Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue Screen of Death. BIOs error 0x0000001E Infection? or somthing else


  • Please log in to reply
11 replies to this topic

#1 dkittl20

dkittl20

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 11 October 2013 - 06:51 AM

Hello,

Ive had great help here in the past so thank you!  now I have another problem.

 

Ive been getting a blue screen of death error "a problem has been detected and windows has been shut down to prevent damage to your computer"

 

 0x0000001e (0xffffffffc0000005, 0xfffffa80008d31610, 0x000007fffffa800)

 

It happens on a normal start up and in safe mode with networking.

 

I can get into normal safemode no problem.  Ive run a macafee virus scan, spybot and malwarebtyes scan which all come back clean..  However macafee wont let me turn on the background scan or firewall, so I think I might have somthing hiding.  I have also done a system restore to back to monday.

 

When I boot normal I can get in all the way to the desktop and an error pop up comes up just before the blue screen.  It says

 

"There was a problem starting C:\Users\Kittle\AppData\Roaming\udoate.dll  The specified module could not be found" then goes to blue

 

Another note that may be helpful was that I get a driver error for my wacom tablet.  Removed the driver and still get the error.

 

Im running windows 7

 

Any help is Appreciated!! thanks in andvance.

 

 



BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:22 PM

Posted 11 October 2013 - 04:18 PM

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size

Click Go and post the result.

p22002970.gif Download Malwarebytes' Anti-Malware (aka MBAM): https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

p22002970.gifDownload Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt


p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#3 dkittl20

dkittl20
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 15 October 2013 - 11:21 AM

Hi Broni, Thanks for the help! Malwarbytes failed to update.  Below are the requested Logs:

 

 Results of screen317's Security Check version 0.99.74  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
McAfee Anti-Virus and Anti-Spyware   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java™ 6 Update 31  
 Java version out of Date! 
 Adobe Flash Player 11.8.800.168  
 Adobe Reader 10.1.3 Adobe Reader out of Date!  
 Mozilla Firefox (8.0.1) 
 Google Chrome 30.0.1599.66  
 Google Chrome 30.0.1599.69  
 Google Chrome plugins...  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log`````````````````````` 
 
 

Farbar Service Scanner Version: 13-09-2013
Ran by Kittle (administrator) on 14-10-2013 at 20:16:34
Running from "L:\Bleeping"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Minimal
****************************************************************
 
Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.
 
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.
 
Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
The ServiceDll of Nsi service is OK.
 
nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.
 
tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.
 
afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.
 
 
Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
There is no connection to network.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors
 
 
Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
 
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.
 
bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.
 
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
 
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
 
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
 
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Kittle (administrator) on 14-10-2013 at 20:19:03
Running from "L:\Bleeping"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Minimal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Kittle-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host google.com. Please check the name and try again.
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host yahoo.com. Please check the name and try again.
Unable to contact IP driver. General failure. 
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (10/14/2013 08:11:56 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 10:21:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 09:52:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 09:26:33 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
 
Error: (10/10/2013 09:24:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 09:24:04 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: MCSCAN32 Engine Initialisation failed.
Engine returned error : 3
 
Error: (10/10/2013 08:02:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 07:51:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 07:33:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/09/2013 07:37:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (10/14/2013 08:15:00 PM) (Source: DCOM) (User: )
Description: 1084defragsvc{D20A3293-3341-4AE8-9AAF-8E397CB63C34}
 
Error: (10/14/2013 08:14:58 PM) (Source: DCOM) (User: )
Description: 1084McNaiAnn{DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
 
Error: (10/14/2013 08:12:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (10/14/2013 08:12:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (10/14/2013 08:12:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (10/14/2013 08:12:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (10/14/2013 08:12:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (10/14/2013 08:12:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (10/14/2013 08:12:37 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (10/14/2013 08:12:37 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
 
Microsoft Office Sessions:
=========================
Error: (10/14/2013 08:11:56 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 10:21:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 09:52:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 09:26:33 PM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: 3
 
Error: (10/10/2013 09:24:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 09:24:04 PM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: 3
 
Error: (10/10/2013 08:02:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 07:51:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/10/2013 07:33:25 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/09/2013 07:37:26 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-10-10 22:17:26.261
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-10 22:12:48.817
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-10 21:21:06.263
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-10 21:15:25.578
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-10 19:49:17.967
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-10 07:31:10.763
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-09 20:17:55.524
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-09 20:17:55.336
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-09 20:17:55.165
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\McAfee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-10-08 21:14:27.663
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\wininet.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
3Dconnexion 3DxSoftware (Personal Edition) (Version: 3.3.6)
3Dconnexion 3DxWare (x64) (Version: 6.03.0003)
3Dconnexion Add-In for AutoCAD 2007 (Version: 4.1.1)
3Dconnexion Add-In for AutoCAD 2008 (Version: 4.1.1)
3Dconnexion Add-In for AutoCAD 2008 (x64) (Version: 4.1.1)
3Dconnexion Add-In for Inventor (Version: 1.2.3)
3Dconnexion Add-In for Solid Edge (Version: 2.11.3)
3Dconnexion Add-In for Solid Edge (x64) (Version: 2.11.3)
3Dconnexion Add-In for SolidWorks (Version: 2.10.6)
3Dconnexion Add-In for SolidWorks (x64) (Version: 2.10.6)
3Dconnexion Add-On for XSI (Version: 2.2.2)
3Dconnexion Add-On for XSI (x64) (Version: 2.2.2)
3Dconnexion Extension for SketchUp (Version: 2.0.3)
3Dconnexion Plug-In for 3ds max 6 - 8 (Version: 4.4.7)
3Dconnexion Plug-In for 3ds Max 9 (Version: 4.4.7)
3Dconnexion Plug-In for 3ds Max 9 (x64) (Version: 4.4.7)
3Dconnexion Plug-in for Acrobat 3D (Version: 1.0.5)
3Dconnexion Plug-In for Maya 6 (Version: 3.3.3)
3Dconnexion Plug-In for Maya 6.5 (Version: 3.3.3)
3Dconnexion Plug-In for Maya 7 (Version: 3.3.3)
3Dconnexion Plug-In for Maya 8 (Version: 3.3.3)
3Dconnexion Plug-In for Maya 8 (x64) (Version: 3.3.3)
3Dconnexion Plug-In for Maya 8.5 (Version: 3.4.1)
3Dconnexion Plug-In for Maya 8.5 (x64) (Version: 3.4.1)
3Dconnexion Plug-In for NX (Version: 2.2.0)
3Dconnexion Plug-In for NX (x64) (Version: 2.2.0)
3Dconnexion Plug-In for Photoshop CS2 (Version: 1.2.8)
3Dconnexion Plug-In for Photoshop CS3 (Version: 2.0.1)
3Dconnexion Plug-In for Pro/ENGINEER (Version: 1.2.9)
3Dconnexion Plug-In for Pro/ENGINEER (x64) (Version: 1.2.9)
3Dconnexion Plug-in for QuickTime VR (Version: 1.1.9)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Adobe AIR (Version: 3.1.0.4880)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge 1.0 (Version: 001.000.000)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Dreamweaver CS3 (Version: 9)
Adobe Dreamweaver CS3 (Version: 9.0)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.175)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Fonts All (Version: 1.0)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS2 (Version: 12.000.000)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Photoshop CS3 (Version: 10.0)
Adobe Reader X (10.1.3) MUI (Version: 10.1.3)
Adobe Setup (Version: 1.0)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe SVG Viewer 3.0 (Version:  3.0)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
AIO_Scan (Version: 130.0.365.000)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ATI AVIVO64 Codecs (Version: 11.6.0.10104)
ATI Catalyst Install Manager (Version: 3.0.808.0)
Audible Download Manager (Version: 6.6.0.15)
Autodesk SketchBookPro 2010 R1 (Version: 4.10.0000)
AVG SafeGuard toolbar (Version: 17.0.1.12)
Bing Bar (Version: 7.2.241.0)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
C4200 (Version: 130.0.365.000)
c4200_Help (Version: 82.0.210.000)
Catalina Savings Printer (Version: 1.0.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center InstallProxy (Version: 2011.0104.2155.39304)
Catalyst Control Center Localization All (Version: 2011.0104.2155.39304)
CCC Help Chinese Standard (Version: 2011.0104.2154.39304)
CCC Help Chinese Traditional (Version: 2011.0104.2154.39304)
CCC Help Czech (Version: 2011.0104.2154.39304)
CCC Help Danish (Version: 2011.0104.2154.39304)
CCC Help Dutch (Version: 2011.0104.2154.39304)
CCC Help English (Version: 2011.0104.2154.39304)
CCC Help Finnish (Version: 2011.0104.2154.39304)
CCC Help French (Version: 2011.0104.2154.39304)
CCC Help German (Version: 2011.0104.2154.39304)
CCC Help Greek (Version: 2011.0104.2154.39304)
CCC Help Hungarian (Version: 2011.0104.2154.39304)
CCC Help Italian (Version: 2011.0104.2154.39304)
CCC Help Japanese (Version: 2011.0104.2154.39304)
CCC Help Korean (Version: 2011.0104.2154.39304)
CCC Help Norwegian (Version: 2011.0104.2154.39304)
CCC Help Polish (Version: 2011.0104.2154.39304)
CCC Help Portuguese (Version: 2011.0104.2154.39304)
CCC Help Russian (Version: 2011.0104.2154.39304)
CCC Help Spanish (Version: 2011.0104.2154.39304)
CCC Help Swedish (Version: 2011.0104.2154.39304)
CCC Help Thai (Version: 2011.0104.2154.39304)
CCC Help Turkish (Version: 2011.0104.2154.39304)
ccc-core-static (Version: 2011.0104.2155.39304)
ccc-utility64 (Version: 2011.0104.2155.39304)
Consumer In-Home Service Agreement (Version: 2.0.0)
Copy (Version: 130.0.428.000)
Coupon Printer for Windows (Version: 5.0.0.2)
Coupons.com Toolbar (Version: 6.3.8.0)
Cozi (Version: 1.0.6505.38692)
CyberLink PowerDVD 9.5 (Version: 9.5.1.3426)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.60)
Dell DataSafe Local Backup (Version: 9.4.60)
Dell DataSafe Online (Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.5.201.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Stage (Version: 1.5.201.0)
Dell VideoStage  (Version: 1.2.0.1712)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DirectX 9 Runtime (Version: 1.00.0000)
DocProc (Version: 13.0.0.0)
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DW WLAN Card (Version: 5.60.48.35)
Garmin Communicator Plugin (Version: 3.0.1)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.4)
Google Chrome (Version: 30.0.1599.69)
GoToMeeting 4.8.0.723 (Version: 4.8.0.723)
GPBaseService2 (Version: 130.0.371.000)
HandBrake 0.9.9.1 (Version: 0.9.9.1)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart C4200 All-In-One Driver Software 13.0 Rel. 1 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
iCloud (Version: 3.0.2.163)
Intel® Rapid Storage Technology (Version: 10.0.0.1046)
iTunes (Version: 11.1.0.126)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 24 (64-bit) (Version: 6.0.240)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
LeapFrog Connect (Version: 4.2.9.15649)
LeapFrog My Pals Plugin (Version: 4.2.9.15649)
LeapFrog Tag Junior Plugin (Version: 4.2.9.15649)
LeapFrog Tag Plugin (Version: 4.2.9.15649)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 130.0.374.000)
McAfee AntiVirus Plus (Version: 11.6.511)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Mozilla Firefox 8.0.1 (x86 en-US) (Version: 8.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.7.915.93)
My Dell (Version: 3.4.6308.28)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PDF Creator
PDF Settings (Version: 1.0)
PhotoShowExpress (Version: 2.0.063)
PS_AIO_Software_min (Version: 130.0.365.000)
QuickTime (Version: 7.74.80.86)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
RunRev LiveCode Player Browser Plugin (Version: 9)
Scan (Version: 13.0.0.0)
Shared C Run-time for x64 (Version: 10.0.0)
Shop for HP Supplies (Version: 13.0)
Shutterfly Express Uploader (Version: 1.1.0)
Shutterfly Express Uploader (Version: 1.1.0.0)
Skype Toolbars (Version: 1.0.4051)
Skype™ 5.10 (Version: 5.10.116)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
Spybot - Search & Destroy (Version: 1.6.2)
Status (Version: 130.0.469.000)
TheBestSpinner
THX TruStudio PC (Version: 1.0)
Toolbox (Version: 130.0.648.000)
Tracker (Version: 2.2.3)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (Version: 4.2.9.15649)
WebReg (Version: 130.0.132.017)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (Version: 11/05/2008 1.1.1.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Workspace Desktop
 
