Windows 7 Got me a case of the blue screen blues

Damian Chapman

New Member
Hi there people, this is my first post here and owing to my genral ineptitude its not likely to be my last :razz:

I have been getting the BSOD for about 2 weeks now after i stupidly downloaded a keygen for an old game i had. unsurprisingly this turned out to be dodgy, i get constantly browser hijacked and whenever i try to shut down i get as far as the logging off screen and the BSOD hits and the system restarts. my system has also started running woefully slow. all virus checks have been done with more than one good program and i have run several malware and spyware checks, all came back clean. any help you can give me would be very much appreciated!

minidump added
 
Get ccleaner a pc cleaning program. or open up task manager ctrl+alt+delete and see if any processes are hogging up memory, if they are unnecessary end them. by double clicking them
 
i use ccleaner and regularly trim away unnecessary applications, i think my issue runs a little deeper than that now, my system is a decent one and since i started randomly downloading rubbish it has been totally nerfed
 
i use ccleaner and regularly trim away unnecessary applications, i think my issue runs a little deeper than that now, my system is a decent one and since i started randomly downloading rubbish it has been totally nerfed
maybe your antivirus didn't completely remove everything try superantispyware or Hitman Pro trial, hitman pro is an elite at virus and malware removal
 
none of any worth, only from the last day or two, i bought the system from a friend who aparrently turned off system restore ( helpful friend!)
 
none of any worth, only from the last day or two, i bought the system from a friend who aparrently turned off system restore ( helpful friend!)
If you have an hp machine you can use system recovery by pressing f12 when the bios screen comes up system recovery is different from system restore it resets the pc to factory state
 
I Suggest you Download TDSSKiller and run it in Safe Mode to rule out a prevalent Rootkit.

I'd personally get rid of AVG as well. AVG is known to be a cause of BSOD's on many Windows 7 systems. Download the correct AVG Remover for your system (32 or 64 bit).
If you have AVG ID protection installed, download the AVGID Protection Remover from the above link as well (it wouldn't hurt to download and run it anyway). Download Link Removed due to 404 Error as AVG's replacement. Re-boot to Safe Mode. In Safe Mode run the AVG Removal tools. Re-boot to normal mode and install MSE. Make sure your Windows firewall is enabled!
 
Last edited:
all done, there was a rootkit it picked up, MSE seems a sleeker alternative as well as not conflicting with 7 as you said avg does. and i had my first reboot in two weeks without a BSOD. so far so good. any info on the dump would still be cool though
 
solved thanks to the pair of you. i am eternally grateful for the education, if either of you find yourself in need of a kidney let me know :p
 
Good to hear things are looking up.

In case you don't have it already, download, install and update Malwarebytes' Free. and run a scan on a weekly basis. That should be enough to cover you "Security wise".

If kaos hasn't come back with any dump file info by tomorrow a.m. I'll have a look then. The day is too long in the tooth for me right now!!

solved thanks to the pair of you. i am eternally grateful for the education, if either of you find yourself in need of a kidney let me know
Woo Hoo! Show me to the brewery (again!)
 
