Can't Boot - Scan Txt Included

[Coleon]

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2013 02

Ran by SYSTEM on 08-08-2013 19:10:09

Running from F:\

Windows 7 Home Premium (X64) OS Language: English(US)

Internet Explorer Version 8

Boot Mode: Recovery

 

The current controlset is ControlSet001

ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [] -  [x]

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-16] (Synaptics Incorporated)

HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)

HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [smoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)

HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [910136 2009-11-10] (TOSHIBA Corporation)

HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1489248 2009-11-30] (TOSHIBA Corporation)

HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [707416 2009-11-10] (TOSHIBA Corporation)

HKLM\...\Run: [ThpSrv] - C:\windows\system32\thpsrv /logon [x]

HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-11-05] (TOSHIBA Corporation)

HKLM\...\Run: [HDMICtrlMan] - C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-10-23] (TOSHIBA Corporation.)

HKLM\...\Run: [smartFaceVWatcher] - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)

HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)

HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2009-11-30] (TOSHIBA Corporation)

HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [34648 2009-12-01] (TOSHIBA Corporation)

HKLM\...\Run: [intelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1926928 2010-01-19] (Intel® Corporation)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)

HKLM\...\RunOnce: [*Restore] - C:\windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)

Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]

HKLM-x32\...\Run: [TUSBSleepChargeSrv] - C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [253312 2009-10-26] (TOSHIBA)

HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-07-12] ()

HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)

HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-21] (TOSHIBA CORPORATION.)

HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)

HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2339168 2012-01-17] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM-x32\...\Run: [Driver Genius] -  [x]

HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [460872 2012-01-13] (Malwarebytes Corporation)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)

HKLM-x32\...\Run: [Everything] - C:\Program Files (x86)\Everything\Everything.exe [602624 2009-03-12] ()

HKU\Cole\...\Run: [iSUSPM Startup] - c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe [249856 2005-08-11] (Macrovision Corporation)

HKU\Cole\...\Run: [iSUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [79136 2008-10-24] (Macrovision Corporation)

HKU\Cole\...\Run: [Google Update] - C:\Users\Cole\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-05] (Google Inc.)

HKU\Cole\...\Run: [F.lux] - C:\Users\Cole\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-28] ()

HKU\Cole\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [880496 2012-06-05] (BitTorrent, Inc.)

HKU\Cole\...\RunOnce: [FlashPlayerUpdate] - C:\windows\SysWOW64\Macromed\Flash\FlashUtil10s_Plugin.exe [238040 2011-06-09] (Adobe Systems, Inc.)

HKU\Guest\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]

HKU\Guest\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [880496 2012-06-05] (BitTorrent, Inc.)

HKU\Guest\...\Run: [iSUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)

HKU\Guest\...\Run: [iSUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [79136 2008-10-24] (Macrovision Corporation)

HKU\Guest\...\Run: [RocketDock] - "C:\Program Files (x86)\RocketDock\RocketDock.exe" [x]

HKU\Guest\...\Run: [cacaoweb] - "C:\Users\Cole\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer [x]

HKU\Guest\...\Run: [Google Update] - C:\Users\Cole\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-05] (Google Inc.)

HKU\Linda\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]

Startup: C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Legalsounds Download Manager.lnk

ShortcutTarget: Legalsounds Download Manager.lnk -> C:\Program Files (x86)\Legalsounds Download Manager\Legalsounds Download Manager.exe ()

BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG10\avgchsva.exe /syncC:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart

 

==================== Services (Whitelisted) =================

 

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)

S2 avgwd; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)

S2 AxiomAudioDevMon; C:\Program Files (x86)\M-Audio\Axiom\AudioDevMon.exe [1636872 2010-03-11] (M-Audio)

S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [542552 2012-04-10] ()

S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [77520 2012-04-10] ()

S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [329544 2012-04-02] ()

S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [652360 2012-01-13] (Malwarebytes Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [315664 2010-01-19] ()

S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2011-06-23] ()

S2 UnsignedThemes; C:\windows\UnsignedThemesSvc.exe [24168 2009-07-12] (The Within Network, LLC)

 

==================== Drivers (Whitelisted) ====================

 

S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. )

S0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [26704 2011-02-22] (AVG Technologies CZ, s.r.o. )

S3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [29264 2011-02-10] (AVG Technologies CZ, s.r.o. )

S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [304720 2011-01-07] (AVG Technologies CZ, s.r.o.)