========================= Devices: ================================
 
Name: Broadcom NetLink ™ Gigabit Ethernet
Description: Broadcom NetLink ™ Gigabit Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: k57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: McAfee Inc. mfehidk
Description: McAfee Inc. mfehidk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: mfehidk
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 10%
Total physical RAM: 8174.45 MB
Available physical RAM: 7284.8 MB
Total Pagefile: 16347.07 MB
Available Pagefile: 15457.67 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.14 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:918.22 GB) (Free:583.17 GB) NTFS
8 Drive l: (DAVIDS IPOD) (Removable) (Total:18.58 GB) (Free:0.18 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\
 
Administrator            Guest                    Kittle                   
 
 
**** End of log ****
 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.04.04.07
 
Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 10.0.9200.16686
Kittle :: KITTLE-PC [administrator]
 
10/14/2013 8:23:29 PM
mbam-log-2013-10-14 (20-23-29).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 214796
Time elapsed: 3 minute(s), 30 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 

Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org
 
Database version: v2013.10.02.12
 
Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 10.0.9200.16686
Kittle :: KITTLE-PC [administrator]
 
10/14/2013 8:28:44 PM
mbar-log-2013-10-14 (20-28-44).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 247390
Time elapsed: 14 minute(s), 27 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 2
Master Boot Record on Drive #0 (Rootkit.Harbinger.MBR) -> No action taken.
Physical Sector #1953524900 on Drive #0 (Forged physical sector) -> No action taken.
 
(end)
 

Rkill 2.6.1 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 10/14/2013 09:25:20 PM in x64 mode. (Safe Mode)
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * SMTMP folder detected. Please see this link for more information: http://www.bleepingcomputer.com/forums/topic405109.html
 
Checking Windows Service Integrity: 
 
 * Base Filtering Engine (BFE) is not Running.
   Startup Type set to: Automatic
 
 * DHCP Client (Dhcp) is not Running.
   Startup Type set to: Automatic
 
 * DNS Client (Dnscache) is not Running.
   Startup Type set to: Automatic
 
 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Automatic
 
 * Windows Firewall (MpsSvc) is not Running.
   Startup Type set to: Automatic
 
 * Network Connections (Netman) is not Running.
   Startup Type set to: Manual
 
 * Network Store Interface Service (nsi) is not Running.
   Startup Type set to: Automatic
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)
 
 * Ancillary Function Driver for Winsock (AFD) is not Running.
   Startup Type set to: System
 
 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual
 
 * NetBT (NetBT) is not Running.
   Startup Type set to: System
 
 * NSI proxy service driver. (nsiproxy) is not Running.
   Startup Type set to: System
 
 * NetIO Legacy TDI Support Driver (tdx) is not Running.
   Startup Type set to: System
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 10/14/2013 09:25:35 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)
 

 



#4 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:22 PM

Posted 15 October 2013 - 08:15 PM

Download TDSSKiller and save it to your desktop.

  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#5 dkittl20

dkittl20
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 16 October 2013 - 07:00 PM

