Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

STOP: C0000135 The program can't start because %hs is missing. Try resintalling


  • Please log in to reply
5 replies to this topic

#1 gene_star

gene_star

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 14 July 2016 - 11:23 PM

hi. my windows 7 64 not boot. the computer was turned off in the usual way. recovery shell ineffective. restore points are innefective. FRST 64 logs is here. I hope to help. Eugene

 

Attached Files

  • Attached File  FRST.txt   30.49KB   2 downloads


BC AdBot (Login to Remove)

 


#2 gene_star

gene_star
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 14 July 2016 - 11:30 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2016 02
Ran by система on MININT-1L0P5ND (14-07-2016 20:29:37)
Running from j:\
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Русский (Россия)
Internet Explorer Version 10
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774552 2014-11-19] (Realtek Semiconductor)
HKLM\...\Run: [snp2std] => C:\Windows\vsnp2std.exe [675840 2006-09-15] (Sonix)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [tsnp2std] => C:\Windows\tsnp2std.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [Intense Registry Service] => IntEdReg.exe /CHECK
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-05-20] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\SEMYA\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKU\SEMYA\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\SEMYA\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\SEMYA\...\Run: [Dropbox Update] => C:\Users\SEMYA\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-19] (Dropbox, Inc.)
HKU\SEMYA\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\SEMYA\...\Run: [MiPhoneManager] => C:\Users\SEMYA\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [157624 2016-07-06] ()
HKU\SEMYA\...\Run: [AISTOnLine] => C:\Program Files (x86)\АИСТ Он-Лайн\AISTOnline.exe [949760 2015-05-22] (AIST)
Startup: C:\Users\SEMYA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-07-12]
ShortcutTarget: Dropbox.lnk ->  (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Корпорация Майкрософт)
S2 gamexpsvc; C:\Program Files (x86)\GameXPService\gamexpsvc.exe [600304 2016-06-16] ()
S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7184144 2016-07-06] (TeamViewer GmbH)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Корпорация Майкрософт)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 mrupdsrv; "C:\Program Files (x86)\Mail.Ru\Update Service\mrupdsrv.exe" --s [X]
S3 TdspCS; C:\Program Files (x86)\3DSP\Total Wireless\panel\TdspCS.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
S3 BTCARD; C:\Windows\System32\DRIVERS\btcard64.sys [264192 2008-08-04] ()
S0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
S1 CProCtrl; C:\Windows\System32\DRIVERS\CProCtrl.sys [75448 2014-12-07] (Компания КРИПТО-ПРО)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-07-06] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [46960 2016-07-09] ()
S0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
S0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
S2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-01] (AO Kaspersky Lab)
S3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
S1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236976 2016-07-10] (AO Kaspersky Lab)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [997808 2016-07-10] (AO Kaspersky Lab)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-07-10] (AO Kaspersky Lab)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
S1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
S1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [112520 2015-12-03] (AO Kaspersky Lab)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-02] (AO Kaspersky Lab)
S3 MFCARD; C:\Windows\System32\DRIVERS\tdspbus64.sys [6776832 2009-04-01] (3DSP Corporation)
S0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94592 2010-11-21] (Корпорация Майкрософт)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [56384 2016-06-30] (NVIDIA Corporation)
S0 oem-drv64; C:\Windows\System32\DRIVERS\oem-drv64.sys [42496 2016-07-14] (secr9tos)
S3 PortTalk; C:\Windows\SysWOW64\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org)
S3 RT61; C:\Windows\System32\DRIVERS\RT61.sys [438784 2009-06-02] (Ralink Technology, Corp.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2014-07-17] (Realtek Semiconductor Corporation                           )
