Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"STOP: C0000135 The program can't start because %hs is missing from your compute


  • Please log in to reply
No replies to this topic

#1 roller

roller

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:04 PM

Posted 04 January 2014 - 10:38 AM

Hello all,

 

This is the first time I have ever asked for help on an online forum, in most cases I have been able to fix the problem myself, however on this occasion I am completely flummoxed.

My computer in stuck in a loop boot cycle. If I disable the loop boot option thingy that is located by pressing F8 the following blue screen and message is displayed: "

STOP: C0000135 The program can't start because %hs is missing from your computer. Try reinstalling the program to fix the problem”

I have absolutely no idea what has caused this problem and it is a first for me. I have read of many other people on the Internet having the same problem, it is often associated AVG antivirus. I can confirm that I have never had this software installed on my computer.

 

Please see the following link. This would link refers to a thread closed that describes my problem to the letter and also offered a fix, would have similar fix to this be needed for my computer?

http://www.bleepingcomputer.com/forums/t/444580/stop-c0000135-the-program-cant-start-because-hs-is-missing-try-resintalling-the-program/

 

Approximately 2 weeks ago I cloned the hard drive that is now not working. I connected the the clone drive to my PC and showing off be booted up with no problems. Then I proceeded to copy over my emails and their contents of the desktop from a nonworking drive to the working drive. I then uninstalled the Acronis which is completely random I know. It’s not a program that I’ve ever used and just didn’t want on my PC any more. After a reboot I then got exactly the same error message and blue screen on the cloned drive. I have plugged both drives externally into a laptop and scanned them with Malwarebytes. A few issues were found but I don’t believe that they contributed to this problem.

As mentioned in the closed thread I have used the tool FARBAR36.exe to scan my computer. Please see the report below that was produced by this software. I have to be completely honest and say that this does not really mean anything to me, I hope somebody else out there can make sense of it and maybe point me in the right direction to fixing the said issues with my computer.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-01-2014

Ran by SYSTEM on MININT-G4GGKBH on 04-01-2014 15:21:24
Running from F:\
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4030008 2011-08-09] (ESET)
HKLM-x32\...\Run: [Ai Nap] - C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe [1435136 2009-07-01] ()
HKLM-x32\...\Run: [QFan Help] - C:\Program Files\ASUS\Ai Suite\QFan3\QFanHelp.exe [601088 2009-07-01] ()
HKLM-x32\...\Run: [Cpu Level Up help] - C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe [881152 2007-11-30] ()
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [VMonitorVMUVC] - C:\Program Files (x86)\Vimicro Corporation\VMUVC\VMonitor.exe [135168 2008-03-26] (Vimicro Corporation)
HKU\Christopher\...\Run: [aliim] - P:\Trademanager\AliIM.exe /autorun
HKU\Christopher\...\Run: [AdobeBridge] - [x]
HKU\Christopher\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKU\Christopher\...\Run: [Google Update] - C:\Users\Christopher\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-31] (Google Inc.)
HKU\Christopher\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4280184 2012-03-08] (Microsoft Corporation)
HKU\Christopher\...\Run: [NVIDIA nTune] - C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe [98304 2007-09-04] (NVIDIA)
AppInit_DLLs: acaptuser64.dll [ ] ()
Startup: C:\Users\Christopher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
BootExecute: autocheck autochk * auto_reactivate \\?\Volume{98119604-90D0-11E1-8225-806E6F6E6963}\bootwiz\asrm.bin
 
==================== Services (Whitelisted) =================
 
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
S2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [974944 2011-08-09] (ESET)
S2 MDES; C:\Program Files (x86)\Express Gate\Express Gate Tools\DVMExportService.exe [315392 2009-02-18] (DeviceVM)
S2 nTuneService; C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe [180224 2007-09-04] (NVIDIA)
S3 CoordinatorServiceHost; P:\SolidWorks\SolidWorks\swScheduler\DTSCoordinatorService.exe [x]
S2 MBAMScheduler; "P:\Malwarebytes\Malwarebytes' Anti-Malware\mbamscheduler.exe" [x]
S2 MBAMService; "P:\Malwarebytes\Malwarebytes' Anti-Malware\mbamservice.exe" [x]
S3 Microsoft SharePoint Workspace Audit Service; "P:\Office 2010\Office14\GROOVE.EXE" /auditservice [x]
S2 RemoteSolverDispatcher; "P:\SolidWorks\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe" "SOFTWARE\SRAC\COSMOS_FloWorks 2013" [x]
S2 SBSDWSCService; P:\spybot\Spybot - Search & Destroy\SDWinSec.exe [x]
 