18:40:38.0062 1532  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:40:38.0343 1532  ============================================================
18:40:38.0343 1532  Current date / time: 2013/10/16 18:40:38.0343
18:40:38.0343 1532  SystemInfo:
18:40:38.0343 1532 
18:40:38.0343 1532  OS Version: 6.1.7601 ServicePack: 1.0
18:40:38.0343 1532  Product type: Workstation
18:40:38.0343 1532  ComputerName: KITTLE-PC
18:40:38.0343 1532  UserName: Kittle
18:40:38.0343 1532  Windows directory: C:\Windows
18:40:38.0343 1532  System windows directory: C:\Windows
18:40:38.0343 1532  Running under WOW64
18:40:38.0343 1532  Processor architecture: Intel x64
18:40:38.0343 1532  Number of processors: 8
18:40:38.0343 1532  Page size: 0x1000
18:40:38.0343 1532  Boot type: Safe boot
18:40:38.0343 1532  ============================================================
18:40:38.0780 1532  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:40:38.0780 1532  Drive \Device\Harddisk6\DR6 - Size: 0x4A81BE000 (18.63 Gb), SectorSize: 0x200, Cylinders: 0x97F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:40:41.0167 1532  ============================================================
18:40:41.0167 1532  \Device\Harddisk0\DR0:
18:40:41.0167 1532  MBR partitions:
18:40:41.0167 1532  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A7F000
18:40:41.0167 1532  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A93000, BlocksNum 0x72C73000
18:40:41.0167 1532  \Device\Harddisk6\DR6:
18:40:41.0183 1532  MBR partitions:
18:40:41.0183 1532  \Device\Harddisk6\DR6\Partition1: MBR, Type 0xB, StartLBA 0x139C5, BlocksNum 0x252D42A
18:40:41.0183 1532  ============================================================
18:40:41.0198 1532  C: <-> \Device\Harddisk0\DR0\Partition2
18:40:41.0198 1532  ============================================================
18:40:41.0198 1532  Initialize success
18:40:41.0198 1532  ============================================================
18:40:52.0617 1616  ============================================================
18:40:52.0617 1616  Scan started
18:40:52.0617 1616  Mode: Manual;
18:40:52.0617 1616  ============================================================
18:40:52.0664 1616  ================ Scan system memory ========================
18:40:52.0664 1616  System memory - ok
18:40:52.0664 1616  ================ Scan services =============================
18:40:52.0820 1616  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:40:52.0820 1616  1394ohci - ok
18:40:52.0836 1616  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:40:52.0836 1616  ACPI - ok
18:40:52.0851 1616  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:40:52.0851 1616  AcpiPmi - ok
18:40:52.0914 1616  [ 85AE7A3A151A9A12A87E029DF3B1B3E3 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
18:40:52.0914 1616  Adobe LM Service - ok
18:40:53.0007 1616  [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:40:53.0007 1616  AdobeARMservice - ok
18:40:53.0132 1616  [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:40:53.0148 1616  AdobeFlashPlayerUpdateSvc - ok
18:40:53.0273 1616  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:40:53.0273 1616  adp94xx - ok
18:40:53.0288 1616  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:40:53.0304 1616  adpahci - ok
18:40:53.0319 1616  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:40:53.0319 1616  adpu320 - ok
18:40:53.0351 1616  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:40:53.0366 1616  AeLookupSvc - ok
18:40:53.0382 1616  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
18:40:53.0382 1616  AFD - ok
18:40:53.0382 1616  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:40:53.0382 1616  agp440 - ok
18:40:53.0382 1616  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
18:40:53.0397 1616  ALG - ok
18:40:53.0413 1616  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:40:53.0413 1616  aliide - ok
18:40:53.0475 1616  [ 11276158EEEEADF3EB154061BFC80A19 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:40:53.0475 1616  AMD External Events Utility - ok
18:40:53.0475 1616  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:40:53.0475 1616  amdide - ok
18:40:53.0475 1616  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:40:53.0475 1616  AmdK8 - ok
18:40:53.0585 1616  [ DF943A113060D3ABFDA4730AE4163D6F ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:40:53.0678 1616  amdkmdag - ok
18:40:53.0694 1616  [ 4003B34B4A83DE29CD1C88EB6C869E58 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:40:53.0694 1616  amdkmdap - ok
18:40:53.0709 1616  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:40:53.0709 1616  AmdPPM - ok
18:40:53.0709 1616  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:40:53.0709 1616  amdsata - ok
18:40:53.0709 1616  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:40:53.0709 1616  amdsbs - ok
18:40:53.0725 1616  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:40:53.0725 1616  amdxata - ok
18:40:53.0725 1616  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
18:40:53.0725 1616  AppID - ok
18:40:53.0756 1616  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:40:53.0756 1616  AppIDSvc - ok
18:40:53.0756 1616  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
18:40:53.0756 1616  Appinfo - ok
18:40:53.0865 1616  [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:40:53.0865 1616  Apple Mobile Device - ok
18:40:53.0865 1616  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
18:40:53.0865 1616  arc - ok
18:40:53.0865 1616  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:40:53.0865 1616  arcsas - ok
18:40:53.0959 1616  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:40:53.0975 1616  aspnet_state - ok
18:40:53.0990 1616  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:40:53.0990 1616  AsyncMac - ok
18:40:54.0021 1616  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
18:40:54.0021 1616  atapi - ok
18:40:54.0037 1616  [ 4BF5BCA6E2608CD8A00BC4A6673A9F47 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
18:40:54.0037 1616  AtiHDAudioService - ok
18:40:54.0099 1616  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:40:54.0115 1616  AudioEndpointBuilder - ok
18:40:54.0131 1616  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:40:54.0131 1616  AudioSrv - ok
18:40:54.0146 1616  [ A1F53D2A00E64679A1D81B61D2333D06 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
18:40:54.0146 1616  avgtp - ok
18:40:54.0146 1616  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:40:54.0146 1616  AxInstSV - ok
18:40:54.0177 1616  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:40:54.0177 1616  b06bdrv - ok
18:40:54.0193 1616  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:40:54.0193 1616  b57nd60a - ok
18:40:54.0302 1616  [ 369C1928C9BBED65C9E347448BD376B0 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe
18:40:54.0302 1616  BBSvc - ok
18:40:54.0318 1616  [ 54949AFAC5CE6FA2E4D7846D4362BAB3 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
18:40:54.0318 1616  BBUpdate - ok
18:40:54.0365 1616  [ 8B5D16D20774FC3727F44E161BE2C0AC ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
18:40:54.0396 1616  BCM43XX - ok
18:40:54.0427 1616  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:40:54.0427 1616  BDESVC - ok
18:40:54.0458 1616  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:40:54.0458 1616  Beep - ok
18:40:54.0474 1616  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
18:40:54.0489 1616  BFE - ok
18:40:54.0536 1616  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
18:40:54.0661 1616  BITS - ok
18:40:54.0677 1616  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:40:54.0677 1616  blbdrive - ok
18:40:54.0755 1616  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:40:54.0770 1616  Bonjour Service - ok
18:40:54.0770 1616  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:40:54.0770 1616  bowser - ok
18:40:54.0786 1616  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:40:54.0786 1616  BrFiltLo - ok
18:40:54.0786 1616  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:40:54.0786 1616  BrFiltUp - ok
18:40:54.0817 1616  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
18:40:54.0817 1616  Browser - ok
18:40:54.0833 1616  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:40:54.0833 1616  Brserid - ok
18:40:54.0848 1616  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:40:54.0848 1616  BrSerWdm - ok
18:40:54.0848 1616  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:40:54.0848 1616  BrUsbMdm - ok
18:40:54.0879 1616  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:40:54.0879 1616  BrUsbSer - ok
18:40:54.0879 1616  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:40:54.0879 1616  BTHMODEM - ok
18:40:54.0879 1616  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
18:40:54.0895 1616  bthserv - ok
18:40:54.0895 1616  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:40:54.0895 1616  cdfs - ok
18:40:54.0911 1616  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:40:54.0911 1616  cdrom - ok
18:40:54.0957 1616  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
18:40:54.0957 1616  CertPropSvc - ok
18:40:54.0973 1616  [ D2B3252AD4EB499C935A56467997AA3C ] cfwids          C:\Windows\system32\drivers\cfwids.sys
18:40:54.0973 1616  cfwids - ok
18:40:54.0973 1616  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
18:40:54.0973 1616  circlass - ok
18:40:55.0004 1616  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
18:40:55.0004 1616  CLFS - ok
18:40:55.0082 1616  [ 730BF325E4CC1E3935B81943AC6DA216 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
18:40:55.0082 1616  CLKMSVC10_9EC60124 - ok
18:40:55.0145 1616  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:40:55.0145 1616  clr_optimization_v2.0.50727_32 - ok
18:40:55.0160 1616  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:40:55.0176 1616  clr_optimization_v2.0.50727_64 - ok
18:40:55.0238 1616  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:40:55.0269 1616  clr_optimization_v4.0.30319_32 - ok
18:40:55.0316 1616  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:40:55.0347 1616  clr_optimization_v4.0.30319_64 - ok
18:40:55.0347 1616  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:40:55.0363 1616  CmBatt - ok
18:40:55.0379 1616  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:40:55.0379 1616  cmdide - ok
18:40:55.0379 1616  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
18:40:55.0379 1616  CNG - ok
18:40:55.0379 1616  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:40:55.0379 1616  Compbatt - ok