S3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [377560 2014-12-08] (Realsil Semiconductor Corporation)
S3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
S3 SNP2STD; C:\Windows\System32\DRIVERS\snp2sxp.sys [12296448 2006-12-27] ()
S3 SNP2STD; C:\Windows\SysWOW64\DRIVERS\snp2sxp.sys [12007168 2006-12-27] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2014-05-31] (Duplex Secure Ltd.)
S0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Корпорация Майкрософт)
S3 wltbus64; C:\Windows\System32\DRIVERS\wltbus64.sys [333824 2008-08-04] (Microsoft Corporation)
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dcdbas; system32\DRIVERS\dcdbas64.sys [X]
S4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 SIVDriver; \??\C:\Windows\system32\Drivers\SIVX64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-14 20:29 - 2016-07-14 20:29 - 00000000 ____D C:\FRST
2016-07-14 10:47 - 2016-07-14 10:47 - 00003304 ____N C:\bootsqm.dat
2016-07-13 14:19 - 2016-07-13 14:28 - 00000000 ____D C:\Users\SEMYA\Desktop\семейная
2016-07-13 14:19 - 2016-07-13 14:21 - 00000000 ____D C:\Users\SEMYA\Desktop\левина
2016-07-09 21:19 - 2016-07-14 09:58 - 00000896 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-09 21:19 - 2016-07-09 21:20 - 00003834 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-09 21:19 - 2016-07-09 21:19 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-07-09 21:19 - 2016-07-09 21:19 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-07-09 21:18 - 2016-07-09 21:18 - 00110144 _____ (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2016-07-09 21:16 - 2016-07-09 21:16 - 00002053 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2016-07-09 21:16 - 2016-07-09 21:16 - 00000000 ____D C:\Windows\ELAMBKUP
2016-07-09 21:16 - 2013-05-06 07:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\System32\klfphc.dll
2016-07-09 21:15 - 2016-07-10 08:07 - 00997808 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klif.sys
2016-07-09 21:15 - 2015-12-11 16:28 - 00182152 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klflt.sys
2016-07-09 21:13 - 2016-07-09 21:13 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-07-09 21:12 - 2016-07-09 21:13 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-07-09 21:05 - 2016-07-14 10:14 - 00000000 ____D C:\Users\Все пользователи\Kaspersky Lab
2016-07-09 21:05 - 2016-07-14 10:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-07-09 21:05 - 2016-07-10 13:53 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-07-09 21:05 - 2016-07-09 21:05 - 00598688 _____ (Лаборатория Касперского) C:\Users\SEMYA\Downloads\kss.ya.setup.exe
2016-07-09 21:04 - 2016-07-09 21:04 - 02086752 _____ (Лаборатория Касперского) C:\Users\SEMYA\Downloads\kfa16.0.1.445ru_9701.exe
2016-07-09 21:04 - 2016-07-09 21:04 - 00524208 _____ (Лаборатория Касперского) C:\Users\SEMYA\Downloads\ksu.exe
2016-07-09 20:47 - 2016-07-09 20:47 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-07-09 20:47 - 2016-06-29 21:36 - 00532416 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshext.dll
2016-07-09 20:47 - 2016-06-29 21:36 - 00083512 _____ (NVIDIA Corporation) C:\Windows\System32\nv3dappshextr.dll
2016-07-09 20:47 - 2016-06-29 21:02 - 00111552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-07-09 20:47 - 2016-05-04 05:23 - 00129824 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-07-09 20:47 - 2016-05-04 05:22 - 00130848 _____ C:\Windows\System32\vulkan-1.dll
2016-07-09 20:47 - 2016-05-04 05:22 - 00045344 _____ C:\Windows\System32\vulkaninfo.exe
2016-07-09 20:47 - 2016-05-04 05:22 - 00040224 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-07-09 20:44 - 2016-06-30 01:44 - 39979576 _____ C:\Windows\System32\nvcompiler.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 35115968 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 31626808 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 25402424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 17302264 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 16774904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 13523392 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2016-07-09 20:44 - 2016-06-30 01:44 - 10672752 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 10656296 _____ C:\Windows\System32\nvptxJitCompiler.