Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD, but works in Safe Mode with Networking


  • Please log in to reply
53 replies to this topic

#1 peak4

peak4

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sheffield England
  • Local time:12:03 AM

Posted 02 March 2014 - 05:23 PM

Hello folks, I suppose I should introduce myself first, but I thought I'd pose a query here as I'm just back off my hols and struggling with a poorly PC

It died just before we went away after some MS updates a few weeks ago, it's been BSOD in normal mode ever since, but will boot into Safe with networking. (or at least it will do now after much toil on my part)

 

 

The spec is a bit odd, but it's been working fine for ages, though it has had a couple of recent hiccups.

 

XP SP3 Biostar MOBO TF7150u-m7 4 GB memory

I was running a dual screen of a GeForce 9500GT, but just reverted to single screen of MOBO video in case that was the issue, but sadly no change.

 

Storage is software RAID 1 2 x 1TB with multiple partitions, of which C drive contains operating system.

There is also a separate 500GB PATA drive with more data on it.

 

For some reason the Minidump isn't writing on BSOD even though it's set to from Control Panel and also seems to be set to in the registry.

Also I cannot disable rebooting after BSOD, but can get into Safe mode after the first Normal mode failure.

Video camera pointing at screen shows STOP 0x0000007f, but I can't get the rest of the digits to record at the moment as it doesn't flash up for long enough.

 

A while ago I got immediate BSOD when I plugged an SD card in with some photos on it, which caused major grief, and wouldn't even get into Safe Mode subsequently.

It didn't write minidumps then either.

I uninstalled (and later re-installed) AVAST wondering if it had crashed when checking out the SD card.

Initially I could just disable the various drivers from Recovery Console to allow booting into Safe mode, from where I could do the actual uninstall.

Following the uninstall I did get minidumps written which pointed to the NVidia RAID drivers.

I then updated the drivers from Biostar's website and the sysyem booted up as normal and stayed stable for a small few weeks.

 

Malware Bytes showed clean.

 

I had further hiccups, requiring re-installation of the RAID drivers again, and removed AVAST completely, replacing it with Kapersky.

Again system stable for a week or two with no issues

 

MS updates then came in a couple of weeks ago, and I've not been able to boot normally since.

Tried re-installing NVidia RAID drivers again, but it hasn't helped this time.

The system claims RAID is healthy, as is SMART monitoring of the two drives.

 

Somewhere along the process I also tried System Restore to one of the periods prior to the MS Updates when everything was stable. It didn't help, so still stuck in Safe Mode, possibly because a couple of the updates said they cannot be uninstalled.

 

From Event Viewer at the time;

Windows Malicious Software Removal Tool Jan 2014 KB890830   downloaded and ran without issue
Security Update for XP & Server KB2917500  seemed to extract OK
Security update for XP KB2914368 re-installed and then uninstalled
Security Update for Word 2003 KB2863866 Error Message- cannot be applied
Security update for Office 2007 KB2837615 Error Message - Failed

 

Since that I've tried Memtest on the 2x2GB memory sticks, which showed no faults, and also tried removing each stick one at a time, also without improvement.

BSOD is just at the point where I'd expect the second monitor to spring into life, so I wondered if the video card had failed; hence removing it and trying the MOBO video. Still no improvement.

 

Also run CHKDSK /r to no avail

 

The intention is to try and get the cursed thing up and running stably again, add SSD and port the XPSP3 installation over to it, to get it off the RAID array, to make recover easier, and then add WIN7  to a secnd partition on the SSD.

 

I really don't want to have to do a clean install of XP as I've too much software loaded and need to keep a working system on the go.

 

 

 

Anyone any bright ideas please?


Edited by hamluis, 02 March 2014 - 09:07 PM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 OldPhil

OldPhil

    Doppleganger


  • Members
  • 4,156 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Long Island New York
  • Local time:07:03 PM

Posted 02 March 2014 - 05:50 PM

IMO it will be a driver issue.


Honesty & Integrity Above All!


#3 peak4

peak4
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sheffield England
  • Local time:12:03 AM

Posted 02 March 2014 - 06:14 PM

IMO it will be a driver issue.

I'd kind of come to the same thoughts myself, but any ideas how I work out which one(s).

Already disabled a serious lot of stuff via msConfig



#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,281 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:03 PM

Posted 02 March 2014 - 06:47 PM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy - http://www.bleepingcomputer.com/forums/topic323892.html/page__p__1797792#entry1797792 , taking care to post the link of the snapshot in your next post.
 