18:40:55.0394 1616  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:40:55.0394 1616  CompositeBus - ok
18:40:55.0410 1616  COMSysApp - ok
18:40:55.0425 1616  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:40:55.0425 1616  crcdisk - ok
18:40:55.0472 1616  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:40:55.0472 1616  CryptSvc - ok
18:40:55.0503 1616  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:40:55.0519 1616  DcomLaunch - ok
18:40:55.0566 1616  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
18:40:55.0566 1616  defragsvc - ok
18:40:55.0581 1616  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:40:55.0581 1616  DfsC - ok
18:40:55.0597 1616  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:40:55.0613 1616  Dhcp - ok
18:40:55.0613 1616  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
18:40:55.0613 1616  discache - ok
18:40:55.0628 1616  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
18:40:55.0628 1616  Disk - ok
18:40:55.0659 1616  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:40:55.0659 1616  Dnscache - ok
18:40:55.0659 1616  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:40:55.0659 1616  dot3svc - ok
18:40:55.0675 1616  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
18:40:55.0675 1616  Dot4 - ok
18:40:55.0691 1616  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:40:55.0691 1616  Dot4Print - ok
18:40:55.0706 1616  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
18:40:55.0706 1616  dot4usb - ok
18:40:55.0706 1616  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
18:40:55.0706 1616  DPS - ok
18:40:55.0722 1616  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:40:55.0722 1616  drmkaud - ok
18:40:55.0753 1616  [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:40:55.0769 1616  DXGKrnl - ok
18:40:55.0800 1616  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
18:40:55.0800 1616  EapHost - ok
18:40:55.0878 1616  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:40:55.0909 1616  ebdrv - ok
18:40:55.0956 1616  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
18:40:55.0956 1616  EFS - ok
18:40:56.0003 1616  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:40:56.0003 1616  ehRecvr - ok
18:40:56.0034 1616  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
18:40:56.0034 1616  ehSched - ok
18:40:56.0049 1616  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:40:56.0049 1616  elxstor - ok
18:40:56.0081 1616  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:40:56.0081 1616  ErrDev - ok
18:40:56.0127 1616  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
18:40:56.0127 1616  EventSystem - ok
18:40:56.0127 1616  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
18:40:56.0127 1616  exfat - ok
18:40:56.0127 1616  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:40:56.0127 1616  fastfat - ok
18:40:56.0174 1616  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
18:40:56.0174 1616  Fax - ok
18:40:56.0190 1616  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
18:40:56.0190 1616  fdc - ok
18:40:56.0205 1616  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:40:56.0205 1616  fdPHost - ok
18:40:56.0205 1616  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:40:56.0205 1616  FDResPub - ok
18:40:56.0330 1616  [ 49E2E2C62D1A8FDEA2DDFF1778190FE3 ] File Backup     C:\Program Files (x86)\Workspace\offSyncService.exe
18:40:56.0330 1616  File Backup - ok
18:40:56.0330 1616  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:40:56.0330 1616  FileInfo - ok
18:40:56.0346 1616  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:40:56.0346 1616  Filetrace - ok
18:40:56.0408 1616  [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:40:56.0408 1616  FLEXnet Licensing Service - ok
18:40:56.0408 1616  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:40:56.0408 1616  flpydisk - ok
18:40:56.0424 1616  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:40:56.0424 1616  FltMgr - ok
18:40:56.0439 1616  [ 6CD6BB45BD3E0EEF6CE496BF52854FF1 ] FlyUsb          C:\Windows\system32\DRIVERS\FlyUsb.sys
18:40:56.0439 1616  FlyUsb - ok
18:40:56.0486 1616  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
18:40:56.0486 1616  FontCache - ok
18:40:56.0533 1616  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:40:56.0533 1616  FontCache3.0.0.0 - ok
18:40:56.0549 1616  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:40:56.0549 1616  FsDepends - ok
18:40:56.0549 1616  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:40:56.0549 1616  Fs_Rec - ok
18:40:56.0549 1616  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:40:56.0549 1616  fvevol - ok
18:40:56.0564 1616  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:40:56.0564 1616  gagp30kx - ok
18:40:56.0564 1616  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:40:56.0564 1616  GEARAspiWDM - ok
18:40:56.0595 1616  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
18:40:56.0595 1616  gpsvc - ok
18:40:56.0611 1616  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:40:56.0627 1616  hcw85cir - ok
18:40:56.0627 1616  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:40:56.0642 1616  HDAudBus - ok
18:40:56.0642 1616  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:40:56.0642 1616  HidBatt - ok
18:40:56.0642 1616  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:40:56.0642 1616  HidBth - ok
18:40:56.0642 1616  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:40:56.0658 1616  HidIr - ok
18:40:56.0658 1616  [ 949900BBF7015CCD877D20DB6C2628BE ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
18:40:56.0658 1616  hidkmdf - ok
18:40:56.0673 1616  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
18:40:56.0673 1616  hidserv - ok
18:40:56.0705 1616  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:40:56.0705 1616  HidUsb - ok
18:40:56.0736 1616  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:40:56.0736 1616  hkmsvc - ok
18:40:56.0736 1616  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:40:56.0736 1616  HomeGroupListener - ok
18:40:56.0767 1616  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:40:56.0783 1616  HomeGroupProvider - ok
18:40:56.0939 1616  [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
18:40:56.0954 1616  hpqcxs08 - ok
18:40:56.0954 1616  [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
18:40:56.0954 1616  hpqddsvc - ok
18:40:56.0954 1616  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:40:56.0954 1616  HpSAMD - ok
18:40:56.0985 1616  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:40:56.0985 1616  HTTP - ok
18:40:56.0985 1616  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:40:56.0985 1616  hwpolicy - ok
18:40:57.0001 1616  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:40:57.0017 1616  i8042prt - ok
18:40:57.0032 1616  [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor          C:\Windows\system32\drivers\iaStor.sys
18:40:57.0032 1616  iaStor - ok
18:40:57.0095 1616  [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:40:57.0095 1616  IAStorDataMgrSvc - ok
18:40:57.0095 1616  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:40:57.0095 1616  iaStorV - ok
18:40:57.0157 1616  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:40:57.0157 1616  idsvc - ok
18:40:57.0157 1616  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:40:57.0157 1616  iirsp - ok
18:40:57.0219 1616  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:40:57.0219 1616  IKEEXT - ok
18:40:57.0266 1616  [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd           C:\Windows\system32\drivers\Impcd.sys
18:40:57.0266 1616  Impcd - ok
18:40:57.0313 1616  [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:40:57.0344 1616  IntcAzAudAddService - ok
18:40:57.0344 1616  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:40:57.0344 1616  IntcDAud - ok
18:40:57.0360 1616  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
18:40:57.0360 1616  intelide - ok
18:40:57.0360 1616  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:40:57.0360 1616  intelppm - ok
18:40:57.0391 1616  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:40:57.0391 1616  IPBusEnum - ok
18:40:57.0391 1616  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:40:57.0391 1616  IpFilterDriver - ok
18:40:57.0407 1616  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:40:57.0407 1616  iphlpsvc - ok
18:40:57.0407 1616  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:40:57.0407 1616  IPMIDRV - ok
18:40:57.0407 1616  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:40:57.0407 1616  IPNAT - ok
18:40:57.0500 1616  [ 71F993192EB04B2C4C80F2DEE9119229 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:40:57.0500 1616  iPod Service - ok
18:40:57.0516 1616  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:40:57.0516 1616  IRENUM - ok
18:40:57.0516 1616  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:40:57.0516 1616  isapnp - ok
18:40:57.0531 1616  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:40:57.0531 1616  iScsiPrt - ok
18:40:57.0547 1616  [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
18:40:57.0547 1616  k57nd60a - ok
18:40:57.0563 1616  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:40:57.0563 1616  kbdclass - ok
18:40:57.0563 1616  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:40:57.0563 1616  kbdhid - ok
18:40:57.0578 1616  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
18:40:57.0578 1616  KeyIso - ok
18:40:57.0578 1616  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:40:57.0578 1616  KSecDD - ok
18:40:57.0578 1616  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:40:57.0578 1616  KSecPkg - ok
18:40:57.0578 1616  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:40:57.0578 1616  ksthunk - ok
18:40:57.0625 1616  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:40:57.0625 1616  KtmRm - ok
18:40:57.0672 1616  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:40:57.0687 1616  LanmanServer - ok
18:40:57.0719 1616  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:40:57.0734 1616  LanmanWorkstation - ok
18:40:57.0890 1616  [ 32F1B95C60042F3D95FC8AB43559B3B1 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
18:40:57.0984 1616  LeapFrog Connect Device Service - ok
18:40:57.0999 1616  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:40:57.0999 1616  lltdio - ok
18:40:58.0031 1616  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:40:58.0031 1616  lltdsvc - ok