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 10214760 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 09006760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 08742032 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 08600904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 03828968 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 03513400 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 03387080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 03067448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 01922616 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6436869.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 01571776 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6436869.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00984000 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00909248 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00771640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00707520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00669952 _____ C:\Windows\System32\nvfatbinaryLoader.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00565392 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00502080 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00476664 _____ (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00425016 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFROpenGL.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00422752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00394912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00214592 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2016-07-09 20:44 - 2016-06-30 01:44 - 00178136 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00155768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00153416 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00131768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00113216 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00102976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00056384 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2016-07-09 20:44 - 2016-06-30 01:44 - 00046024 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2016-07-09 20:44 - 2016-06-30 01:44 - 00000594 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-07-09 20:44 - 2016-06-30 01:44 - 00000594 _____ C:\Windows\System32\nv-vk64.json
2016-07-09 20:41 - 2016-07-09 20:41 - 00000000 ____D C:\NVIDIA
2016-07-09 20:21 - 2016-07-09 20:40 - 348045000 _____ (NVIDIA Corporation) C:\Users\SEMYA\Downloads\368.69-desktop-win8-win7-winvista-64bit-international-whql.exe
2016-07-09 19:30 - 2016-07-09 19:30 - 00000000 ____D C:\Program Files\HitmanPro
2016-07-09 13:15 - 2016-07-09 19:30 - 00000242 _____ C:\Windows\ntbtlog.txt
2016-07-09 13:15 - 2016-07-09 19:14 - 00000000 ____D C:\KVRT_Data
2016-07-09 12:55 - 2016-07-09 12:56 - 00000000 ____D C:\NPE
2016-07-09 12:24 - 2016-07-09 12:24 - 00002102 _____ C:\Windows\System32\.crusader
2016-07-09 11:42 - 2016-07-09 11:42 - 00000000 ____D C:\Users\SEMYA\AppData\Roaming\ProductData
2016-07-09 11:41 - 2016-07-09 13:15 - 00002904 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_SEMYA
2016-07-09 11:41 - 2016-07-09 11:47 - 00000000 ____D C:\Users\Все пользователи\ProductData
2016-07-09 11:41 - 2016-07-09 11:47 - 00000000 ____D C:\Users\Все пользователи\IObit
2016-07-09 11:41 - 2016-07-09 11:47 - 00000000 ____D C:\ProgramData\ProductData
2016-07-09 11:41 - 2016-07-09 11:47 - 00000000 ____D C:\ProgramData\IObit
2016-07-09 11:41 - 2016-07-09 11:46 - 00000000 ____D C:\Program Files (x86)\IObit
2016-07-09 11:41 - 2016-07-09 11:41 - 00000000 ____D C:\Windows\Tasks\ImCleanDisabled
2016-07-09 11:41 - 2016-07-09 11:41 - 00000000 ____D C:\Users\Все пользователи\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2016-07-09 11:41 - 2016-07-09 11:41 - 00000000 ____D C:\Users\SEMYA\AppData\Roaming\IObit
2016-07-09 11:41 - 2016-07-09 11:41 - 00000000 ____D C:\Users\SEMYA\AppData\LocalLow\IObit
2016-07-09 11:41 - 2016-07-09 11:41 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2016-07-09 11:39 - 2016-07-09 13:03 - 00000000 ____D C:\Users\SEMYA\AppData\Local\NPE
2016-07-09 11:39 - 2016-07-09 11:39 - 00000000 ____D C:\Users\Все пользователи\Norton
2016-07-09 11:39 - 2016-07-09 11:39 - 00000000 ____D C:\ProgramData\Norton
2016-07-07 20:41 - 2016-07-09 19:30 - 00046960 _____ C:\Windows\System32\Drivers\hitmanpro37.sys
2016-07-07 20:41 - 2016-07-09 12:31 - 00000000 ____D C:\Users\Все пользователи\HitmanPro
