Windows 7 AVG Anti rootkit BSoD

Firecracker

Banned
Joined
Jan 19, 2010
For the last week since the last MS patch Tuesday, When I've do scans with the AVG Anti Rootkit Tool, I keep getting A BSoD, I've updated everything, that didn't work, So I did a system restore, that again didn't work, I tried updating AVG and nothing seems to work.

Can someone have a look at this?
 

Attachments

  • New Compressed .zip
    44.5 KB · Views: 313
In a nutshell, AVG is your problem.

AVG is known to be a cause of BSOD's on Windows 7 systems. Suggest that you uninstall it. Download the correct AVG Remover for your system (32 or 64 bit).
If you have AVG ID protection installed, download the AVGID Protection Remover from the above link as well (it wouldn't hurt to download and run it anyway). Download Link Removed due to 404 Error as AVG's replacement. Re-boot to Safe Mode. In Safe Mode run the AVG Removal tools. Re-boot to normal mode and install MSE. Make sure your Windows firewall is enabled!

More to follow.
 
STOP 0x0000001E: KMODE_EXCEPTION_NOT_HANDLED
Usual causes:
Device driver, hardware, System service, compatibility, Remote control programs, memory, BIOS

As a Priority:

Uninstall AVG!

Outdated Drivers. Update:

000.fcl Fri Sep 26 14:11:22 2008 CyberLink FCL Driver

b57nd60a.sys Sun Apr 26 12:14:55 2009 Broadcom NetXtreme Gigabit Ethernet

cpqbttn64.sys Wed Jun 28 16:40:47 2006 HP Tablet PC Key Button HID Driver / HP Quick Launch Buttons

tifm21.sys Fri Dec 14 15:22:54 2007 Texas Instruments Integrated FlashMedia Controller. Check with your O.E.M. Support.

VSTAZL6.SYS Thu Oct 16 01:53:42 2008
VSTCNXT6.SYS Thu Oct 16 01:52:22 2008
VSTDPV6.SYS Thu Oct 16 01:57:45 2008
Link Removed due to 404 Error

Bugcheck Analysis:
Code:
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 1E, {ffffffffc0000005, fffff80002cdfbb4, 0, 8}

[SIZE=4][B]Unable to load image avgrkx64.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for avgrkx64.sys
*** ERROR: Module load completed but symbols could not be loaded for avgrkx64.sys
Probably caused by : avgrkx64.sys ( avgrkx64+1e24 )[/B][/SIZE]

Followup: MachineOwner
---------

0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: ffffffffc0000005, The exception code that was not handled
Arg2: fffff80002cdfbb4, The address that the exception occurred at
Arg3: 0000000000000000, Parameter 0 of the exception
Arg4: 0000000000000008, Parameter 1 of the exception

Debugging Details:
------------------


EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

FAULTING_IP: 
nt!IofCallDriver+44
fffff800`02cdfbb4 4c8b4108        mov     r8,qword ptr [rcx+8]

EXCEPTION_PARAMETER1:  0000000000000000

EXCEPTION_PARAMETER2:  0000000000000008

READ_ADDRESS: GetPointerFromAddress: unable to read from fffff80002f05100
 0000000000000008 

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

BUGCHECK_STR:  0x1E_c0000005

CUSTOMER_CRASH_COUNT:  1

DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

PROCESS_NAME:  System

CURRENT_IRQL:  0

TRAP_FRAME:  fffff88007589160 -- (.trap 0xfffff88007589160)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffa80051c00e0 rbx=0000000000000000 rcx=0000000000000000
rdx=fffffa80051c0010 rsi=0000000000000000 rdi=0000000000000000
rip=fffff80002cdfbb4 rsp=fffff880075892f0 rbp=fffffa800233a840
 r8=fffffa80034af9d0  r9=0000000000000012 r10=fffffa800238a420
r11=fffffa800284e6b0 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei ng nz ac po cy
nt!IofCallDriver+0x44:
fffff800`02cdfbb4 4c8b4108        mov     r8,qword ptr [rcx+8] ds:1010:00000000`00000008=????????????????
Resetting default scope