S1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [41552 2011-03-01] (AVG Technologies CZ, s.r.o.)

S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [37456 2011-03-16] (AVG Technologies CZ, s.r.o.)

S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [377936 2011-04-04] (AVG Technologies CZ, s.r.o.)

S3 AXIOM; C:\Windows\System32\DRIVERS\MAudioAxiom.sys [137736 2010-03-11] (M-Audio)

S3 GEARAspiWDM; C:\Windows\SysWow64\Drivers\GEARAspiWDM.sys [15664 2012-01-19] (GEAR Software Inc.)

S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23152 2011-12-10] (Malwarebytes Corporation)

S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23152 2011-12-10] (Malwarebytes Corporation)

S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [427008 2009-06-10] (Realtek Semiconductor Corporation                           )

S2 uxpatch; C:\windows\system32\drivers\uxpatch.sys [30568 2009-07-12] ()

S3 GEARAspiWDM; System32\Drivers\GEARAspiWDM.sys [x]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-08-08 19:10 - 2013-08-08 19:10 - 00000000 ____D C:\FRST

 

==================== One Month Modified Files and Folders =======

 

2013-08-08 15:07 - 2010-09-12 21:12 - 310298974 _____ C:\Windows\MEMORY.DMP

 

Files to move or delete:

====================

C:\Users\Cole\GoToAssistDownloadHelper.exe

 

==================== Known DLLs (Whitelisted) ================

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

==================== EXE ASSOCIATION =====================

 

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

 

==================== Restore Points  =========================

 

Restore point made on: 2012-06-13 23:00:34

Restore point made on: 2012-06-19 03:43:26

Restore point made on: 2012-06-19 07:12:29

Restore point made on: 2012-06-19 07:16:01

Restore point made on: 2012-07-21 23:00:38

 

==================== Memory info =========================== 

 

Percentage of memory in use: 14%

Total physical RAM: 3894.79 MB

Available physical RAM: 3318.23 MB

Total Pagefile: 3892.93 MB

Available Pagefile: 3315.32 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB

 

==================== Drives ================================

 

Drive c: (TI105512W0E) (Fixed) (Total:446.29 GB) (Free:349.77 GB) NTFS (Disk=0 Partition=2) ==>[system with boot components (obtained from reading drive)]

Drive d: (TOSHIBA System Volume) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)]

Drive f: () (Removable) (Total:3.76 GB) (Free:3.76 GB) FAT32 (Disk=1 Partition=1)

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 00472E22)

Partition 1: (Active) - (Size=1 GB) - (Type=27)

Partition 2: (Not Active) - (Size=446 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=18 GB) - (Type=17)

 

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)

Partition 1: (Active) - (Size=4 GB) - (Type=0C)

 

 

LastRegBack: 2011-07-20 21:44

 

==================== End Of Log ============================

 

[D-FRED-BROWN]

Looking at it now

 

-dfb

[D-FRED-BROWN]

When you say you can't boot, could you please clarify what you mean?

[Coleon]

This one contains the drivers and additional info:

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2013 02

Ran by SYSTEM on 08-08-2013 19:19:08

Running from F:\

Windows 7 Home Premium (X64) OS Language: English(US)

Internet Explorer Version 8

Boot Mode: Recovery

 

The current controlset is ControlSet001

ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [] -  [x]

HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2480936 2010-12-16] (Synaptics Incorporated)

HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)

HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)

HKLM\...\Run: [smoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)

HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [910136 2009-11-10] (TOSHIBA Corporation)

HKLM\...\Run: [Teco] - C:\Program Files\TOSHIBA\TECO\Teco.exe [1489248 2009-11-30] (TOSHIBA Corporation)

HKLM\...\Run: [TosWaitSrv] - C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [707416 2009-11-10] (TOSHIBA Corporation)

HKLM\...\Run: [ThpSrv] - C:\windows\system32\thpsrv /logon [x]

HKLM\...\Run: [TosSENotify] - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-11-05] (TOSHIBA Corporation)

HKLM\...\Run: [HDMICtrlMan] - C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1032536 2009-10-23] (TOSHIBA Corporation.)