Louis



#5 peak4

peak4
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sheffield England
  • Local time:12:03 AM

Posted 02 March 2014 - 07:46 PM

Thanks Louis; Currently with just 1 memory stick (2MB) and MOBO graphics

 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Bill (administrator) on 03-03-2014 at 00:37:50
Running from "C:\Documents and Settings\Bill\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
***************************************************************************
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/02/2014 09:25:02 PM) (Source: Application Error) (User: )
Description: Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]
 
Error: (02/11/2014 02:58:19 PM) (Source: MsiInstaller) (User: BLACKONE)
Description: The installation of E:\My Documents\GCSMSetup_3_6_1.msi is not permitted due to an error in software restriction policy processing. The object cannot be trusted.
 
Error: (02/09/2014 11:55:43 PM) (Source: Application Error) (User: )
Description: Faulting application mbam.exe, version 1.75.0.1, faulting module kernel32.dll, version 5.1.2600.6293, fault address 0x00012fd3.
Processing media-specific event for [mbam.exe!ws!]
 
Error: (02/09/2014 01:01:36 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume \\?\Volume{ba9e89f8-d120-11dd-a0d1-806d6172696f}\.
The volume index in the shadow copy set is 0. Error details: Flush[0x00000000], Release[0x8000ffff], OnRun[0x00000000].
 
Error: (02/02/2014 09:35:32 PM) (Source: VmbService) (User: )
Description: loadedConflicts
 
Error: (02/02/2014 08:42:47 PM) (Source: VmbService) (User: )
Description: loadedConflicts
 
Error: (02/02/2014 07:44:31 PM) (Source: VmbService) (User: )
Description: loadedConflicts
 
Error: (02/02/2014 00:08:34 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\BILL\RECENT\CYPRUS.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (02/02/2014 00:08:34 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\DOCUMENTS AND SETTINGS\BILL\RECENT\CYPRUS.LNK> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (02/02/2014 11:58:10 AM) (Source: Windows Search Service) (User: )
Description: The entry <E:\MY DOCUMENTS\HOLIDAYS\CYPRUS\ATOL CERTIFICATE.PDF> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
 
System errors:
=============
Error: (03/02/2014 09:23:38 PM) (Source: DCOM) (User: BLACKONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (03/02/2014 09:23:37 PM) (Source: DCOM) (User: BLACKONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (03/02/2014 09:23:36 PM) (Source: 0) (User: )
Description: 
 
Error: (03/02/2014 09:23:35 PM) (Source: DCOM) (User: BLACKONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (03/02/2014 09:23:35 PM) (Source: DCOM) (User: BLACKONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (03/02/2014 09:23:31 PM) (Source: DCOM) (User: BLACKONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (03/02/2014 09:23:31 PM) (Source: 0) (User: )
Description: 
 
Error: (03/02/2014 09:23:30 PM) (Source: DCOM) (User: BLACKONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (03/02/2014 09:23:28 PM) (Source: 0) (User: )
Description: 
 
Error: (03/02/2014 09:23:28 PM) (Source: DCOM) (User: BLACKONE)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
 
Microsoft Office Sessions:
=========================
Error: (03/02/2014 09:25:02 PM) (Source: Application Error)(User: )
Description: 0.0.0.0unknown0.0.0.000000000
 
Error: (02/11/2014 02:58:19 PM) (Source: MsiInstaller)(User: BLACKONE)
Description: E:\My Documents\GCSMSetup_3_6_1.msi(NULL)(NULL)(NULL)
 
Error: (02/09/2014 11:55:43 PM) (Source: Application Error)(User: )
Description: mbam.exe1.75.0.1kernel32.dll5.1.2600.629300012fd3
 
Error: (02/09/2014 01:01:36 AM) (Source: VSS)(User: )
Description: \\?\Volume{ba9e89f8-d120-11dd-a0d1-806d6172696f}\00x000000000x8000ffff0x00000000
 
Error: (02/02/2014 09:35:32 PM) (Source: VmbService)(User: )
Description: loadedConflicts
 
Error: (02/02/2014 08:42:47 PM) (Source: VmbService)(User: )
Description: loadedConflicts
 
Error: (02/02/2014 07:44:31 PM) (Source: VmbService)(User: )
Description: loadedConflicts
 