LAST_CONTROL_TRANSFER:  from fffff80002d215d8 to fffff80002cd5d00

STACK_TEXT:  
fffff880`075888d8 fffff800`02d215d8 : 00000000`0000001e ffffffff`c0000005 fffff800`02cdfbb4 00000000`00000000 : nt!KeBugCheckEx
fffff880`075888e0 fffff800`02cd5382 : fffff880`075890b8 fffffa80`051c0010 fffff880`07589160 00000000`00000000 : nt! ?? ::FNODOBFM::`string'+0x4987d
fffff880`07588f80 fffff800`02cd3efa : 00000000`00000000 00000000`00000008 00000000`00000200 fffffa80`051c0010 : nt!KiExceptionDispatch+0xc2
fffff880`07589160 fffff800`02cdfbb4 : fffff8a0`00001690 00000000`00000000 fffffa80`034af540 00000000`00000000 : nt!KiPageFault+0x23a
fffff880`075892f0 fffff800`02fdd09f : 00000000`00f8001e fffffa80`0233a840 00000000`00000000 fffffa80`02bb7490 : nt!IofCallDriver+0x44
fffff880`07589320 fffff800`02fcc844 : 00000000`00000001 fffffa80`058462e0 ffffffff`00000340 ffffea4e`00000000 : nt!IopCloseFile+0x11f
fffff880`075893b0 fffff800`02fcc601 : fffffa80`058462e0 fffffa80`00000001 fffff8a0`00001690 00000000`00000000 : nt!ObpDecrementHandleCount+0xb4
fffff880`07589430 fffff800`02fccbc4 : 00000000`0000236c fffffa80`058462e0 fffff8a0`00001690 00000000`0000236c : nt!ObpCloseHandleTableEntry+0xb1
fffff880`075894c0 fffff800`02cd4f93 : fffffa80`0284e6b0 fffff880`07589590 fffff880`075897b8 00000000`000007ff : nt!ObpCloseHandle+0x94
fffff880`07589510 fffff800`02cd1530 : fffff800`02fb9b3a 00000000`00000001 fffffa80`02bb7460 fffff8a0`03aa6480 : nt!KiSystemServiceCopyEnd+0x13
fffff880`075896a8 fffff800`02fb9b3a : 00000000`00000001 fffffa80`02bb7460 fffff8a0`03aa6480 00000000`00000040 : nt!KiServiceLinkage
fffff880`075896b0 fffff880`01ba8e24 : ffffffff`8000236c 00000000`00000105 fffffa80`04351480 fffff8a0`03b89160 : nt!IoGetDeviceObjectPointer+0xba
fffff880`07589740 ffffffff`8000236c : 00000000`00000105 fffffa80`04351480 fffff8a0`03b89160 00000000`00000001 : avgrkx64+0x1e24
fffff880`07589748 00000000`00000105 : fffffa80`04351480 fffff8a0`03b89160 00000000`00000001 fffff880`075897a8 : 0xffffffff`8000236c
fffff880`07589750 fffffa80`04351480 : fffff8a0`03b89160 00000000`00000001 fffff880`075897a8 fffff880`07589868 : 0x105
fffff880`07589758 fffff8a0`03b89160 : 00000000`00000001 fffff880`075897a8 fffff880`07589868 00000000`00000150 : 0xfffffa80`04351480
fffff880`07589760 00000000`00000001 : fffff880`075897a8 fffff880`07589868 00000000`00000150 fffffa80`0020001e : 0xfffff8a0`03b89160
fffff880`07589768 fffff880`075897a8 : fffff880`07589868 00000000`00000150 fffffa80`0020001e fffff8a0`03aac440 : 0x1
fffff880`07589770 fffff880`07589868 : 00000000`00000150 fffffa80`0020001e fffff8a0`03aac440 ffffffff`80002370 : 0xfffff880`075897a8
fffff880`07589778 00000000`00000150 : fffffa80`0020001e fffff8a0`03aac440 ffffffff`80002370 fffff800`02e01fbd : 0xfffff880`07589868
fffff880`07589780 fffffa80`0020001e : fffff8a0`03aac440 ffffffff`80002370 fffff800`02e01fbd fffff8a0`03aac440 : 0x150
fffff880`07589788 fffff8a0`03aac440 : ffffffff`80002370 fffff800`02e01fbd fffff8a0`03aac440 00000000`0000000d : 0xfffffa80`0020001e
fffff880`07589790 ffffffff`80002370 : fffff800`02e01fbd fffff8a0`03aac440 00000000`0000000d fffffa80`034af540 : 0xfffff8a0`03aac440
fffff880`07589798 fffff800`02e01fbd : fffff8a0`03aac440 00000000`0000000d fffffa80`034af540 fffffa80`02bb7490 : 0xffffffff`80002370
fffff880`075897a0 fffff880`01ba8e6a : fffff880`07589890 fffff8a0`03b74300 fffffa80`00000020 fffff8a0`000003cc : nt!ExFreePoolWithTag+0x22d
fffff880`07589850 fffff880`07589890 : fffff8a0`03b74300 fffffa80`00000020 fffff8a0`000003cc fffff8a0`03ba4000 : avgrkx64+0x1e6a
fffff880`07589858 fffff8a0`03b74300 : fffffa80`00000020 fffff8a0`000003cc fffff8a0`03ba4000 fffff880`075898b8 : 0xfffff880`07589890
fffff880`07589860 fffffa80`00000020 : fffff8a0`000003cc fffff8a0`03ba4000 fffff880`075898b8 fffff880`07589978 : 0xfffff8a0`03b74300
fffff880`07589868 fffff8a0`000003cc : fffff8a0`03ba4000 fffff880`075898b8 fffff880`07589978 fffff800`02e01fbd : 0xfffffa80`00000020
fffff880`07589870 fffff8a0`03ba4000 : fffff880`075898b8 fffff880`07589978 fffff800`02e01fbd fffff680`0012000e : 0xfffff8a0`000003cc
fffff880`07589878 fffff880`075898b8 : fffff880`07589978 fffff800`02e01fbd fffff680`0012000e fffff8a0`03aca0a0 : 0xfffff8a0`03ba4000
fffff880`07589880 fffff880`07589978 : fffff800`02e01fbd fffff680`0012000e fffff8a0`03aca0a0 ffffffff`80002380 : 0xfffff880`075898b8
fffff880`07589888 fffff800`02e01fbd : fffff680`0012000e fffff8a0`03aca0a0 ffffffff`80002380 69634d43`00003ba4 : 0xfffff880`07589978
fffff880`07589890 fffffa80`026de960 : fffffa80`04351480 fffff880`07589ca0 00000000`00000000 fffff880`01ba9256 : nt!ExFreePoolWithTag+0x22d
fffff880`07589940 fffffa80`04351480 : fffff880`07589ca0 00000000`00000000 fffff880`01ba9256 fffff880`075899a0 : 0xfffffa80`026de960
fffff880`07589948 fffff880`07589ca0 : 00000000`00000000 fffff880`01ba9256 fffff880`075899a0 fffff8a0`0245d100 : 0xfffffa80`04351480
fffff880`07589950 00000000`00000000 : fffff880`01ba9256 fffff880`075899a0 fffff8a0`0245d100 00000000`00000012 : 0xfffff880`07589ca0