Analysis:
Code:
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [D:\ DOWNLOADS\ DUMPS\Damian Chapman\051111-26473-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*C:\WinSym*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Kernel Version 7600 MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.x86fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0x82c41000 PsLoadedModuleList = 0x82d80570
Debug session time: Wed May 11 23:00:12.521 2011 (UTC + 1:00)
System Uptime: 0 days 3:08:10.332
Loading Kernel Symbols
...............................................................
................................................................
............................
Loading User Symbols
Loading unloaded module list
.......
1: kd> analyze
*** ERROR: Module load completed but symbols could not be loaded for intelide.sys
*** WARNING: Unable to verify timestamp for amdxata.sys
*** ERROR: Module load completed but symbols could not be loaded for amdxata.sys
*** WARNING: Unable to verify timestamp for SASKUTIL.SYS
*** ERROR: Module load completed but symbols could not be loaded for SASKUTIL.SYS
*** WARNING: Unable to verify timestamp for ksecpkg.sys
*** ERROR: Module load completed but symbols could not be loaded for ksecpkg.sys
*** WARNING: Unable to verify timestamp for SASDIFSV.SYS
*** ERROR: Module load completed but symbols could not be loaded for SASDIFSV.SYS
*** WARNING: Unable to verify timestamp for spldr.sys
*** ERROR: Module load completed but symbols could not be loaded for spldr.sys
*** WARNING: Unable to verify timestamp for avgrkx86.sys
*** ERROR: Module load completed but symbols could not be loaded for avgrkx86.sys
*** WARNING: Unable to verify timestamp for AVGIDSEH.Sys
*** ERROR: Module load completed but symbols could not be loaded for AVGIDSEH.Sys
*** WARNING: Unable to verify timestamp for avgmfx86.sys
*** ERROR: Module load completed but symbols could not be loaded for avgmfx86.sys
*** WARNING: Unable to verify timestamp for avgtdix.sys
*** ERROR: Module load completed but symbols could not be loaded for avgtdix.sys
*** WARNING: Unable to verify timestamp for cdd.dll
*** ERROR: Module load completed but symbols could not be loaded for cdd.dll
*** WARNING: Unable to verify timestamp for ATMFD.DLL
*** ERROR: Module load completed but symbols could not be loaded for ATMFD.DLL
*** WARNING: Unable to verify timestamp for hugoio.sys
*** ERROR: Module load completed but symbols could not be loaded for hugoio.sys
*** WARNING: Unable to verify timestamp for avgldx86.sys
*** ERROR: Module load completed but symbols could not be loaded for avgldx86.sys
*** WARNING: Unable to verify timestamp for intelppm.sys
*** ERROR: Module load completed but symbols could not be loaded for intelppm.sys
*** WARNING: Unable to verify timestamp for atikmpag.sys
*** ERROR: Module load completed but symbols could not be loaded for atikmpag.sys
*** WARNING: Unable to verify timestamp for dxgkrnl.sys
*** ERROR: Module load completed but symbols could not be loaded for dxgkrnl.sys
*** WARNING: Unable to verify timestamp for atikmdag.sys
*** ERROR: Module load completed but symbols could not be loaded for atikmdag.sys
*** WARNING: Unable to verify timestamp for l260x86.sys
*** ERROR: Module load completed but symbols could not be loaded for l260x86.sys
*** WARNING: Unable to verify timestamp for AtihdW73.sys
*** ERROR: Module load completed but symbols could not be loaded for AtihdW73.sys
*** WARNING: Unable to verify timestamp for drmk.sys
*** ERROR: Module load completed but symbols could not be loaded for drmk.sys
*** WARNING: Unable to verify timestamp for AVGIDSShim.Sys
*** ERROR: Module load completed but symbols could not be loaded for AVGIDSShim.Sys
*** WARNING: Unable to verify timestamp for peauth.sys
*** ERROR: Module load completed but symbols could not be loaded for peauth.sys
*** WARNING: Unable to verify timestamp for secdrv.SYS
*** ERROR: Module load completed but symbols could not be loaded for secdrv.SYS
*** WARNING: Unable to verify timestamp for AVGIDSFilter.Sys
*** ERROR: Module load completed but symbols could not be loaded for AVGIDSFilter.Sys
*** WARNING: Unable to verify timestamp for AVGIDSDriver.Sys
*** ERROR: Module load completed but symbols could not be loaded for AVGIDSDriver.Sys
All those Errors/Warnings are most likely to do with the rootkit. Which probably also explains why I'm not getting a proper Bugcheck Analysis as well.

