034432 _____ C:\Windows\System32\Drivers\aswSnx.sys
2019-02-18 22:13 - 2018-11-27 01:09 - 000205400 _____ C:\Windows\System32\Drivers\aswArPot.sys
2019-02-18 22:13 - 2015-01-18 03:16 - 000000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0331023f2e37a.job
2019-02-18 22:12 - 2019-01-14 05:42 - 000225680 _____ C:\Windows\System32\Drivers\aswbidsdriver.sys
2019-02-18 22:12 - 2019-01-06 22:28 - 000320696 _____ C:\Windows\System32\Drivers\aswblog.sys
2019-02-18 22:12 - 2019-01-06 22:28 - 000196072 _____ C:\Windows\System32\Drivers\aswbidsh.sys
2019-02-18 22:12 - 2019-01-06 22:28 - 000057960 _____ C:\Windows\System32\Drivers\aswbuniv.sys
2019-02-18 22:12 - 2014-10-17 22:31 - 000000000 __SHD C:\Users\GuestUser\IntelGraphicsProfiles
2019-02-18 08:32 - 2014-10-17 15:05 - 000000000 ____D C:\users\GuestUser
2019-02-18 08:04 - 2015-05-14 19:54 - 000000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08ec2ddae7f4b.job
2019-02-18 07:59 - 2015-09-16 06:59 - 000000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0f0903c38805c.job
2019-02-18 04:35 - 2014-11-06 03:43 - 000003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2BE2ED02-709B-4182-80C2-EBBFCEA5C788}
2019-02-17 22:23 - 2014-10-17 15:05 - 000000000 ____D C:\users\DefaultAppPool
2019-02-16 08:30 - 2014-10-17 15:05 - 000000000 ____D C:\users\Ioana
2019-02-16 05:33 - 2013-05-18 08:36 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1264719983-1477980593-2100799426-1004
2019-02-16 03:27 - 2018-11-27 01:07 - 000004078 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1543309621
2019-02-14 02:22 - 2017-02-23 01:02 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-13 22:36 - 2015-01-18 03:16 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-02-13 22:23 - 2013-08-22 06:44 - 000485408 _____ C:\Windows\System32\FNTCACHE.DAT
2019-02-13 08:55 - 2013-08-22 05:25 - 000524288 ___SH C:\Windows\System32\config\BBI
2019-02-13 04:20 - 2018-11-27 01:10 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-02-13 02:50 - 2012-07-25 23:59 - 000000000 ____D C:\Windows\CbsTemp
2019-02-13 02:40 - 2013-08-15 20:48 - 000000000 ____D C:\Windows\System32\MRT
2019-02-13 02:26 - 2013-05-22 08:08 - 129330784 ____C (Microsoft Corporation) C:\Windows\System32\MRT.exe
2019-02-12 23:26 - 2017-09-18 22:11 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-12 23:26 - 2017-09-18 22:11 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-02-12 23:26 - 2013-08-22 07:36 - 000000000 ____D C:\Windows\System32\Macromed
2019-02-12 23:25 - 2013-08-22 07:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-12 06:02 - 2014-09-23 23:17 - 001092016 _____ C:\Windows\System32\PerfStringBackup.INI
2019-02-02 12:07 - 2019-01-14 05:34 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-02-02 12:07 - 2019-01-14 05:34 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== KnownDLLs (Whitelisted) =========================
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe
[2018-04-17 22:10] - [2018-01-01 20:32] - 000571392 _____ (Microsoft Corporation) 4294D7AD504EA206A4A03DB29311B6C2
 
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2019-01-12 06:42] - [2018-12-07 19:49] - 000809472 _____ (Microsoft Corporation) 3BC25B8189367964F8CEBCFAF05FB6D0
 
C:\Windows\System32\dnsapi.dll
[2018-07-19 22:36] - [2018-06-08 09:54] - 000656384 _____ (Microsoft Corporation) C9C6033116C4F7128AC11A7096765E92
 
C:\Windows\SysWOW64\dnsapi.dll
[2018-07-19 22:36] - [2018-06-08 08:44] - 000499200 _____ (Microsoft Corporation) E38864C62641DF22A4AFD2B6C59BD61B
 
C:\Windows\System32\dllhost.exe
[2015-03-11 22:33] - [2014-10-28 19:55] - 000019264 _____ (Microsoft Corporation) 9361355721F51E3A25DF53702D10E9DE
 
C:\Windows\SysWOW64\dllhost.exe
[2015-03-11 22:56] - [2014-10-28 19:09] - 000017216 _____ (Microsoft Corporation) CC05C14EEFF5E7813A49718BA88E59B0
 
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Windows\System32\InputHost.dll IS MISSING <==== ATTENTION
 
==================== Association (Whitelisted) =============
 
 
==================== Restore Points  =========================
 
Restore point date: 2019-02-06 04:34
Restore point date: 2019-02-13 02:23
Restore point date: 2019-02-21 22:33
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {0da08f89-56ac-11e4-84ac-9db82c4c7382}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \WINDOWS\system32\winload.exe
description             Windows 8.1
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {current}
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
osdevice                partition=C:
systemroot              \WINDOWS
resumeobject            {0da08f89-56ac-11e4-84ac-9db82c4c7382}
nx                      OptIn
bootmenupolicy          Standard
 