STACK_COMMAND:  kb

FOLLOWUP_IP: 
avgrkx64+1e24
fffff880`01ba8e24 ??              ???

SYMBOL_STACK_INDEX:  c

SYMBOL_NAME:  avgrkx64+1e24

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: avgrkx64

IMAGE_NAME:  avgrkx64.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  4c858c21

FAILURE_BUCKET_ID:  X64_0x1E_c0000005_avgrkx64+1e24

BUCKET_ID:  X64_0x1E_c0000005_avgrkx64+1e24

Followup: MachineOwner

Drivers:
Code:
fffff880`04e53000 fffff880`04e7e000   000      000.fcl      Fri Sep 26 14:11:22 2008 (48DCDF7A)
fffff880`047be000 fffff880`047fc000   1394ohci 1394ohci.sys Sat Nov 20 10:44:56 2010 (4CE7A6A8)
fffff880`00ee0000 fffff880`00f37000   ACPI     ACPI.sys     Sat Nov 20 09:19:16 2010 (4CE79294)
fffff880`04c33000 fffff880`04c9a000   ADIHdAud ADIHdAud.sys Thu Apr 24 18:25:46 2008 (4810C29A)
fffff880`02e50000 fffff880`02ed9000   afd      afd.sys      Sat Nov 20 09:23:27 2010 (4CE7938F)
fffff880`039b5000 fffff880`039cb000   AgileVpn AgileVpn.sys Tue Jul 14 01:10:24 2009 (4A5BCCF0)
fffff880`0394b000 fffff880`03962000   amdk8    amdk8.sys    Tue Jul 14 00:19:25 2009 (4A5BC0FD)
fffff880`01140000 fffff880`0114b000   amdxata  amdxata.sys  Fri Mar 19 16:18:18 2010 (4BA3A3CA)
fffff880`059c7000 fffff880`059d2000   asyncmac asyncmac.sys Tue Jul 14 01:10:13 2009 (4A5BCCE5)
fffff880`0110d000 fffff880`01116000   atapi    atapi.sys    Tue Jul 14 00:19:47 2009 (4A5BC113)
fffff880`01116000 fffff880`01140000   ataport  ataport.SYS  Sat Nov 20 09:19:15 2010 (4CE79293)
fffff880`0407c000 fffff880`045ec000   atikmdag atikmdag.sys Thu Feb 11 05:47:46 2010 (4B739A02)
fffff880`054ae000 fffff880`05563000   ATSwpWDF ATSwpWDF.sys Tue Nov 24 14:00:40 2009 (4B0BE708)
fffff880`01bbb000 fffff880`01bef000   AVGIDSDriver AVGIDSDriver.Sys Tue Aug 03 23:24:45 2010 (4C58972D)
fffff880`01bb1000 fffff880`01bbb000   AVGIDSEH AVGIDSEH.Sys Mon Sep 13 23:46:38 2010 (4C8EA9CE)
fffff880`02c24000 fffff880`02c30000   AVGIDSFilter AVGIDSFilter.Sys Tue Aug 03 23:23:21 2010 (4C5896D9)
fffff880`038d5000 fffff880`03925000   avgldx64 avgldx64.sys Wed Dec 08 02:01:55 2010 (4CFEE713)
fffff880`01bf1000 fffff880`01c00000   avgmfx64 avgmfx64.sys Tue Sep 07 01:49:14 2010 (4C858C0A)
fffff880`01ba7000 fffff880`01bb1000   avgrkx64 avgrkx64.sys Tue Sep 07 01:49:37 2010 (4C858C21)
fffff880`01400000 fffff880`01461000   avgtdia  avgtdia.sys  Fri Nov 12 11:08:42 2010 (4CDD203A)
fffff880`04000000 fffff880`04048000   b57nd60a b57nd60a.sys Sun Apr 26 12:14:55 2009 (49F4422F)
fffff880`00fa8000 fffff880`00fb4000   BATTC    BATTC.SYS    Tue Jul 14 00:31:01 2009 (4A5BC3B5)
fffff880`04a44000 fffff880`04b88000   bcmwl664 bcmwl664.sys Fri Mar 27 01:06:57 2009 (49CC26B1)
fffff880`01668000 fffff880`0166f000   Beep     Beep.SYS     Tue Jul 14 01:00:13 2009 (4A5BCA8D)
fffff880`038c4000 fffff880`038d5000   blbdrive blbdrive.sys Tue Jul 14 00:35:59 2009 (4A5BC4DF)
fffff880`02d2d000 fffff880`02d4b000   bowser   bowser.sys   Wed Feb 23 04:55:04 2011 (4D649328)
fffff880`055ba000 fffff880`055ca000   BthEnum  BthEnum.sys  Tue Jul 14 01:06:52 2009 (4A5BCC1C)
fffff880`055ca000 fffff880`055ea000   bthpan   bthpan.sys   Tue Jul 14 01:07:00 2009 (4A5BCC24)
fffff880`05400000 fffff880`0548c000   bthport  bthport.sys  Sat Nov 20 10:44:51 2010 (4CE7A6A3)