18:40:58.0046 1616  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:40:58.0046 1616  lmhosts - ok
18:40:58.0062 1616  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:40:58.0062 1616  LSI_FC - ok
18:40:58.0062 1616  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:40:58.0062 1616  LSI_SAS - ok
18:40:58.0077 1616  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:40:58.0077 1616  LSI_SAS2 - ok
18:40:58.0077 1616  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:40:58.0077 1616  LSI_SCSI - ok
18:40:58.0077 1616  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
18:40:58.0077 1616  luafv - ok
18:40:58.0093 1616  [ C63BF488680F88B6A1D83302AA0ACD0E ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
18:40:58.0109 1616  mbamchameleon - ok
18:40:58.0171 1616  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:40:58.0187 1616  MBAMScheduler - ok
18:40:58.0202 1616  [ 34398CB1F8A152F5E9EE4394BC8ED75F ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:40:58.0218 1616  MBAMSwissArmy - ok
18:40:58.0311 1616  [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:40:58.0311 1616  mcmscsvc - ok
18:40:58.0311 1616  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:40:58.0311 1616  McNaiAnn - ok
18:40:58.0327 1616  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:40:58.0327 1616  McNASvc - ok
18:40:58.0389 1616  [ 5D57D4B57CCC07450F97C4E929D0483F ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
18:40:58.0389 1616  McODS - ok
18:40:58.0405 1616  [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
18:40:58.0405 1616  McProxy - ok
18:40:58.0436 1616  [ 21F81090A00932C5E96700EDF2977582 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
18:40:58.0436 1616  McShield - ok
18:40:58.0467 1616  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:40:58.0483 1616  Mcx2Svc - ok
18:40:58.0499 1616  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:40:58.0499 1616  megasas - ok
18:40:58.0499 1616  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:40:58.0499 1616  MegaSR - ok
18:40:58.0514 1616  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:40:58.0514 1616  MEIx64 - ok
18:40:58.0530 1616  [ B1720E97FABBDF7D30B36DAF19C3DEE8 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
18:40:58.0530 1616  mfeapfk - ok
18:40:58.0530 1616  [ 113F1534B80D65DFDCA660F19967A3B7 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
18:40:58.0530 1616  mfeavfk - ok
18:40:58.0577 1616  [ C4F521310E40327BBC8E8E71DA344F48 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:40:58.0577 1616  mfefire - ok
18:40:58.0608 1616  [ CECC9841D036EE008091825272D91331 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
18:40:58.0608 1616  mfefirek - ok
18:40:58.0623 1616  [ EF0F85EDBDF6C0AB467E88E0CEE2B346 ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
18:40:58.0623 1616  mfehidk - ok
18:40:58.0623 1616  [ 6E3A46BF6CBB80450CC24F80FE03ED5A ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
18:40:58.0623 1616  mferkdet - ok
18:40:58.0655 1616  [ 341BFCAA3A55C08E8C9ECB1654ACA905 ] mfevtp          C:\Windows\system32\mfevtps.exe
18:40:58.0655 1616  mfevtp - ok
18:40:58.0670 1616  [ 2802D09F1B6ED502237539563F3C4992 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
18:40:58.0686 1616  mfewfpk - ok
18:40:58.0717 1616  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
18:40:58.0717 1616  MMCSS - ok
18:40:58.0717 1616  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
18:40:58.0717 1616  Modem - ok
18:40:58.0733 1616  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:40:58.0733 1616  monitor - ok
18:40:58.0733 1616  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:40:58.0733 1616  mouclass - ok
18:40:58.0748 1616  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:40:58.0748 1616  mouhid - ok
18:40:58.0748 1616  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:40:58.0748 1616  mountmgr - ok
18:40:58.0748 1616  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:40:58.0764 1616  mpio - ok
18:40:58.0764 1616  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:40:58.0764 1616  mpsdrv - ok
18:40:58.0779 1616  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:40:58.0779 1616  MpsSvc - ok
18:40:58.0779 1616  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:40:58.0779 1616  MRxDAV - ok
18:40:58.0795 1616  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:40:58.0795 1616  mrxsmb - ok
18:40:58.0795 1616  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:40:58.0795 1616  mrxsmb10 - ok
18:40:58.0811 1616  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:40:58.0811 1616  mrxsmb20 - ok
18:40:58.0811 1616  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:40:58.0811 1616  msahci - ok
18:40:58.0811 1616  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:40:58.0811 1616  msdsm - ok
18:40:58.0826 1616  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
18:40:58.0826 1616  MSDTC - ok
18:40:58.0826 1616  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:40:58.0826 1616  Msfs - ok
18:40:58.0842 1616  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:40:58.0842 1616  mshidkmdf - ok
18:40:58.0857 1616  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:40:58.0857 1616  msisadrv - ok
18:40:58.0889 1616  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:40:58.0889 1616  MSiSCSI - ok
18:40:58.0889 1616  msiserver - ok
18:40:58.0935 1616  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:40:58.0935 1616  MSKSSRV - ok
18:40:58.0935 1616  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:40:58.0935 1616  MSPCLOCK - ok
18:40:58.0951 1616  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:40:58.0951 1616  MSPQM - ok
18:40:58.0967 1616  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:40:58.0967 1616  MsRPC - ok
18:40:58.0982 1616  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:40:58.0982 1616  mssmbios - ok
18:40:58.0998 1616  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:40:58.0998 1616  MSTEE - ok
18:40:58.0998 1616  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:40:58.0998 1616  MTConfig - ok
18:40:58.0998 1616  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:40:58.0998 1616  Mup - ok
18:40:59.0045 1616  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
18:40:59.0045 1616  napagent - ok
18:40:59.0060 1616  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:40:59.0060 1616  NativeWifiP - ok
18:40:59.0091 1616  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:40:59.0091 1616  NDIS - ok
18:40:59.0091 1616  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:40:59.0091 1616  NdisCap - ok
18:40:59.0107 1616  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:40:59.0107 1616  NdisTapi - ok
18:40:59.0107 1616  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:40:59.0107 1616  Ndisuio - ok
18:40:59.0107 1616  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:40:59.0107 1616  NdisWan - ok
18:40:59.0123 1616  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:40:59.0123 1616  NDProxy - ok
18:40:59.0154 1616  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:40:59.0154 1616  Net Driver HPZ12 - ok
18:40:59.0154 1616  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:40:59.0169 1616  NetBIOS - ok
18:40:59.0185 1616  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:40:59.0185 1616  NetBT - ok
18:40:59.0185 1616  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
18:40:59.0185 1616  Netlogon - ok
18:40:59.0232 1616  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
18:40:59.0232 1616  Netman - ok
18:40:59.0294 1616  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:59.0310 1616  NetMsmqActivator - ok
18:40:59.0310 1616  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:59.0310 1616  NetPipeActivator - ok
18:40:59.0341 1616  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
18:40:59.0341 1616  netprofm - ok
18:40:59.0341 1616  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:59.0341 1616  NetTcpActivator - ok
18:40:59.0341 1616  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:40:59.0341 1616  NetTcpPortSharing - ok
18:40:59.0341 1616  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:40:59.0341 1616  nfrd960 - ok
18:40:59.0357 1616  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:40:59.0357 1616  NlaSvc - ok
18:40:59.0450 1616  [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
18:40:59.0481 1616  NOBU - ok
18:40:59.0481 1616  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:40:59.0481 1616  Npfs - ok
18:40:59.0497 1616  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
18:40:59.0497 1616  nsi - ok
18:40:59.0497 1616  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:40:59.0497 1616  nsiproxy - ok
18:40:59.0528 1616  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:40:59.0544 1616  Ntfs - ok
18:40:59.0575 1616  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
18:40:59.0575 1616  Null - ok
18:40:59.0591 1616  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:40:59.0591 1616  nvraid - ok
18:40:59.0591 1616  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:40:59.0591 1616  nvstor - ok
18:40:59.0591 1616  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:40:59.0606 1616  nv_agp - ok
18:40:59.0606 1616  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:40:59.0606 1616  ohci1394 - ok
18:40:59.0653 1616  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:40:59.0669 1616  ose - ok
18:40:59.0793 1616  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:40:59.0856 1616  osppsvc - ok
18:40:59.0871 1616  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:40:59.0871 1616  p2pimsvc - ok
18:40:59.0887 1616  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:40:59.0887 1616  p2psvc - ok
18:40:59.0903 1616  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
18:40:59.0903 1616  Parport - ok
18:40:59.0903 1616  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:40:59.0903 1616  partmgr - ok
18:40:59.0903 1616  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:40:59.0903 1616  PcaSvc - ok
18:40:59.0996 1616  [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{D3412D80-CF3B4A27-06020200}_0 c:\program files\my dell\pcdsrvc_x64.pkms
18:41:00.0090 1616  PCDSRVC{D3412D80-CF3B4A27-06020200}_0 - ok
18:41:00.0105 1616  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
18:41:00.0105 1616  pci - ok
18:41:00.0105 1616  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
18:41:00.0105 1616  pciide - ok
18:41:00.0105 1616  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:41:00.0121 1616  pcmcia - ok