HKLM\...\Run: [smartFaceVWatcher] - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)

HKLM\...\Run: [TosVolRegulator] - C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)

HKLM\...\Run: [TosNC] - C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2009-11-30] (TOSHIBA Corporation)

HKLM\...\Run: [TosReelTimeMonitor] - C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [34648 2009-12-01] (TOSHIBA Corporation)

HKLM\...\Run: [intelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1926928 2010-01-19] (Intel® Corporation)

HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)

HKLM\...\RunOnce: [*Restore] - C:\windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)

Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]

HKLM-x32\...\Run: [TUSBSleepChargeSrv] - C:\Program Files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe [253312 2009-10-26] (TOSHIBA)

HKLM-x32\...\Run: [Desktop Disc Tool] - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-07-12] ()

HKLM-x32\...\Run: [ToshibaServiceStation] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)

HKLM-x32\...\Run: [TWebCamera] - C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-21] (TOSHIBA CORPORATION.)

HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)

HKLM-x32\...\Run: [AVG_TRAY] - C:\Program Files (x86)\AVG\AVG10\avgtray.exe [2339168 2012-01-17] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)

HKLM-x32\...\Run: [Driver Genius] -  [x]

HKLM-x32\...\Run: [Malwarebytes' Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [460872 2012-01-13] (Malwarebytes Corporation)

HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)

HKLM-x32\...\Run: [Everything] - C:\Program Files (x86)\Everything\Everything.exe [602624 2009-03-12] ()

HKU\Cole\...\Run: [iSUSPM Startup] - c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe [249856 2005-08-11] (Macrovision Corporation)

HKU\Cole\...\Run: [iSUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [79136 2008-10-24] (Macrovision Corporation)

HKU\Cole\...\Run: [Google Update] - C:\Users\Cole\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-05] (Google Inc.)

HKU\Cole\...\Run: [F.lux] - C:\Users\Cole\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-28] ()

HKU\Cole\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [880496 2012-06-05] (BitTorrent, Inc.)

HKU\Cole\...\RunOnce: [FlashPlayerUpdate] - C:\windows\SysWOW64\Macromed\Flash\FlashUtil10s_Plugin.exe [238040 2011-06-09] (Adobe Systems, Inc.)

HKU\Guest\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]

HKU\Guest\...\Run: [uTorrent] - C:\Program Files (x86)\uTorrent\uTorrent.exe [880496 2012-06-05] (BitTorrent, Inc.)

HKU\Guest\...\Run: [iSUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)

HKU\Guest\...\Run: [iSUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [79136 2008-10-24] (Macrovision Corporation)

HKU\Guest\...\Run: [RocketDock] - "C:\Program Files (x86)\RocketDock\RocketDock.exe" [x]

HKU\Guest\...\Run: [cacaoweb] - "C:\Users\Cole\AppData\Roaming\cacaoweb\cacaoweb.exe" -noplayer [x]

HKU\Guest\...\Run: [Google Update] - C:\Users\Cole\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-05] (Google Inc.)

HKU\Linda\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]

Startup: C:\Users\Cole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Legalsounds Download Manager.lnk

ShortcutTarget: Legalsounds Download Manager.lnk -> C:\Program Files (x86)\Legalsounds Download Manager\Legalsounds Download Manager.exe ()

BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG10\avgchsva.exe /syncC:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart

 

==================== Services (Whitelisted) =================

 

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)

S2 avgwd; C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)

S2 AxiomAudioDevMon; C:\Program Files (x86)\M-Audio\Axiom\AudioDevMon.exe [1636872 2010-03-11] (M-Audio)

S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [542552 2012-04-10] ()

S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [77520 2012-04-10] ()

S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [329544 2012-04-02] ()

S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [652360 2012-01-13] (Malwarebytes Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [315664 2010-01-19] ()

S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2011-06-23] ()

S2 UnsignedThemes; C:\windows\UnsignedThemesSvc.exe [24168 2009-07-12] (The Within Network, LLC)

 

==================== Drivers (Whitelisted) ====================

 

S3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [118864 2011-05-27] (AVG Technologies CZ, s.r.o. )

S0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [26704 2011-02-22] (AVG Technologies CZ, s.r.o. )

S3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [29264 2011-02-10] (AVG Technologies CZ, s.r.o. )

S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [304720 2011-01-07] (AVG Technologies CZ, s.r.o.)

