Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer is non booting, windows 7 repair tools failing


  • This topic is locked This topic is locked
3 replies to this topic

#1 Docdorden

Docdorden

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 10 June 2013 - 08:02 PM

recently after a series of crashes my computer will no longer boot, the system repair tools have been unable to fix whatever the issue is and cannot seem to restore the to any previous point, im at my wits end and my searches for a solution lead me here and the recover tool farbar which i am not clear on how to use beyond scanning these were the results i got , i have no idea what i am doing at this point and any help would be greatly apriciated

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2013
Ran by SYSTEM on 11-06-2013 08:47:15
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r [5036144 2012-02-22] (VIA)
HKLM-x32\...\Run: [OCDLMgr]  [x]
HKLM-x32\...\Run: [WTClient] WTClient.exe [32768 2009-10-30] (Tablet Driver)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent [1910296 2013-03-15] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup [336992 2012-08-23] (Power Software Ltd)
HKU\Logan Garrison\...\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent [1641896 2013-06-05] (Valve Corporation)
HKU\Logan Garrison\...\Run: [PlayNC Launcher]  [x]
HKU\Logan Garrison\...\Run: [Akamai NetSession Interface] "C:\Users\Logan Garrison\AppData\Local\Akamai\netsession_win.exe" [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKU\Logan Garrison\...\Run: [Google Update] "C:\Users\Logan Garrison\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2013-03-25] (Google Inc.)
HKU\Logan Garrison\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18643560 2013-03-01] (Skype Technologies S.A.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk
ShortcutTarget: NETGEAR WNA3100 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()

==================== Services (Whitelisted) =================

S3 DAUpdaterSvc; c:\program files (x86)\steam\steamapps\common\dragon age origins\bin_ship\DAUpdaterSvc.Service.exe [25832 2011-08-04] (BioWare)
S2 MSSQL$BWDATOOLSET; c:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 N360; C:\Program Files (x86)\Norton 360\Engine\20.3.1.22\ccSvcHst.exe [144520 2012-12-23] (Symantec Corporation)
S2 NetBalancerService; C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [10240 2012-08-03] (SeriousBit)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-07-05] ()
S2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [203776 2012-01-27] ()
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-02-17] (VIA Technologies, Inc.)
S2 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [73728 2011-09-23] (UC-Logic Technology Corp.)
S2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()