2016-07-07 20:41 - 2016-07-09 12:31 - 00000000 ____D C:\ProgramData\HitmanPro
2016-07-07 20:40 - 2016-07-07 20:40 - 11438608 _____ (SurfRight B.V.) C:\Users\SEMYA\Downloads\HitmanPro_x64.exe
2016-07-06 22:36 - 2016-07-06 22:36 - 00000000 _____ C:\autoexec.bat
2016-07-06 22:35 - 2016-07-06 22:35 - 00022704 _____ C:\Windows\System32\Drivers\EsgScanner.sys
2016-07-06 21:54 - 2016-07-06 21:54 - 00000000 ____D C:\Windows\Tasks\360Disabled
2016-07-06 14:31 - 2016-07-06 14:31 - 00000000 ____D C:\Users\SEMYA\AppData\Roaming\Xiaomi
2016-07-06 14:31 - 2016-07-06 14:31 - 00000000 ____D C:\Users\SEMYA\AppData\Local\MiPhoneManager
2016-07-06 14:22 - 2016-07-06 14:22 - 00000000 ____D C:\Users\Все пользователи\Malwarebytes
2016-07-06 14:22 - 2016-07-06 14:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-06 13:56 - 2016-07-06 13:56 - 00000000 ____D C:\Users\SEMYA\1
2016-07-06 07:25 - 2016-07-06 07:25 - 00108032 _____ C:\Users\SEMYA\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-06 07:20 - 2016-07-06 07:21 - 00426888 _____ C:\Windows\System32\FNTCACHE.DAT
2016-06-17 10:54 - 2016-06-17 11:00 - 00000000 __SHD C:\Users\Все пользователи\360Quarant
2016-06-17 10:54 - 2016-06-17 11:00 - 00000000 __SHD C:\ProgramData\360Quarant
2016-06-17 10:54 - 2016-06-17 11:00 - 00000000 __SHD C:\$360Section
2016-06-17 08:16 - 2016-06-21 07:02 - 00077904 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys
2016-06-17 08:15 - 2016-07-06 22:05 - 00000000 ____D C:\Program Files (x86)\360
2016-06-17 08:14 - 2016-07-13 14:38 - 00000000 ____D C:\Program Files (x86)\GameXPService
2016-06-17 08:14 - 2016-06-17 08:14 - 00003268 _____ C:\Windows\System32\Tasks\GameXPService Autoupdate
2016-06-17 08:14 - 2016-06-17 08:14 - 00000000 ____D C:\Users\SEMYA\AppData\Local\GMon Updater
2016-06-17 08:14 - 2016-06-17 08:14 - 00000000 ____D C:\GameXP
2016-06-17 08:12 - 2016-06-17 08:12 - 00003080 _____ C:\Windows\System32\Tasks\MailRuUpdater
2016-06-17 08:04 - 2016-07-09 19:14 - 00000000 ____D C:\Users\SEMYA\AppData\Local\NanoNet
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-07-14 16:26 - 2014-05-31 17:27 - 00042496 _____ (secr9tos) C:\Windows\System32\Drivers\oem-drv64.sys
2016-07-14 14:10 - 2013-06-10 13:04 - 00000000 ____D C:\Temp
2016-07-14 10:28 - 2014-05-31 16:44 - 00000000 ____D C:\Users\SEMYA\AppData\Roaming\AIST
2016-07-14 09:46 - 2015-06-09 08:43 - 00000000 ____D C:\Users\Все пользователи\Rosetta Stone
2016-07-14 09:46 - 2015-06-09 08:43 - 00000000 ____D C:\ProgramData\Rosetta Stone
2016-07-14 09:39 - 2015-06-19 08:28 - 00001110 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2208141980-3512058513-575551078-1001UA.job
2016-07-14 08:05 - 2009-07-14 07:45 - 00026352 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-14 08:05 - 2009-07-14 07:45 - 00026352 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-14 07:57 - 2015-12-06 20:02 - 00000000 ___RD C:\Users\SEMYA\iCloudDrive
2016-07-14 07:57 - 2014-05-31 16:54 - 00000000 ____D C:\Users\Все пользователи\NVIDIA
2016-07-14 07:57 - 2014-05-31 16:54 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-14 07:57 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-13 19:39 - 2015-06-19 08:28 - 00001058 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2208141980-3512058513-575551078-1001Core.job
2016-07-13 14:30 - 2011-04-12 16:26 - 00724340 _____ C:\Windows\System32\perfh019.dat
2016-07-13 14:30 - 2011-04-12 16:26 - 00150656 _____ C:\Windows\System32\perfc019.dat
2016-07-13 14:30 - 2009-07-14 08:13 - 01648402 _____ C:\Windows\System32\PerfStringBackup.INI
2016-07-13 14:30 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf
2016-07-12 07:27 - 2014-12-25 22:12 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-12 07:19 - 2014-05-31 22:21 - 00000000 ____D C:\Users\SEMYA\AppData\Roaming\Dropbox
2016-07-10 13:47 - 2015-03-08 14:24 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-10 08:07 - 2015-12-19 21:17 - 00236976 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klhk.sys
2016-07-10 08:07 - 2015-12-01 09:59 - 00050776 _____ (AO Kaspersky Lab) C:\Windows\System32\Drivers\klim6.sys
2016-07-09 21:23 - 2015-01-03 17:18 - 00000000 ____D C:\Users\Все пользователи\Kaspersky Lab Setup Files
2016-07-09 21:23 - 2015-01-03 17:18 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-07-09 21:20 - 2014-05-31 18:50 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-09 21:20 - 2014-05-31 18:50 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-09 21:18 - 2015-08-29 19:17 - 00000000 ____D C:\Users\SEMYA\.oracle_jre_usage