S1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [41552 2011-03-01] (AVG Technologies CZ, s.r.o.)

S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [37456 2011-03-16] (AVG Technologies CZ, s.r.o.)

S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [377936 2011-04-04] (AVG Technologies CZ, s.r.o.)

S3 AXIOM; C:\Windows\System32\DRIVERS\MAudioAxiom.sys [137736 2010-03-11] (M-Audio)

S3 GEARAspiWDM; C:\Windows\SysWow64\Drivers\GEARAspiWDM.sys [15664 2012-01-19] (GEAR Software Inc.)

S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23152 2011-12-10] (Malwarebytes Corporation)

S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23152 2011-12-10] (Malwarebytes Corporation)

S3 RTL8187Se; C:\Windows\System32\DRIVERS\RTL8187Se.sys [427008 2009-06-10] (Realtek Semiconductor Corporation                           )

S2 uxpatch; C:\windows\system32\drivers\uxpatch.sys [30568 2009-07-12] ()

S3 GEARAspiWDM; System32\Drivers\GEARAspiWDM.sys [x]

 

========================== Drivers MD5 =======================

 

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit

C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\acpials.sys 12C5274CD87449A2A37A607CDB321922

C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit

C:\Windows\system32\drivers\afd.sys 1C7857B62DE5994A75B054A9FD4C3825

C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit

C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49

C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit

C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048

C:\Windows\system32\drivers\appid.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit

C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys E6671E90D38C88764412E07C9D9B3D63

C:\Windows\System32\DRIVERS\AVGIDSEH.Sys 1553B388E0F0462C25AD8F30C3C29E83

C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys DCA426A66739E75F51A72160DFB945AD

C:\Windows\System32\DRIVERS\avgldx64.sys FF7383388A7D2283DAE5831ABC2B0720

C:\Windows\System32\DRIVERS\avgmfx64.sys 997D002827D3E3DCBBB25BF46DB161AB

C:\Windows\System32\DRIVERS\avgrkx64.sys BCCFE3374C887075CDE2AC8FDB1CB2F8

C:\Windows\System32\DRIVERS\avgtdia.sys 0D49ADCEBE243B79366EA523B647519A

C:\Windows\System32\DRIVERS\MAudioAxiom.sys 87773F59A2F8C7DA3EB297223C79E049

C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit

C:\Windows\System32\CLFS.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit

C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit

C:\Windows\System32\Drivers\cng.sys 9AC4F97C2D3E93367E2148EA940CD2CD

C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit

C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit

C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit

C:\Windows\System32\drivers\discache.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit

C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit

C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit

C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit

C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit

C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit

C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit

C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit

C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit

C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B

C:\Windows\System32\DRIVERS\fvevol.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\FwLnk.sys 60ACB128E64C35C2B4E4AAB1B0A5C293

C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit

C:\Windows\SysWow64\Drivers\GEARAspiWDM.sys 4AC51459805264AFFD5F6FDFB9D9235F

C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit

C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A

C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF

C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit

C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\HssDrv.sys A60C877E1CD3AA2E4E5CCD8AF305C0F1

C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit

C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit

C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit

C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366

C:\Windows\System32\DRIVERS\igdkmd64.sys 0372C154226F7074CD150F475A4870A6

C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\Impcd.sys 4B6363CD4610BB848531BB260B15DFCC