==================== Drivers (Whitelisted) ====================

S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130107.001\BHDrvx64.sys [1384608 2012-11-19] (Symantec Corporation)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130107.001\BHDrvx64.sys [1384608 2012-11-19] (Symantec Corporation)
S1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1403010.016\ccSetx64.sys [168096 2012-11-15] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-03-19] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-03-19] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2012-08-09] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130113.001\IDSVia64.sys [513184 2012-11-15] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130113.001\IDSVia64.sys [513184 2012-11-15] (Symantec Corporation)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-28] ()
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130606.004\ENG64.SYS [126040 2013-06-06] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130606.004\ENG64.SYS [126040 2013-06-06] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130606.004\EX64.SYS [2098776 2013-06-06] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130606.004\EX64.SYS [2098776 2013-06-06] (Symantec Corporation)
S3 Nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [41256 2011-05-18] (SeriousBit)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 slb; C:\AeriaGames\ScarletBlade\avital\scarlb64.sys [81880 2013-03-25] ()
S3 slb; C:\AeriaGames\ScarletBlade\avital\scarlb64.sys [81880 2013-03-25] ()
S1 SRTSP; C:\Windows\System32\Drivers\N360x64\1403010.016\SRTSP64.SYS [796248 2013-01-28] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\N360x64\1403010.016\SRTSPX64.SYS [36952 2013-01-28] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\N360x64\1403010.016\SYMDS64.SYS [493656 2013-01-21] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\N360x64\1403010.016\SYMEFA64.SYS [1139800 2013-01-30] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-05] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\N360x64\1403010.016\Ironx64.SYS [224416 2012-11-15] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\N360x64\1403010.016\SYMNETS.SYS [432800 2013-01-30] (Symantec Corporation)
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 CTMOV2; \??\C:\Users\Logan Garrison\Desktop\crap\New folder (71)\RE053326\ctmov64.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS [x]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdiox64.sys 6A2EEB0C4133B20773BB3DD0B7B377B4
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AtiPcie64.sys E82E61F46D1336447F4DEFF8C074F13E
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwlhigh664.sys E49110A58A32E9450356686A95DD7763
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130107.001\BHDrvx64.sys ED97ADAF00A61F57A2CCBBB1CE58C600
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130107.001\BHDrvx64.sys ED97ADAF00A61F57A2CCBBB1CE58C600
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\system32\drivers\N360x64\1403010.016\ccSetx64.sys 248C952C82DF1E23775432774CBB20F1
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys AF2E16242AA723F68F461B6EAE2EAD3D
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 4353FF94D47A0A9D52B89ECCF0CDB013
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 4353FF94D47A0A9D52B89ECCF0CDB013
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys C5BCCB378D0A896304A3E71BE7215983
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130113.001\IDSVia64.sys A48928D4CCA6F8B731989DB08CF2C0AB
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130113.001\IDSVia64.sys A48928D4CCA6F8B731989DB08CF2C0AB
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\jraid.sys AEF3A925CAC519CC6A9A48E9BDCA1AE3
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4
C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lvuvc64.sys FF3A488924B0032B1A9CA6948C1FA9E8
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 03B7145C889603537E9FFEABB1AD1089
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130606.004\ENG64.SYS 56540E526B46E379A476FB5BC381B290
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130606.004\ENG64.SYS 56540E526B46E379A476FB5BC381B290
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130606.004\EX64.SYS 8A19D3991F9F14B885CDE8BC640F6B68