==================== Drivers (Whitelisted) ====================
 
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
S2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
S1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
S2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2011-08-04] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [16776 2010-01-20] ()
S3 epmntdrv; C:\Windows\SysWow64\epmntdrv.sys [14216 2010-01-20] ()
S0 EUBAKUP; C:\Windows\SysWow64\drivers\eubakup.sys [30600 2009-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EuDisk; C:\Windows\System32\DRIVERS\EuDisk.sys [137608 2009-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EUDSKACS; C:\Windows\sysWow64\drivers\eudskacs.sys [17800 2009-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
S0 EUFS; C:\Windows\SysWow64\drivers\eufs.sys [26504 2009-12-02] (CHENGDU YIWO Tech Development Co., Ltd)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9096 2010-01-20] ()
S3 EuGdiDrv; C:\Windows\SysWow64\EuGdiDrv.sys [8456 2010-01-20] ()
S3 LGDDCDevice; C:\Windows\SysWow64\LGI2CDriver.sys [16384 2012-02-16] (LG Soft India)
S3 LGII2CDevice; C:\Windows\SysWow64\LGPII2CDriver.sys [10240 2012-05-23] (LG Soft India)
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [43456 2010-10-01] (http://libusb-win32.sourceforge.net)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S0 mrdd; C:\Windows\System32\DRIVERS\mrdd.sys [22568 2008-11-11] (Marvell Semiconductor, Inc.)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S0 mv61xx; C:\Windows\System32\DRIVERS\mv61xx.sys [181040 2011-02-09] (Marvell Semiconductor, Inc.)
S3 NVR0Dev; C:\Windows\nvoclk64.sys [39968 2007-09-04] (NVidia Corp.)
S3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [198400 2009-03-11] (Vimicro Corporation)
S3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [303616 2008-07-01] (Vimicro Corporation)
S3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 PCANDIS4; \??\C:\Users\CHRIST~1\Desktop\DG834R~1\PCANDIS4.SYS [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
 