fffff880`05576000 fffff880`0558e000   BTHUSB   BTHUSB.sys   Sat Nov 20 10:44:33 2010 (4CE7A691)
fffff880`05563000 fffff880`05574000   btusbflt btusbflt.sys Fri Apr 09 02:11:36 2010 (4BBE7EC8)
fffff960`006a0000 fffff960`006c7000   cdd      cdd.dll      Sat Nov 20 12:55:34 2010 (4CE7C546)
fffff880`0162b000 fffff880`01655000   cdrom    cdrom.sys    Sat Nov 20 09:19:20 2010 (4CE79298)
fffff880`00c00000 fffff880`00cc0000   CI       CI.dll       Sat Nov 20 13:12:36 2010 (4CE7C944)
fffff880`01b77000 fffff880`01ba7000   CLASSPNP CLASSPNP.SYS Sat Nov 20 09:19:23 2010 (4CE7929B)
fffff880`01655000 fffff880`0165f000   CLBStor  CLBStor.sys  Tue Oct 14 04:34:50 2008 (48F4135A)
fffff880`05000000 fffff880`05068000   CLBUDF   CLBUDF.SYS   Tue Oct 14 04:34:47 2008 (48F41357)
fffff880`00d08000 fffff880`00d66000   CLFS     CLFS.SYS     Tue Jul 14 00:19:57 2009 (4A5BC11D)
fffff880`04bfa000 fffff880`04bfe500   CmBatt   CmBatt.sys   Tue Jul 14 00:31:03 2009 (4A5BC3B7)
fffff880`014ea000 fffff880`0155c000   cng      cng.sys      Sat Nov 20 10:08:45 2010 (4CE79E2D)
fffff880`00f9f000 fffff880`00fa8000   compbatt compbatt.sys Tue Jul 14 00:31:02 2009 (4A5BC3B6)
fffff880`0406a000 fffff880`0407a000   CompositeBus CompositeBus.sys Sat Nov 20 10:33:17 2010 (4CE7A3ED)
fffff880`04bf6000 fffff880`04bf9180   cpqbttn64 cpqbttn64.sys Wed Jun 28 16:40:47 2006 (44A2A2FF)
fffff880`055ea000 fffff880`055f8000   crashdmp crashdmp.sys Tue Jul 14 01:01:01 2009 (4A5BCABD)
fffff880`03823000 fffff880`038a6000   csc      csc.sys      Sat Nov 20 09:27:12 2010 (4CE79470)
fffff880`038a6000 fffff880`038c4000   dfsc     dfsc.sys     Sat Nov 20 09:26:31 2010 (4CE79447)
fffff880`02fc4000 fffff880`02fd3000   discache discache.sys Tue Jul 14 00:37:18 2009 (4A5BC52E)
fffff880`01b61000 fffff880`01b77000   disk     disk.sys     Tue Jul 14 00:19:57 2009 (4A5BC11D)
fffff880`04cd7000 fffff880`04cf9000   drmk     drmk.sys     Tue Jul 14 02:01:25 2009 (4A5BD8E5)
fffff880`05498000 fffff880`054a1000   dump_atapi dump_atapi.sys Tue Jul 14 00:19:47 2009 (4A5BC113)
fffff880`0548c000 fffff880`05498000   dump_ataport dump_ataport.sys Tue Jul 14 00:19:47 2009 (4A5BC113)
fffff880`05185000 fffff880`05198000   dump_dumpfve dump_dumpfve.sys Tue Jul 14 00:21:51 2009 (4A5BC18F)
fffff880`054a1000 fffff880`054ad000   Dxapi    Dxapi.sys    Tue Jul 14 00:38:28 2009 (4A5BC574)
fffff880`0462d000 fffff880`04721000   dxgkrnl  dxgkrnl.sys  Sat Nov 20 09:50:50 2010 (4CE799FA)
fffff880`04721000 fffff880`04767000   dxgmms1  dxgmms1.sys  Sat Nov 20 09:49:53 2010 (4CE799C1)
fffff880`01197000 fffff880`011ab000   fileinfo fileinfo.sys Tue Jul 14 00:34:25 2009 (4A5BC481)
fffff880`0114b000 fffff880`01197000   fltmgr   fltmgr.sys   Sat Nov 20 09:19:24 2010 (4CE7929C)
fffff880`0156d000 fffff880`01577000   Fs_Rec   Fs_Rec.sys   Tue Jul 14 00:19:45 2009 (4A5BC111)
fffff880`01b27000 fffff880`01b61000   fvevol   fvevol.sys   Sat Nov 20 09:24:06 2010 (4CE793B6)
fffff880`01a07000 fffff880`01a51000   fwpkclnt fwpkclnt.sys Sat Nov 20 09:21:37 2010 (4CE79321)
fffff880`04a11000 fffff880`04a1e000   GEARAspiWDM GEARAspiWDM.sys Mon May 18 13:17:04 2009 (4A1151C0)
fffff800`02c0d000 fffff800`02c56000   hal      hal.dll      Sat Nov 20 13:00:25 2010 (4CE7C669)