2016-07-09 21:18 - 2014-12-07 14:01 - 00000000 ____D C:\Program Files\Java
2016-07-09 21:15 - 2015-05-06 17:43 - 00001066 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-07-09 21:03 - 2014-05-31 18:40 - 00000000 ____D C:\Users\SEMYA\AppData\Local\NVIDIA Corporation
2016-07-09 21:03 - 2014-05-31 16:54 - 00000000 ____D C:\Users\Все пользователи\NVIDIA Corporation
2016-07-09 21:03 - 2014-05-31 16:54 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-07-09 21:03 - 2014-05-31 16:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-07-09 21:03 - 2014-05-31 16:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-07-09 20:56 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\registration
2016-07-09 19:58 - 2014-05-31 16:38 - 00000000 ____D C:\users\SEMYA
2016-07-09 19:25 - 2016-04-10 18:31 - 00000000 ____D C:\AdwCleaner
2016-07-09 13:17 - 2016-04-02 12:04 - 00000008 __RSH C:\Users\Все пользователи\ntuser.pol
2016-07-09 13:17 - 2016-04-02 12:04 - 00000008 __RSH C:\Users\SEMYA\ntuser.pol
2016-07-09 13:17 - 2016-04-02 12:04 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-07-09 13:17 - 2009-07-14 06:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2016-07-09 11:41 - 2014-05-31 19:49 - 00000000 ____D C:\Users\SEMYA\AppData\Roaming\Apple Computer
2016-07-09 11:34 - 2015-06-05 08:43 - 00000000 ____D C:\Users\SEMYA\AppData\Roaming\Opera Software
2016-07-09 11:34 - 2014-05-31 16:49 - 00000000 ____D C:\Program Files (x86)\Google
2016-07-09 09:08 - 2015-12-13 11:44 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-07-07 14:23 - 2014-06-01 14:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-07 08:23 - 2016-06-03 07:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-07-07 08:16 - 2014-11-29 17:42 - 00000000 ____D C:\Users\Все пользователи\CanonIJPLM
2016-07-07 08:16 - 2014-11-29 17:42 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-07-06 22:05 - 2014-05-31 20:26 - 00000000 ____D C:\Users\Все пользователи\AVAST Software
2016-07-06 22:05 - 2014-05-31 20:26 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-06 22:03 - 2014-05-31 16:58 - 00000000 ____D C:\Users\SEMYA\AppData\Roaming\uTorrent
2016-07-06 21:50 - 2009-07-14 08:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-07-06 14:52 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\schemas
2016-07-06 14:33 - 2015-06-14 21:56 - 00000000 ____D C:\Users\SEMYA\.android
2016-07-05 20:54 - 2015-03-08 14:38 - 00000000 ____D C:\Users\SEMYA\AppData\Roaming\TeamViewer
2016-07-05 20:53 - 2015-02-11 18:50 - 00000000 ____D C:\Users\SEMYA\AppData\Local\CrashDumps
2016-07-05 20:53 - 2014-08-04 12:33 - 00000000 ____D C:\Windows\Minidump
2016-07-05 14:25 - 2014-05-31 16:55 - 00000000 ____D C:\Users\SEMYA\AppData\Roaming\Skype
2016-07-05 14:15 - 2014-05-31 16:55 - 00000000 ____D C:\Users\Все пользователи\Skype
2016-07-05 14:15 - 2014-05-31 16:55 - 00000000 ____D C:\ProgramData\Skype
2016-06-30 01:44 - 2015-07-22 17:50 - 01579976 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2016-06-30 01:44 - 2014-12-18 17:51 - 00039124 _____ C:\Windows\System32\nvinfo.pb
2016-06-30 01:44 - 2014-05-31 18:32 - 19199216 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2016-06-30 01:44 - 2014-05-31 16:53 - 14356952 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-06-29 21:36 - 2014-05-31 16:54 - 06364728 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2016-06-29 21:36 - 2014-05-31 16:54 - 02455608 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2016-06-29 21:36 - 2014-05-31 16:54 - 01762752 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2016-06-29 21:36 - 2014-05-31 16:54 - 01352760 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2016-06-29 21:36 - 2014-05-31 16:54 - 00393784 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2016-06-29 21:36 - 2014-05-31 16:54 - 00069568 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2016-06-24 10:11 - 2014-05-31 22:21 - 00000000 ____D C:\Users\Все пользователи\KMSAutoS
2016-06-24 10:11 - 2014-05-31 22:21 - 00000000 ____D C:\ProgramData\KMSAutoS
2016-06-23 11:04 - 2014-05-31 16:54 - 07208075 _____ C:\Windows\System32\nvcoproc.bin
2016-06-21 14:13 - 2009-07-14 08:08 - 00032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-20 06:48 - 2014-05-31 16:55 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-17 08:12 - 2016-04-02 12:05 - 00000000 ____D C:\Users\SEMYA\AppData\Local\Unity
 