18:41:00.0121 1616  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:41:00.0121 1616  pcw - ok
18:41:00.0121 1616  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:41:00.0121 1616  PEAUTH - ok
18:41:00.0215 1616  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:41:00.0324 1616  PerfHost - ok
18:41:00.0417 1616  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
18:41:00.0417 1616  pla - ok
18:41:00.0464 1616  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:41:00.0464 1616  PlugPlay - ok
18:41:00.0527 1616  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:41:00.0527 1616  Pml Driver HPZ12 - ok
18:41:00.0527 1616  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:41:00.0542 1616  PNRPAutoReg - ok
18:41:00.0542 1616  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:41:00.0542 1616  PNRPsvc - ok
18:41:00.0573 1616  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:41:00.0589 1616  PolicyAgent - ok
18:41:00.0589 1616  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
18:41:00.0589 1616  Power - ok
18:41:00.0620 1616  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:41:00.0620 1616  PptpMiniport - ok
18:41:00.0620 1616  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
18:41:00.0620 1616  Processor - ok
18:41:00.0651 1616  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:41:00.0651 1616  ProfSvc - ok
18:41:00.0667 1616  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:41:00.0667 1616  ProtectedStorage - ok
18:41:00.0698 1616  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:41:00.0698 1616  Psched - ok
18:41:00.0698 1616  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
18:41:00.0698 1616  PxHlpa64 - ok
18:41:00.0729 1616  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:41:00.0745 1616  ql2300 - ok
18:41:00.0745 1616  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:41:00.0745 1616  ql40xx - ok
18:41:00.0776 1616  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
18:41:00.0776 1616  QWAVE - ok
18:41:00.0792 1616  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:41:00.0792 1616  QWAVEdrv - ok
18:41:00.0792 1616  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:41:00.0792 1616  RasAcd - ok
18:41:00.0823 1616  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:41:00.0823 1616  RasAgileVpn - ok
18:41:00.0823 1616  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
18:41:00.0823 1616  RasAuto - ok
18:41:00.0823 1616  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:41:00.0823 1616  Rasl2tp - ok
18:41:00.0854 1616  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
18:41:00.0854 1616  RasMan - ok
18:41:00.0854 1616  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:41:00.0854 1616  RasPppoe - ok
18:41:00.0854 1616  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:41:00.0854 1616  RasSstp - ok
18:41:00.0870 1616  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:41:00.0870 1616  rdbss - ok
18:41:00.0870 1616  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
18:41:00.0870 1616  rdpbus - ok
18:41:00.0870 1616  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:41:00.0885 1616  RDPCDD - ok
18:41:00.0885 1616  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:41:00.0885 1616  RDPENCDD - ok
18:41:00.0885 1616  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:41:00.0885 1616  RDPREFMP - ok
18:41:00.0901 1616  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:41:00.0901 1616  RDPWD - ok
18:41:00.0901 1616  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:41:00.0901 1616  rdyboost - ok
18:41:00.0932 1616  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:41:00.0932 1616  RemoteAccess - ok
18:41:00.0948 1616  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:41:00.0948 1616  RemoteRegistry - ok
18:41:01.0057 1616  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
18:41:01.0073 1616  RoxMediaDB12OEM - ok
18:41:01.0088 1616  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
18:41:01.0088 1616  RoxWatch12 - ok
18:41:01.0119 1616  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:41:01.0119 1616  RpcEptMapper - ok
18:41:01.0151 1616  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
18:41:01.0151 1616  RpcLocator - ok
18:41:01.0166 1616  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
18:41:01.0166 1616  RpcSs - ok
18:41:01.0182 1616  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:41:01.0182 1616  rspndr - ok
18:41:01.0182 1616  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
18:41:01.0182 1616  SamSs - ok
18:41:01.0182 1616  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:41:01.0182 1616  sbp2port - ok
18:41:01.0275 1616  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
18:41:01.0275 1616  SBSDWSCService - ok
18:41:01.0307 1616  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:41:01.0307 1616  SCardSvr - ok
18:41:01.0322 1616  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:41:01.0322 1616  scfilter - ok
18:41:01.0322 1616  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
18:41:01.0338 1616  Schedule - ok
18:41:01.0369 1616  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:41:01.0369 1616  SCPolicySvc - ok
18:41:01.0369 1616  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:41:01.0369 1616  SDRSVC - ok
18:41:01.0385 1616  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:41:01.0385 1616  secdrv - ok
18:41:01.0385 1616  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
18:41:01.0385 1616  seclogon - ok
18:41:01.0400 1616  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
18:41:01.0400 1616  SENS - ok
18:41:01.0416 1616  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:41:01.0416 1616  SensrSvc - ok
18:41:01.0416 1616  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:41:01.0416 1616  Serenum - ok
18:41:01.0431 1616  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
18:41:01.0447 1616  Serial - ok
18:41:01.0447 1616  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:41:01.0447 1616  sermouse - ok
18:41:01.0447 1616  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:41:01.0447 1616  SessionEnv - ok
18:41:01.0447 1616  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:41:01.0447 1616  sffdisk - ok
18:41:01.0463 1616  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:41:01.0463 1616  sffp_mmc - ok
18:41:01.0463 1616  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:41:01.0463 1616  sffp_sd - ok
18:41:01.0463 1616  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:41:01.0463 1616  sfloppy - ok
18:41:01.0556 1616  [ 74EC60E20516AAA573BE74F31175270F ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
18:41:01.0572 1616  SftService - ok
18:41:01.0619 1616  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:41:01.0619 1616  SharedAccess - ok
18:41:01.0650 1616  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:41:01.0650 1616  ShellHWDetection - ok
18:41:01.0665 1616  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:41:01.0665 1616  SiSRaid2 - ok
18:41:01.0665 1616  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:41:01.0665 1616  SiSRaid4 - ok
18:41:01.0743 1616  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:41:01.0743 1616  SkypeUpdate - ok
18:41:01.0759 1616  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:41:01.0759 1616  Smb - ok
18:41:01.0790 1616  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:41:01.0790 1616  SNMPTRAP - ok
18:41:01.0790 1616  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:41:01.0790 1616  spldr - ok
18:41:01.0837 1616  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
18:41:01.0837 1616  Spooler - ok
18:41:01.0899 1616  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
18:41:01.0946 1616  sppsvc - ok
18:41:01.0946 1616  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:41:01.0946 1616  sppuinotify - ok
18:41:01.0946 1616  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:41:01.0962 1616  srv - ok
18:41:01.0962 1616  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:41:01.0977 1616  srv2 - ok
18:41:01.0977 1616  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:41:01.0977 1616  srvnet - ok
18:41:01.0993 1616  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:41:01.0993 1616  SSDPSRV - ok
18:41:01.0993 1616  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:41:01.0993 1616  SstpSvc - ok
18:41:01.0993 1616  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:41:02.0009 1616  stexstor - ok
18:41:02.0055 1616  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
18:41:02.0055 1616  stisvc - ok
18:41:02.0102 1616  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
18:41:02.0102 1616  stllssvr - ok
18:41:02.0102 1616  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:41:02.0102 1616  swenum - ok
18:41:02.0118 1616  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
18:41:02.0133 1616  swprv - ok
18:41:02.0165 1616  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
18:41:02.0180 1616  SysMain - ok
18:41:02.0180 1616  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:41:02.0180 1616  TabletInputService - ok
18:41:02.0180 1616  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:41:02.0180 1616  TapiSrv - ok
18:41:02.0211 1616  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
18:41:02.0211 1616  TBS - ok
18:41:02.0243 1616  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:41:02.0258 1616  Tcpip - ok
18:41:02.0289 1616  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:41:02.0289 1616  TCPIP6 - ok
18:41:02.0305 1616  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:41:02.0305 1616  tcpipreg - ok
18:41:02.0336 1616  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:41:02.0336 1616  TDPIPE - ok
18:41:02.0367 1616  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:41:02.0367 1616  TDTCP - ok
18:41:02.0367 1616  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:41:02.0367 1616  tdx - ok
18:41:02.0367 1616  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:41:02.0367 1616  TermDD - ok
18:41:02.0383 1616  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
18:41:02.0399 1616  TermService - ok
18:41:02.0414 1616  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
18:41:02.0414 1616  Themes - ok
18:41:02.0445 1616  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:41:02.0445 1616  THREADORDER - ok
18:41:02.0461 1616  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
18:41:02.0461 1616  TrkWks - ok
18:41:02.0508 1616  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:41:02.0508 1616  TrustedInstaller - ok