Error: (02/02/2014 00:08:34 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BILL\RECENT\CYPRUS.LNK
 
Error: (02/02/2014 00:08:34 PM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
C:\DOCUMENTS AND SETTINGS\BILL\RECENT\CYPRUS.LNK
 
Error: (02/02/2014 11:58:10 AM) (Source: Windows Search Service)(User: )
Description: Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
E:\MY DOCUMENTS\HOLIDAYS\CYPRUS\ATOL CERTIFICATE.PDF
 
 
=========================== Installed Programs ============================
 
7-Zip 9.20
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
AcroPano Photo Stitcher, Panorama software
Adobe Acrobat 4.0 (Version: 4.0)
Adobe AIR (Version: 3.9.0.1030)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Flash Player 12 Plugin (Version: 12.0.0.43)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Advanced SystemCare 6 (Version: 6.0)
Almeza MultiSet Professional 7.8.1
AnyBizSoft PDF Converter (Build 2.5.0)
Apple Application Support (Version: 2.3)
Apple Software Update (Version: 2.1.3.127)
Autopano-SIFT 2.3
BBC iPlayer Desktop (Version: 3.2.15)
Belarc Advisor 8.1
Bonjour (Version: 3.0.0.10)
BT Voyager Wireless Utility (Version: 1.00.010)
Calibrize 2.0
Canon CanoScan Toolbox 4.1
Caplio Software
Capture One 4.5 (Version: 4.5.22945.18)
Capture One 6.4 (Version: 6.4.57301.136)
CCleaner (Version: 4.06)
CDCheck
CombineZP (Version: 1.0.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Paint Shop Pro Photo X2 (Version: 12.010.0000)
Corel PaintShop Pro X4 (Version: 14.0.0.345)
Corel PaintShop Pro X4 (Version: 14.3.0.3)
Corel PaintShop Pro X4 Ultimate Bonus Pack
Corel PaintShop Pro X4 Ultimate Bonus Pack (Version: 1.00.0000)
Coupon Printer (Version: 2.0)
Currency Converter
CutePDF Writer 3.0 (Version:  3.0)
DOFMaster
DraftSight (Version: 8.2.301)
DriverAgent by eSupport.com
DriverTuner 3.1.0.1 (Version: 3.1.0.1)
DScaler 5 Mpeg Decoders
DxO FilmPack 3 (Version: 3.4.92.0)
DxO Optics Pro 6 (Version: 6.6.0)
DxO Optics Pro 7 (Version: 7.5.3)
DxO Optics Pro 8 (Version: 8.2.0)
EASEUS Partition Master 8.0.1 Professional
EaseUS Todo Backup Home 6.1 (Version: 6.1)
Elevated Installer (Version: 2.1.13)
ExposurePlot 1.1.6
FastStone Image Viewer 4.6 (Version: 4.6)
FelixCAD 5 LT
File Type Assistant
Filzip 3.06 (Version: 3.0.6)
Flickr Uploadr 3.0.5
Focus Magic 3.02
Foxit PDF Creator Toolbar (Version: 1.15.1.0)
Foxit PDF Creator Toolbar Updater (Version: 1.2.1.22229)
Foxit PDF Editor (Version: 2.2.0.0205)
Foxit PDF IFilter (Version: 1.0.1729)
Foxit Reader (Version: 6.0.6.722)
Free Easy Burner V 5.1 (Version: 5.1.0.0)
Garmin City Navigator Europe NT 2011.20 Update (Version: 14.20.0.0)
Garmin City Navigator Europe NT 2012.40 Update (Version: 15.40.0.0)
Garmin City Navigator Europe NT 2013.30 Update (Version: 16.30.0.0)
Garmin Communicator Plugin (Version: 4.0.3)
Garmin Communicator Plugin with myGarmin Agent (Version: 2.9.2)
Garmin Express (Version: 2.1.13)
Garmin Express Tray (Version: 2.1.13)
Garmin MapSource (Version: 6.16.2)
Garmin POI Loader (Version: 2.5.4.0)
Garmin POI Loader (Version: 2.7.1)
Garmin Update Service (Version: 2.1.13)
Garmin USB Drivers (Version: 2.3.0.0)
GIMP 2.6.3
GIMPshop .1 beta (Version: .1 beta)
Google Chrome (Version: 32.0.1700.107)