C:\Windows\System32\drivers\RTKVHD64.sys 150AC23F21DBDBF8488408BA944B0D65

C:\Windows\System32\DRIVERS\IntcDAud.sys 408B401CD7CDB075C7470B0FF7BA8D0B

C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit

C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit

C:\windows\system32\drivers\iPodDrv.sys 02DEF37AB75E0032C50724646F708DE8

C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit

C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit

C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit

C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit

C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit

C:\Windows\System32\Drivers\ksecdd.sys 97A7070AEA4C058B6418519E869A63B4

C:\Windows\System32\Drivers\ksecpkg.sys 26C43A7C2862447EC59DEDA188D1DA07

C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\L1C62x64.sys FC010C7814DDAC17389A7D87EA2EBB39

C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit

C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit

C:\windows\system32\drivers\mbam.sys 79DA94B35371B9E7104460C7693DCB2C

C:\windows\system32\drivers\mbam.sys 79DA94B35371B9E7104460C7693DCB2C

C:\Windows\System32\DRIVERS\mcdbus.sys 79D51E7F5926E8CE1B3EBECEBAE28CFF

C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit

C:\Windows\System32\drivers\modem.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit

C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit

C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit

C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit

C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC

C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163

C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C

C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit

C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit

C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit

C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit

C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit

C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit

C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit

C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit

C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\NETw5s64.sys 39EDE676D17F37AF4573C2B33EC28ACA

C:\Windows\System32\DRIVERS\NETwNs64.sys 50AD7F7040C22BB7CAA59A0880875A21

C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Ntfs.sys A2F74975097F52A00745F9637451FDD8

C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit

C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD

C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A

C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit

C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit

C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C

C:\Windows\System32\drivers\pci.sys ==> MD5 is legit

C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit

C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit

C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\pgeffect.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit

C:\Windows\System32\Drivers\PxHlpa64.sys 87B04878A6D59D6C79251DC960C674C1

C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit

C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit

C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A

C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit

C:\Windows\System32\Drivers\RtsUStor.sys A48F861547FDD1D68201C9216ACFE6DC

C:\Windows\System32\DRIVERS\RTL8187Se.sys 3EC7911ED886DC5D8A9F70129254679C

C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit

C:\Windows\System32\Drivers\SCDEmu.sys 6CE6F98EA3D07A9C2CE3CD0A5A86352D

C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit

C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit

C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit

C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit

C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit

C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B

C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28

C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3

C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit

C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\SynTP.sys 33E6A285DAA5134D8EA2247914C86C09

C:\Windows\System32\DRIVERS\taphss.sys F33FDC72298DF4BF9813A55D21F4EB31

C:\Windows\System32\drivers\tcpip.sys ACB82BDA8F46C84F465C1AFA517DC4B9

C:\Windows\System32\DRIVERS\tcpip.sys ACB82BDA8F46C84F465C1AFA517DC4B9

C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\tdcmdpst.sys FD542B661BD22FA69CA789AD0AC58C29

C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit

C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8

C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit

C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\thpdrv.sys C013F6ACAA9761F571BD28DADA7C157D

C:\Windows\System32\DRIVERS\Thpevm.SYS B4E609047434ED948AF7BDEF2FA66E38

C:\Windows\System32\DRIVERS\tos_sps64.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\TVALZ_O.SYS ==> MD5 is legit

C:\Windows\System32\DRIVERS\TVALZFL.sys 9C7191F4B2E49BFF47A6C1144B5923FA

C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit

C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit

C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit

C:\Windows\System32\Drivers\usbaapl64.sys FB251567F41BC61988B26731DEC19E4B

C:\Windows\System32\drivers\usbaudio.sys 82E8F44688E6FAC57B5B7C6FC7ADBC2A

C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C

C:\Windows\system32\drivers\usbcir.sys ==> MD5 is legit

C:\Windows\system32\drivers\usbehci.sys C025055FE7B87701EB042095DF1A2D7B

C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24

C:\Windows\system32\drivers\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31

C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6

C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD

C:\Windows\System32\Drivers\usbvideo.sys 454800C2BC7F3927CE030141EE4F4C50

C:\windows\system32\drivers\uxpatch.sys 297EE9C666FC8BB96A232DB0DDBA1E49

C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit

C:\Windows\System32\drivers\vga.sys ==> MD5 is legit

C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit

C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit

C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit

C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit

C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\wd.sys ==> MD5 is legit

C:\Windows\System32\drivers\Wdf01000.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\WDKMD.sys ADCB28896D433D68103A1670FA3D5EE5