fffff880`04a1e000 fffff880`04a42000   HDAudBus HDAudBus.sys Sat Nov 20 10:43:42 2010 (4CE7A65E)
fffff880`04048000 fffff880`04061000   HIDCLASS HIDCLASS.SYS Sat Nov 20 10:43:49 2010 (4CE7A665)
fffff880`04620000 fffff880`04628080   HIDPARSE HIDPARSE.SYS Tue Jul 14 01:06:17 2009 (4A5BCBF9)
fffff880`04794000 fffff880`047a0000   HpqKbFiltr HpqKbFiltr.sys Mon Jun 18 23:13:11 2007 (46770377)
fffff880`02c64000 fffff880`02d2d000   HTTP     HTTP.sys     Sat Nov 20 09:24:30 2010 (4CE793CE)
fffff880`01b1e000 fffff880`01b27000   hwpolicy hwpolicy.sys Sat Nov 20 09:18:54 2010 (4CE7927E)
fffff880`04776000 fffff880`04794000   i8042prt i8042prt.sys Tue Jul 14 00:19:57 2009 (4A5BC11D)
fffff880`047a0000 fffff880`047af000   kbdclass kbdclass.sys Tue Jul 14 00:19:50 2009 (4A5BC116)
fffff880`015e4000 fffff880`015f2000   kbdhid   kbdhid.sys   Sat Nov 20 10:33:25 2010 (4CE7A3F5)
fffff800`00bcb000 fffff800`00bd5000   kdcom    kdcom.dll    Sat Feb 05 16:52:49 2011 (4D4D8061)
fffff880`014a6000 fffff880`014e9000   ks       ks.sys       Sat Nov 20 10:33:23 2010 (4CE7A3F3)
fffff880`013bc000 fffff880`013d7000   ksecdd   ksecdd.sys   Sat Nov 20 09:21:15 2010 (4CE7930B)
fffff880`01600000 fffff880`0162b000   ksecpkg  ksecpkg.sys  Sat Nov 20 10:10:34 2010 (4CE79E9A)
fffff880`04cf9000 fffff880`04cfe200   ksthunk  ksthunk.sys  Tue Jul 14 01:00:19 2009 (4A5BCA93)
fffff880`05068000 fffff880`0507d000   lltdio   lltdio.sys   Tue Jul 14 01:08:50 2009 (4A5BCC92)
fffff880`051a6000 fffff880`051c9000   luafv    luafv.sys    Tue Jul 14 00:26:13 2009 (4A5BC295)
fffff880`00ce7000 fffff880`00cf4000   mcupdate mcupdate.dll Tue Jul 14 02:29:09 2009 (4A5BDF65)
fffff880`05176000 fffff880`05185000   modem    modem.sys    Tue Jul 14 01:10:48 2009 (4A5BCD08)
fffff880`05198000 fffff880`051a6000   monitor  monitor.sys  Tue Jul 14 00:38:52 2009 (4A5BC58C)
fffff880`047af000 fffff880`047be000   mouclass mouclass.sys Tue Jul 14 00:19:50 2009 (4A5BC116)
fffff880`00fe0000 fffff880`00ffa000   mountmgr mountmgr.sys Sat Nov 20 09:19:21 2010 (4CE79299)
fffff880`02d4b000 fffff880`02d63000   mpsdrv   mpsdrv.sys   Tue Jul 14 01:08:25 2009 (4A5BCC79)
fffff880`02d63000 fffff880`02d90000   mrxsmb   mrxsmb.sys   Wed Feb 23 04:56:22 2011 (4D649376)
fffff880`02d90000 fffff880`02ddd000   mrxsmb10 mrxsmb10.sys Wed Feb 23 04:55:12 2011 (4D649330)
fffff880`02c00000 fffff880`02c24000   mrxsmb20 mrxsmb20.sys Wed Feb 23 04:55:12 2011 (4D649330)
fffff880`01599000 fffff880`015a4000   Msfs     Msfs.SYS     Tue Jul 14 00:19:47 2009 (4A5BC113)
fffff880`00f40000 fffff880`00f4a000   msisadrv msisadrv.sys Tue Jul 14 00:19:26 2009 (4A5BC0FE)
fffff880`01000000 fffff880`0105e000   msrpc    msrpc.sys    Sat Nov 20 09:21:56 2010 (4CE79334)
fffff880`02fb9000 fffff880`02fc4000   mssmbios mssmbios.sys Tue Jul 14 00:31:10 2009 (4A5BC3BE)
fffff880`01b0c000 fffff880`01b1e000   mup      mup.sys      Tue Jul 14 00:23:45 2009 (4A5BC201)
fffff880`016a4000 fffff880`01797000   ndis     ndis.sys     Sat Nov 20 09:23:30 2010 (4CE79392)
fffff880`045ec000 fffff880`045f8000   ndistapi ndistapi.sys Tue Jul 14 01:10:00 2009 (4A5BCCD8)
fffff880`0507d000 fffff880`05090000   ndisuio  ndisuio.sys  Sat Nov 20 10:50:08 2010 (4CE7A7E0)