========================== Drivers MD5 =======================
 
C:\Windows\System32\DRIVERS\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\61883.sys E0A8525A951ADDB4655BC2068566407D
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\AsIO.sys A82C01606DC27D05D9D3BFB6BB807E32
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avc.sys 16FABE84916623D0607E4A975544032C
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bcmwl664.sys FB4FDA64F2E8552EAEB5986C3F34462C
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys C4943B6C962E4B82197542447AD599F4
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 0B3F6C8F93C5C25977EA5A8B2E656357
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\eamonm.sys 13533557D01B88C83110D5CF749F14D7
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ehdrv.sys E097728129E7B79BF1089D7AEF42332B
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\epfwwfpr.sys 2380976CF8A4A56611F35633ACD2A74F
C:\Windows\system32\epmntdrv.sys 9EAFB3B3B60B8AD958985152A9309ACA
C:\Windows\SysWow64\epmntdrv.sys 539CA34FBC74EC366A0D751028C32A08
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\eubakup.sys 6D13299A665EF7AD2D791CA347005C01
C:\Windows\System32\DRIVERS\EuDisk.sys CE1F5CDCD1DF4B0B574033B37784B57F
C:\Windows\sysWow64\drivers\eudskacs.sys 081A23848C5C2C3076E55047321B28CD
C:\Windows\SysWow64\drivers\eufs.sys D5D5D5EC9918A0141EF9E2992CC85A49
C:\Windows\system32\EuGdiDrv.sys FB949ED2C93C878A189039F3D7730942
C:\Windows\SysWow64\EuGdiDrv.sys 1F2F4AB15CE03ECC257FEB2F6DC5A013
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fltsrv.sys 5F427F7759FEED976C1F5DF4552489E5
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys DA1E991A61CFDD755A589E206B97644B
C:\Windows\System32\Drivers\ksecpkg.sys 7E33198D956943A4F11A5474C1E9106F
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\SysWow64\LGI2CDriver.sys E400912D3DEF3F9675707D253D6134B7
C:\Windows\SysWow64\LGPII2CDriver.sys 54CAB8C74476F365DD63481418F1B46B
C:\Windows\System32\drivers\libusb0.sys 285954C6C6EF43B78AB84034750FAC6A
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LVUSBS64.sys 6562FCEE704F14C05F5338B147D67A16
C:\Windows\system32\drivers\mbam.sys 0BB97D43299910CBFBA59C461B99B910
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrdd.sys DCB850CBE2DEEC5BC9609464FF3BC413
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msdv.sys 72949A24D37A20A54B3D4D3DADBB55E9
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ASACPI.sys 19B006B181E3875FD254F7B67ACF1E7C
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mv61xx.sys 1F5C9629340843F13ECF692CFA055756
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netr28x.sys 1DE5F324A028C810D3D6DFACCFD72B80
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys A2F74975097F52A00745F9637451FDD8
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys 0A2F27B5BCC45B64E152DD6AE0815198
C:\Windows\nvoclk64.sys 241A095631570A9CEF4F126C87605C60
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\LV561V64.SYS DB5C32A4130E6B36CD6ED7A5A6C7751E
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\Drivers\PxHlpa64.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys 6D76E6433574B058ADCB0C50DF834492
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\snapman.sys FAC097986BB4375DAB59706E16829240
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\System32\DRIVERS\ssudmdm.sys EA8F41484CCC5BA6A1455C2AD3D1BE3C
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\synth3dvsc.sys C3A39C4079305480972D29C44B868C78
C:\Windows\System32\drivers\tcpip.sys FC62769E7BFF2896035AEED399108162
C:\Windows\System32\DRIVERS\tcpip.sys FC62769E7BFF2896035AEED399108162
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\system32\drivers\terminpt.sys 2B5BDFF688EC9871D7EC5837833374E9
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\drivers\tsusbhub.sys E1748D04AE40118B62BC18AC86032192
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 43228F8EDD1B0BCDD3145AD246E63D39
C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\System32\DRIVERS\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\Drivers\VMUVC.sys DE96EF88C1EB0CE2FE68BEC3DF1BCAAA
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vvftUVC.sys 9D9FE9E24F03AD87324245F516BEDAE5
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\yk62x64.sys ==> MD5 is legit
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-01-04 15:21 - 2014-01-04 15:21 - 00000000 ____D C:\FRST