C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\VirusDefs\20130606.004\EX64.SYS 8A19D3991F9F14B885CDE8BC640F6B68
C:\Windows\System32\DRIVERS\nbdrv.sys 37BFE7CE56133F2E8E90EF68157D73C8
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\npf.sys C31FA031335EFF434B2D94278E74BCCE
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3xhc.sys 345B9C04E2036DA4346E3249A5BDFD06
C:\Windows\System32\drivers\nvhda64v.sys 102806B360D0E6BC6E55BF47EF655D43
C:\Windows\System32\DRIVERS\nvlddmkm.sys FCBA1C22727939E7CFF9EB08FE9692AB
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\PTSimBus.sys 225D3660F926FE761BC8CE10C512AA02
C:\Windows\System32\DRIVERS\PTSimHid.sys BD2194786ABAF4860F41118C0C103E7B
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Rt64win7.sys EE082E06A82FF630351D1E0EBBD3D8D0
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\Drivers\SCDEmu.sys 3A09F31454DFEFBB124BAF378F90B636
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scmndisp.sys 6011CDF54BB6F4C69F38FACCDAD73D7E
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\AeriaGames\ScarletBlade\avital\scarlb64.sys 5B43F0286A5106552004309DEB38BF93
C:\AeriaGames\ScarletBlade\avital\scarlb64.sys 5B43F0286A5106552004309DEB38BF93
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\N360x64\1403010.016\SRTSP64.SYS 378A0748DE5ADF90BF9DB897DA8564E6
C:\Windows\system32\drivers\N360x64\1403010.016\SRTSPX64.SYS 0E76CEF892C45734F7AED09FDDF35D4D
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\N360x64\1403010.016\SYMDS64.SYS E174C8BC572E93AEEE1036DEDAC5F225
C:\Windows\System32\drivers\N360x64\1403010.016\SYMEFA64.SYS 599872BAD7CFB45C7CE47CDED4B726D8
C:\Windows\system32\Drivers\SYMEVENT64x86.SYS F5D6D3B7468C46EA2DDC1D19D2A6DA0F
C:\Windows\system32\drivers\N360x64\1403010.016\Ironx64.SYS ADF37F1A715D6C56C8E065FD8569A9A4
C:\Windows\System32\Drivers\N360x64\1403010.016\SYMNETS.SYS 1605EBD8CB86AFC4430116065995279A
C:\Windows\System32\DRIVERS\TClass2k.sys 530A7F0966493DD437E4342F12CCD63B
C:\Windows\System32\drivers\tcpip.sys B62A953F2BF3922C8764A29C34A22899
C:\Windows\System32\DRIVERS\tcpip.sys B62A953F2BF3922C8764A29C34A22899
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\UCTblHid.sys 01662B4865FDB282677B11CF416757CE
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\System32\DRIVERS\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\DRIVERS\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\viahduaa.sys 1CBB1C90DB9DA3351E8B793E98855EE0
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-11 07:37 - 2013-06-11 07:37 - 00000000 ____D C:\FRST
2013-06-06 16:00 - 2013-06-06 16:00 - 00003344 ____N C:\bootsqm.dat
2013-06-06 15:20 - 2013-06-06 15:20 - 506223841 ____A C:\Windows\MEMORY.DMP
2013-06-06 15:20 - 2013-06-06 15:20 - 00283464 ____A C:\Windows\Minidump\060613-85784-01.dmp
2013-06-06 12:07 - 2013-06-06 12:07 - 00283464 ____A C:\Windows\Minidump\060613-29936-01.dmp
2013-06-05 08:36 - 2013-06-05 08:36 - 00283600 ____A C:\Windows\Minidump\060513-65629-01.dmp
2013-06-01 09:40 - 2013-06-01 09:40 - 00283520 ____A C:\Windows\Minidump\060113-49327-01.dmp
2013-05-26 13:15 - 2013-05-26 14:16 - 00000000 ____D C:\Users\Logan Garrison\wurm
2013-05-26 13:15 - 2013-05-26 13:15 - 00002207 ____A C:\Users\Logan Garrison\Desktop\Wurm Online.lnk
2013-05-23 16:21 - 2013-05-23 16:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-23 13:37 - 2013-05-23 13:37 - 00283520 ____A C:\Windows\Minidump\052313-64896-01.dmp
2013-05-22 16:45 - 2013-05-22 16:45 - 00001774 ____A C:\Users\Logan Garrison\Desktop\skse_loader.exe - Shortcut.lnk
2013-05-22 11:33 - 2013-05-22 11:36 - 00000000 ____D C:\Users\Logan Garrison\Desktop\New folder (15)
2013-05-21 18:47 - 2013-05-21 18:47 - 00000000 ____D C:\Users\Logan Garrison\Desktop\New folder (13)
2013-05-20 19:21 - 2013-05-20 20:09 - 00000000 ____D C:\Users\Logan Garrison\Desktop\Current Version
2013-05-20 19:21 - 2013-05-20 19:21 - 00000000 ____D C:\Users\Logan Garrison\AppData\Roaming\TortoiseSVN
2013-05-20 18:57 - 2013-06-06 16:31 - 00000000 ____D C:\Users\Logan Garrison\AppData\Local\TSVNCache
2013-05-20 18:57 - 2013-05-20 18:57 - 00000000 ____D C:\Users\Logan Garrison\AppData\Roaming\Subversion
2013-05-20 18:56 - 2013-05-20 18:56 - 00000000 ____D C:\Program Files\TortoiseSVN
2013-05-20 18:56 - 2013-05-20 18:56 - 00000000 ____D C:\Program Files\Common Files\TortoiseOverlays