Windows Boot Loader
-------------------
identifier              {216e527c-c012-11e2-beb5-81307adeadd2}
device                  ramdisk=[Y:]\Recovery\216e527c-c012-11e2-beb5-81307adeadd2\Winre.wim,{216e527d-c012-11e2-beb5-81307adeadd2}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
displaymessageoverride  Recovery
osdevice                ramdisk=[Y:]\Recovery\216e527c-c012-11e2-beb5-81307adeadd2\Winre.wim,{216e527d-c012-11e2-beb5-81307adeadd2}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
 
Windows Boot Loader
-------------------
identifier              {current}
device                  ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{ebf8fde0-56ac-11e4-84ac-9db82c4c7382}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
locale                  en-US
inherit                 {bootloadersettings}
displaymessage          Recovery
osdevice                ramdisk=[Y:]\Recovery\WindowsRE\Winre.wim,{ebf8fde0-56ac-11e4-84ac-9db82c4c7382}
systemroot              \windows
nx                      OptIn
bootmenupolicy          Standard
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {0da08f89-56ac-11e4-84ac-9db82c4c7382}
device                  partition=C:
path                    \WINDOWS\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {current}
recoveryenabled         No
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No
 
Resume from Hibernate
---------------------
identifier              {216e527a-c012-11e2-beb5-81307adeadd2}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
recoverysequence        {216e527c-c012-11e2-beb5-81307adeadd2}
recoveryenabled         Yes
allowedinmemorysettings 0x15000075
filedevice              partition=C:
filepath                \hiberfil.sys
bootmenupolicy          Standard
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 No
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {216e527d-c012-11e2-beb5-81307adeadd2}
description             Windows Recovery
ramdisksdidevice        partition=Y:
ramdisksdipath          \Recovery\216e527c-c012-11e2-beb5-81307adeadd2\boot.sdi
 
Device options
--------------
identifier              {216e527e-c012-11e2-beb5-81307adeadd2}
description             Windows Setup
ramdisksdidevice        partition=C:
ramdisksdipath          \$WINDOWS.~BT\Sources\SafeOS\boot.sdi
 
Device options
--------------
identifier              {ebf8fde0-56ac-11e4-84ac-9db82c4c7382}
description             Windows Recovery
ramdisksdidevice        partition=Y:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 21%
Total physical RAM: 3971.35 MB
Available physical RAM: 3103.69 MB
Total Virtual: 3971.35 MB
Available Virtual: 3134.17 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:199.66 GB) (Free:125.14 GB) NTFS
Drive d: () (Removable) (Total:7.49 GB) (Free:7.48 GB) FAT32
Drive f: (Stuff) (Fixed) (Total:498.34 GB) (Free:26.57 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.49 GB) (Free:0.49 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.04 GB) NTFS ==>[system with boot components (obtained from drive)]
 
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 22CDD94B)
Partition 1: (Not Active) - (Size=300 MB) - (Type=DE)
Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=199.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=498.3 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 146C0B36)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0B)
 
LastRegBack: 2019-02-17 22:50
 
==================== End of FRST.txt ============================

Edited by JSntgRvr, 23 February 2019 - 07:35 PM.
Remove quotes

  • 0

Advertisements

#2
iMacg3
Posted 23 February 2019 - 10:23 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Welcome to the Geeks to go malware removal forum.
I'm iMacg3 and will be helping you.

Please keep the following information in mind before we begin:
  • Do not run any fixes or tools on your system unless I request that you do so.
  • Please read all instructions carefully, and complete them in the order listed.
  • If your computer seems to start working normally, please don't abandon the topic. Just because your computer doesn't seem to have a problem doesn't mean that it isn't infected.
  • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
  • If you don't respond to your topic in 5 days, it will be closed. You can have it reopened by contacting me or any Moderator by pm with the address of the thread.
  • If you have questions at any time during the cleanup, feel free to ask.
--------------------

Download the attached fixlist.txt and save it to your USB flash drive, along with FRST64.exe.

Attached File  fixlist.txt   73bytes   637 downloads

Boot to the Recovery Environment Command Prompt again.

Once in the command prompt
  • In the command prompt, type notepad and press on Enter;
  • Notepad will open. Click on the File menu and select Open;
  • Click on Computer/This PC, find the letter for your USB Flash Drive, then close the window and Notepad;
  • In the command prompt, type e:\frst.exe (for the x64 version, type e:\frst64.exe and press on Enter;
  • Note: Replace the letter e with the drive letter of your USB Flash Drive;
  • FRST will open;
  • Click on Yes to accept the disclaimer;
  • Click on the Fix button and wait for the scan to complete;
  • A log called fixlog.txt will be saved on your USB Flash Drive. Attach it in your next reply;

  • 0

#3
joanna03
Posted 24 February 2019 - 05:50 AM

joanna03

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Unfortunately I wasn't patient and tried a fixlist I compiled, I attached the fixlog. Still can't boot, I get a BSOD saying INACCESIBLE_BOOT_DEVICE.