Google Drive (Version: 1.13.5782.599)
Google Earth (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.22.3)
Google Updater (Version: 2.4.2432.1652)
GoToMeeting 5.7.0.1172 (Version: 5.7.0.1172)
HouseCall 6.6 (Version: 6.6)
Hugin 0.7.0 (SVN 3465) (Version: 0.7.0.3465)
ICA (Version: 14.0.0.345)
iCare Card Recovery Pro 2.0
iCare Data Recovery 4.5.2
i-gotU Suite (Version: 10.12.751)
ImgBurn (Version: 2.5.8.0)
InfraRecorder
Inpaint 2.0
Inpaint 3.1
Intel® Processor ID Utility (Version: 4.00.0000)
IPM_PSP_COM (Version: 14.0.0.345)
Irodio Photo & Video Studio (Version: 1.1.3)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Kaspersky Internet Security (Version: 14.0.0.4651)
KUSO EXIF Viewer
KUSO EXIF Viewer (Version: 2.0)
LaCie Network Assistant 1.4.0.30 (Version: 1.4.0.30)
LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
Logitech MouseWare 9.79.1 
MailWasher 2.0.15 beta
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MapSource
Maxthon Cloud Browser (Version: 4.0.3.6000)
Memeo Instant Backup (Version: 4.60.0.7923)
Memory-Map OS Edition 2004 (Version: 4.2.1)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft ActiveSync (Version: 4.5.5096.0)
Microsoft AutoRoute (Version: 10.00.09.2500)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Outlook Personal Folders Backup (Version: 1.10.0.0)
Microsoft Pro Photo Tools (Version: 2.2)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Sync Framework 2.0 Core Components (x86) ENU  (Version: 2.0.1578.0)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (Version: 2.0.1578.0)
Microsoft Sync Framework Runtime v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services v1.0 (x86) (Version: 1.0.1215.0)
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visio Professional 2002 [English] (Version: 10.2.5110)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 27.0.1 (x86 en-GB) (Version: 27.0.1)
Mozilla Maintenance Service (Version: 27.0.1)
MSN Messenger 7.0 (Version: 7.0.0820)
MSVC80_x86 (Version: 1.0.1.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6.0 Parser (Version: 6.10.1072.0)
MultiStage Recovery 4.1
MyGPS Version 2.6.0
Nero Suite
NirSoft BlueScreenView
Noiseware Community Edition (Version: 2.6.0.1)
Nokia Connectivity Cable Driver (Version: 7.1.36.0)
Nokia PC Suite (Version: 7.1.60.0)
Norton Ghost (Version: 14.0.4.30167)
NVIDIA Control Panel 266.58 (Version: 266.58)
NVIDIA Drivers
NVIDIA Graphics Driver 266.58 (Version: 266.58)
NVIDIA HD Audio Driver 1.1.13.1 (Version: 1.1.13.1)
NVIDIA Install Application (Version: 2.265.39.0)
NVIDIA nView 135.50 (Version: 135.50)
NVIDIA nView Desktop Manager (Version: 6.14.10.13550)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
Ocster 1-Click Backup (Version: 2.04)
Office Backup 2.2 (Version: 2.2)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OLYMPUS Digital Camera Updater (Version: 1.0.3)
OLYMPUS Master 2 (Version: 1.0.12)
OLYMPUS Raw Codec (Version: 1.3.0)
OLYMPUS Studio 2 (Version: 1.0.8)
OLYMPUS Viewer 2 (Version: 1.0.0)
OLYMPUS Viewer 3 (Version: 1.0.1)
OpenOffice.org 3.4.1 (Version: 3.41.9593)
Opera 12.16 (Version: 12.16.1860)
Opera Stable 19.0.1326.63 (Version: 19.0.1326.63)