18:41:02.0508 1616  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:41:02.0523 1616  tssecsrv - ok
18:41:02.0523 1616  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:41:02.0523 1616  TsUsbFlt - ok
18:41:02.0523 1616  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:41:02.0539 1616  TsUsbGD - ok
18:41:02.0555 1616  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:41:02.0555 1616  tunnel - ok
18:41:02.0570 1616  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:41:02.0570 1616  uagp35 - ok
18:41:02.0570 1616  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:41:02.0570 1616  udfs - ok
18:41:02.0586 1616  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:41:02.0586 1616  UI0Detect - ok
18:41:02.0617 1616  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:41:02.0617 1616  uliagpkx - ok
18:41:02.0617 1616  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:41:02.0633 1616  umbus - ok
18:41:02.0648 1616  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:41:02.0648 1616  UmPass - ok
18:41:02.0664 1616  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
18:41:02.0679 1616  upnphost - ok
18:41:02.0695 1616  [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
18:41:02.0695 1616  USBAAPL64 - ok
18:41:02.0711 1616  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:41:02.0711 1616  usbaudio - ok
18:41:02.0726 1616  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:41:02.0726 1616  usbccgp - ok
18:41:02.0773 1616  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:41:02.0773 1616  usbcir - ok
18:41:02.0773 1616  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:41:02.0773 1616  usbehci - ok
18:41:02.0773 1616  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:41:02.0773 1616  usbhub - ok
18:41:02.0789 1616  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:41:02.0789 1616  usbohci - ok
18:41:02.0820 1616  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:41:02.0820 1616  usbprint - ok
18:41:02.0820 1616  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:41:02.0820 1616  usbscan - ok
18:41:02.0820 1616  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:41:02.0820 1616  USBSTOR - ok
18:41:02.0835 1616  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:41:02.0835 1616  usbuhci - ok
18:41:02.0851 1616  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:41:02.0851 1616  usbvideo - ok
18:41:02.0867 1616  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
18:41:02.0867 1616  UxSms - ok
18:41:02.0882 1616  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
18:41:02.0882 1616  VaultSvc - ok
18:41:02.0882 1616  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:41:02.0882 1616  vdrvroot - ok
18:41:02.0898 1616  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
18:41:02.0898 1616  vds - ok
18:41:02.0913 1616  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:41:02.0913 1616  vga - ok
18:41:02.0913 1616  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:41:02.0913 1616  VgaSave - ok
18:41:02.0929 1616  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:41:02.0929 1616  vhdmp - ok
18:41:02.0945 1616  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:41:02.0960 1616  viaide - ok
18:41:02.0960 1616  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:41:02.0960 1616  volmgr - ok
18:41:02.0960 1616  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:41:02.0960 1616  volmgrx - ok
18:41:02.0960 1616  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:41:02.0976 1616  volsnap - ok
18:41:02.0991 1616  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:41:02.0991 1616  vsmraid - ok
18:41:03.0023 1616  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
18:41:03.0023 1616  VSS - ok
18:41:03.0147 1616  [ F3A704ECA8D2A9234FEC0CDE9EC1D4A4 ] vToolbarUpdater17.0.12 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
18:41:03.0163 1616  vToolbarUpdater17.0.12 - ok
18:41:03.0179 1616  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:41:03.0179 1616  vwifibus - ok
18:41:03.0210 1616  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:41:03.0210 1616  vwififlt - ok
18:41:03.0210 1616  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
18:41:03.0210 1616  W32Time - ok
18:41:03.0210 1616  WacHidRouter - ok
18:41:03.0225 1616  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:41:03.0225 1616  WacomPen - ok
18:41:03.0241 1616  wacomrouterfilter - ok
18:41:03.0257 1616  wacomvhid - ok
18:41:03.0257 1616  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:41:03.0257 1616  WANARP - ok
18:41:03.0257 1616  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:41:03.0257 1616  Wanarpv6 - ok
18:41:03.0303 1616  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:41:03.0303 1616  WatAdminSvc - ok
18:41:03.0335 1616  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
18:41:03.0350 1616  wbengine - ok
18:41:03.0350 1616  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:41:03.0350 1616  WbioSrvc - ok
18:41:03.0350 1616  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:41:03.0350 1616  wcncsvc - ok
18:41:03.0366 1616  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:41:03.0366 1616  WcsPlugInService - ok
18:41:03.0366 1616  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
18:41:03.0366 1616  Wd - ok
18:41:03.0381 1616  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
18:41:03.0381 1616  WDC_SAM - ok
18:41:03.0413 1616  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:41:03.0413 1616  Wdf01000 - ok
18:41:03.0428 1616  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:41:03.0428 1616  WdiServiceHost - ok
18:41:03.0428 1616  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:41:03.0428 1616  WdiSystemHost - ok
18:41:03.0444 1616  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
18:41:03.0444 1616  WebClient - ok
18:41:03.0459 1616  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:41:03.0459 1616  Wecsvc - ok
18:41:03.0459 1616  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:41:03.0459 1616  wercplsupport - ok
18:41:03.0475 1616  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:41:03.0475 1616  WerSvc - ok
18:41:03.0475 1616  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:41:03.0475 1616  WfpLwf - ok
18:41:03.0491 1616  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
18:41:03.0491 1616  WimFltr - ok
18:41:03.0506 1616  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:41:03.0506 1616  WIMMount - ok
18:41:03.0522 1616  WinDefend - ok
18:41:03.0522 1616  WinHttpAutoProxySvc - ok
18:41:03.0569 1616  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:41:03.0584 1616  Winmgmt - ok
18:41:03.0631 1616  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:41:03.0662 1616  WinRM - ok
18:41:03.0693 1616  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:41:03.0693 1616  WinUsb - ok
18:41:03.0740 1616  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:41:03.0740 1616  Wlansvc - ok
18:41:03.0803 1616  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:41:03.0803 1616  wlcrasvc - ok
18:41:03.0865 1616  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:41:03.0896 1616  wlidsvc - ok
18:41:03.0927 1616  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:41:03.0927 1616  WmiAcpi - ok
18:41:03.0943 1616  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:41:03.0959 1616  wmiApSrv - ok
18:41:03.0959 1616  WMPNetworkSvc - ok
18:41:03.0974 1616  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:41:03.0974 1616  WPCSvc - ok
18:41:03.0990 1616  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:41:03.0990 1616  WPDBusEnum - ok
18:41:03.0990 1616  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:41:03.0990 1616  ws2ifsl - ok
18:41:04.0005 1616  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
18:41:04.0005 1616  wscsvc - ok
18:41:04.0005 1616  WSearch - ok
18:41:04.0052 1616  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:41:04.0083 1616  wuauserv - ok
18:41:04.0083 1616  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:41:04.0083 1616  WudfPf - ok
18:41:04.0099 1616  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:41:04.0099 1616  WUDFRd - ok
18:41:04.0099 1616  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:41:04.0115 1616  wudfsvc - ok
18:41:04.0115 1616  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:41:04.0130 1616  WwanSvc - ok
18:41:04.0130 1616  ================ Scan global ===============================
18:41:04.0161 1616  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:41:04.0193 1616  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
18:41:04.0208 1616  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
18:41:04.0239 1616  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:41:04.0286 1616  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:41:04.0286 1616  [Global] - ok
18:41:04.0286 1616  ================ Scan MBR ==================================
18:41:04.0302 1616  [ 9711BF5A8929C6DBE3455A72C790BEF0 ] \Device\Harddisk0\DR0
18:41:04.0302 1616  Suspicious mbr (Forged): \Device\Harddisk0\DR0
18:41:04.0349 1616  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
18:41:04.0349 1616  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
18:41:04.0629 1616  [ 97A29187633EEFB0DFC1E04AFF859F9D ] \Device\Harddisk6\DR6
18:41:13.0007 1616  \Device\Harddisk6\DR6 - ok
18:41:13.0007 1616  ================ Scan VBR ==================================
18:41:13.0007 1616  [ B6C12378244A371B58B118215441C55D ] \Device\Harddisk0\DR0\Partition1
18:41:13.0007 1616  \Device\Harddisk0\DR0\Partition1 - ok
18:41:13.0007 1616  [ BD7597085B5EE9FD02E2C74A10B729B4 ] \Device\Harddisk0\DR0\Partition2
18:41:13.0007 1616  \Device\Harddisk0\DR0\Partition2 - ok
18:41:13.0022 1616  [ 9908F1C680B153AD8E5C6075D1D69601 ] \Device\Harddisk6\DR6\Partition1
18:41:13.0022 1616  \Device\Harddisk6\DR6\Partition1 - ok
18:41:13.0022 1616  ============================================================
18:41:13.0022 1616  Scan finished
18:41:13.0022 1616  ============================================================
18:41:13.0022 1592  Detected object count: 1
18:41:13.0022 1592  Actual detected object count: 1
18:43:27.0432 1592  \Device\Harddisk0\DR0\# - copied to quarantine
18:43:27.0432 1592  \Device\Harddisk0\DR0 - copied to quarantine
18:43:27.0510 1592  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot
18:43:27.0510 1592  \Device\Harddisk0\DR0 - ok
18:43:27.0557 1592  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Cure
18:43:30.0240 1412  Deinitialize success
 