Some files in TEMP:
====================
C:\Users\SEMYA\AppData\Local\Temp\unins000.exe
 
 
==================== Known DLLs (Whitelisted) =========================
 
C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
nointegritychecks: ==> "IntegrityChecks" is disabled. <===== ATTENTION
 
==================== Association (Whitelisted) =============
 
 
==================== Restore Points =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 14%
Total physical RAM: 4095.18 MB
Available physical RAM: 3486.27 MB
Total Virtual: 4093.38 MB
Available Virtual: 3469.37 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:98.69 GB) (Free:2.53 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (games) (Fixed) (Total:199.4 GB) (Free:25.52 GB) NTFS
Drive e: (W7.U.SP1.x86-x64.v9) (CDROM) (Total:4.14 GB) (Free:0 GB) UDF
Drive j: (USB_STRELEC) (Removable) (Total:7.26 GB) (Free:5.58 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 7AF9737E)
Partition 1: (Active) - (Size=98.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.4 GB) - (Type=05)
 
========================================================
Disk: 5 (Size: 7.3 GB) (Disk ID: CAD4EBEA)
Partition 4: (Active) - (Size=7.3 GB) - (Type=0C)
 
 
LastRegBack: 2016-07-09 09:21
 
==================== End of FRST.txt ============================


#3 gene_star

gene_star
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 15 July 2016 - 11:28 AM

I changed the grease trail , did not help

Attached Files

  • Attached File  FRST.txt   31.86KB   0 downloads

Edited by gene_star, 15 July 2016 - 01:44 PM.