Paragon Backup and Recovery™ 11 Compact Edition (Version: 90.00.0003)
Paragon Drive Copy™ 10 Personal SE (Version: 90.00.0003)
Paragon Drive Copy™ 14 Compact (Version: 90.00.0003)
Paragon Migrate OS to SSD™ 3.0 Special Edition (English) (Version: 90.00.0003)
Paragon Partition Manager™ 10.0 (Version: 90.00.0003)
Paragon System Backup 10 Special Edition - GOTD (English) (Version: 90.00.0003)
PC Connectivity Solution (Version: 10.50.2.0)
PDF Converter 2.0
PhotoAcute Studio 2.70 special for c't (Version: 2.70 special for c't)
PhotoCardMaker 1.0.2
Photomatix Basic version 1.2.1 (Version: 1.2)
PoiEdit
Process Lasso (Version: 6.0.2.44)
PSPPContent (Version: 14.0.0.345)
PSPPHelp (Version: 14.0.0.345)
Qtpfsgui 1.9.2
Quick View Plus
QuickTime (Version: 7.74.80.86)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.17.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.5735)
RescuePRO 3.4.0.34
RoboImport 1.2.0.72 (Version: RoboImport 1.2.0.72)
RonyaSoft Poster Printer (ProPoster) 3.01 (Version: 3.01)
Safari (Version: 5.34.57.2)
Samsung Universal Print Driver (Version: 2.03.01.00:36)
Scanitto Pro (Version: 2.8.17.201)
Seagate Dashboard (Version: 1.1.0.1421)
Search Protect (Version: 2.9.65.0)
Secunia PSI (2.0.0.3001)
Setup (Version: 14.0.0.345)
SILKYPIX Developer Studio 2.1 SE (Version: 2.1.0.2)
SILKYPIX Developer Studio 3.1 SE (Version: 3)
Smart Defrag 2 (Version: 2.8)
Software Informer 1.0 BETA
Spyder2express
Starry Night CSAP (Version: 6.0.0.0)
Stellarium 0.12.4 (Version: 0.12.4)
SyncToy 2.1 (x86) (Version: 2.1.0)
System Requirements Lab
The Photographer's Ephemeris (Version: 1.1.1)
uMark Professional 1.3 (Version: 1.3.0)
Unit Converter
Unit Converter (2)
Universal Currency Converter
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2808679) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Vodafone Mobile Broadband Lite (Version: 10.0.300.23780)
Watermark Express (Version: 1.0)
Webcam Motion Detector version 1.3 (Version: 1.3)
WebFldrs XP (Version: 9.50.7523)
Windows 7 Upgrade Advisor (Version: 2.0.5000.0)
Windows 7 USB/DVD Download Tool (Version: 1.0.30)
Windows Automated Installation Kit (Version: 1.0.0.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - Leaf Imaging Ltd. Image  (02/11/2010 ) (Version: 02/11/2010 )
Windows Driver Package - Nokia Modem  (06/09/2010 7.01.0.8) (Version: 06/09/2010 7.01.0.8)
Windows Driver Package - Nokia Modem  (10/07/2010 4.6) (Version: 10/07/2010 4.6)
Windows Driver Package - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Driver Package - OLYMPUS IMAGING CORP. (OlyFirCam) OlyFirCam  (06/28/2007 2.2.0.0) (Version: 06/28/2007 2.2.0.0)
Windows Driver Package - OLYMPUS IMAGING CORP. (OlyUsbCam) OlyUsbCam  (12/28/2006 1.0.0.0) (Version: 12/28/2006 1.0.0.0)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (Version: 09/09/2009 1.0.0.0)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows Presentation Foundation (Version: 3.0.6920.0)
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Service Pack 3 (Version: 20080414.031525)
XDepth® RAW Converter (remove only)
XML Paper Specification Shared Components Pack 1.0
Yahoo Community Smartbar (Version: 10.179.66.13636)
Yahoo Community Smartbar Engine (Version: 10.179.66.13636)
Yahoo! Detect
 