2014-01-03 11:48 - 2014-01-03 11:48 - 00003216 ____N C:\bootsqm.dat
2014-01-03 11:47 - 2014-01-03 11:47 - 00000000 __SHD C:\found.002
2014-01-03 07:10 - 2014-01-03 07:11 - 00000000 ____D C:\Users\Christopher\AppData\Local\{925F79BF-D484-45A4-9F27-6527429EF605}
2014-01-03 05:24 - 2014-01-03 05:24 - 00000000 ____D C:\Users\Christopher\AppData\Local\{399FED6C-54C8-4DD0-9837-92C1F31B398A}
2013-12-17 12:08 - 2009-12-02 04:21 - 00026504 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\SysWOW64\Drivers\eufs.sys
2013-12-17 12:07 - 2013-12-17 12:07 - 00000830 _____ C:\Users\Public\Desktop\EASEUS Todo Backup 1.1.lnk
2013-12-17 12:07 - 2009-12-02 04:20 - 00137608 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\System32\Drivers\EuDisk.sys
2013-12-17 12:07 - 2009-12-02 04:20 - 00030600 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\SysWOW64\Drivers\eubakup.sys
2013-12-17 12:07 - 2009-12-02 04:20 - 00017800 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\Windows\SysWOW64\Drivers\eudskacs.sys
2013-12-16 23:37 - 2013-12-17 11:37 - 00000000 ____D C:\Users\Christopher\AppData\Local\{DA84C86A-7EE4-43FB-A3C1-4A5E201646E2}
2013-12-16 11:36 - 2013-12-16 11:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\{F90B2B5C-5DF4-46D9-AEE4-F250377B5E7C}
2013-12-15 23:36 - 2013-12-15 23:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\{479B07AE-2D74-409B-AF04-B6F6690928DB}
2013-12-15 03:44 - 2013-12-15 03:44 - 00000000 ____D C:\Users\Christopher\AppData\Local\{5D7F1445-4702-419E-991A-BDDEF39BCB66}
2013-12-14 03:36 - 2013-12-14 03:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\{E1738A61-974A-4467-97B6-65B82CEFAB1B}
2013-12-13 14:18 - 2013-12-13 14:18 - 03556696 _____ (Acronis) C:\Windows\System32\auto_reactivate.exe
2013-12-13 14:18 - 2013-12-13 14:18 - 00000000 _RSHD C:\bootwiz
2013-12-13 14:06 - 2013-12-13 14:06 - 01322120 _____ (Acronis) C:\Windows\System32\Drivers\tib_mounter.sys
2013-12-13 14:06 - 2013-12-13 14:06 - 00340104 _____ (Acronis) C:\Windows\System32\Drivers\snapman.sys
2013-12-13 14:06 - 2013-12-13 14:06 - 00156296 _____ (Acronis) C:\Windows\System32\Drivers\fltsrv.sys
2013-12-13 14:05 - 2013-12-13 14:05 - 00000020 ___SH C:\Users\Acronis Agent User\ntuser.ini
2013-12-13 14:05 - 2012-04-04 09:06 - 00000000 ____D C:\Users\Acronis Agent User\AppData\Local\Microsoft Help
2013-12-13 14:05 - 2012-04-03 14:55 - 00000000 ____D C:\Users\Acronis Agent User\AppData\Roaming\Macromedia
2013-12-13 14:03 - 2014-01-03 11:36 - 00000000 ____D C:\ProgramData\Acronis
2013-12-13 13:56 - 2013-12-13 13:56 - 00000764 _____ C:\Windows\PFRO.log
2013-12-13 12:59 - 2013-12-13 12:59 - 00000000 ____D C:\Users\Christopher\AppData\Local\{96A4600F-7465-4A6C-933F-63150A2D22C2}
2013-12-13 00:16 - 2013-12-13 00:16 - 00000000 ____D C:\Users\Christopher\AppData\Local\{CE1B75F0-2413-4EDB-8978-F2BD8BC8C843}
2013-12-12 11:17 - 2013-12-12 11:17 - 01204283 _____ C:\Users\Christopher\Downloads\P5Q-ASUS-DELUXE-2301.zip
2013-12-12 11:08 - 2013-12-12 11:09 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\Christopher\Downloads\AsusInstaller.exe
2013-12-12 09:07 - 2013-02-09 05:25 - 03035306 _____ C:\Windows\System32\nvcoproc.bin
2013-12-12 09:06 - 2013-12-12 09:06 - 00000000 ____D C:\Users\Christopher\AppData\Local\{43FCDABB-12C6-4C91-B818-14534AF6C5EB}
2013-12-12 00:20 - 2013-12-12 09:04 - 00000000 ____D C:\Program Files\WhoCrashed
2013-12-12 00:05 - 2013-12-12 00:05 - 00000000 ____D C:\Users\Christopher\AppData\Local\{7C4F3EBA-2F07-4B79-819A-49F1C6C9AF78}
2013-12-11 11:35 - 2013-12-11 11:35 - 00000000 ____D C:\Users\Christopher\AppData\Local\{507672C5-94B0-4934-8524-84ED3B2C1D5D}
2013-12-10 23:35 - 2013-12-10 23:35 - 00000000 ____D C:\Users\Christopher\AppData\Local\{A9F2EEEB-A4BA-4BE5-B22C-8CEB6A32E7E9}
2013-12-09 23:34 - 2013-12-10 11:34 - 00000000 ____D C:\Users\Christopher\AppData\Local\{1C3BD2D6-A667-4E53-9497-2E1FC7E19072}
2013-12-08 23:30 - 2013-12-09 11:31 - 00000000 ____D C:\Users\Christopher\AppData\Local\{2D7DF771-DBA4-46A4-8050-0C108B42B1A2}
2013-12-08 04:10 - 2013-12-08 04:10 - 00000000 ____D C:\Users\Christopher\AppData\Local\{8BD5D8B6-F597-4605-BAE7-649A244E3246}
2013-12-06 00:12 - 2013-12-06 12:12 - 00000000 ____D C:\Users\Christopher\AppData\Local\{E4AF3651-1682-423B-AAEB-4619D09F748A}
2013-12-05 00:11 - 2013-12-05 12:12 - 00000000 ____D C:\Users\Christopher\AppData\Local\{7A85E6BE-1B17-48A1-8F83-78565EC782F9}
 