#6 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:22 PM

Posted 16 October 2013 - 07:07 PM

Good :)

 

Please re-run MBAR one more time and post new log.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#7 dkittl20

dkittl20
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 16 October 2013 - 09:56 PM

Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org

Database version: v2013.10.16.14

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Kittle :: KITTLE-PC [administrator]

10/16/2013 8:33:43 PM
mbar-log-2013-10-16 (20-33-43).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 251430
Time elapsed: 1 hour(s), 41 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)



#8 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:22 PM

Posted 16 October 2013 - 10:01 PM

Looks good.

 

How is computer doing?

 

p22002970.gif Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
Double click on TFC.exe to run the program.
Click on Start button to begin cleaning process.
TFC will close all running programs, and it may ask you to restart computer.

=============================================================================

p22002970.gif Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


=============================================================================

p22002970.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.


=======================================

p22002970.gif Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    NOTE. If Eset doesn't find any threats it'll NOT produce any log.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#9 dkittl20

dkittl20
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 18 October 2013 - 06:29 AM

Seems to be working as normal :thumbup2:

 

below are the requested logs:

 

# AdwCleaner v3.008 - Report created 17/10/2013 at 19:42:35
# Updated 17/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Kittle - KITTLE-PC
# Running from : C:\Users\Kittle\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\Kittle\AppData\Roaming\Mozilla\Firefox\Profiles\dkd2srzm.default\searchplugins\funmoods.xml
File Found : C:\Users\Kittle\AppData\Roaming\Mozilla\Firefox\Profiles\dkd2srzm.default\user.js
File Found : C:\Windows\System32\Tasks\Funmoods
Folder Found : C:\Users\Kittle\AppData\Roaming\Mozilla\Firefox\Profiles\dkd2srzm.default\Extensions\{37153479-1976-43c3-a1ee-557513977b64}
Folder Found : C:\Users\Kittle\AppData\Roaming\Mozilla\Firefox\Profiles\dkd2srzm.default\Extensions\ffxtlbr@funmoods.com
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Users\Kittle\AppData\LocalLow\Conduit
Folder Found C:\Users\Kittle\AppData\Roaming\Funmoods
Folder Found C:\Users\Kittle\AppData\Roaming\Mozilla\Firefox\Profiles\dkd2srzm.default\ConduitCommon
Folder Found C:\Users\Kittle\AppData\Roaming\Mozilla\Firefox\Profiles\dkd2srzm.default\CT2559647

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Key Found : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Key Found : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : HKLM\SOFTWARE\Classes\speedupmypc
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2559647
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\Software\Uniblue\DriverScanner
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Starfield Updater]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Mozilla Firefox v8.0.1 (en-US)

[ File : C:\Users\Kittle\AppData\Roaming\Mozilla\Firefox\Profiles\dkd2srzm.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Kittle\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [7945 octets] - [17/10/2013 19:42:35]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [8005 octets] ##########

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by Kittle on Thu 10/17/2013 at 21:06:23.13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

    Value Name          Type                             Value Data                    
========================================================================================
    udoate    REG_SZ    "C:\Windows\System32\rundll32.exe" "C:\Users\Kittle\AppData\Roaming\udoate.dll",Encoder

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.funmoodsesrvc
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\esrv.funmoodsesrvc.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.dskbnd
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.dskbnd.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.funmoodshlpr
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\funmoods.funmoodshlpr.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\funmoodslatest_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\funmoodslatest_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2559647
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{2226635E-11E9-738B-C315-3BC2F73CA863}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Kittle\AppData\Roaming\funmoods"
Successfully deleted: [Folder] "C:\Users\Kittle\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Empty Folder] C:\Users\Kittle\appdata\local\{D7715E02-BE69-4F68-A06B-39C94F4E7AA7}
Successfully deleted: [Empty Folder] C:\Users\Kittle\appdata\local\{D80A2796-E7D2-4438-A0CC-92992B60C98D}
Successfully deleted: [Empty Folder] C:\Users\Kittle\appdata\local\{DD51FFB3-757A-4710-A6E8-7883324CD81D}
Successfully deleted: [Empty Folder] C:\Users\Kittle\appdata\local\{E3FDD9CA-D121-45F0-A46D-1122B2476648}

 

~~~ FireFox

Successfully deleted: [File] C:\Users\Kittle\AppData\Roaming\mozilla\firefox\profiles\dkd2srzm.default\user.js
Successfully deleted: [File] C:\Users\Kittle\AppData\Roaming\mozilla\firefox\profiles\dkd2srzm.default\searchplugins\funmoods.xml
Successfully deleted: [Folder] C:\Users\Kittle\AppData\Roaming\mozilla\firefox\profiles\dkd2srzm.default\conduitcommon
Successfully deleted: [Folder] C:\Users\Kittle\AppData\Roaming\mozilla\firefox\profiles\dkd2srzm.default\extensions\ffxtlbr@funmoods.com

 

~~~ Chrome

Successfully deleted: [Folder] C:\Users\Kittle\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 10/17/2013 at 21:10:58.16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

 

C:\Users\All Users\Spybot - Search & Destroy\Recovery\WinDownloadergen2.zip Win32/Bagle.gen.zip worm 
C:\ProgramData\Spybot - Search & Destroy\Recovery\WinDownloadergen2.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined

 

Looks like I F\forgot to disable spybot... sorry.



#10 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:22 PM

Posted 18 October 2013 - 06:34 PM

p22002970.gif Update Firefox to the current 24.0 version.

 

p22002970.gif Update Adobe Flash Player: http://get.adobe.com/flashplayer/
Make sure you UN-check Yes, install McAfee Security Scan Plus

NOTE 1: Beginning with Adobe Flash Version 11.3, the universal installer includes the 32-bit and 64-bit versions of the Flash Player.
NOTE 2: While installing make sure you UN-check any extra garbage which wants to install alongside.

 

p22002970.gif Update Adobe Reader

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions (if present).
Note. If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.

Alternatively, you can uninstall Adobe Reader and install one of two free alternatives:

- Foxit PDF Reader from HERE.
It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, make sure to UN-check any pre-checked toolbar, or any other garbage.

- PDF-XChange Viewer: http://www.tracker-software.com/product/pdf-xchange-viewer

 

p22002970.gif 1. Update your Java version here: http://www.java.com/en/download/manual.jsp
Alternate download: http://www.filehippo.com/search?q=java

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: If you're running 64-bit system make sure you install BOTH, 32-bit and 64-bit Java.

Note 3: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it.

  • Run JavaRa.exe (Vista and 7 users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Do NOT post JavaRa log.

 

=========================================

 

Your computer is clean p3879546.jpg

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll remove all old restore points and create fresh, clean restore point.

Turn system restore off.
Restart computer.
Turn system restore back on.

If you don't know how to do it...
Windows XP: http://support.microsoft.com/kb/310405
Vista and Windows 7: http://www.howtogeek.com/howto/windows-vista/disable-system-restore-in-windows-vista/
Windows 8: http://www.bleepingcomputer.com/tutorials/windows-8-system-restore-guide/#disable

2. Make sure Windows Updates are current.

3. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

4. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): http://secunia.com/vulnerability_scanning/personal/. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

11. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

12. Except for MBAM and TFC, which are keepers you can simply delete all other tools we used as they don't install.


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 


#11 dkittl20

dkittl20
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:22 PM

Posted 19 October 2013 - 12:52 PM

Great Thanks again!  Left you a donation for you help.



#12 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,754 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:12:22 PM

Posted 19 October 2013 - 08:36 PM

Thank you :)


My Website

My help doesn't cost a penny, but if you'd like to consider a donation, click DONATE

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users