Drivers:
Code:
83628000 83670000   ACPI     ACPI.sys     Tue Jul 14 00:11:11 2009 (4A5BBF0F)
89b2a000 89b84000   afd      afd.sys      Tue Jul 14 00:12:34 2009 (4A5BBF62)
936e7000 936f9000   AgileVpn AgileVpn.sys Tue Jul 14 00:55:00 2009 (4A5BC954)
83779000 83782000   amdxata  amdxata.sys  Tue May 19 18:57:35 2009 (4A12F30F)
8374d000 83756000   atapi    atapi.sys    Tue Jul 14 00:11:15 2009 (4A5BBF13)
83756000 83779000   ataport  ataport.SYS  Tue Jul 14 00:11:18 2009 (4A5BBF16)
9446d000 94489000   AtihdW73 AtihdW73.sys Wed Nov 17 12:00:47 2010 (4CE3C3EF)
93c28000 943ae000   atikmdag atikmdag.sys Wed Jan 26 22:42:31 2011 (4D40A357)
9355d000 9359c000   atikmpag atikmpag.sys Wed Jan 26 22:13:11 2011 (4D409C77)
90ef0000 90f3d000   ATMFD    ATMFD.DLL    Wed Oct 20 03:58:41 2010 (4CBE5AE1)
9b9d9000 9ba01000   AVGIDSDriver AVGIDSDriver.Sys Tue Aug 03 23:24:21 2010 (4C589715)
89eb4000 89ebd000   AVGIDSEH AVGIDSEH.Sys Mon Sep 13 23:46:35 2010 (4C8EA9CB)
9b8ec000 9b8f6000   AVGIDSFilter AVGIDSFilter.Sys Tue Aug 03 23:23:18 2010 (4C5896D6)
9479b000 947a4000   AVGIDSShim AVGIDSShim.Sys Tue Aug 03 23:25:56 2010 (4C589774)
934ee000 93529d00   avgldx86 avgldx86.sys Wed Dec 08 02:00:20 2010 (4CFEE6B4)
89f0e000 89f1a000   avgmfx86 avgmfx86.sys Tue Sep 07 01:48:01 2010 (4C858BC1)
89eaf000 89eb3b80   avgrkx86 avgrkx86.sys Tue Sep 07 01:48:16 2010 (4C858BD0)
89fb5000 89ffc980   avgtdix  avgtdix.sys  Fri Nov 12 11:05:58 2010 (4CDD1F96)
89f21000 89f28000   Beep     Beep.SYS     Tue Jul 14 00:45:00 2009 (4A5BC6FC)
934e0000 934ee000   blbdrive blbdrive.sys Tue Jul 14 00:23:04 2009 (4A5BC1D8)
834b4000 834bc000   BOOTVID  BOOTVID.dll  Tue Jul 14 02:04:34 2009 (4A5BD9A2)
946f0000 94709000   bowser   bowser.sys   Tue Jul 14 00:14:21 2009 (4A5BBFCD)
90ed0000 90eee000   cdd      cdd.dll      unavailable (00000000)
89eef000 89f0e000   cdrom    cdrom.sys    Tue Jul 14 00:11:24 2009 (4A5BBF1C)
834fe000 835a9000   CI       CI.dll       Tue Jul 14 02:09:28 2009 (4A5BDAC8)
89e8a000 89eaf000   CLASSPNP CLASSPNP.SYS Tue Jul 14 00:11:20 2009 (4A5BBF18)
834bc000 834fe000   CLFS     CLFS.SYS     Tue Jul 14 00:11:10 2009 (4A5BBF0E)
8999c000 899f9000   cng      cng.sys      Tue Jul 14 00:32:55 2009 (4A5BC427)
936da000 936e7000   CompositeBus CompositeBus.sys Tue Jul 14 00:45:26 2009 (4A5BC716)
94576000 94583000   crashdmp crashdmp.sys Tue Jul 14 00:45:50 2009 (4A5BC72E)
93464000 934c8000   csc      csc.sys      Tue Jul 14 00:15:08 2009 (4A5BBFFC)
934c8000 934e0000   dfsc     dfsc.sys     Tue Jul 14 00:14:16 2009 (4A5BBFC8)
93458000 93464000   discache discache.sys Tue Jul 14 00:24:04 2009 (4A5BC214)
89e79000 89e8a000   disk     disk.sys     Tue Jul 14 00:11:28 2009 (4A5BBF20)
944b8000 944d1000   drmk     drmk.sys     Tue Jul 14 01:36:05 2009 (4A5BD2F5)
9458e000 94597000   dump_atapi dump_atapi.sys Tue Jul 14 00:11:15 2009 (4A5BBF13)
94583000 9458e000   dump_dumpata dump_dumpata.sys Tue Jul 14 00:11:16 2009 (4A5BBF14)
94597000 945a8000   dump_dumpfve dump_dumpfve.sys Tue Jul 14 00:12:47 2009 (4A5BBF6F)
945a8000 945b2000   Dxapi    Dxapi.sys    Tue Jul 14 00:25:25 2009 (4A5BC265)
9359c000 93653000   dxgkrnl  dxgkrnl.sys  Fri Oct 02 01:48:33 2009 (4AC54DE1)
943ae000 943e7000   dxgmms1  dxgmms1.sys  Tue Jul 14 00:25:25 2009 (4A5BC265)
9b9af000 9b9d9000   fastfat  fastfat.SYS  Tue Jul 14 00:14:01 2009 (4A5BBFB9)
936b7000 936c2000   fdc      fdc.sys      Tue Jul 14 00:45:45 2009 (4A5BC729)
837b6000 837c7000   fileinfo fileinfo.sys Tue Jul 14 00:21:51 2009 (4A5BC18F)
94452000 9445c000   flpydisk flpydisk.sys Tue Jul 14 00:45:45 2009 (4A5BC729)
83782000 837b6000   fltmgr   fltmgr.sys   Tue Jul 14 00:11:13 2009 (4A5BBF11)
89a07000 89a10000   Fs_Rec   Fs_Rec.sys   Tue Jul 14 00:11:14 2009 (4A5BBF12)
89e47000 89e79000   fvevol   fvevol.sys   Tue Jul 14 00:13:01 2009 (4A5BBF7D)
89d81000 89db2000   fwpkclnt fwpkclnt.sys Tue Jul 14 00:12:03 2009 (4A5BBF43)
82c0a000 82c41000   hal      halmacpi.dll Tue Jul 14 00:11:03 2009 (4A5BBF07)
93c00000 93c1f000   HDAudBus HDAudBus.sys Tue Jul 14 00:50:55 2009 (4A5BC85F)
944d1000 94521000   HdAudio  HdAudio.sys  Tue Jul 14 00:51:46 2009 (4A5BC892)
9452c000 9453f000   HIDCLASS HIDCLASS.SYS Tue Jul 14 00:51:01 2009 (4A5BC865)
9453f000 94545480   HIDPARSE HIDPARSE.SYS Tue Jul 14 00:50:59 2009 (4A5BC863)
94521000 9452c000   hidusb   hidusb.sys   Tue Jul 14 00:51:04 2009 (4A5BC868)
9466b000 946f0000   HTTP     HTTP.sys     Tue Jul 14 00:12:53 2009 (4A5BBF75)
93457000 93457c00   hugoio   hugoio.sys   Wed Dec 12 06:03:35 2007 (475F79B7)
89e3f000 89e47000   hwpolicy hwpolicy.sys Tue Jul 14 00:11:01 2009 (4A5BBF05)
83722000 83729000   intelide intelide.sys Tue Jul 14 00:11:19 2009 (4A5BBF17)
9354b000 9355d000   intelppm intelppm.sys Tue Jul 14 00:11:03 2009 (4A5BBF07)
9378e000 9379b000   kbdclass kbdclass.sys Tue Jul 14 00:11:15 2009 (4A5BBF13)
9456a000 94576000   kbdhid   kbdhid.sys   Tue Jul 14 00:45:09 2009 (4A5BC705)
86197000 8619f000   kdcom    kdcom.dll    Tue Jul 14 02:08:58 2009 (4A5BDAAA)
937a8000 937dc000   ks       ks.sys       Tue Jul 14 00:45:13 2009 (4A5BC709)
89989000 8999c000   ksecdd   ksecdd.sys   Tue Jul 14 00:11:56 2009 (4A5BBF3C)
89b05000 89b2a000   ksecpkg  ksecpkg.sys  Fri Dec 11 04:04:22 2009 (4B21C4C6)
943e7000 943f4000   l260x86  l260x86.sys  Tue Apr 15 11:54:52 2008 (4804897C)
945f2000 94602000   lltdio   lltdio.sys   Tue Jul 14 00:53:18 2009 (4A5BC8EE)
945bd000 945d8000   luafv    luafv.sys    Tue Jul 14 00:15:44 2009 (4A5BC020)
8342b000 834a3000   mcupdate_GenuineIntel mcupdate_GenuineIntel.dll Tue Jul 14 02:06:41 2009 (4A5BDA21)
945b2000 945bd000   monitor  monitor.sys  Tue Jul 14 00:25:58 2009 (4A5BC286)
9379b000 937a8000   mouclass mouclass.sys Tue Jul 14 00:11:15 2009 (4A5BBF13)
94548000 94553000   mouhid   mouhid.sys   Tue Jul 14 00:45:08 2009 (4A5BC704)
83737000 8374d000   mountmgr mountmgr.sys Tue Jul 14 00:11:27 2009 (4A5BBF1F)
94709000 9471b000   mpsdrv   mpsdrv.sys   Tue Jul 14 00:52:52 2009 (4A5BC8D4)
9471b000 9473e000   mrxsmb   mrxsmb.sys   Sat Feb 27 07:32:02 2010 (4B88CA72)
9473e000 94779000   mrxsmb10 mrxsmb10.sys Sat Feb 27 07:32:21 2010 (4B88CA85)
94779000 94794000   mrxsmb20 mrxsmb20.sys Sat Feb 27 07:32:11 2010 (4B88CA7B)
89f7a000 89f85000   Msfs     Msfs.SYS     Tue Jul 14 00:11:26 2009 (4A5BBF1E)
83679000 83681000   msisadrv msisadrv.sys Tue Jul 14 00:11:09 2009 (4A5BBF0D)
8995e000 89989000   msrpc    msrpc.sys    Tue Jul 14 00:11:59 2009 (4A5BBF3F)
9344d000 93457000   mssmbios mssmbios.sys Tue Jul 14 00:19:25 2009 (4A5BC0FD)
89e2f000 89e3f000   mup      mup.sys      Tue Jul 14 00:14:14 2009 (4A5BBFC6)
89a10000 89ac7000   ndis     ndis.sys     Tue Jul 14 00:12:24 2009 (4A5BBF58)
93711000 9371c000   ndistapi ndistapi.sys Tue Jul 14 00:54:24 2009 (4A5BC930)
94648000 94658000   ndisuio  ndisuio.sys  Tue Jul 14 00:53:51 2009 (4A5BC90F)
9371c000 9373e000   ndiswan  ndiswan.sys  Tue Jul 14 00:54:34 2009 (4A5BC93A)
9445c000 9446d000   NDProxy  NDProxy.SYS  Tue Jul 14 00:54:27 2009 (4A5BC933)
89baa000 89bb8000   netbios  netbios.sys  Tue Jul 14 00:53:54 2009 (4A5BC912)
89c00000 89c32000   netbt    netbt.sys    Tue Jul 14 00:12:18 2009 (4A5BBF52)
89ac7000 89b05000   NETIO    NETIO.SYS    Tue Jul 14 00:12:35 2009 (4A5BBF63)
89f85000 89f93000   Npfs     Npfs.SYS     Tue Jul 14 00:11:31 2009 (4A5BBF23)
93443000 9344d000   nsiproxy nsiproxy.sys Tue Jul 14 00:12:08 2009 (4A5BBF48)
82c41000 83041000   nt       ntkrnlmp.exe Sat Jun 19 04:55:07 2010 (4C1C3F9B)
8982f000 8995e000   Ntfs     Ntfs.sys     Tue Jul 14 00:12:05 2009 (4A5BBF45)
89f1a000 89f21000   Null     Null.SYS     Tue Jul 14 00:11:12 2009 (4A5BBF10)
94602000 94648000   nwifi    nwifi.sys    Tue Jul 14 00:51:59 2009 (4A5BC89F)
89b8b000 89baa000   pacer    pacer.sys    Tue Jul 14 00:53:58 2009 (4A5BC916)
936c2000 936da000   parport  parport.sys  Tue Jul 14 00:45:34 2009 (4A5BC71E)
836b6000 836c7000   partmgr  partmgr.sys  Tue Jul 14 00:11:35 2009 (4A5BBF27)
94794000 9479b000   parvdm   parvdm.sys   Tue Jul 14 00:45:29 2009 (4A5BC719)
83681000 836ab000   pci      pci.sys      Tue Jul 14 00:11:16 2009 (4A5BBF14)
83729000 83737000   PCIIDEX  PCIIDEX.SYS  Tue Jul 14 00:11:15 2009 (4A5BBF13)
899f9000 89a07000   pcw      pcw.sys      Tue Jul 14 00:11:10 2009 (4A5BBF0E)
9b81d000 9b8b4000   peauth   peauth.sys   Tue Jul 14 01:35:44 2009 (4A5BD2E0)
94489000 944b8000   portcls  portcls.sys  Tue Jul 14 00:51:00 2009 (4A5BC864)
834a3000 834b4000   PSHED    PSHED.dll    Tue Jul 14 02:09:36 2009 (4A5BDAD0)
936f9000 93711000   rasl2tp  rasl2tp.sys  Tue Jul 14 00:54:33 2009 (4A5BC939)
9373e000 93756000   raspppoe raspppoe.sys Tue Jul 14 00:54:53 2009 (4A5BC94D)
93756000 9376d000   raspptp  raspptp.sys  Tue Jul 14 00:54:47 2009 (4A5BC947)
9376d000 93784000   rassstp  rassstp.sys  Tue Jul 14 00:54:57 2009 (4A5BC951)
93402000 93443000   rdbss    rdbss.sys    Tue Jul 14 00:14:26 2009 (4A5BBFD2)
93784000 9378e000   rdpbus   rdpbus.sys   Tue Jul 14 01:02:40 2009 (4A5BCB20)
89f62000 89f6a000   RDPCDD   RDPCDD.sys   Tue Jul 14 01:01:40 2009 (4A5BCAE4)
89f6a000 89f72000   rdpencdd rdpencdd.sys Tue Jul 14 01:01:39 2009 (4A5BCAE3)
89f72000 89f7a000   rdprefmp rdprefmp.sys Tue Jul 14 01:01:41 2009 (4A5BCAE5)
89e02000 89e2f000   rdyboost rdyboost.sys Tue Jul 14 00:22:02 2009 (4A5BC19A)
94658000 9466b000   rspndr   rspndr.sys   Tue Jul 14 00:53:20 2009 (4A5BC8F0)
89c32000 89c38000   SASDIFSV SASDIFSV.SYS Wed Feb 17 18:19:19 2010 (4B7C3327)
89800000 89822000   SASKUTIL SASKUTIL.SYS Mon May 10 18:15:22 2010 (4BE83F2A)
9b8b4000 9b8be000   secdrv   secdrv.SYS   Wed Sep 13 14:18:32 2006 (45080528)
936ad000 936b7000   serenum  serenum.sys  Tue Jul 14 00:45:27 2009 (4A5BC717)
89bb8000 89bd2000   serial   serial.sys   Tue Jul 14 00:45:33 2009 (4A5BC71D)
89dfa000 89e02000   spldr    spldr.sys    Mon May 11 17:13:47 2009 (4A084EBB)
9ba01000 9ba52000   srv      srv.sys      Fri Aug 27 04:31:26 2010 (4C77318E)
9b8f6000 9b945000   srv2     srv2.sys     Fri Aug 27 04:30:45 2010 (4C773165)
9b8be000 9b8df000   srvnet   srvnet.sys   Fri Aug 27 04:30:39 2010 (4C77315F)
93c1f000 93c20380   swenum   swenum.sys   Tue Jul 14 00:45:08 2009 (4A5BC704)
89c38000 89d81000   tcpip    tcpip.sys    Mon Jun 14 04:36:59 2010 (4C15A3DB)
9b8df000 9b8ec000   tcpipreg tcpipreg.sys Tue Jul 14 00:54:14 2009 (4A5BC926)
89faa000 89fb5000   TDI      TDI.SYS      Tue Jul 14 00:12:12 2009 (4A5BBF4C)
89f93000 89faa000   tdx      tdx.sys      Tue Jul 14 00:12:10 2009 (4A5BBF4A)
89be5000 89bf5000   termdd   termdd.sys   Tue Jul 14 01:01:35 2009 (4A5BCADF)
90ea0000 90ea9000   TSDDD    TSDDD.dll    Tue Jul 14 01:01:40 2009 (4A5BCAE4)
937dc000 937ea000   umbus    umbus.sys    Tue Jul 14 00:51:38 2009 (4A5BC88A)
94553000 9456a000   usbccgp  usbccgp.sys  Tue Jul 14 00:51:31 2009 (4A5BC883)
94546000 94547700   USBD     USBD.SYS     Tue Jul 14 00:51:05 2009 (4A5BC869)
9369e000 936ad000   usbehci  usbehci.sys  Tue Jul 14 00:51:14 2009 (4A5BC872)
9440e000 94452000   usbhub   usbhub.sys   Tue Jul 14 00:52:06 2009 (4A5BC8A6)
93653000 9369e000   USBPORT  USBPORT.SYS  Tue Jul 14 00:51:13 2009 (4A5BC871)
943f4000 943ff000   usbuhci  usbuhci.sys  Tue Jul 14 00:51:10 2009 (4A5BC86E)
836ab000 836b6000   vdrvroot vdrvroot.sys Tue Jul 14 00:46:19 2009 (4A5BC74B)
89f28000 89f34000   vga      vga.sys      Tue Jul 14 00:25:50 2009 (4A5BC27E)
89f34000 89f55000   VIDEOPRT VIDEOPRT.SYS Tue Jul 14 00:25:49 2009 (4A5BC27D)
89db2000 89dba380   vmstorfl vmstorfl.sys Tue Jul 14 00:28:44 2009 (4A5BC32C)
836c7000 836d7000   volmgr   volmgr.sys   Tue Jul 14 00:11:25 2009 (4A5BBF1D)
836d7000 83722000   volmgrx  volmgrx.sys  Tue Jul 14 00:11:41 2009 (4A5BBF2D)
89dbb000 89dfa000   volsnap  volsnap.sys  Tue Jul 14 00:11:34 2009 (4A5BBF26)
89bd2000 89be5000   wanarp   wanarp.sys   Tue Jul 14 00:55:02 2009 (4A5BC956)
89f55000 89f62000   watchdog watchdog.sys Tue Jul 14 00:24:10 2009 (4A5BC21A)
835a9000 8361a000   Wdf01000 Wdf01000.sys Tue Jul 14 00:11:36 2009 (4A5BBF28)
8361a000 83628000   WDFLDR   WDFLDR.SYS   Tue Jul 14 00:11:25 2009 (4A5BBF1D)
89b84000 89b8b000   wfplwf   wfplwf.sys   Tue Jul 14 00:53:51 2009 (4A5BC90F)
90c40000 90e8b000   win32k   win32k.sys   Wed Oct 20 04:00:01 2010 (4CBE5B31)
83670000 83679000   WMILIB   WMILIB.SYS   Tue Jul 14 00:11:22 2009 (4A5BBF1A)
945d8000 945f2000   WudfPf   WudfPf.sys   Tue Jul 14 00:50:13 2009 (4A5BC835)