fffff880`02e00000 fffff880`02e2f000   ndiswan  ndiswan.sys  Sat Nov 20 10:52:32 2010 (4CE7A870)
fffff880`013d7000 fffff880`013ec000   NDProxy  NDProxy.SYS  Sat Nov 20 10:52:20 2010 (4CE7A864)
fffff880`02f1e000 fffff880`02f2d000   netbios  netbios.sys  Tue Jul 14 01:09:26 2009 (4A5BCCB6)
fffff880`01461000 fffff880`014a6000   netbt    netbt.sys    Sat Nov 20 09:23:18 2010 (4CE79386)
fffff880`01797000 fffff880`017f7000   NETIO    NETIO.SYS    Sat Nov 20 09:23:13 2010 (4CE79381)
fffff880`015a4000 fffff880`015b5000   Npfs     Npfs.SYS     Tue Jul 14 00:19:48 2009 (4A5BC114)
fffff880`02fad000 fffff880`02fb9000   nsiproxy nsiproxy.sys Tue Jul 14 00:21:02 2009 (4A5BC15E)
fffff800`02c56000 fffff800`0323f000   nt       ntkrnlmp.exe Sat Apr 09 05:15:23 2011 (4D9FDD5B)
fffff880`01219000 fffff880`013bc000   Ntfs     Ntfs.sys     Fri Mar 11 03:39:39 2011 (4D79997B)
fffff880`0165f000 fffff880`01668000   Null     Null.SYS     Tue Jul 14 00:19:37 2009 (4A5BC109)
fffff880`04e00000 fffff880`04e53000   nwifi    nwifi.sys    Tue Jul 14 01:07:23 2009 (4A5BCC3B)
fffff880`02ee2000 fffff880`02f08000   pacer    pacer.sys    Sat Nov 20 10:52:18 2010 (4CE7A862)
fffff880`00f8a000 fffff880`00f9f000   partmgr  partmgr.sys  Sat Nov 20 09:20:00 2010 (4CE792C0)
fffff880`00f4a000 fffff880`00f7d000   pci      pci.sys      Sat Nov 20 09:19:11 2010 (4CE7928F)
fffff880`00fc9000 fffff880`00fd0000   pciide   pciide.sys   Tue Jul 14 00:19:49 2009 (4A5BC115)
fffff880`00fd0000 fffff880`00fe0000   PCIIDEX  PCIIDEX.SYS  Tue Jul 14 00:19:48 2009 (4A5BC114)
fffff880`00dc2000 fffff880`00dfb000   pcmcia   pcmcia.sys   Tue Jul 14 00:31:10 2009 (4A5BC3BE)
fffff880`0155c000 fffff880`0156d000   pcw      pcw.sys      Tue Jul 14 00:19:27 2009 (4A5BC0FF)
fffff880`04d51000 fffff880`04df7000   peauth   peauth.sys   Tue Jul 14 02:01:19 2009 (4A5BD8DF)
fffff880`04c9a000 fffff880`04cd7000   portcls  portcls.sys  Tue Jul 14 01:06:27 2009 (4A5BCC03)
fffff880`00cf4000 fffff880`00d08000   PSHED    PSHED.dll    Tue Jul 14 02:32:23 2009 (4A5BE027)
fffff880`011ab000 fffff880`011b6d00   PxHlpa64 PxHlpa64.sys Thu Mar 13 01:58:17 2008 (47D88A39)
fffff880`039cb000 fffff880`039ef000   rasl2tp  rasl2tp.sys  Sat Nov 20 10:52:34 2010 (4CE7A872)
fffff880`03800000 fffff880`0381b000   raspppoe raspppoe.sys Tue Jul 14 01:10:17 2009 (4A5BCCE9)
fffff880`02e2f000 fffff880`02e50000   raspptp  raspptp.sys  Sat Nov 20 10:52:31 2010 (4CE7A86F)
fffff880`02fd3000 fffff880`02fed000   rassstp  rassstp.sys  Tue Jul 14 01:10:25 2009 (4A5BCCF1)
fffff880`02f5c000 fffff880`02fad000   rdbss    rdbss.sys    Sat Nov 20 09:27:51 2010 (4CE79497)
fffff880`039ef000 fffff880`039fa000   rdpbus   rdpbus.sys   Tue Jul 14 01:17:46 2009 (4A5BCEAA)
fffff880`017f7000 fffff880`01800000   RDPCDD   RDPCDD.sys   Tue Jul 14 01:16:34 2009 (4A5BCE62)
fffff880`01587000 fffff880`01590000   rdpencdd rdpencdd.sys Tue Jul 14 01:16:34 2009 (4A5BCE62)
fffff880`01590000 fffff880`01599000   rdprefmp rdprefmp.sys Tue Jul 14 01:16:35 2009 (4A5BCE63)
fffff880`0598e000 fffff880`059c7000   RDPWD    RDPWD.SYS    Sat Nov 20 11:04:37 2010 (4CE7AB45)
fffff880`01ad2000 fffff880`01b0c000   rdyboost rdyboost.sys Sat Nov 20 09:43:10 2010 (4CE7982E)