2013-05-20 18:50 - 2013-05-20 18:51 - 17719296 ____A C:\Users\Logan Garrison\Downloads\TortoiseSVN-1.7.12.24070-x64-svn-1.7.9.msi
2013-05-17 12:23 - 2013-05-17 12:23 - 00283464 ____A C:\Windows\Minidump\051713-32120-01.dmp
2013-05-17 12:16 - 2013-05-27 11:13 - 00000000 ____D C:\Users\Logan Garrison\Desktop\New folder (11)
2013-05-17 12:16 - 2013-05-17 12:17 - 00000000 ____D C:\Users\Logan Garrison\Desktop\New folder (12)
2013-05-17 12:15 - 2013-05-17 12:16 - 00000000 ____D C:\Users\Logan Garrison\Desktop\New folder (9)
2013-05-17 11:54 - 2013-05-17 11:55 - 00283544 ____A C:\Windows\Minidump\051713-27440-01.dmp
2013-05-17 11:42 - 2013-05-17 11:42 - 00283464 ____A C:\Windows\Minidump\051713-25053-01.dmp
2013-05-15 01:21 - 2013-04-04 22:52 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-15 01:21 - 2013-04-04 22:52 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-15 01:21 - 2013-04-04 22:52 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-15 01:21 - 2013-04-04 22:50 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-15 01:21 - 2013-04-04 22:50 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-15 01:21 - 2013-04-04 22:50 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-15 01:21 - 2013-04-04 22:50 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-15 01:21 - 2013-04-04 22:50 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-15 01:21 - 2013-04-04 22:50 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-15 01:21 - 2013-04-04 22:50 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-15 01:21 - 2013-04-04 22:50 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-15 01:21 - 2013-04-04 22:50 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-15 01:21 - 2013-04-04 22:50 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-15 01:21 - 2013-04-04 22:50 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-15 01:21 - 2013-04-04 21:28 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-15 01:21 - 2013-04-04 21:28 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-15 01:21 - 2013-04-04 21:26 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-15 01:21 - 2013-04-04 21:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-15 01:21 - 2013-04-04 21:26 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-15 01:21 - 2013-04-04 21:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-15 01:21 - 2013-04-04 21:26 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-15 01:21 - 2013-04-04 21:26 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-15 01:21 - 2013-04-04 21:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-15 01:21 - 2013-04-04 21:26 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-15 01:21 - 2013-04-04 21:26 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-15 01:21 - 2013-04-04 21:26 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-15 01:21 - 2013-04-04 21:26 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-15 01:21 - 2013-04-04 20:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-15 01:21 - 2013-04-04 20:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-15 01:21 - 2013-04-04 19:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-15 01:21 - 2013-04-04 19:38 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-14 23:44 - 2013-04-09 22:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-14 23:44 - 2013-04-09 22:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-14 23:44 - 2011-02-03 03:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-14 23:43 - 2013-04-09 19:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-14 23:43 - 2013-03-18 21:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-14 23:43 - 2013-03-18 21:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-14 23:43 - 2013-02-26 22:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-14 23:43 - 2013-02-26 21:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-14 23:43 - 2013-02-26 21:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-14 23:43 - 2013-02-26 21:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-14 23:43 - 2013-02-26 21:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-14 23:43 - 2013-02-26 20:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-14 23:43 - 2013-02-26 20:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-14 23:43 - 2013-02-26 20:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-14 19:27 - 2013-05-14 19:27 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies

==================== One Month Modified Files and Folders =======

2013-06-11 07:37 - 2013-06-11 07:37 - 00000000 ____D C:\FRST
2013-06-06 16:35 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-06 16:35 - 2002-04-27 09:48 - 00000000 ____D C:\Program Files (x86)\Steam
2013-06-06 16:34 - 2011-04-29 21:17 - 00000000 ____D C:\ProgramData\NVIDIA
2013-06-06 16:34 - 2009-07-13 20:51 - 00077119 ____A C:\Windows\setupact.log
2013-06-06 16:31 - 2013-05-20 18:57 - 00000000 ____D C:\Users\Logan Garrison\AppData\Local\TSVNCache
2013-06-06 16:31 - 2011-05-22 19:42 - 00000000 ____D C:\Users\Logan Garrison\AppData\Roaming\Skype
2013-06-06 16:29 - 2002-01-01 00:41 - 01223277 ____A C:\Windows\WindowsUpdate.log
2013-06-06 16:27 - 2012-10-16 07:53 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-06 16:11 - 2009-07-13 21:13 - 00846404 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-06 16:11 - 2009-07-13 20:45 - 00016576 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-06 16:11 - 2009-07-13 20:45 - 00016576 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-06 16:00 - 2013-06-06 16:00 - 00003344 ____N C:\bootsqm.dat
2013-06-06 15:20 - 2013-06-06 15:20 - 506223841 ____A C:\Windows\MEMORY.DMP
2013-06-06 15:20 - 2013-06-06 15:20 - 00283464 ____A C:\Windows\Minidump\060613-85784-01.dmp
2013-06-06 15:20 - 2011-04-29 21:15 - 00000000 ____D C:\Windows\Minidump
2013-06-06 14:58 - 2013-03-25 10:48 - 00000944 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2959421737-3856863692-688783221-1000UA.job
2013-06-06 12:28 - 2011-06-27 08:46 - 00000000 ____D C:\Users\Logan Garrison\AppData\Local\CrashDumps
2013-06-06 12:07 - 2013-06-06 12:07 - 00283464 ____A C:\Windows\Minidump\060613-29936-01.dmp
2013-06-06 11:54 - 2013-03-23 01:48 - 00000000 ____D C:\Users\Logan Garrison\Desktop\The Hobbit An Unexpected Journey 2012 720p BluRay DTS x264-MgB
2013-06-06 11:43 - 2011-06-20 16:42 - 00000000 ____D C:\ProgramData\Norton
2013-06-06 11:39 - 2011-06-20 17:14 - 00000000 ____D C:\Windows\System32\Drivers\N360x64
2013-06-06 11:38 - 2011-06-20 17:14 - 00002319 ____A C:\Users\Public\Desktop\Norton 360.lnk
2013-06-05 18:13 - 2011-06-20 17:14 - 00177312 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2013-06-05 18:13 - 2011-06-20 17:14 - 00007466 ____A C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2013-06-05 18:13 - 2011-06-20 17:14 - 00000000 ____D C:\Program Files\Symantec
2013-06-05 16:58 - 2013-03-25 10:48 - 00000892 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2959421737-3856863692-688783221-1000Core.job
2013-06-05 08:36 - 2013-06-05 08:36 - 00283600 ____A C:\Windows\Minidump\060513-65629-01.dmp
2013-06-03 22:45 - 2011-05-07 19:21 - 00000000 ____D C:\Users\Logan Garrison\AppData\Roaming\uTorrent
2013-06-01 11:39 - 2011-04-27 20:10 - 00256416 ____A C:\Windows\PFRO.log
2013-06-01 09:40 - 2013-06-01 09:40 - 00283520 ____A C:\Windows\Minidump\060113-49327-01.dmp
2013-05-28 16:36 - 2011-05-08 18:46 - 00280792 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-05-28 16:36 - 2011-05-08 18:35 - 00280792 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-05-28 16:35 - 2011-05-08 18:35 - 00280856 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-05-27 12:14 - 2011-04-28 05:56 - 00000000 ____D C:\Users\Logan Garrison\Documents\My Games
2013-05-27 11:13 - 2013-05-17 12:16 - 00000000 ____D C:\Users\Logan Garrison\Desktop\New folder (11)