==================== One Month Modified Files and Folders =======
 
2014-01-04 15:21 - 2014-01-04 15:21 - 00000000 ____D C:\FRST
2014-01-03 11:48 - 2014-01-03 11:48 - 00003216 ____N C:\bootsqm.dat
2014-01-03 11:47 - 2014-01-03 11:47 - 00000000 __SHD C:\found.002
2014-01-03 11:44 - 2012-04-03 10:55 - 00000000 ____D C:\Users\Christopher\Documents\Outlook Files
2014-01-03 11:37 - 2012-11-15 00:13 - 02070093 _____ C:\Windows\WindowsUpdate.log
2014-01-03 11:37 - 2012-04-02 13:15 - 00000177 ____H C:\dvmexp.idx
2014-01-03 11:36 - 2013-12-13 14:03 - 00000000 ____D C:\ProgramData\Acronis
2014-01-03 11:36 - 2009-07-13 20:45 - 00029200 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-03 11:36 - 2009-07-13 20:45 - 00029200 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-03 11:35 - 2009-07-13 21:13 - 00010624 _____ C:\Windows\System32\PerfStringBackup.INI
2014-01-03 11:31 - 2013-12-04 23:31 - 00013358 _____ C:\Windows\setupact.log
2014-01-03 11:31 - 2013-03-05 05:07 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-03 11:31 - 2012-05-02 10:30 - 04485120 ___SH C:\Users\Christopher\Desktop\Thumbs.db
2014-01-03 11:31 - 2012-04-30 10:57 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Dropbox
2014-01-03 11:31 - 2012-04-29 15:11 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2014-01-03 11:31 - 2012-04-29 15:11 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2014-01-03 11:31 - 2012-04-04 08:51 - 00000000 ____D C:\Users\Christopher\Tracing
2014-01-03 11:31 - 2012-04-04 07:07 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Skype
2014-01-03 11:31 - 2012-04-02 11:56 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-03 11:31 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-03 07:11 - 2014-01-03 07:10 - 00000000 ____D C:\Users\Christopher\AppData\Local\{925F79BF-D484-45A4-9F27-6527429EF605}
2014-01-03 05:34 - 2012-04-03 14:16 - 00000000 ____D C:\Users\Christopher\AppData\Local\Adobe
2014-01-03 05:24 - 2014-01-03 05:24 - 00000000 ____D C:\Users\Christopher\AppData\Local\{399FED6C-54C8-4DD0-9837-92C1F31B398A}
2014-01-03 05:24 - 2012-04-02 12:28 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-17 14:08 - 2012-04-02 12:28 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-17 12:07 - 2013-12-17 12:07 - 00000830 _____ C:\Users\Public\Desktop\EASEUS Todo Backup 1.1.lnk
2013-12-17 11:43 - 2012-07-31 06:54 - 00000932 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-652491782-1900994055-1619452371-1000UA.job
2013-12-17 11:43 - 2012-07-31 06:54 - 00000880 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-652491782-1900994055-1619452371-1000Core.job
2013-12-17 11:37 - 2013-12-16 23:37 - 00000000 ____D C:\Users\Christopher\AppData\Local\{DA84C86A-7EE4-43FB-A3C1-4A5E201646E2}
2013-12-17 05:42 - 2012-06-19 14:14 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\Luxology
2013-12-17 05:35 - 2012-06-18 11:40 - 00000000 ____D C:\Users\Christopher\AppData\Local\TempSWBackupDirectory
2013-12-17 04:43 - 2012-06-18 10:14 - 00000000 ____D C:\Users\Christopher\AppData\Roaming\SolidWorks
2013-12-16 11:36 - 2013-12-16 11:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\{F90B2B5C-5DF4-46D9-AEE4-F250377B5E7C}
2013-12-15 23:36 - 2013-12-15 23:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\{479B07AE-2D74-409B-AF04-B6F6690928DB}