And in SrtTrail.txt there's now 'Startup has tried several times but still can't determine the cause of the problem'

Also, I tried booting from a Win 8 installation DVD -> Repair -> cmd -> and ran:

bootrec /fixmbr

bootrec /fixboot

bootrec /scanos

bootrec /rebuildbcd

 

but still, same BSOD.

Did I mess things up ?

 

Also, I wanted to copy some files from a user's desktop, but I only see 1 of the 2 accounts I have on the laptop in \Users, what could cause this ?

Attached Files


Edited by joanna03, 24 February 2019 - 05:59 AM.

  • 0

#4
iMacg3
Posted 24 February 2019 - 09:35 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

Please do not run a FRST fix unless you know exactly what you are doing, or are under the guidance of a trained helper.
Otherwise, it could cause damage to your operating system.

--------------------

Boot to the Recovery Environment again, then launch FRST64.exe from the Command Prompt. Make sure the box for List BCD is checked, and click Scan.
The tool will create a log on the USB flash drive (FRST.txt) Copy and paste its contents into your next reply.
  • 0

#5
joanna03
Posted 24 February 2019 - 12:33 PM

joanna03

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

I've attached the results of a new scan. Thank you for taking the time to help me

Attached Files

  • Attached File  FRST.txt   56.2KB   648 downloads

Edited by joanna03, 24 February 2019 - 12:35 PM.

  • 0

#6
iMacg3
Posted 24 February 2019 - 05:09 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

Boot to the Recovery Environment command prompt again.

In the command prompt, please launch FRST64.exe, then close it.

Type the following into the Command Prompt and press "Enter."

bcdboot c:\windows

Once the command has completed, restart the computer and let me know if you get the same BSOD.

Thanks.
  • 0

#7
joanna03
Posted 25 February 2019 - 12:20 PM

joanna03

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

I now get a Recovery blue screen stating:

'Your PC couldn't start properly...error code: 0xc0000001. You'll need to use the recovery tools on your installation media..'


  • 0

#8
iMacg3
Posted 25 February 2019 - 12:22 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

In post #3 you said you had Windows installation media.

Boot to the Windows Installation Media > Command Prompt, then perform the steps in my earlier post.

Thanks.
  • 0

#9
joanna03
Posted 25 February 2019 - 12:49 PM

joanna03

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

If I boot to the DVD -> Repair -> CMD and try bcdboot C:\Windows I get 'Failure when attempting to copy boot files'. 

Do I have to open FRST now as well, is this important ? I have FRST on a USB drive and don't know which drive that is this way..


  • 0

#10
iMacg3
Posted 25 February 2019 - 02:06 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
#1. Insert the Recovery Media into the computer.

#2. Boot from the Recovery Media and navigate to the Command Prompt.

#3. Type notepad and press Enter. Notepad will open.

#4. Click on File > Open, then select This PC from the left pane.

#5. Note down the drive letter of the drive Windows is installed on. For example, Windows (D:)

#6. Close Notepad.

#7. In the Command Prompt, type the following and press Enter. Make sure to replace the red letter with the Windows drive letter you found earlier.

bcdboot C:\windows

Let me know if the command completes successfully.

Attempt to boot to Windows.
  • 0

Advertisements

#11
joanna03
Posted 25 February 2019 - 11:55 PM

joanna03

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

The previous worked ('Boot files successfully copied' for bcdboot D:\Windows) but I get the same BSOD. Anything else I can try ?


Edited by joanna03, 25 February 2019 - 11:56 PM.

  • 0

#12
iMacg3
Posted 26 February 2019 - 08:13 AM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Hi,

Please boot to the installation media again, then navigate to the Command Prompt.

In the command prompt, type the following commands in order, one line at a time, and press Enter after each one:

bootrec /fixmbr
bootrec /fixboot
bootrec /scanos
bootrec /rebuildbcd

Restart the computer and attempt to boot to Windows normally. Let me know how it goes.
  • 0

#13
joanna03
Posted 26 February 2019 - 01:11 PM

joanna03

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

The commands completed successfully, but I still get the BSOD, same error code (0xc00000001)


  • 0

#14
iMacg3
Posted 26 February 2019 - 01:29 PM

iMacg3

    GeekU PowerPC G3

  • GeekU Moderator
  • 1,921 posts
Boot to the installation media > Command Prompt again. Insert the flash drive with FRST64.exe on it.

Launch FRST64 and check the box for list BCD, then click Scan.

The tool will create a log on the USB flash drive (FRST.txt) Please post it to your reply.
  • 0

#15
joanna03
Posted 26 February 2019 - 05:49 PM

joanna03

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Attached the FRST.txt

Attached Files

  • Attached File  FRST.txt   27.99KB   659 downloads

  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP