Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Display Driver failing and the blue screen of death


  • Please log in to reply
25 replies to this topic

#1 Reesie87

Reesie87

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 11 August 2013 - 02:29 PM

My computer information: 

 

Dell Laptop

Windows 7

 

For the last few weeks, i've been dealing with the display driver on my laptop randomly failing. The screen would freeze up for a few seconds, and then go black. It'd stay black for a minute or two, and then would come back on with a small notice from my Action Center messages saying the Display Driver had failed. When it did it the second time the next day, I ran MalwareBytes to see if my lappy was infected. It came back clean.

 

It did this (freeze up, go black, report that the display driver failed) about once a day for about a week, and then progressed into the screen freezing up, going black, and then turning on only to give me the "blue screen of death". By that, I mean the blue screen with white font saying that something in windows had failed, and it was doing a cashe dump. Soon as that happened, I knew something bigger was going on. I ran a scan on Malwarbytes, and still nothing. But upon running a scan on Symantec, it did find one virus. It successfully detected and quaranteened the virus, and I did a reboot as always. My laptop seemed fine after that for a good number of days, and then I got another blue screen. This time, it didn't just cycle through and restart. When my computer shut off after the bluescreen like it was going to restart, I got the black screen saying it needed to do a disc check. Basically that it was 'Checking Files on C:' and that one of my disks needs to be checked for (something). My computer got through all 3 stages, but when it started booting up again, I noticed weird coloring on my screen. Instead of a solid black screen behind the boot-up Windows logo, there were red dots.

 

I looked online, and everywhere I went seemed to suggest that my harddrive was failing. So, I took my laptop to a small repair store. I let them know everything my computer was doing and asked them to run a check on the harddrive to see if it was failing. In the end, they said it wasn't the harddrive. That the harddrive was fine, and that malware had corrupted Windows on my laptop and that it needed to be reinstalled on my computer. So I had them back up my information and reinstall Windows. I lost all programs, as always, but had all my documents, pics, and music.

 

The very next day, however, the cycle continued. My screen froze up, went black, and turned on a few minutes later to say my driver failed. Also, I noticed that Internet Explorer had popped up randomly with a random website. I.E is not my default browser -- Firefox is. I started to run Symantec, and my laptop did the blue screen of death again. Then it was stuck in a loop -- blue screen, start up, blue screen, start up. I couldn't actually get ON my laptop unless I went to Safemode (with or without networking). So I took my laptop back to the shop, and they had it for another few days. In the end, the guy said the virus must've been carried over in one of the files he'd backed up. ((That was the first sign that these people are complete IDIOTS and shouldn't be working on ANYONE'S computers)). They said they'd gotten it off and sent my laptop back with me. I started my computer up in the shop this time instead of waiting until I got home. Right away it began the check disc process. The man at the store informed me that it was 'expected' behavior and that as long as it got through the process, everything would be fine. It finished up and started up fine, so I took my laptop home. Almost right away, randomly when I was using firefox, Internet Explorer would pop up. The pop-ups were not excessive, though. It was about one every few hours of internet use.

 

It's been two days since I had my laptop back and have been dealing with Internet Explorer's stupidity. Today, my computer has begun the cycle AGAIN of freezing up, blue-screening, and crashing. Yet again, I am trapped in Safemode (with networking) in order to get on my laptop. I am done taking it to that shop, as they're clearly not able to fix the problem for me. Whatever this nasty virus is, I would like to deal with it myself. I almost never rely on companies to fix my computers - I do it myself, usually by following the step-by-step processes this very website offers. I keep up on my virus scans actively, very often check my programs for any programs that snuck themselves onto my computer (such as toolbars) and remove them. So overall, my computers are fairly clean and run smoothly. This time, however, I just can't seem to fix it. Help me?

 

So you know the latest steps I have taken, here on safemode I ran MalwareBytes and it came up clean. I came on here and downloaded MalwareBytes Anti-Root Kit, and that also came up clean. Symantec is gone off my laptop since the reinstallation of Windows, and I can't find a free version to download, so that's a no go. I did download AVG, and that, too, came up clean.....though it did skip a lot of files that it said were locked, so the virus could be in there?

 

I do not have my original Windows 7 CD so I cannot reinstall it myself if that is what you guys ask of me. I also don't have the Windows repair disc....but I think you have that in your downloads? So if I need to try that, I certainly will.

 

I'm just not sure what to do from this point. I hope my problems where made clear. If the rambling made it difficult to understand, the issues I am currently going through are:

 

Screen going black and then an alert saying the Display Driver failed

Blue Screen 'cache dump'

Red-dots on the start-up screen

A looped cycle of blue-screening, restarting, and blue-screening again.

Internet Explorer popping up when I am using Firefox as my default browser.

 

I am currently using Safemode with Networking, which ends the cycle. And in this mode, I.E doesn't pop up.

 

I eagerly await your advice on the next steps I can take.



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:45 PM

Posted 15 August 2013 - 08:00 PM

Hello , this may not be malware but I'd like to do these.

Can you run these next.

If needed to complete the scans use Safe Mode with Networking as a boot option.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.



Please download AdwCleaner by Xplode onto your desktop.
Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.



Last run aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Edited by boopme, 15 August 2013 - 08:01 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Reesie87

Reesie87
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 16 August 2013 - 12:12 PM

Finished the first two things you asked of me. Posting the results below. Once i've posted, I'll be completing the third step. Doing it this way since the next step will prompt a restart.

 

MiniToolBox Results:

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Reese (administrator) on 16-08-2013 at 13:05:48
Running from "C:\Users\Reese\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® Centrino® Advanced-N 6200 AGN = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Reese-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : knology.net

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 00-23-14-85-D4-ED
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 00-23-14-85-D4-ED
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : knology.net
   Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6200 AGN
   Physical Address. . . . . . . . . : 00-23-14-85-D4-EC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::551f:5bc9:3c50:84d9%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.112(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, August 16, 2013 10:13:29 AM
   Lease Expires . . . . . . . . . . : Saturday, August 17, 2013 12:58:36 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 301998868
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-91-B3-90-B8-AC-6F-6A-90-6F
   DNS Servers . . . . . . . . . . . : 75.76.84.102
                                       75.76.84.103
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : B8-AC-6F-6A-90-6F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8138B937-AB87-4AD9-9731-C2F7B83FA6A6}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.knology.net:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : knology.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D621D303-4C06-410A-BCD3-63140D54504A}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{57E578C3-2DB9-4505-A18C-D5A7C8958C37}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:106b:1fb9:3f57:fe8f(Preferred)
   Link-local IPv6 Address . . . . . : fe80::106b:1fb9:3f57:fe8f%15(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  kno-cnr-south1.knology.net
Address:  75.76.84.102

Name:    google.com
Addresses:  2607:f8b0:4002:c01::66
      74.125.137.113
      74.125.137.139
      74.125.137.101
      74.125.137.138
      74.125.137.100
      74.125.137.102


Pinging google.com [74.125.137.139] with 32 bytes of data:
Reply from 74.125.137.139: bytes=32 time=35ms TTL=46
Reply from 74.125.137.139: bytes=32 time=35ms TTL=46

Ping statistics for 74.125.137.139:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 35ms, Maximum = 35ms, Average = 35ms
Server:  kno-cnr-south1.knology.net
Address:  75.76.84.102

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=86ms TTL=49
Reply from 98.139.183.24: bytes=32 time=66ms TTL=49

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 66ms, Maximum = 86ms, Average = 76ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...00 23 14 85 d4 ed ......Microsoft Virtual WiFi Miniport Adapter #2
 13...00 23 14 85 d4 ed ......Microsoft Virtual WiFi Miniport Adapter
 12...00 23 14 85 d4 ec ......Intel® Centrino® Advanced-N 6200 AGN
 11...b8 ac 6f 6a 90 6f ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.112     30
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.112    286
    192.168.1.112  255.255.255.255         On-link     192.168.1.112    286
    192.168.1.255  255.255.255.255         On-link     192.168.1.112    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.112    286
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.112    286
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 15     58 2001::/32                On-link
 15    306 2001:0:4137:9e76:106b:1fb9:3f57:fe8f/128
                                    On-link
 12    286 fe80::/64                On-link
 15    306 fe80::/64                On-link
 15    306 fe80::106b:1fb9:3f57:fe8f/128
                                    On-link
 12    286 fe80::551f:5bc9:3c50:84d9/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    306 ff00::/8                 On-link
 12    286 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/16/2013 10:13:31 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2013 08:33:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2013 08:32:29 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.


Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (08/15/2013 06:55:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2013 06:31:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2013 11:55:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2013 10:17:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2013 10:53:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2013 11:36:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/10/2013 11:28:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/16/2013 10:13:27 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
%%5

Error: (08/16/2013 10:13:14 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:50:07 AM on ?8/?16/?2013 was unexpected.

Error: (08/15/2013 06:54:26 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (08/15/2013 06:54:25 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (08/15/2013 06:54:14 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/15/2013 06:54:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\Windows\System32\IWMSSvc.dll
Error Code: 21

Error: (08/15/2013 06:54:03 PM) (Source: DCOM) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/15/2013 06:54:01 PM) (Source: BugCheck) (User: )
Description: 0x00000119 (0x0000000000000001, 0x000000000029791e, 0x0000000000297921, 0x0000000000297920)C:\Windows\MEMORY.DMP081513-23602-01

Error: (08/15/2013 06:53:55 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AVGIDSDriver
Avgldx64
discache
spldr
Wanarpv6

Error: (08/15/2013 06:53:53 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:
%%31


Microsoft Office Sessions:
=========================
Error: (08/16/2013 10:13:31 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2013 08:33:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/15/2013 08:32:29 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.

Error: (08/15/2013 06:55:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2013 06:31:07 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/14/2013 11:55:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/12/2013 10:17:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2013 10:53:40 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/11/2013 11:36:43 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/10/2013 11:28:11 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-08-09 15:16:07.674
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-09 15:16:07.627
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-09 15:16:07.596
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-09 15:16:07.565
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-08 16:11:12.580
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-08-08 16:11:12.549
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Accelerometer (Version: 1.06.08.17)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
AVG 2013 (Version: 13.0.3211)
AVG 2013 (Version: 13.0.3392)
AVG 2013 (Version: 2013.0.3392)
Dell Touchpad (Version: 14.0.2.0)
Google Chrome (Version: 28.0.1500.95)
Google Update Helper (Version: 1.3.21.153)
GorillaPrice
IDT Audio (Version: 1.0.6267.0)
Intel PROSet Wireless
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® PROSet/Wireless WiFi Software (Version: 13.00.0000)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 23.0 (x86 en-US) (Version: 23.0)
Mozilla Maintenance Service (Version: 23.0)
RealDownloader (Version: 1.3.2)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.2)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0009)
RealUpgrade 1.1 (Version: 1.1.0)
RICOH Media Driver ver.2.07.01.04 (Version: 2.07.01.04)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)

========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 3956.52 MB
Available physical RAM: 2454.76 MB
Total Pagefile: 7911.23 MB
Available Pagefile: 6343.35 MB
Total Virtual: 4095.88 MB
Available Virtual: 3962.3 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:364.46 GB) NTFS

========================= Users: ========================================

User accounts for \\REESE-PC

Administrator            Guest                    Reese                    


**** End of log ****
 

 

------------------------------------------------------------------------------------------------------------------------------

 

TDSKiller LOG

 

13:07:48.0530 0x0c28  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
13:07:49.0003 0x0c28  ============================================================
13:07:49.0004 0x0c28  Current date / time: 2013/08/16 13:07:49.0003
13:07:49.0004 0x0c28  SystemInfo:
13:07:49.0004 0x0c28  
13:07:49.0004 0x0c28  OS Version: 6.1.7601 ServicePack: 1.0
13:07:49.0004 0x0c28  Product type: Workstation
13:07:49.0004 0x0c28  ComputerName: REESE-PC
13:07:49.0004 0x0c28  UserName: Reese
13:07:49.0004 0x0c28  Windows directory: C:\Windows
13:07:49.0004 0x0c28  System windows directory: C:\Windows
13:07:49.0004 0x0c28  Running under WOW64
13:07:49.0005 0x0c28  Processor architecture: Intel x64
13:07:49.0005 0x0c28  Number of processors: 4
13:07:49.0005 0x0c28  Page size: 0x1000
13:07:49.0005 0x0c28  Boot type: Normal boot
13:07:49.0005 0x0c28  ============================================================
13:07:50.0569 0x0c28  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:07:50.0580 0x0c28  ============================================================
13:07:50.0580 0x0c28  \Device\Harddisk0\DR0:
13:07:50.0580 0x0c28  MBR partitions:
13:07:50.0580 0x0c28  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:07:50.0580 0x0c28  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
13:07:50.0580 0x0c28  ============================================================
13:07:50.0604 0x0c28  C: <-> \Device\Harddisk0\DR0\Partition2
13:07:50.0604 0x0c28  ============================================================
13:07:50.0604 0x0c28  Initialize success
13:07:50.0604 0x0c28  ============================================================
13:08:35.0407 0x0c24  ============================================================
13:08:35.0407 0x0c24  Scan started
13:08:35.0407 0x0c24  Mode: Manual; TDLFS;
13:08:35.0407 0x0c24  ============================================================
13:08:36.0075 0x0c24  ================ Scan system memory ========================
13:08:36.0075 0x0c24  System memory - ok
13:08:36.0077 0x0c24  ================ Scan services =============================
13:08:36.0243 0x0c24  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:08:36.0245 0x0c24  1394ohci - ok
13:08:36.0288 0x0c24  [ C49C56B35BFC6CDA8D1FDCAD2885568F ] Acceler         C:\Windows\system32\DRIVERS\Acceler.sys
13:08:36.0289 0x0c24  Acceler - ok
13:08:36.0403 0x0c24  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:08:36.0408 0x0c24  ACPI - ok
13:08:36.0482 0x0c24  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:08:36.0483 0x0c24  AcpiPmi - ok
13:08:36.0546 0x0c24  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:08:36.0555 0x0c24  adp94xx - ok
13:08:36.0584 0x0c24  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:08:36.0590 0x0c24  adpahci - ok
13:08:36.0609 0x0c24  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:08:36.0612 0x0c24  adpu320 - ok
13:08:36.0640 0x0c24  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:08:36.0642 0x0c24  AeLookupSvc - ok
13:08:36.0747 0x0c24  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
13:08:36.0749 0x0c24  AESTFilters - ok
13:08:36.0791 0x0c24  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
13:08:36.0797 0x0c24  AFD - ok
13:08:36.0840 0x0c24  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:08:36.0841 0x0c24  agp440 - ok
13:08:36.0868 0x0c24  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:08:36.0869 0x0c24  ALG - ok
13:08:36.0896 0x0c24  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:08:36.0897 0x0c24  aliide - ok
13:08:36.0937 0x0c24  [ 812349D328EB406815183A5D17B49E7C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:08:36.0939 0x0c24  AMD External Events Utility - ok
13:08:36.0946 0x0c24  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:08:36.0947 0x0c24  amdide - ok
13:08:36.0977 0x0c24  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:08:36.0978 0x0c24  AmdK8 - ok
13:08:37.0246 0x0c24  [ 0415FFE1B6A6EA141FEAFCA57567F57F ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:08:37.0460 0x0c24  amdkmdag - ok
13:08:37.0497 0x0c24  [ DC24D6F38F17C0D643D9AA8A6852F8D0 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:08:37.0501 0x0c24  amdkmdap - ok
13:08:37.0533 0x0c24  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:08:37.0535 0x0c24  AmdPPM - ok
13:08:37.0596 0x0c24  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:08:37.0599 0x0c24  amdsata - ok
13:08:37.0618 0x0c24  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:08:37.0622 0x0c24  amdsbs - ok
13:08:37.0639 0x0c24  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:08:37.0640 0x0c24  amdxata - ok
13:08:37.0674 0x0c24  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
13:08:37.0676 0x0c24  AppID - ok
13:08:37.0703 0x0c24  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:08:37.0705 0x0c24  AppIDSvc - ok
13:08:37.0731 0x0c24  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
13:08:37.0733 0x0c24  Appinfo - ok
13:08:37.0777 0x0c24  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
13:08:37.0779 0x0c24  arc - ok
13:08:37.0793 0x0c24  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:08:37.0795 0x0c24  arcsas - ok
13:08:37.0807 0x0c24  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:08:37.0808 0x0c24  AsyncMac - ok
13:08:37.0819 0x0c24  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
13:08:37.0820 0x0c24  atapi - ok
13:08:37.0876 0x0c24  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:08:37.0882 0x0c24  AudioEndpointBuilder - ok
13:08:37.0895 0x0c24  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:08:37.0901 0x0c24  AudioSrv - ok
13:08:38.0116 0x0c24  [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
13:08:38.0229 0x0c24  AVGIDSAgent - ok
13:08:38.0272 0x0c24  [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
13:08:38.0276 0x0c24  AVGIDSDriver - ok
13:08:38.0281 0x0c24  [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
13:08:38.0282 0x0c24  AVGIDSHA - ok
13:08:38.0300 0x0c24  [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
13:08:38.0303 0x0c24  Avgldx64 - ok
13:08:38.0329 0x0c24  [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
13:08:38.0331 0x0c24  Avgloga - ok
13:08:38.0339 0x0c24  [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
13:08:38.0341 0x0c24  Avgmfx64 - ok
13:08:38.0355 0x0c24  [ 0638096A30B7081DAACB8DCC39BD16EF ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
13:08:38.0356 0x0c24  Avgrkx64 - ok
13:08:38.0372 0x0c24  [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
13:08:38.0375 0x0c24  Avgtdia - ok
13:08:38.0407 0x0c24  [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
13:08:38.0410 0x0c24  avgwd - ok
13:08:38.0445 0x0c24  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:08:38.0447 0x0c24  AxInstSV - ok
13:08:38.0487 0x0c24  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:08:38.0493 0x0c24  b06bdrv - ok
13:08:38.0526 0x0c24  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:08:38.0529 0x0c24  b57nd60a - ok
13:08:38.0577 0x0c24  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:08:38.0579 0x0c24  BDESVC - ok
13:08:38.0594 0x0c24  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:08:38.0595 0x0c24  Beep - ok
13:08:38.0656 0x0c24  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
13:08:38.0669 0x0c24  BFE - ok
13:08:38.0711 0x0c24  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
13:08:38.0727 0x0c24  BITS - ok
13:08:38.0758 0x0c24  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:08:38.0759 0x0c24  blbdrive - ok
13:08:38.0803 0x0c24  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:08:38.0804 0x0c24  bowser - ok
13:08:38.0838 0x0c24  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:08:38.0839 0x0c24  BrFiltLo - ok
13:08:38.0845 0x0c24  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:08:38.0846 0x0c24  BrFiltUp - ok
13:08:38.0854 0x0c24  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:08:38.0856 0x0c24  BridgeMP - ok
13:08:38.0879 0x0c24  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
13:08:38.0881 0x0c24  Browser - ok
13:08:38.0905 0x0c24  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:08:38.0910 0x0c24  Brserid - ok
13:08:38.0916 0x0c24  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:08:38.0918 0x0c24  BrSerWdm - ok
13:08:38.0924 0x0c24  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:08:38.0925 0x0c24  BrUsbMdm - ok
13:08:38.0930 0x0c24  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:08:38.0931 0x0c24  BrUsbSer - ok
13:08:38.0936 0x0c24  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:08:38.0938 0x0c24  BTHMODEM - ok
13:08:38.0986 0x0c24  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:08:38.0988 0x0c24  bthserv - ok
13:08:39.0129 0x0c24  catchme - ok
13:08:39.0164 0x0c24  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:08:39.0166 0x0c24  cdfs - ok
13:08:39.0201 0x0c24  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:08:39.0204 0x0c24  cdrom - ok
13:08:39.0220 0x0c24  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:08:39.0222 0x0c24  CertPropSvc - ok
13:08:39.0246 0x0c24  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
13:08:39.0247 0x0c24  circlass - ok
13:08:39.0292 0x0c24  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:08:39.0296 0x0c24  CLFS - ok
13:08:39.0344 0x0c24  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:08:39.0346 0x0c24  clr_optimization_v2.0.50727_32 - ok
13:08:39.0390 0x0c24  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:08:39.0392 0x0c24  clr_optimization_v2.0.50727_64 - ok
13:08:39.0459 0x0c24  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:08:39.0462 0x0c24  clr_optimization_v4.0.30319_32 - ok
13:08:39.0499 0x0c24  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:08:39.0502 0x0c24  clr_optimization_v4.0.30319_64 - ok
13:08:39.0541 0x0c24  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:08:39.0542 0x0c24  CmBatt - ok
13:08:39.0549 0x0c24  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:08:39.0551 0x0c24  cmdide - ok
13:08:39.0592 0x0c24  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
13:08:39.0597 0x0c24  CNG - ok
13:08:39.0626 0x0c24  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:08:39.0626 0x0c24  Compbatt - ok
13:08:39.0637 0x0c24  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:08:39.0638 0x0c24  CompositeBus - ok
13:08:39.0648 0x0c24  COMSysApp - ok
13:08:39.0672 0x0c24  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:08:39.0673 0x0c24  crcdisk - ok
13:08:39.0710 0x0c24  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:08:39.0712 0x0c24  CryptSvc - ok
13:08:39.0767 0x0c24  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:08:39.0777 0x0c24  DcomLaunch - ok
13:08:39.0809 0x0c24  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:08:39.0814 0x0c24  defragsvc - ok
13:08:39.0846 0x0c24  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:08:39.0848 0x0c24  DfsC - ok
13:08:39.0876 0x0c24  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:08:39.0880 0x0c24  Dhcp - ok
13:08:39.0908 0x0c24  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:08:39.0909 0x0c24  discache - ok
13:08:39.0944 0x0c24  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
13:08:39.0946 0x0c24  Disk - ok
13:08:39.0975 0x0c24  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:08:39.0978 0x0c24  Dnscache - ok
13:08:40.0021 0x0c24  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:08:40.0024 0x0c24  dot3svc - ok
13:08:40.0044 0x0c24  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
13:08:40.0045 0x0c24  DPS - ok
13:08:40.0081 0x0c24  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:08:40.0082 0x0c24  drmkaud - ok
13:08:40.0140 0x0c24  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:08:40.0155 0x0c24  DXGKrnl - ok
13:08:40.0191 0x0c24  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:08:40.0193 0x0c24  EapHost - ok
13:08:40.0295 0x0c24  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:08:40.0326 0x0c24  ebdrv - ok
13:08:40.0354 0x0c24  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
13:08:40.0356 0x0c24  EFS - ok
13:08:40.0420 0x0c24  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:08:40.0433 0x0c24  ehRecvr - ok
13:08:40.0441 0x0c24  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:08:40.0443 0x0c24  ehSched - ok
13:08:40.0489 0x0c24  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:08:40.0495 0x0c24  elxstor - ok
13:08:40.0510 0x0c24  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:08:40.0511 0x0c24  ErrDev - ok
13:08:40.0547 0x0c24  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:08:40.0551 0x0c24  EventSystem - ok
13:08:40.0681 0x0c24  [ 51643EE2712D9212E1E53CA7E8D8EB4A ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:08:40.0700 0x0c24  EvtEng - ok
13:08:40.0734 0x0c24  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:08:40.0738 0x0c24  exfat - ok
13:08:40.0756 0x0c24  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:08:40.0759 0x0c24  fastfat - ok
13:08:40.0821 0x0c24  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
13:08:40.0834 0x0c24  Fax - ok
13:08:40.0841 0x0c24  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
13:08:40.0843 0x0c24  fdc - ok
13:08:40.0872 0x0c24  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:08:40.0873 0x0c24  fdPHost - ok
13:08:40.0887 0x0c24  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:08:40.0889 0x0c24  FDResPub - ok
13:08:40.0905 0x0c24  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:08:40.0906 0x0c24  FileInfo - ok
13:08:40.0919 0x0c24  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:08:40.0920 0x0c24  Filetrace - ok
13:08:40.0925 0x0c24  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:08:40.0926 0x0c24  flpydisk - ok
13:08:40.0933 0x0c24  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:08:40.0936 0x0c24  FltMgr - ok
13:08:41.0012 0x0c24  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
13:08:41.0032 0x0c24  FontCache - ok
13:08:41.0094 0x0c24  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:08:41.0096 0x0c24  FontCache3.0.0.0 - ok
13:08:41.0115 0x0c24  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:08:41.0116 0x0c24  FsDepends - ok
13:08:41.0138 0x0c24  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:08:41.0139 0x0c24  Fs_Rec - ok
13:08:41.0173 0x0c24  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:08:41.0175 0x0c24  fvevol - ok
13:08:41.0215 0x0c24  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:08:41.0217 0x0c24  gagp30kx - ok
13:08:41.0251 0x0c24  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
13:08:41.0259 0x0c24  gpsvc - ok
13:08:41.0319 0x0c24  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:08:41.0322 0x0c24  gupdate - ok
13:08:41.0328 0x0c24  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:08:41.0331 0x0c24  gupdatem - ok
13:08:41.0350 0x0c24  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:08:41.0352 0x0c24  hcw85cir - ok
13:08:41.0391 0x0c24  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:08:41.0397 0x0c24  HdAudAddService - ok
13:08:41.0416 0x0c24  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:08:41.0418 0x0c24  HDAudBus - ok
13:08:41.0455 0x0c24  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
13:08:41.0456 0x0c24  HECIx64 - ok
13:08:41.0477 0x0c24  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:08:41.0504 0x0c24  HidBatt - ok
13:08:41.0524 0x0c24  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:08:41.0526 0x0c24  HidBth - ok
13:08:41.0560 0x0c24  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:08:41.0563 0x0c24  HidIr - ok
13:08:41.0602 0x0c24  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
13:08:41.0604 0x0c24  hidserv - ok
13:08:41.0620 0x0c24  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
13:08:41.0622 0x0c24  HidUsb - ok
13:08:41.0652 0x0c24  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:08:41.0654 0x0c24  hkmsvc - ok
13:08:41.0699 0x0c24  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:08:41.0704 0x0c24  HomeGroupListener - ok
13:08:41.0762 0x0c24  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:08:41.0768 0x0c24  HomeGroupProvider - ok
13:08:41.0813 0x0c24  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:08:41.0815 0x0c24  HpSAMD - ok
13:08:41.0843 0x0c24  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:08:41.0849 0x0c24  HTTP - ok
13:08:41.0863 0x0c24  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:08:41.0864 0x0c24  hwpolicy - ok
13:08:41.0884 0x0c24  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:08:41.0886 0x0c24  i8042prt - ok
13:08:41.0937 0x0c24  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:08:41.0943 0x0c24  iaStorV - ok
13:08:42.0006 0x0c24  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:08:42.0021 0x0c24  idsvc - ok
13:08:42.0055 0x0c24  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:08:42.0056 0x0c24  iirsp - ok
13:08:42.0098 0x0c24  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:08:42.0113 0x0c24  IKEEXT - ok
13:08:42.0167 0x0c24  [ FD5EF1D0210CB9C0773BBA7CA360D762 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
13:08:42.0168 0x0c24  InstallFilterService - ok
13:08:42.0185 0x0c24  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:08:42.0186 0x0c24  intelide - ok
13:08:42.0218 0x0c24  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:08:42.0219 0x0c24  intelppm - ok
13:08:42.0233 0x0c24  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:08:42.0236 0x0c24  IPBusEnum - ok
13:08:42.0255 0x0c24  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:08:42.0257 0x0c24  IpFilterDriver - ok
13:08:42.0285 0x0c24  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:08:42.0291 0x0c24  iphlpsvc - ok
13:08:42.0298 0x0c24  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:08:42.0300 0x0c24  IPMIDRV - ok
13:08:42.0306 0x0c24  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:08:42.0308 0x0c24  IPNAT - ok
13:08:42.0327 0x0c24  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:08:42.0328 0x0c24  IRENUM - ok
13:08:42.0364 0x0c24  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:08:42.0365 0x0c24  isapnp - ok
13:08:42.0397 0x0c24  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:08:42.0401 0x0c24  iScsiPrt - ok
13:08:42.0425 0x0c24  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:08:42.0427 0x0c24  kbdclass - ok
13:08:42.0440 0x0c24  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
13:08:42.0441 0x0c24  kbdhid - ok
13:08:42.0465 0x0c24  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
13:08:42.0466 0x0c24  KeyIso - ok
13:08:42.0492 0x0c24  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:08:42.0493 0x0c24  KSecDD - ok
13:08:42.0514 0x0c24  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:08:42.0516 0x0c24  KSecPkg - ok
13:08:42.0529 0x0c24  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:08:42.0530 0x0c24  ksthunk - ok
13:08:42.0568 0x0c24  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:08:42.0575 0x0c24  KtmRm - ok
13:08:42.0619 0x0c24  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:08:42.0624 0x0c24  LanmanServer - ok
13:08:42.0657 0x0c24  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:08:42.0661 0x0c24  LanmanWorkstation - ok
13:08:42.0718 0x0c24  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:08:42.0720 0x0c24  lltdio - ok
13:08:42.0749 0x0c24  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:08:42.0754 0x0c24  lltdsvc - ok
13:08:42.0780 0x0c24  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:08:42.0782 0x0c24  lmhosts - ok
13:08:42.0855 0x0c24  [ 7485FBCEF9136F530953575E2977859D ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:08:42.0859 0x0c24  LMS - ok
13:08:42.0886 0x0c24  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:08:42.0889 0x0c24  LSI_FC - ok
13:08:42.0916 0x0c24  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:08:42.0918 0x0c24  LSI_SAS - ok
13:08:42.0924 0x0c24  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:08:42.0926 0x0c24  LSI_SAS2 - ok
13:08:42.0932 0x0c24  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:08:42.0935 0x0c24  LSI_SCSI - ok
13:08:42.0940 0x0c24  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:08:42.0942 0x0c24  luafv - ok
13:08:42.0959 0x0c24  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:08:42.0962 0x0c24  Mcx2Svc - ok
13:08:42.0985 0x0c24  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:08:42.0987 0x0c24  megasas - ok
13:08:43.0007 0x0c24  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:08:43.0011 0x0c24  MegaSR - ok
13:08:43.0037 0x0c24  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:08:43.0039 0x0c24  MMCSS - ok
13:08:43.0062 0x0c24  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:08:43.0063 0x0c24  Modem - ok
13:08:43.0099 0x0c24  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:08:43.0101 0x0c24  monitor - ok
13:08:43.0109 0x0c24  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:08:43.0111 0x0c24  mouclass - ok
13:08:43.0132 0x0c24  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
13:08:43.0133 0x0c24  mouhid - ok
13:08:43.0151 0x0c24  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:08:43.0153 0x0c24  mountmgr - ok
13:08:43.0237 0x0c24  [ E6DB6C61739E18906DC2C4191F6EDEA2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:08:43.0239 0x0c24  MozillaMaintenance - ok
13:08:43.0249 0x0c24  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:08:43.0252 0x0c24  mpio - ok
13:08:43.0261 0x0c24  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:08:43.0262 0x0c24  mpsdrv - ok
13:08:43.0308 0x0c24  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:08:43.0315 0x0c24  MpsSvc - ok
13:08:43.0330 0x0c24  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:08:43.0332 0x0c24  MRxDAV - ok
13:08:43.0362 0x0c24  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:08:43.0364 0x0c24  mrxsmb - ok
13:08:43.0384 0x0c24  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:08:43.0387 0x0c24  mrxsmb10 - ok
13:08:43.0407 0x0c24  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:08:43.0409 0x0c24  mrxsmb20 - ok
13:08:43.0434 0x0c24  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:08:43.0435 0x0c24  msahci - ok
13:08:43.0444 0x0c24  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:08:43.0446 0x0c24  msdsm - ok
13:08:43.0461 0x0c24  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:08:43.0464 0x0c24  MSDTC - ok
13:08:43.0499 0x0c24  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:08:43.0500 0x0c24  Msfs - ok
13:08:43.0531 0x0c24  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:08:43.0532 0x0c24  mshidkmdf - ok
13:08:43.0551 0x0c24  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:08:43.0552 0x0c24  msisadrv - ok
13:08:43.0589 0x0c24  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:08:43.0592 0x0c24  MSiSCSI - ok
13:08:43.0598 0x0c24  msiserver - ok
13:08:43.0628 0x0c24  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:08:43.0629 0x0c24  MSKSSRV - ok
13:08:43.0659 0x0c24  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:08:43.0660 0x0c24  MSPCLOCK - ok
13:08:43.0682 0x0c24  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:08:43.0682 0x0c24  MSPQM - ok
13:08:43.0707 0x0c24  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:08:43.0710 0x0c24  MsRPC - ok
13:08:43.0735 0x0c24  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:08:43.0736 0x0c24  mssmbios - ok
13:08:43.0795 0x0c24  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:08:43.0796 0x0c24  MSTEE - ok
13:08:43.0816 0x0c24  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:08:43.0817 0x0c24  MTConfig - ok
13:08:43.0824 0x0c24  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:08:43.0825 0x0c24  Mup - ok
13:08:43.0872 0x0c24  [ D285D0539016BE299A55FF997B44DA33 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
13:08:43.0878 0x0c24  MyWiFiDHCPDNS - ok
13:08:43.0918 0x0c24  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:08:43.0927 0x0c24  napagent - ok
13:08:43.0964 0x0c24  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:08:43.0968 0x0c24  NativeWifiP - ok
13:08:44.0029 0x0c24  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:08:44.0045 0x0c24  NDIS - ok
13:08:44.0074 0x0c24  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:08:44.0075 0x0c24  NdisCap - ok
13:08:44.0099 0x0c24  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:08:44.0100 0x0c24  NdisTapi - ok
13:08:44.0111 0x0c24  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:08:44.0113 0x0c24  Ndisuio - ok
13:08:44.0134 0x0c24  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:08:44.0137 0x0c24  NdisWan - ok
13:08:44.0143 0x0c24  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:08:44.0145 0x0c24  NDProxy - ok
13:08:44.0154 0x0c24  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:08:44.0155 0x0c24  NetBIOS - ok
13:08:44.0163 0x0c24  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:08:44.0166 0x0c24  NetBT - ok
13:08:44.0198 0x0c24  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
13:08:44.0199 0x0c24  Netlogon - ok
13:08:44.0245 0x0c24  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:08:44.0252 0x0c24  Netman - ok
13:08:44.0273 0x0c24  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:08:44.0280 0x0c24  netprofm - ok
13:08:44.0301 0x0c24  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:08:44.0303 0x0c24  NetTcpPortSharing - ok
13:08:44.0477 0x0c24  [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64        C:\Windows\system32\DRIVERS\NETw5s64.sys
13:08:44.0630 0x0c24  NETw5s64 - ok
13:08:44.0695 0x0c24  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:08:44.0697 0x0c24  nfrd960 - ok
13:08:44.0722 0x0c24  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:08:44.0727 0x0c24  NlaSvc - ok
13:08:44.0733 0x0c24  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:08:44.0734 0x0c24  Npfs - ok
13:08:44.0762 0x0c24  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:08:44.0764 0x0c24  nsi - ok
13:08:44.0779 0x0c24  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:08:44.0781 0x0c24  nsiproxy - ok
13:08:44.0842 0x0c24  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:08:44.0868 0x0c24  Ntfs - ok
13:08:44.0889 0x0c24  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:08:44.0890 0x0c24  Null - ok
13:08:44.0908 0x0c24  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:08:44.0910 0x0c24  nvraid - ok
13:08:44.0939 0x0c24  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:08:44.0941 0x0c24  nvstor - ok
13:08:44.0969 0x0c24  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:08:44.0971 0x0c24  nv_agp - ok
13:08:44.0986 0x0c24  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:08:44.0987 0x0c24  ohci1394 - ok
13:08:45.0027 0x0c24  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:08:45.0033 0x0c24  p2pimsvc - ok
13:08:45.0060 0x0c24  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:08:45.0069 0x0c24  p2psvc - ok
13:08:45.0091 0x0c24  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
13:08:45.0093 0x0c24  Parport - ok
13:08:45.0119 0x0c24  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:08:45.0121 0x0c24  partmgr - ok
13:08:45.0156 0x0c24  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:08:45.0160 0x0c24  PcaSvc - ok
13:08:45.0189 0x0c24  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
13:08:45.0192 0x0c24  pci - ok
13:08:45.0209 0x0c24  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:08:45.0210 0x0c24  pciide - ok
13:08:45.0227 0x0c24  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:08:45.0231 0x0c24  pcmcia - ok
13:08:45.0236 0x0c24  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:08:45.0238 0x0c24  pcw - ok
13:08:45.0267 0x0c24  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:08:45.0271 0x0c24  PEAUTH - ok
13:08:45.0361 0x0c24  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:08:45.0363 0x0c24  PerfHost - ok
13:08:45.0430 0x0c24  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
13:08:45.0450 0x0c24  pla - ok
13:08:45.0504 0x0c24  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:08:45.0512 0x0c24  PlugPlay - ok
13:08:45.0533 0x0c24  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:08:45.0536 0x0c24  PNRPAutoReg - ok
13:08:45.0573 0x0c24  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:08:45.0580 0x0c24  PNRPsvc - ok
13:08:45.0620 0x0c24  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:08:45.0629 0x0c24  PolicyAgent - ok
13:08:45.0703 0x0c24  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:08:45.0708 0x0c24  Power - ok
13:08:45.0743 0x0c24  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:08:45.0746 0x0c24  PptpMiniport - ok
13:08:45.0759 0x0c24  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
13:08:45.0761 0x0c24  Processor - ok
13:08:45.0784 0x0c24  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:08:45.0788 0x0c24  ProfSvc - ok
13:08:45.0799 0x0c24  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:08:45.0800 0x0c24  ProtectedStorage - ok
13:08:45.0822 0x0c24  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:08:45.0824 0x0c24  Psched - ok
13:08:45.0887 0x0c24  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:08:45.0908 0x0c24  ql2300 - ok
13:08:45.0913 0x0c24  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:08:45.0915 0x0c24  ql40xx - ok
13:08:45.0946 0x0c24  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:08:45.0950 0x0c24  QWAVE - ok
13:08:45.0964 0x0c24  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:08:45.0966 0x0c24  QWAVEdrv - ok
13:08:45.0970 0x0c24  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:08:45.0971 0x0c24  RasAcd - ok
13:08:45.0995 0x0c24  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:08:45.0997 0x0c24  RasAgileVpn - ok
13:08:46.0010 0x0c24  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:08:46.0013 0x0c24  RasAuto - ok
13:08:46.0030 0x0c24  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:08:46.0032 0x0c24  Rasl2tp - ok
13:08:46.0055 0x0c24  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:08:46.0059 0x0c24  RasMan - ok
13:08:46.0064 0x0c24  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:08:46.0066 0x0c24  RasPppoe - ok
13:08:46.0071 0x0c24  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:08:46.0072 0x0c24  RasSstp - ok
13:08:46.0094 0x0c24  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:08:46.0098 0x0c24  rdbss - ok
13:08:46.0114 0x0c24  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:08:46.0115 0x0c24  rdpbus - ok
13:08:46.0132 0x0c24  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:08:46.0133 0x0c24  RDPCDD - ok
13:08:46.0155 0x0c24  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:08:46.0156 0x0c24  RDPENCDD - ok
13:08:46.0162 0x0c24  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:08:46.0163 0x0c24  RDPREFMP - ok
13:08:46.0203 0x0c24  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:08:46.0207 0x0c24  RDPWD - ok
13:08:46.0218 0x0c24  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:08:46.0222 0x0c24  rdyboost - ok
13:08:46.0284 0x0c24  [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
13:08:46.0286 0x0c24  RealNetworks Downloader Resolver Service - ok
13:08:46.0380 0x0c24  [ 3B71B5B91E7DCA93585D5A86C897ADC4 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:08:46.0389 0x0c24  RegSrvc - ok
13:08:46.0427 0x0c24  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:08:46.0431 0x0c24  RemoteAccess - ok
13:08:46.0460 0x0c24  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:08:46.0464 0x0c24  RemoteRegistry - ok
13:08:46.0507 0x0c24  [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci         C:\Windows\system32\DRIVERS\rimspe64.sys
13:08:46.0508 0x0c24  rimspci - ok
13:08:46.0539 0x0c24  [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 ] risdpcie        C:\Windows\system32\DRIVERS\risdpe64.sys
13:08:46.0541 0x0c24  risdpcie - ok
13:08:46.0567 0x0c24  [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie        C:\Windows\system32\DRIVERS\rixdpe64.sys
13:08:46.0568 0x0c24  rixdpcie - ok
13:08:46.0586 0x0c24  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:08:46.0589 0x0c24  RpcEptMapper - ok
13:08:46.0626 0x0c24  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:08:46.0627 0x0c24  RpcLocator - ok
13:08:46.0655 0x0c24  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
13:08:46.0662 0x0c24  RpcSs - ok
13:08:46.0696 0x0c24  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:08:46.0697 0x0c24  rspndr - ok
13:08:46.0747 0x0c24  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:08:46.0757 0x0c24  RTL8167 - ok
13:08:46.0776 0x0c24  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
13:08:46.0778 0x0c24  SamSs - ok
13:08:46.0784 0x0c24  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:08:46.0786 0x0c24  sbp2port - ok
13:08:46.0813 0x0c24  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:08:46.0817 0x0c24  SCardSvr - ok
13:08:46.0827 0x0c24  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:08:46.0829 0x0c24  scfilter - ok
13:08:46.0873 0x0c24  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:08:46.0893 0x0c24  Schedule - ok
13:08:46.0919 0x0c24  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:08:46.0920 0x0c24  SCPolicySvc - ok
13:08:46.0941 0x0c24  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
13:08:46.0943 0x0c24  sdbus - ok
13:08:46.0965 0x0c24  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:08:46.0969 0x0c24  SDRSVC - ok
13:08:46.0986 0x0c24  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:08:46.0987 0x0c24  secdrv - ok
13:08:47.0014 0x0c24  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:08:47.0017 0x0c24  seclogon - ok
13:08:47.0063 0x0c24  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
13:08:47.0067 0x0c24  SENS - ok
13:08:47.0080 0x0c24  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:08:47.0082 0x0c24  SensrSvc - ok
13:08:47.0100 0x0c24  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:08:47.0102 0x0c24  Serenum - ok
13:08:47.0131 0x0c24  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
13:08:47.0134 0x0c24  Serial - ok
13:08:47.0138 0x0c24  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:08:47.0140 0x0c24  sermouse - ok
13:08:47.0161 0x0c24  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:08:47.0165 0x0c24  SessionEnv - ok
13:08:47.0181 0x0c24  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:08:47.0181 0x0c24  sffdisk - ok
13:08:47.0185 0x0c24  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:08:47.0186 0x0c24  sffp_mmc - ok
13:08:47.0206 0x0c24  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:08:47.0206 0x0c24  sffp_sd - ok
13:08:47.0210 0x0c24  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:08:47.0211 0x0c24  sfloppy - ok
13:08:47.0234 0x0c24  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:08:47.0237 0x0c24  SharedAccess - ok
13:08:47.0275 0x0c24  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:08:47.0278 0x0c24  ShellHWDetection - ok
13:08:47.0283 0x0c24  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:08:47.0284 0x0c24  SiSRaid2 - ok
13:08:47.0289 0x0c24  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:08:47.0290 0x0c24  SiSRaid4 - ok
13:08:47.0309 0x0c24  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:08:47.0310 0x0c24  Smb - ok
13:08:47.0335 0x0c24  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:08:47.0337 0x0c24  SNMPTRAP - ok
13:08:47.0345 0x0c24  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:08:47.0346 0x0c24  spldr - ok
13:08:47.0392 0x0c24  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
13:08:47.0397 0x0c24  Spooler - ok
13:08:47.0476 0x0c24  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:08:47.0498 0x0c24  sppsvc - ok
13:08:47.0511 0x0c24  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:08:47.0513 0x0c24  sppuinotify - ok
13:08:47.0544 0x0c24  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:08:47.0548 0x0c24  srv - ok
13:08:47.0561 0x0c24  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:08:47.0564 0x0c24  srv2 - ok
13:08:47.0590 0x0c24  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:08:47.0592 0x0c24  srvnet - ok
13:08:47.0631 0x0c24  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:08:47.0635 0x0c24  SSDPSRV - ok
13:08:47.0640 0x0c24  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:08:47.0643 0x0c24  SstpSvc - ok
13:08:47.0752 0x0c24  [ DA7702025DFD169B909C4DA3126762CC ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
13:08:47.0756 0x0c24  STacSV - ok
13:08:47.0814 0x0c24  [ C48E0745D33897C7A73394214F2B9B4F ] stdflt          C:\Windows\system32\DRIVERS\stdflt.sys
13:08:47.0815 0x0c24  stdflt - ok
13:08:47.0850 0x0c24  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:08:47.0851 0x0c24  stexstor - ok
13:08:47.0888 0x0c24  [ CAF5A9708671B14B9670260735B22C4E ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
13:08:47.0897 0x0c24  STHDA - ok
13:08:47.0952 0x0c24  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:08:47.0963 0x0c24  stisvc - ok
13:08:47.0982 0x0c24  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:08:47.0983 0x0c24  swenum - ok
13:08:48.0048 0x0c24  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:08:48.0060 0x0c24  swprv - ok
13:08:48.0124 0x0c24  [ 639B57DC871BE4B86283027FAF1F4E30 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
13:08:48.0129 0x0c24  SynTP - ok
13:08:48.0217 0x0c24  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
13:08:48.0242 0x0c24  SysMain - ok
13:08:48.0272 0x0c24  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:08:48.0276 0x0c24  TabletInputService - ok
13:08:48.0286 0x0c24  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:08:48.0292 0x0c24  TapiSrv - ok
13:08:48.0301 0x0c24  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:08:48.0304 0x0c24  TBS - ok
13:08:48.0357 0x0c24  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:08:48.0378 0x0c24  Tcpip - ok
13:08:48.0427 0x0c24  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:08:48.0439 0x0c24  TCPIP6 - ok
13:08:48.0471 0x0c24  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:08:48.0471 0x0c24  tcpipreg - ok
13:08:48.0493 0x0c24  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:08:48.0494 0x0c24  TDPIPE - ok
13:08:48.0528 0x0c24  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:08:48.0529 0x0c24  TDTCP - ok
13:08:48.0552 0x0c24  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:08:48.0554 0x0c24  tdx - ok
13:08:48.0561 0x0c24  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:08:48.0563 0x0c24  TermDD - ok
13:08:48.0596 0x0c24  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
13:08:48.0606 0x0c24  TermService - ok
13:08:48.0623 0x0c24  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:08:48.0625 0x0c24  Themes - ok
13:08:48.0659 0x0c24  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:08:48.0660 0x0c24  THREADORDER - ok
13:08:48.0682 0x0c24  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:08:48.0687 0x0c24  TrkWks - ok
13:08:48.0771 0x0c24  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:08:48.0774 0x0c24  TrustedInstaller - ok
13:08:48.0798 0x0c24  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:08:48.0799 0x0c24  tssecsrv - ok
13:08:48.0818 0x0c24  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:08:48.0820 0x0c24  TsUsbFlt - ok
13:08:48.0825 0x0c24  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:08:48.0826 0x0c24  TsUsbGD - ok
13:08:48.0842 0x0c24  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:08:48.0845 0x0c24  tunnel - ok
13:08:48.0860 0x0c24  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:08:48.0862 0x0c24  uagp35 - ok
13:08:48.0871 0x0c24  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:08:48.0875 0x0c24  udfs - ok
13:08:48.0899 0x0c24  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:08:48.0901 0x0c24  UI0Detect - ok
13:08:48.0935 0x0c24  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:08:48.0936 0x0c24  uliagpkx - ok
13:08:48.0943 0x0c24  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:08:48.0946 0x0c24  umbus - ok
13:08:48.0953 0x0c24  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:08:48.0954 0x0c24  UmPass - ok
13:08:49.0115 0x0c24  [ 765F2DD351BA064F657751D8D75E58C0 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:08:49.0142 0x0c24  UNS - ok
13:08:49.0173 0x0c24  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:08:49.0180 0x0c24  upnphost - ok
13:08:49.0220 0x0c24  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:08:49.0222 0x0c24  usbccgp - ok
13:08:49.0265 0x0c24  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:08:49.0267 0x0c24  usbcir - ok
13:08:49.0283 0x0c24  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:08:49.0284 0x0c24  usbehci - ok
13:08:49.0307 0x0c24  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:08:49.0312 0x0c24  usbhub - ok
13:08:49.0324 0x0c24  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:08:49.0325 0x0c24  usbohci - ok
13:08:49.0342 0x0c24  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
13:08:49.0344 0x0c24  usbprint - ok
13:08:49.0359 0x0c24  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
13:08:49.0361 0x0c24  USBSTOR - ok
13:08:49.0378 0x0c24  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:08:49.0380 0x0c24  usbuhci - ok
13:08:49.0424 0x0c24  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
13:08:49.0428 0x0c24  usbvideo - ok
13:08:49.0464 0x0c24  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:08:49.0468 0x0c24  UxSms - ok
13:08:49.0487 0x0c24  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
13:08:49.0488 0x0c24  VaultSvc - ok
13:08:49.0501 0x0c24  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:08:49.0502 0x0c24  vdrvroot - ok
13:08:49.0528 0x0c24  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
13:08:49.0537 0x0c24  vds - ok
13:08:49.0595 0x0c24  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:08:49.0597 0x0c24  vga - ok
13:08:49.0603 0x0c24  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:08:49.0605 0x0c24  VgaSave - ok
13:08:49.0666 0x0c24  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:08:49.0670 0x0c24  vhdmp - ok
13:08:49.0677 0x0c24  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:08:49.0678 0x0c24  viaide - ok
13:08:49.0686 0x0c24  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:08:49.0688 0x0c24  volmgr - ok
13:08:49.0713 0x0c24  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:08:49.0716 0x0c24  volmgrx - ok
13:08:49.0725 0x0c24  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:08:49.0728 0x0c24  volsnap - ok
13:08:49.0748 0x0c24  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:08:49.0751 0x0c24  vsmraid - ok
13:08:49.0813 0x0c24  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
13:08:49.0839 0x0c24  VSS - ok
13:08:49.0865 0x0c24  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:08:49.0866 0x0c24  vwifibus - ok
13:08:49.0878 0x0c24  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:08:49.0880 0x0c24  vwififlt - ok
13:08:49.0885 0x0c24  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:08:49.0886 0x0c24  vwifimp - ok
13:08:49.0914 0x0c24  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:08:49.0920 0x0c24  W32Time - ok
13:08:49.0935 0x0c24  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:08:49.0936 0x0c24  WacomPen - ok
13:08:49.0951 0x0c24  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:08:49.0952 0x0c24  WANARP - ok
13:08:49.0956 0x0c24  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:08:49.0957 0x0c24  Wanarpv6 - ok
13:08:50.0030 0x0c24  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:08:50.0048 0x0c24  WatAdminSvc - ok
13:08:50.0100 0x0c24  WatGorp - ok
13:08:50.0159 0x0c24  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:08:50.0184 0x0c24  wbengine - ok
13:08:50.0193 0x0c24  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:08:50.0197 0x0c24  WbioSrvc - ok
13:08:50.0204 0x0c24  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:08:50.0210 0x0c24  wcncsvc - ok
13:08:50.0227 0x0c24  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:08:50.0228 0x0c24  WcsPlugInService - ok
13:08:50.0251 0x0c24  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
13:08:50.0252 0x0c24  Wd - ok
13:08:50.0286 0x0c24  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:08:50.0302 0x0c24  Wdf01000 - ok
13:08:50.0330 0x0c24  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:08:50.0333 0x0c24  WdiServiceHost - ok
13:08:50.0338 0x0c24  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:08:50.0341 0x0c24  WdiSystemHost - ok
13:08:50.0363 0x0c24  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
13:08:50.0369 0x0c24  WebClient - ok
13:08:50.0387 0x0c24  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:08:50.0393 0x0c24  Wecsvc - ok
13:08:50.0417 0x0c24  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:08:50.0420 0x0c24  wercplsupport - ok
13:08:50.0445 0x0c24  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:08:50.0448 0x0c24  WerSvc - ok
13:08:50.0473 0x0c24  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:08:50.0474 0x0c24  WfpLwf - ok
13:08:50.0490 0x0c24  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:08:50.0490 0x0c24  WIMMount - ok
13:08:50.0520 0x0c24  WinDefend - ok
13:08:50.0532 0x0c24  WinHttpAutoProxySvc - ok
13:08:50.0589 0x0c24  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:08:50.0593 0x0c24  Winmgmt - ok
13:08:50.0660 0x0c24  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
13:08:50.0687 0x0c24  WinRM - ok
13:08:50.0728 0x0c24  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:08:50.0729 0x0c24  WinUsb - ok
13:08:50.0775 0x0c24  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:08:50.0788 0x0c24  Wlansvc - ok
13:08:50.0818 0x0c24  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:08:50.0819 0x0c24  WmiAcpi - ok
13:08:50.0854 0x0c24  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:08:50.0858 0x0c24  wmiApSrv - ok
13:08:50.0887 0x0c24  WMPNetworkSvc - ok
13:08:50.0917 0x0c24  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:08:50.0920 0x0c24  WPCSvc - ok
13:08:50.0938 0x0c24  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:08:50.0942 0x0c24  WPDBusEnum - ok
13:08:50.0959 0x0c24  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:08:50.0961 0x0c24  ws2ifsl - ok
13:08:50.0981 0x0c24  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
13:08:50.0986 0x0c24  wscsvc - ok
13:08:50.0990 0x0c24  WSearch - ok
13:08:51.0093 0x0c24  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:08:51.0119 0x0c24  wuauserv - ok
13:08:51.0152 0x0c24  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:08:51.0154 0x0c24  WudfPf - ok
13:08:51.0180 0x0c24  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:08:51.0184 0x0c24  WUDFRd - ok
13:08:51.0214 0x0c24  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:08:51.0219 0x0c24  wudfsvc - ok
13:08:51.0259 0x0c24  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:08:51.0266 0x0c24  WwanSvc - ok
13:08:51.0297 0x0c24  ================ Scan global ===============================
13:08:51.0317 0x0c24  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:08:51.0342 0x0c24  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:08:51.0354 0x0c24  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:08:51.0392 0x0c24  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:08:51.0429 0x0c24  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:08:51.0434 0x0c24  [Global] - ok
13:08:51.0434 0x0c24  ================ Scan MBR ==================================
13:08:51.0450 0x0c24  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:08:51.0862 0x0c24  \Device\Harddisk0\DR0 - ok
13:08:51.0863 0x0c24  ================ Scan VBR ==================================
13:08:51.0867 0x0c24  [ 03FCB62C2518EA8761A1537FC464B6DF ] \Device\Harddisk0\DR0\Partition1
13:08:51.0870 0x0c24  \Device\Harddisk0\DR0\Partition1 - ok
13:08:51.0930 0x0c24  [ AE536D3D3F292CE17F758B2A8DB6A702 ] \Device\Harddisk0\DR0\Partition2
13:08:51.0932 0x0c24  \Device\Harddisk0\DR0\Partition2 - ok
13:08:51.0933 0x0c24  ============================================================
13:08:51.0933 0x0c24  Scan finished
13:08:51.0933 0x0c24  ============================================================
13:08:51.0957 0x1084  Detected object count: 0
13:08:51.0957 0x1084  Actual detected object count: 0
 