Unloaded modules:
9ba52000 9ba58000   MpKsl6fef1d7
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00006000
9b945000 9b9af000   spsys.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0006A000
89ebd000 89eca000   crashdmp.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000D000
89eca000 89ed5000   dump_ataport
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  0000B000
89ed5000 89ede000   dump_atapi.s
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00009000
89ede000 89eef000   dump_dumpfve
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00011000
9352a000 9354b000   tunnel.sys
    Timestamp: unavailable (00000000)
    Checksum:  00000000
    ImageSize:  00021000

Outdated Drivers. Update: (?)

hugoio.sys Wed Dec 12 06:03:35 2007 Most likely to be a monitor driver from AOC International

l260x86.sys Tue Apr 15 11:54:52 2008 Link Removed - Invalid URL L2 Fast Ethernet 10/100Base-T Controller (none for Windows 7)

Things to do:

  • Make sure your system is fully updated, especially with the Security updates. Recommended are at your discretion. Drivers are never from Windows Updates.
  • This includes installing SP1, do your updates in the order they are offered to you but split them into small batches. That way it's easier to isolate any possible "rogue" (to you) updates.
  • Don't download keygens, you naughty, naughty person!! :)
 
Last edited:
Code:
SASKUTIL.SYS -- SUPERAntispyware driver
SASDIFSV.SYS -- SUPERAntispyware driver
spldr.sys -- Microsoft Windows
cdd.dll -- Microsoft Windows
ATMFD.DLL -- Microsoft Windows
hugoio.sys -- Likely to be a monitor driver from AOC International
intelppm.sys -- Microsoft Windows
dxgkrnl.sys -- Microsoft Windows
atikmdag.sys -- ATI
l260x86.sys -- Atheros L2 Fast Ethernet 10/100Base-T Controller, no Windows 7 support 
 
AtihdW73.sys -- AMD High Definition Audio Function Driver
drmk.sys -- Microsoft Windows
peauth.sys -- Microsoft Windows
secdrv.SYS -- Macrovision SECURITY Driver
avgldx86.sys -- AVG
AVGIDSFilter.Sys -- AVG
AVGIDSFilter.Sys -- AVG
AVGIDSDriver.Sys -- AVG
AVGIDSDriver.Sys -- AVG
AVGIDSShim.Sys
 AVGIDSShim.Sys



1. Uninstall AVG AVG Worldwide - Download tools
2. Uninstall SuperAntispyware

3. Install MSE Link Removed due to 404 Error

4. Install Malware Bytes Malwarebytes : Free anti-malware, anti-virus and spyware removal download

(Or instead of MSE and MalwareBytes, install Eset ESET - Antivirus Software with Spyware and Malware Protection)

Update virus definitions and do a full system scan.


5. Update drivers.
 
Back
Top