2013-05-26 23:19 - 2012-12-26 21:19 - 00000000 ____D C:\Users\Logan Garrison\Desktop\dnd stuff
2013-05-26 14:16 - 2013-05-26 13:15 - 00000000 ____D C:\Users\Logan Garrison\wurm
2013-05-26 13:15 - 2013-05-26 13:15 - 00002207 ____A C:\Users\Logan Garrison\Desktop\Wurm Online.lnk
2013-05-26 13:15 - 2002-04-27 09:55 - 00000000 ____D C:\users\Logan Garrison
2013-05-24 22:25 - 2012-05-05 11:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-05-23 17:34 - 2012-08-11 16:33 - 00000000 ____D C:\Users\Logan Garrison\AppData\Local\dxhr
2013-05-23 16:21 - 2013-05-23 16:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-05-23 13:37 - 2013-05-23 13:37 - 00283520 ____A C:\Windows\Minidump\052313-64896-01.dmp
2013-05-22 16:45 - 2013-05-22 16:45 - 00001774 ____A C:\Users\Logan Garrison\Desktop\skse_loader.exe - Shortcut.lnk
2013-05-22 11:36 - 2013-05-22 11:33 - 00000000 ____D C:\Users\Logan Garrison\Desktop\New folder (15)
2013-05-21 18:47 - 2013-05-21 18:47 - 00000000 ____D C:\Users\Logan Garrison\Desktop\New folder (13)
2013-05-21 18:16 - 2013-04-10 18:22 - 00000000 ____D C:\Users\Logan Garrison\Desktop\New folder (5)
2013-05-21 17:56 - 2011-11-11 07:12 - 00000000 ____D C:\Users\Logan Garrison\AppData\Local\Skyrim
2013-05-20 20:09 - 2013-05-20 19:21 - 00000000 ____D C:\Users\Logan Garrison\Desktop\Current Version
2013-05-20 19:21 - 2013-05-20 19:21 - 00000000 ____D C:\Users\Logan Garrison\AppData\Roaming\TortoiseSVN
2013-05-20 18:57 - 2013-05-20 18:57 - 00000000 ____D C:\Users\Logan Garrison\AppData\Roaming\Subversion
2013-05-20 18:56 - 2013-05-20 18:56 - 00000000 ____D C:\Program Files\TortoiseSVN
2013-05-20 18:56 - 2013-05-20 18:56 - 00000000 ____D C:\Program Files\Common Files\TortoiseOverlays
2013-05-20 18:51 - 2013-05-20 18:50 - 17719296 ____A C:\Users\Logan Garrison\Downloads\TortoiseSVN-1.7.12.24070-x64-svn-1.7.9.msi
2013-05-17 16:54 - 2011-06-20 16:42 - 00000000 ____D C:\Users\Public\Downloads\Norton
2013-05-17 12:23 - 2013-05-17 12:23 - 00283464 ____A C:\Windows\Minidump\051713-32120-01.dmp
2013-05-17 12:17 - 2013-05-17 12:16 - 00000000 ____D C:\Users\Logan Garrison\Desktop\New folder (12)
2013-05-17 12:16 - 2013-05-17 12:15 - 00000000 ____D C:\Users\Logan Garrison\Desktop\New folder (9)
2013-05-17 11:55 - 2013-05-17 11:54 - 00283544 ____A C:\Windows\Minidump\051713-27440-01.dmp
2013-05-17 11:42 - 2013-05-17 11:42 - 00283464 ____A C:\Windows\Minidump\051713-25053-01.dmp
2013-05-16 05:23 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-05-15 12:32 - 2009-07-13 20:45 - 00297064 ____A C:\Windows\System32\FNTCACHE.DAT
2013-05-15 01:45 - 2012-02-14 22:59 - 00000129 ____A C:\Windows\System32\MRT.INI
2013-05-15 01:42 - 2001-12-31 23:08 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-05-14 21:27 - 2012-05-13 08:06 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-14 21:27 - 2011-05-14 09:14 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-14 19:41 - 2011-04-28 04:55 - 00000000 ____D C:\Users\Logan Garrison\Documents\4A Games
2013-05-14 19:35 - 2011-04-28 04:54 - 00000000 ____D C:\Users\Logan Garrison\AppData\Local\4A Games
2013-05-14 19:29 - 2011-04-27 19:51 - 00409733 ____A C:\Windows\DirectX.log
2013-05-14 19:27 - 2013-05-14 19:27 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-05-14 19:27 - 2011-04-27 18:47 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-05-13 15:35 - 2002-04-27 09:46 - 00000000 ____D C:\Users\Logan Garrison\AppData\Roaming\Mozilla