2013-12-15 03:44 - 2013-12-15 03:44 - 00000000 ____D C:\Users\Christopher\AppData\Local\{5D7F1445-4702-419E-991A-BDDEF39BCB66}
2013-12-14 03:36 - 2013-12-14 03:36 - 00000000 ____D C:\Users\Christopher\AppData\Local\{E1738A61-974A-4467-97B6-65B82CEFAB1B}
2013-12-13 14:18 - 2013-12-13 14:18 - 03556696 _____ (Acronis) C:\Windows\System32\auto_reactivate.exe
2013-12-13 14:18 - 2013-12-13 14:18 - 00000000 _RSHD C:\bootwiz
2013-12-13 14:06 - 2013-12-13 14:06 - 01322120 _____ (Acronis) C:\Windows\System32\Drivers\tib_mounter.sys
2013-12-13 14:06 - 2013-12-13 14:06 - 00340104 _____ (Acronis) C:\Windows\System32\Drivers\snapman.sys
2013-12-13 14:06 - 2013-12-13 14:06 - 00156296 _____ (Acronis) C:\Windows\System32\Drivers\fltsrv.sys
2013-12-13 14:05 - 2013-12-13 14:05 - 00000020 ___SH C:\Users\Acronis Agent User\ntuser.ini
2013-12-13 13:56 - 2013-12-13 13:56 - 00000764 _____ C:\Windows\PFRO.log
2013-12-13 12:59 - 2013-12-13 12:59 - 00000000 ____D C:\Users\Christopher\AppData\Local\{96A4600F-7465-4A6C-933F-63150A2D22C2}
2013-12-13 00:16 - 2013-12-13 00:16 - 00000000 ____D C:\Users\Christopher\AppData\Local\{CE1B75F0-2413-4EDB-8978-F2BD8BC8C843}
2013-12-12 11:17 - 2013-12-12 11:17 - 01204283 _____ C:\Users\Christopher\Downloads\P5Q-ASUS-DELUXE-2301.zip
2013-12-12 11:16 - 2012-04-02 12:45 - 00000000 ____D C:\Users\Christopher\AppData\Local\Akamai
2013-12-12 11:09 - 2013-12-12 11:08 - 10028912 _____ (Akamai Technologies, Inc.) C:\Users\Christopher\Downloads\AsusInstaller.exe
2013-12-12 09:07 - 2012-04-02 11:56 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-12-12 09:06 - 2013-12-12 09:06 - 00000000 ____D C:\Users\Christopher\AppData\Local\{43FCDABB-12C6-4C91-B818-14534AF6C5EB}
2013-12-12 09:06 - 2012-04-02 11:56 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2013-12-12 09:05 - 2012-04-02 11:35 - 00000000 ____D C:\users\Christopher
2013-12-12 09:04 - 2013-12-12 00:20 - 00000000 ____D C:\Program Files\WhoCrashed
2013-12-12 09:04 - 2012-04-29 15:11 - 00000000 ____D C:\Windows\AutoKMS
2013-12-12 09:04 - 2012-04-05 01:23 - 00000000 ____D C:\ProgramData\FLEXnet
2013-12-12 09:04 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-12-12 09:04 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2013-12-12 00:05 - 2013-12-12 00:05 - 00000000 ____D C:\Users\Christopher\AppData\Local\{7C4F3EBA-2F07-4B79-819A-49F1C6C9AF78}
2013-12-11 11:35 - 2013-12-11 11:35 - 00000000 ____D C:\Users\Christopher\AppData\Local\{507672C5-94B0-4934-8524-84ED3B2C1D5D}
2013-12-10 23:35 - 2013-12-10 23:35 - 00000000 ____D C:\Users\Christopher\AppData\Local\{A9F2EEEB-A4BA-4BE5-B22C-8CEB6A32E7E9}
2013-12-10 11:34 - 2013-12-09 23:34 - 00000000 ____D C:\Users\Christopher\AppData\Local\{1C3BD2D6-A667-4E53-9497-2E1FC7E19072}
2013-12-09 11:31 - 2013-12-08 23:30 - 00000000 ____D C:\Users\Christopher\AppData\Local\{2D7DF771-DBA4-46A4-8050-0C108B42B1A2}
2013-12-08 04:10 - 2013-12-08 04:10 - 00000000 ____D C:\Users\Christopher\AppData\Local\{8BD5D8B6-F597-4605-BAE7-649A244E3246}
2013-12-06 12:12 - 2013-12-06 00:12 - 00000000 ____D C:\Users\Christopher\AppData\Local\{E4AF3651-1682-423B-AAEB-4619D09F748A}
2013-12-05 12:12 - 2013-12-05 00:11 - 00000000 ____D C:\Users\Christopher\AppData\Local\{7A85E6BE-1B17-48A1-8F83-78565EC782F9}
 