fffff880`0558e000 fffff880`055ba000   rfcomm   rfcomm.sys   Tue Jul 14 01:06:56 2009 (4A5BCC20)
fffff880`05090000 fffff880`050a8000   rspndr   rspndr.sys   Tue Jul 14 01:08:50 2009 (4A5BCC92)
fffff880`01ab5000 fffff880`01ad2000   sbp2port sbp2port.sys Sat Nov 20 09:19:21 2010 (4CE79299)
fffff880`04600000 fffff880`04620000   sdbus    sdbus.sys    Sat Nov 20 09:37:42 2010 (4CE796E6)
fffff880`02c30000 fffff880`02c3b000   secdrv   secdrv.SYS   Wed Sep 13 14:18:38 2006 (4508052E)
fffff880`01aad000 fffff880`01ab5000   spldr    spldr.sys    Mon May 11 17:56:27 2009 (4A0858BB)
fffff880`05800000 fffff880`05871000   spsys    spsys.sys    Mon May 11 18:20:58 2009 (4A085E7A)
fffff880`058dc000 fffff880`05974000   srv      srv.sys      Wed Feb 23 04:56:21 2011 (4D649375)
fffff880`05872000 fffff880`058dc000   srv2     srv2.sys     Wed Feb 23 04:56:00 2011 (4D649360)
fffff880`04c00000 fffff880`04c31000   srvnet   srvnet.sys   Wed Feb 23 04:55:44 2011 (4D649350)
fffff880`04a42000 fffff880`04a43480   swenum   swenum.sys   Tue Jul 14 01:00:18 2009 (4A5BCA92)
fffff880`01803000 fffff880`01a07000   tcpip    tcpip.sys    Sat Nov 20 09:25:52 2010 (4CE79420)
fffff880`02c3b000 fffff880`02c4d000   tcpipreg tcpipreg.sys Sat Nov 20 10:51:48 2010 (4CE7A844)
fffff880`015d7000 fffff880`015e4000   TDI      TDI.SYS      Sat Nov 20 09:22:06 2010 (4CE7933E)
fffff880`05974000 fffff880`0597f000   tdtcp    tdtcp.sys    Tue Jul 14 01:16:32 2009 (4A5BCE60)
fffff880`015b5000 fffff880`015d7000   tdx      tdx.sys      Sat Nov 20 09:21:54 2010 (4CE79332)
fffff880`02f48000 fffff880`02f5c000   termdd   termdd.sys   Sat Nov 20 11:03:40 2010 (4CE7AB0C)
fffff880`03962000 fffff880`039b5000   tifm21   tifm21.sys   Fri Dec 14 15:22:54 2007 (47629FCE)
fffff880`04767000 fffff880`04776000   tpm      tpm.sys      Tue Jul 14 00:21:48 2009 (4A5BC18C)
fffff960`00590000 fffff960`0059a000   TSDDD    TSDDD.dll    Tue Jul 14 01:16:34 2009 (4A5BCE62)
fffff880`0597f000 fffff880`0598e000   tssecsrv tssecsrv.sys Sat Nov 20 11:04:09 2010 (4CE7AB29)
fffff880`03925000 fffff880`0394b000   tunnel   tunnel.sys   Sat Nov 20 10:51:50 2010 (4CE7A846)
fffff880`02fed000 fffff880`02fff000   umbus    umbus.sys    Sat Nov 20 10:44:37 2010 (4CE7A695)
fffff880`05574000 fffff880`05575f00   USBD     USBD.SYS     Tue Jul 14 01:06:23 2009 (4A5BCBFF)
fffff880`04a00000 fffff880`04a11000   usbehci  usbehci.sys  Tue Jul 14 01:06:30 2009 (4A5BCC06)
fffff880`0105e000 fffff880`010b8000   usbhub   usbhub.sys   Sat Nov 20 10:44:30 2010 (4CE7A68E)
fffff880`04b95000 fffff880`04ba0000   usbohci  usbohci.sys  Tue Jul 14 01:06:30 2009 (4A5BCC06)
fffff880`04ba0000 fffff880`04bf6000   USBPORT  USBPORT.SYS  Tue Jul 14 01:06:31 2009 (4A5BCC07)
fffff880`00f7d000 fffff880`00f8a000   vdrvroot vdrvroot.sys Tue Jul 14 01:01:31 2009 (4A5BCADB)
fffff880`0166f000 fffff880`0167d000   vga      vga.sys      Tue Jul 14 00:38:47 2009 (4A5BC587)
fffff880`0167d000 fffff880`016a2000   VIDEOPRT VIDEOPRT.SYS Tue Jul 14 00:38:51 2009 (4A5BC58B)
fffff880`010bd000 fffff880`010f9000   vmbus    vmbus.sys    Sat Nov 20 09:57:29 2010 (4CE79B89)
fffff880`01a51000 fffff880`01a61000   vmstorfl vmstorfl.sys Sat Nov 20 09:57:30 2010 (4CE79B8A)
fffff880`00fb4000 fffff880`00fc9000   volmgr   volmgr.sys   Sat Nov 20 09:19:28 2010 (4CE792A0)