C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit

C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit

C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D

C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit

C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit

C:\Windows\System32\drivers\WudfPf.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\WUDFRd.sys ==> MD5 is legit

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2013-08-08 19:10 - 2013-08-08 19:10 - 00000000 ____D C:\FRST

 

==================== One Month Modified Files and Folders =======

 

2013-08-08 19:10 - 2013-08-08 19:10 - 00000000 ____D C:\FRST

2013-08-08 15:07 - 2010-09-12 21:12 - 310298974 _____ C:\Windows\MEMORY.DMP

 

Files to move or delete:

====================

C:\Users\Cole\GoToAssistDownloadHelper.exe

 

==================== Known DLLs (Whitelisted) ================

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

 

==================== EXE ASSOCIATION =====================

 

HKLM\...\.exe: exefile => OK

HKLM\...\exefile\DefaultIcon: %1 => OK

HKLM\...\exefile\open\command: "%1" %* => OK

 

==================== Restore Points  =========================

 

Restore point made on: 2012-06-13 23:00:34

Restore point made on: 2012-06-19 03:43:26

Restore point made on: 2012-06-19 07:12:29

Restore point made on: 2012-06-19 07:16:01

Restore point made on: 2012-07-21 23:00:38

 

==================== BCD ================================

 

Windows Boot Manager

--------------------

identifier              {bootmgr}

device                  partition=D:

description             Windows Boot Manager

locale                  en-US

inherit                 {globalsettings}

default                 {default}

resumeobject            {8219c772-c798-11df-9981-d487b5f04318}

displayorder            {default}

toolsdisplayorder       {memdiag}

timeout                 30

 

Windows Boot Loader

-------------------

identifier              {default}

device                  partition=C:

path                    \windows\system32\winload.exe

description             Windows 7

locale                  en-US

inherit                 {bootloadersettings}

recoverysequence        {current}

recoveryenabled         Yes

osdevice                partition=C:

systemroot              \windows

resumeobject            {8219c772-c798-11df-9981-d487b5f04318}

nx                      OptIn

 

Windows Boot Loader

-------------------

identifier              {current}

device                  ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{8219c775-c798-11df-9981-d487b5f04318}

path                    \windows\system32\winload.exe

description             Windows Recovery Environment

inherit                 {bootloadersettings}

osdevice                ramdisk=[D:]\Recovery\WindowsRE\Winre.wim,{8219c775-c798-11df-9981-d487b5f04318}

systemroot              \windows

nx                      OptIn

winpe                   Yes

 

Resume from Hibernate

---------------------

identifier              {8219c772-c798-11df-9981-d487b5f04318}

device                  partition=C:

path                    \windows\system32\winresume.exe

description             Windows Resume Application

locale                  en-US

inherit                 {resumeloadersettings}

filedevice              partition=C:

filepath                \hiberfil.sys

debugoptionenabled      No

 

Windows Memory Tester

---------------------

identifier              {memdiag}

device                  partition=D:

path                    \boot\memtest.exe

description             Windows Memory Diagnostic

locale                  en-US

inherit                 {globalsettings}

badmemoryaccess         Yes

 

EMS Settings

------------

identifier              {emssettings}

bootems                 Yes

 

Debugger Settings

-----------------

identifier              {dbgsettings}

debugtype               Serial

debugport               1

baudrate                115200

 

RAM Defects

-----------

identifier              {badmemory}

 

Global Settings

---------------

identifier              {globalsettings}

inherit                 {dbgsettings}

                        {emssettings}

                        {badmemory}

 

Boot Loader Settings

--------------------

identifier              {bootloadersettings}

inherit                 {globalsettings}

                        {hypervisorsettings}

 

Hypervisor Settings

-------------------

identifier              {hypervisorsettings}

hypervisordebugtype     Serial

hypervisordebugport     1

hypervisorbaudrate      115200

 

Resume Loader Settings

----------------------

identifier              {resumeloadersettings}

inherit                 {globalsettings}

 