Some content of TEMP:
====================
C:\Users\Christopher\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
path                    \bootmgr
description             Windows Boot Manager
locale                  en-us
inherit                 {globalsettings}
default                 {default}
resumeobject            {a365535a-90cc-11e1-9df7-806e6f6e6963}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {1a7699b1-90cc-11e1-8c7d-00121794b278}
device                  ramdisk=[C:]\Recovery\6be47055-4625-11df-86a2-d52f9a9f514b\Winre.wim,{1a7699b2-90cc-11e1-8c7d-00121794b278}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment (recovered) 
locale                  
osdevice                ramdisk=[C:]\Recovery\6be47055-4625-11df-86a2-d52f9a9f514b\Winre.wim,{1a7699b2-90cc-11e1-8c7d-00121794b278}
systemroot              \windows
winpe                   Yes
 
Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7 Ultimate (recovered) 
locale                  en-US
osdevice                partition=C:
systemroot              \Windows
resumeobject            {a365535a-90cc-11e1-9df7-806e6f6e6963}
 
Windows Boot Loader
-------------------
identifier              {bdc2fe57-9113-11e1-82cb-9580007a808e}
 
Windows Boot Loader
-------------------
identifier              {bdc2fe59-9113-11e1-82cb-9580007a808e}
 
Windows Boot Loader
-------------------
identifier              {bdc2fe5b-9113-11e1-82cb-9580007a808e}
 
Resume from Hibernate
---------------------
identifier              {1a7699ad-90cc-11e1-8c7d-00121794b278}
device                  unknown
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-us
inherit                 {resumeloadersettings}
filedevice              unknown
filepath                \hiberfil.sys
debugoptionenabled      No
 
Resume from Hibernate
---------------------
identifier              {a365535a-90cc-11e1-9df7-806e6f6e6963}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows 7 Ultimate (recovered) 
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-us
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {1a7699b2-90cc-11e1-8c7d-00121794b278}
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\6be47055-4625-11df-86a2-d52f9a9f514b\boot.sdi
 
Device options
--------------
identifier              {bdc2fe58-9113-11e1-82cb-9580007a808e}
ramdisksdidevice        unknown
ramdisksdipath          \Recovery\405a20fb-9011-11e1-b589-dd5dc6574708\boot.sdi
 
Device options
--------------
identifier              {bdc2fe5a-9113-11e1-82cb-9580007a808e}
ramdisksdidevice        unknown
ramdisksdipath          \Recovery\6be47055-4625-11df-86a2-d52f9a9f514b\boot.sdi
 
Device options
--------------
identifier              {bdc2fe5c-9113-11e1-82cb-9580007a808e}
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\6be47055-4625-11df-86a2-d52f9a9f514b\boot.sdi
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 19%
Total physical RAM: 4095.05 MB
Available physical RAM: 3300.09 MB
Total Pagefile: 4093.25 MB
Available Pagefile: 3355.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Drives ================================
 
Drive c: (SSD Windows 7) (Fixed) (Total:103.5 GB) (Free:38.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (SSD Programs) (Fixed) (Total:15.75 GB) (Free:4.55 GB) NTFS
Drive e: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
Drive f: (JOSH&ALEX) (Removable) (Total:3.72 GB) (Free:3.71 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 238 GB) (Disk ID: DF88DEA1)
Partition 1: (Active) - (Size=103 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=16 GB) - (Type=OF Extended)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0C)
 
 
LastRegBack: 2013-12-09 23:51
 
==================== End Of Log ============================

 

Thank you again for all that take the time to read my post.


Edited by roller, 04 January 2014 - 12:31 PM.


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users