#4 Reesie87

Reesie87
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 16 August 2013 - 12:20 PM

AdwCleaner LOG

 

Note: Upon the restart, my laptop did a quick configuration. I was prompted to do it earlier, but delayed it until after this process, forgetting that the configuration would begin as soon as my laptop was reset. Is that alright, or should I run this step again?

 

# AdwCleaner v2.306 - Logfile created 08/16/2013 at 13:14:47
# Updated 19/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Reese - REESE-PC
# Boot Mode : Normal
# Running from : C:\Users\Reese\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Reese\AppData\Roaming\Mozilla\Firefox\Profiles\agkcdp5p.default\bProtector_extensions.rdf
File Deleted : C:\Users\Reese\AppData\Roaming\Mozilla\Firefox\Profiles\agkcdp5p.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Reese\AppData\Roaming\Mozilla\Firefox\Profiles\agkcdp5p.default\searchplugins\Babylon.xml
File Deleted : C:\Users\Reese\AppData\Roaming\Mozilla\Firefox\Profiles\agkcdp5p.default\searchplugins\web-search.xml
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Users\Reese\AppData\Local\APN
Folder Deleted : C:\Users\Reese\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Reese\AppData\LocalLow\Softonic
Folder Deleted : C:\Users\Reese\AppData\Roaming\iWin
Folder Deleted : C:\Users\Reese\AppData\Roaming\Mozilla\Firefox\Profiles\agkcdp5p.default\extensions\toolbar@ask.com

***** [Registry] *****

Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\f2d6ddb06de545
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\f2d6ddb06de545

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry is clean.

-\\ Mozilla Firefox v23.0 (en-US)

File : C:\Users\Reese\AppData\Roaming\Mozilla\Firefox\Profiles\agkcdp5p.default\prefs.js