Device options

--------------

identifier              {8219c775-c798-11df-9981-d487b5f04318}

description             Ramdisk Options

ramdisksdidevice        partition=D:

ramdisksdipath          \Recovery\WindowsRE\boot.sdi

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 14%

Total physical RAM: 3894.79 MB

Available physical RAM: 3313.73 MB

Total Pagefile: 3892.93 MB

Available Pagefile: 3320.45 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB

 

==================== Drives ================================

 

Drive c: (TI105512W0E) (Fixed) (Total:446.29 GB) (Free:349.77 GB) NTFS (Disk=0 Partition=2) ==>[system with boot components (obtained from reading drive)]

Drive d: (TOSHIBA System Volume) (Fixed) (Total:1.46 GB) (Free:1.26 GB) NTFS (Disk=0 Partition=1) ==>[system with boot components (obtained from reading drive)]

Drive f: () (Removable) (Total:3.76 GB) (Free:3.76 GB) FAT32 (Disk=1 Partition=1)

Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 00472E22)

Partition 1: (Active) - (Size=1 GB) - (Type=27)

Partition 2: (Not Active) - (Size=446 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=18 GB) - (Type=17)

 

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)

Partition 1: (Active) - (Size=4 GB) - (Type=0C)

 

 

LastRegBack: 2011-07-20 21:44

 

==================== End Of Log ============================

[Coleon]

System restore turns the computer off after completing. Booting normal results in a freeze at the logo screen.

[D-FRED-BROWN]

I see 5 different restore points listed:

 

 

Restore point made on: 2012-06-13 23:00:34

Restore point made on: 2012-06-19 03:43:26

Restore point made on: 2012-06-19 07:12:29

Restore point made on: 2012-06-19 07:16:01

Restore point made on: 2012-07-21 23:00:38

 

Have you tried restoring to each of them?

[Coleon]

It's been a while since I've tried to use this computer. Checking now.

[D-FRED-BROWN]

Okay let me know if that doesn't work, I have a couple other ideas but I'd like to first verify that those restore points aren't somehow corrupt.

[Coleon]

System Restore failed to extract C:/ProgramFiles/Common Files/System/ado/msado15.dll from the restore point. There was a a disk failure. This might be caused by bad sectors. Run chkdsk /R and try again.

 

-Most recent restore point

[D-FRED-BROWN]

Try the older restore point-

Restore point made on: 2012-06-13 23:00:34

[Coleon]

It's not showing me the 6-13 restore point to choose. Only the others. I checked "show more restore points".

[D-FRED-BROWN]

Okay, just try the oldest one you can find

[Coleon]

Oldest restore point yielded the same result.

[D-FRED-BROWN]

Can you give me some insight as to when/why this all started happening?

[Coleon]

Can you give me some insight as to when/why this all started happening?

I got a new computer and set this one in a drawer. I think I tried starting it up a few months later and it was in this state.

[D-FRED-BROWN]

Is there anything in particular on here that you want to keep (documents, files, etc.)? You have a Toshiba Recovery Partition on here so you should be able to restore this computer to factory settings.

[Coleon]

Yes, I would very much like to keep some music I made and songs I had written. Maybe pictures too, not sure anymore.

[D-FRED-BROWN]

Unfortunately your options are pretty limited, and each of them is somewhat complicated. Here's a pretty user-friendly guide on creating a Linux-based bootable disk to backup your files outside of Windows: http://www.howtogeek.com/howto/windows-vista/use-ubuntu-live-cd-to-backup-files-from-your-dead-windows-computer/

 

Let me know if you need help with anything

[Coleon]

Can I not run a portable file manager program through the command prompt like this one and transfer the stuff to a portable harddrive?

[D-FRED-BROWN]

You can try, but I think that's mainly meant for working Windows systems.

[Coleon]

I guess I'll just wipe it then. Thanks anyways.

[D-FRED-BROWN]

Sounds good. Sorry we couldn't be of more help. If you need any help reformatting, don't hesitate to ask.

[D-FRED-BROWN]

Any remaining issues?

[AdvancedSetup]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.