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
path                    \bootmgr
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {9fa7ffc4-fe8f-11d5-86b3-c0f622918f84}
displayorder            {default}
                        {9fa7ffc8-fe8f-11d5-86b3-c0f622918f84}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {9fa7ffc6-fe8f-11d5-86b3-c0f622918f84}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {9fa7ffc4-fe8f-11d5-86b3-c0f622918f84}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {9fa7ffc6-fe8f-11d5-86b3-c0f622918f84}
device                  ramdisk=[C:]\Recovery\9fa7ffc6-fe8f-11d5-86b3-c0f622918f84\Winre.wim,{9fa7ffc7-fe8f-11d5-86b3-c0f622918f84}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\9fa7ffc6-fe8f-11d5-86b3-c0f622918f84\Winre.wim,{9fa7ffc7-fe8f-11d5-86b3-c0f622918f84}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows Boot Loader
-------------------
identifier              {9fa7ffc8-fe8f-11d5-86b3-c0f622918f84}
device                  partition=F:
path                    \Windows\system32\winload.exe
description             Windows 7 Home Premium (recovered)
locale                  en-US
osdevice                partition=F:
systemroot              \Windows

Windows Boot Loader
-------------------
identifier              {9fa7ffc9-fe8f-11d5-86b3-c0f622918f84}
device                  ramdisk=[F:]\Recovery\6a4214d4-fe8f-11d5-8752-8b85cab77f91\Winre.wim,{9fa7ffca-fe8f-11d5-86b3-c0f622918f84}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment (recovered)
locale                  
osdevice                ramdisk=[F:]\Recovery\6a4214d4-fe8f-11d5-8752-8b85cab77f91\Winre.wim,{9fa7ffca-fe8f-11d5-86b3-c0f622918f84}
systemroot              \windows
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {9fa7ffc4-fe8f-11d5-86b3-c0f622918f84}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {9fa7ffc7-fe8f-11d5-86b3-c0f622918f84}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\9fa7ffc6-fe8f-11d5-86b3-c0f622918f84\boot.sdi

Device options
--------------
identifier              {9fa7ffca-fe8f-11d5-86b3-c0f622918f84}
ramdisksdidevice        partition=F:
ramdisksdipath          \Recovery\6a4214d4-fe8f-11d5-8752-8b85cab77f91\boot.sdi


==================== Memory info ===========================

Percentage of memory in use: 8%
Total physical RAM: 12237.61 MB
Available physical RAM: 11232.02 MB
Total Pagefile: 12235.76 MB
Available Pagefile: 11241.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:24.9 GB) NTFS (Disk=0 Partition=2)
Drive d: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=1 Partition=1) ==>[System with boot components (obtained from reading drive)]
Drive f: () (Fixed) (Total:1862.92 GB) (Free:1833.83 GB) NTFS (Disk=1 Partition=2)
Drive g: (GRMCHPXFRER_EN_DVD) (CDROM) (Total:3 GB) (Free:0 GB) UDF
Drive h: () (Removable) (Total:7.47 GB) (Free:4.61 GB) FAT32 (Disk=2 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 7A0A8063)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DFDBBA0A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-198731366400) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 7 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)


LastRegBack: 2013-06-05 15:12

==================== End Of Log ============================

 



BC AdBot (Login to Remove)

 


#2 Docdorden

Docdorden
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:41 PM

Posted 10 June 2013 - 10:54 PM

disregard i now have a timeline and will just have to reformat the entire thing and start over



#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:41 PM

Posted 13 June 2013 - 09:31 PM

Greetings Docdorden,

We apologize for not being able to get to you sooner. Thanks for letting us know.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:41 PM

Posted 13 June 2013 - 09:31 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users