C:\Users\Reese\AppData\Roaming\Mozilla\Firefox\Profiles\agkcdp5p.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://slirsredirect.search.aol.com/slirs_htt[...]
Deleted : user_pref("extensions.delta.admin", false);
Deleted : user_pref("extensions.delta.aflt", "babsst");
Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Deleted : user_pref("extensions.delta.autoRvrt", "false");
Deleted : user_pref("extensions.delta.dfltLng", "en");
Deleted : user_pref("extensions.delta.excTlbr", false);
Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Deleted : user_pref("extensions.delta.id", "d4844a9400000000000000231485d4ed");
Deleted : user_pref("extensions.delta.instlDay", "15924");
Deleted : user_pref("extensions.delta.instlRef", "sst");
Deleted : user_pref("extensions.delta.newTab", false);
Deleted : user_pref("extensions.delta.prdct", "delta");
Deleted : user_pref("extensions.delta.prtnrId", "delta");
Deleted : user_pref("extensions.delta.rvrt", "false");
Deleted : user_pref("extensions.delta.smplGrp", "none");
Deleted : user_pref("extensions.delta.tlbrId", "base");
Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Deleted : user_pref("extensions.delta.vrsn", "1.8.22.0");
Deleted : user_pref("extensions.delta.vrsnTs", "1.8.22.010:01:33");
Deleted : user_pref("extensions.delta.vrsni", "1.8.22.0");
Deleted : user_pref("extensions.delta_i.babExt", "");
Deleted : user_pref("extensions.delta_i.babTrack", "affID=119351&tsp=4967");
Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Deleted : user_pref("extensions.sahtb.searchEngineNameCurrent", "Web Search");
Deleted : user_pref("extensions.sahtb.searchEngineNameSAH", "Web Search");
Deleted : user_pref("extensions.sahtb.url.merchants.data", "<?xml version=\"1.0\" ?><MerchantSettings><v n=\"3[...]
Deleted : user_pref("extensions.sahtb.url.prefs.data", "<ToolbarPrefs>\r\n    <XMLVersion Number=\"{bdd09e8b-8dee[...]
Deleted : user_pref("extensions.softonic.aflt", "orgnl");
Deleted : user_pref("extensions.softonic.cntry", "US");
Deleted : user_pref("extensions.softonic.cv", "cv5");
Deleted : user_pref("extensions.softonic.dfltLng", "EN");
Deleted : user_pref("extensions.softonic.dfltSrch", false);
Deleted : user_pref("extensions.softonic.envrmnt", "production");
Deleted : user_pref("extensions.softonic.hdrMd5", "E0714ED5AC9703875D7329AAB41D2789");
Deleted : user_pref("extensions.softonic.hmpg", false);
Deleted : user_pref("extensions.softonic.id", "e04bf4c800000000000000231485d4ed");
Deleted : user_pref("extensions.softonic.instlDay", "15273");
Deleted : user_pref("extensions.softonic.isdcmntcmplt", true);
Deleted : user_pref("extensions.softonic.keyWordUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource=[...]
Deleted : user_pref("extensions.softonic.lastVrsnTs", "");
Deleted : user_pref("extensions.softonic.mntrvrsn", "1.3.0");
Deleted : user_pref("extensions.softonic.newTab", false);
Deleted : user_pref("extensions.softonic.noFFXTlbr", "false");
Deleted : user_pref("extensions.softonic.prdct", "softonic");
Deleted : user_pref("extensions.softonic.propectorlck", 83971338);
Deleted : user_pref("extensions.softonic.prtnrId", "softonic");
Deleted : user_pref("extensions.softonic.sg", "az");
Deleted : user_pref("extensions.softonic.smplGrp", "free");
Deleted : user_pref("extensions.softonic.srchPrvdr", "Search the web (Softonic)");
Deleted : user_pref("extensions.softonic.tlbrId", "base");
Deleted : user_pref("extensions.softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource[...]
Deleted : user_pref("extensions.softonic.updateRunOnce1", true);
Deleted : user_pref("extensions.softonic.vrsn", "1.4.43.4");
Deleted : user_pref("extensions.softonic.vrsnTs", "1.4.43.412:26:53");

-\\ Google Chrome v28.0.1500.95

File : C:\Users\Reese\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [6628 octets] - [16/08/2013 13:14:47]

########## EOF - C:\AdwCleaner[S1].txt - [6688 octets] ##########
 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:45 PM

Posted 16 August 2013 - 12:51 PM

Ok, reboot then run ESET and tell me how it is.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Reesie87

Reesie87
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 16 August 2013 - 02:30 PM

aswMBR Log

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-08-16 14:42:26
-----------------------------
14:42:26.400    OS Version: Windows x64 6.1.7601 Service Pack 1
14:42:26.400    Number of processors: 4 586 0x2502
14:42:26.401    ComputerName: REESE-PC  UserName: Reese
14:42:27.792    Initialize success
15:07:38.849    AVAST engine defs: 13081600
15:14:57.674    The log file has been saved successfully to "C:\Users\Reese\Desktop\aswMBR LOG.txt"
15:15:11.024    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:15:11.034    Disk 0 Vendor: SAMSUNG_HM500JI 2AC101C4 Size: 476940MB BusType: 11
15:15:11.194    Disk 0 MBR read successfully
15:15:11.204    Disk 0 MBR scan
15:15:11.214    Disk 0 Windows 7 default MBR code
15:15:11.234    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
15:15:11.234    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       476838 MB offset 206848
15:15:11.264    Disk 0 scanning C:\Windows\system32\drivers
15:15:18.464    Service scanning
15:15:39.074    Modules scanning
15:15:39.074    Disk 0 trace - called modules:
15:15:39.094    ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
15:15:39.424    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80051cf060]
15:15:39.434    3 CLASSPNP.SYS[fffff8800190c43f] -> nt!IofCallDriver -> [0xfffffa800506eb20]
15:15:39.444    5 stdflt.sys[fffff88001857a4a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004f13550]
15:15:40.764    AVAST engine scan C:\Windows
15:15:44.384    AVAST engine scan C:\Windows\system32
15:17:35.356    AVAST engine scan C:\Windows\system32\drivers
15:17:44.636    AVAST engine scan C:\Users\Reese
15:23:43.550    AVAST engine scan C:\ProgramData
15:24:08.930    Scan finished successfully
15:29:49.991    Disk 0 MBR has been saved successfully to "C:\Users\Reese\Desktop\MBR.dat"
15:29:49.991    The log file has been saved successfully to "C:\Users\Reese\Desktop\aswMBR ScanLOG.txt"

 



#7 Reesie87

Reesie87
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 16 August 2013 - 02:32 PM

I apologize - I was in the middle of allowing the ASW step before I read that comment. Took it a good while to get through the downloading portion of Avast, and then I had to run the scan. Would you still like me to reboot now and run (Eset? I'm unfamiliar with that step)? I'm gonna pause in doing anything for now until I know whatcha want :)

Edited by Reesie87, 16 August 2013 - 02:33 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:45 PM

Posted 16 August 2013 - 02:35 PM

Yes,reboot and do ESET. Thanks.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Reesie87

Reesie87
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 16 August 2013 - 03:56 PM

I have rebooted my computer, but I must confess that i'm not sure what ESET is? It isn't one of the four steps you mentioned in your first post. Is it another program I should download? If so, would you please provide me with the same information you did with the other programs? :)



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:45 PM

Posted 17 August 2013 - 10:38 AM

I am very sorry,must have been cut off.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 Reesie87

Reesie87
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 17 August 2013 - 11:24 PM

ESET Log:
 
(Please note that 7 threats were detected. However, you did not say if I should check the box 'Delete Quarentined Files' after the scan, so I did not. I also did not select to uninstall it, in case you want me to run a second scan. I still clicked 'finish' as instructed, however. Basically, I did follow your instructions 100%.)
 
C:\Users\Reese\AppData\Local\Google\Chrome\User Data\Default\Default\aagcdggbgcgbdadddggbdgdggdgeggdh\background.js    Win32/TrojanDownloader.Tracur.V trojan    cleaned by deleting - quarantined
C:\Users\Reese\AppData\Local\Google\Chrome\User Data\Default\Default\aagcdggbgcgbdadddggbdgdggdgeggdh\ContentScript.js    Win32/TrojanDownloader.Tracur.AD trojan    cleaned by deleting - quarantined
C:\Users\Reese\AppData\Roaming\Mozilla\Firefox\Profiles\agkcdp5p.default\extensions\nuxbcocoah@nuxbcocoah.org.xpi    Win32/TrojanDownloader.Tracur.AD.Gen trojan    deleted - quarantined
C:\Users\Reese\Downloads\iLividSetup-r563-n-bf.exe    Win32/Toolbar.SearchSuite application    cleaned by deleting - quarantined
C:\Users\Reese\Downloads\l5m-usjobsearch-us-dtx.exe    Win32/Toolbar.Zugo application    cleaned by deleting - quarantined
C:\Users\Reese\Downloads\setup.exe    a variant of Win32/AirAdInstaller.A application    cleaned by deleting - quarantined
C:\Users\Reese\Downloads\ZipOpenerSetup.exe    Win32/InstallCore.CD application    cleaned by deleting - quarantined
 

Edited by Reesie87, 17 August 2013 - 11:27 PM.


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:45 PM

Posted 19 August 2013 - 08:37 AM

Ok, Quarantine is good,they can no longer harm your PC from there.
See
Clean, Quarantine, or Delete

How is it running now?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Reesie87

Reesie87
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 19 August 2013 - 10:10 PM

It blue screened twice on me yesterday, and the display driver temporarily failed once this afternoon. I.E is still popping up a few times a day. So basically, no real change :3



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:45 PM

Posted 20 August 2013 - 11:22 AM

Let's try one more thing here..

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Reesie87

Reesie87
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:02:45 PM

Posted 20 August 2013 - 01:08 PM

Ah, RKill. My greatest companion in "knocking a virus out" long enough to run my usual antivirus programs, LOL.

 

So! Redownloaded and scanned.The log is saved on my desktop. Would you like me to post it here? You didn't state such, so I wasn't sure if it's meant to be posted elsewhere like certain other logs.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users