#4 gene_star

gene_star
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 15 July 2016 - 12:19 PM

cbs.log

Attached Files

  • Attached File  CBS.log   2.18MB   2 downloads


#5 usasma

usasma

    Still visually handicapped (avatar is memory developed by my Dad


  • BSOD Kernel Dump Expert
  • 25,091 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southeastern CT, USA
  • Local time:03:22 PM

Posted 15 July 2016 - 07:05 PM

C: drive only has about 2% free space.  Windows likes 15% free space in order to perform stuff "behind the scenes" without adversely affecting the system's performance.  Please free up 15% on ALL hard drives (you can get away with 10% on larger drives and won't notice a large performance penalty).  Low free space can cause BSOD's - but the actual amount depends on the files being used by the system.
 

There's not much that we can try to repair things, but here's the suggestions:

here's some repair/recovery/restore options (in this order):

 

0 - Startup Repair (run it 3 times, rebooting between tries)

1 - System Restore to a point before this started happening.

2 - DISM/SFC repair (DISM doesn't work with W7, although SFC does)
    

 

Then please run the following DISM commands to see if there's any problems with the system (from an elevated (Run as administrator) Command Prompt).  Press Enter after each one:
   
Dism /Online /Cleanup-Image /ScanHealth
   
Dism /Online /Cleanup-Image /CheckHealth
   
Dism /Online /Cleanup-Image /RestoreHealth
    FYI - I have repaired systems using the last command even though problems weren't found with the first 2 - so I suggest running them all.

    From this article: http://technet.microsoft.com/en-us/library/hh824869.aspx

    You can also run sfc.exe /scannow from an elevated (Run as administrator) Command Prompt to check for further corruption.


3 - RESET using the "Keep My Files" option (W8 calls this a REFRESH; W7 and earlier doesn't have this function)

4 - Repair install of the OS (Thanks to FreeBooter!):
   

 

"How To Perform a Repair Installation For Windows 8, 8.1 and 10"
    https://www.winhelp.us/non-destructive-reinstall-of-windows-8-and-8-1.html

    "How to Do a Repair Install to Fix Windows 7"
    http://www.sevenforums.com/tutorials/3413-repair-install.html

    "How To Perform a Repair Installation For Vista"
    http://www.vistax64.com/tutorials/88236-repair-install-vista.html

    "Non-destructive reinstall of Windows XP"
    https://www.winhelp.us/non-destructive-reinstall-of-windows-xp.html


5 - RESET using the "Remove Everything" option (W8 calls this a RESET; W7 and earlier doesn't have this function)

If using W7 or earlier, this can be accomplished by resetting the system by use of the recovery partition/recovery disks/recovery drive.
If you don't have them, you can usually order them from the OEM manufacturer of your system ( US points of contact here:  http://www.carrona.org/recdisc.html )

6 - Wipe and reinstall from the Recovery Partition (if so equipped)

7 - Wipe and reinstall from Recovery Media - to include deleting all partitions.
If you don't have them, you can usually order them from the OEM manufacturer of your system ( US points of contact here:  http://www.carrona.org/recdisc.html )

Edited by usasma, 15 July 2016 - 07:07 PM.

My browser caused a flood of traffic, sio my IP address was banned. Hope to fix it soon. Will get back to posting as soon as Im able.

- John  (my website: http://www.carrona.org/ )**If you need a more detailed explanation, please ask for it. I have the Knack. **  If I haven't replied in 48 hours, please send me a message. My eye problems have recently increased and I'm having difficult reading posts. (23 Nov 2017)FYI - I am completely blind in the right eye and ~30% blind in the left eye.<p>If the eye problems get worse suddenly, I may not be able to respond.If that's the case and help is needed, please PM a staff member for assistance.

#6 gene_star

gene_star
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  

Posted 16 July 2016 - 04:53 AM

Thank you for trying to help. I have reinstalled the OS.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users