fffff880`00d66000 fffff880`00dc2000   volmgrx  volmgrx.sys  Sat Nov 20 09:20:43 2010 (4CE792EB)
fffff880`01a61000 fffff880`01aad000   volsnap  volsnap.sys  Sat Nov 20 09:20:08 2010 (4CE792C8)
fffff880`04cff000 fffff880`04d51000   VSTAZL6  VSTAZL6.SYS  Thu Oct 16 01:53:42 2008 (48F69096)
fffff880`050ab000 fffff880`05176000   VSTCNXT6 VSTCNXT6.SYS Thu Oct 16 01:52:22 2008 (48F69046)
fffff880`04e81000 fffff880`04ff5000   VSTDPV6  VSTDPV6.SYS  Thu Oct 16 01:57:45 2008 (48F69189)
fffff880`04b88000 fffff880`04b95000   vwifibus vwifibus.sys Tue Jul 14 01:07:21 2009 (4A5BCC39)
fffff880`02f08000 fffff880`02f1e000   vwififlt vwififlt.sys Tue Jul 14 01:07:22 2009 (4A5BCC3A)
fffff880`051ea000 fffff880`051f4000   vwifimp  vwifimp.sys  Tue Jul 14 01:07:28 2009 (4A5BCC40)
fffff880`02f2d000 fffff880`02f48000   wanarp   wanarp.sys   Sat Nov 20 10:52:36 2010 (4CE7A874)
fffff880`01577000 fffff880`01587000   watchdog watchdog.sys Tue Jul 14 00:37:35 2009 (4A5BC53F)
fffff880`00e2d000 fffff880`00ed1000   Wdf01000 Wdf01000.sys Tue Jul 14 00:22:07 2009 (4A5BC19F)
fffff880`00ed1000 fffff880`00ee0000   WDFLDR   WDFLDR.SYS   Tue Jul 14 00:19:54 2009 (4A5BC11A)
fffff880`02ed9000 fffff880`02ee2000   wfplwf   wfplwf.sys   Tue Jul 14 01:09:26 2009 (4A5BCCB6)
fffff960`00000000 fffff960`00312000   win32k   win32k.sys   Thu Mar 03 03:51:40 2011 (4D6F104C)
fffff880`010f9000 fffff880`0110d000   winhv    winhv.sys    Sat Nov 20 09:20:02 2010 (4CE792C2)
fffff880`04061000 fffff880`0406a000   wmiacpi  wmiacpi.sys  Tue Jul 14 00:31:02 2009 (4A5BC3B6)
fffff880`00f37000 fffff880`00f40000   WMILIB   WMILIB.SYS   Tue Jul 14 00:19:51 2009 (4A5BC117)
fffff880`051c9000 fffff880`051ea000   WudfPf   WudfPf.sys   Sat Nov 20 10:42:44 2010 (4CE7A624)

Unloaded modules:
fffff880`01bbb000 fffff880`01bc9000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000E000
fffff880`01bc9000 fffff880`01bd5000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000C000
fffff880`01bd5000 fffff880`01bde000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00009000
fffff880`01bde000 fffff880`01bf1000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00013000
 
Last edited:
Thank you for that,

I've tried to reinstall AVG and it didn't seem to work, everyone say's MSE is good, But how well, AVG has more features than MSE, MSE doesn't have a root kit detector, and no other 3rd party has any 64bit ones, they all have 32bit versions, Would I get away, with MSE, Spybot S&D and malwarebytes alone? or do I need something else?
 
MSE, being Microsoft's, is obviously going to "fit in" and earn its reputation of being blue screen friendly. The heightened security contained within windows 7 is different from anything before. It's based on a different set of "algorithms" ( :confused: ) than before.

Many of the 3rd party security softwares have still yet to catch up with these. AVG being one of the worst. There is no real point having a multi featured AV system that blue screens your PC.

But back to your question! MSE and Malwarebytes should see you good.

Spybot? I'm not a personal fan but if it does for you, why not, I know of no issues. You could go with that or SAS.
 
Back
Top Bottom