afd.sys missing

Welcome to Major Geeks!

Please read ALL of this message including the notes before doing anything.

Please follow the instructions in the below link:

READ & RUN ME FIRST. Malware Removal Guide


and attach the requested logs when you finish these instructions.

• **** If something does not run, write down the info to explain to us later but keep on going. ****
• Do not assume that because one step does not work that they all will not. MGtools will frequently run even when all other tools will not.

• After completing the READ & RUN ME and attaching your logs, make sure that you tell us what problems still remain ( if any still do )!

Helpful Notes:

1. If you run into problems trying to run the READ & RUN ME or any of the scans in normal boot mode, you can run the steps in safe boot mode but make sure you tell us what you did later when you post logs. See the below if you do not know how to boot in safe mode:
   
   • Starting your computer in Safe mode
2. If you have problems downloading on the problem PC, download the tools and the manual updates for SUPERAntiSpyware and Malwarebytes ( links are given in the READ & RUN ME) onto another PC and then burn to a CD. Then copy them to the problem PC. You will have to skip getting updates if (and only if) your internet connection does not work. Yes you could use a flash drive too but flash drives are writeable and infections can spread to them.
3. If you cannot seem to login to an infected user account, try using a different user account (if you have one) in either normal or safe boot mode and running only SUPERAntiSpyware and Malwarebytes while logged into this other user account. Then reboot and see if you can log into the problem user account. If you can then run SUPERAntiSpyware, Malwarebytes, ComboFix and MGtools on the infected account as requested in the instructions.
4. To avoid additional delay in getting a response, it is strongly advised that after completing the READ & RUN ME you also read this sticky:
   • Don't Bump! It Only Hurts You!!!

Any additional post is a bump which will add more delay. Once you attach the logs, your thread will be in the work queue and as stated our system works the oldest threads FIRST​

 

I'm sorry but your afd.sys file is not missing. Per your logs it is right where it needs to be and it is the correct version. Your logs do not show any malware.

What I do see in a previous TDSSKiller log is that you deleted something you should not have deleted

Code:

18:45:02.0921 2176  [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai          c:\program files\common files\akamai/netsession_win_5891ae0.dll
18:45:02.0921 2176  Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
18:45:02.0937 2176  Akamai ( HiddenFile.Multi.Generic ) - warning

You can try restoring this file and perhaps your BSOD will go away.

However, I'm not sure that Kaspersky has actually built a restore function into TDSSKiller yet. You can check. What it deleted is shown in the below but they do not keep the original file name

Code:

"C:\TDSSKiller_Quarantine\04.10.2012_18.44.57\susp0000\"
object.ini    Oct  4 2012         108  "object.ini"
"C:\TDSSKiller_Quarantine\04.10.2012_18.44.57\susp0000\svc0000\"
object.ini    Oct  4 2012         352  "object.ini"
[B]tsk0000.dta   Oct  4 2012     4537664  "tsk0000.dta[/B]"
tsk0000.ini   Oct  4 2012         286  "tsk0000.ini"

I would assume that the tsk0000.dta file is the netsession_win_5891ae0.dll file but I also do not know if Kaspersky modifies/encrypts the file to avoid having other scanners detect it as a problem.

If you cannot restore the above file from the TDSSKiller quarantine, maybe you can just reinstall Akamai NetSession Interface Service that you installed.

 

I'm not sure as it does not seem to be a malware problem. Perhaps it is graphics card related and a reinstall of the drivers may fix it. This is likely something better discussed in either the Hardware or Drivers Forums.

And just to be clear, you are saying the screen just has a blue tint? You are not talking about an actual Microsoft Blues Screen error message? I have seen problems like this simply cause by a loose graphics card cable, a graphics card that is not fully seated or that has gone bad, and also by a defective motherboard.

 

And also have seen the cable appear to be just fine externally but when disconnecting and looking at the internal pins in the connector, one or more could be loose and moves back to not make proper connection when inserted.