========================= Memory info: ===================================
 
Percentage of memory in use: 64%
Total physical RAM: 1917.46 MB
Available physical RAM: 671.44 MB
Total Pagefile: 3680.56 MB
Available Pagefile: 2428.73 MB
Total Virtual: 2047.88 MB
Available Virtual: 1981.95 MB
 
========================= Partitions: =====================================
 
2 Drive c: () (Fixed) (Total:78.13 GB) (Free:6.95 GB) NTFS
3 Drive d: (New Volume) (Fixed) (Total:146.48 GB) (Free:96.14 GB) NTFS
4 Drive e: (DATA) (Fixed) (Total:488.28 GB) (Free:2.11 GB) NTFS
5 Drive f: (Backups) (Fixed) (Total:218.62 GB) (Free:17.44 GB) NTFS
7 Drive l: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:234.15 GB) NTFS
8 Drive m: (PHOTOS) (Fixed) (Total:465.65 GB) (Free:172.56 GB) FAT32
13 Drive w: (OpenShare) (Network) (Total:1810.79 GB) (Free:210.67 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\BLACKONE
 
_ocster_1clk_backup_     Administrator            ASPNET                   
Bill                     Guest                    HelpAssistant            
IUSR_BLACKONE            IWAM_BLACKONE            SUPPORT_388945a0         
 
 
**** End of log ****
 
 
 
Please see also Speccy result after this error message; "CPU dll init failed (error 2) some information will not be displayed"
 
 
Many Thanks
Bill
 
Might be a while replying as I'm just off to bed now and won't be back in front of PC until very late tomorrow evening (UK time)


#6 peak4

peak4
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sheffield England
  • Local time:12:03 AM

Posted 02 March 2014 - 07:53 PM

Louis, Extra info re. missing Piriform info

 

CPU E8600 not over clocked

2MB Crucial RAM DDR2 unbuffered

MOBO Biostar TF7150u-m7

MOBO Graphics NVIDIA GeForce 7150/nForce 630i ( from MSinfo)

 

Thanks

Bill



#7 hamluis

hamluis

    Moderator


  • Moderator
  • 56,281 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:03 PM

Posted 02 March 2014 - 09:06 PM

 Advanced SystemCare 6 (Version: 6.0)
DriverAgent by eSupport.com
DriverTuner 3.1.0.1 (Version: 3.1.0.1)
GIMPshop .1 beta

LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
XDepth® RAW Converter (remove only)

Yahoo Community Smartbar (Version: 10.179.66.13636)

Yahoo Community Smartbar Engine (Version: 10.179.66.13636)
Yahoo! Detect
 
IMO...all of the above are questionable installs, with some of them seeming to be considered malware (from what I see).  There may be more apps that would be questionable but I stopped looking after a given point.  I felt that I had seen enough to move this to a different forum.
 
Moving topic to Am I Infected where the more knowledgeable can take a look.
 
Louis

Edited by hamluis, 02 March 2014 - 09:07 PM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 PM

Posted 02 March 2014 - 09:18 PM

Hello please do these next.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
  • [/list]
  • [/list]
  • [/list]

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 peak4

peak4
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sheffield England
  • Local time:12:03 AM

Posted 03 March 2014 - 02:09 AM

Many Thanks folks, I'll do this, but just off to work now (06.45 Monday local time in Sheffield England)

I've got to collect my Dad from hospital this evening after work, so will hopefully return the results Tuesday evening local time after work.

Just posting this so you know I'm not ignoring you. :thumbup2:

 

As for the following

DriverAgent by eSupport.com
DriverTuner 3.1.0.1 (Version: 3.1.0.1)

they might be red herrings, as they only appeared after the problem, when I was trying to find updates for drivers in case that was the issue.

 

The other programs you list were  resident long before any problems arose, though since they haven't really been used for ages, it seems prudent to get shot of them anyway;

 Advanced SystemCare 6 (Version: 6.0)  I only added this for it's defrag engine under a previous version.

GIMPshop .1 beta

LiveUpdate 3.2 (Symantec Corporation) (Version: 3.2.0.68)
XDepth® RAW Converter (remove only)

Yahoo Community Smartbar (Version: 10.179.66.13636)

Yahoo Community Smartbar Engine (Version: 10.179.66.13636)
Yahoo! Detect

 

I did run some scans previously with the good folks on Avast Forums when the issue first arose and everything seemed clear, but I'll certainly do as you suggest. I think those two driver search programs were the only things added subsequently, apart from me uninstalling Avast and moving to Kapersky in case that was the issue; 

 

I took Avast off, as when I had done so previously, the BSOD minidumps stared writing again, but not this time; it seemed to have been causing other issues at the time as well..

 

Any ideas why minidumps won't record, or why I can't disable auto re-boot on Stop error?

I do have some older minidumps, which was what pointed to the RAID drivers, hence updating them, but as I say RAID shows as Healthy, and Smart monitoring reports OK too.

 

Thanks

Bill



#10 peak4

peak4
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sheffield England
  • Local time:12:03 AM

Posted 04 March 2014 - 01:21 PM

Thanks in anticipation for your assistance.

 

MiniToolbox Report Follows;

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Bill (administrator) on 04-03-2014 at 18:10:28
Running from "C:\Documents and Settings\Bill\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.type", 2
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
::1       localhost
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC = Local Area Connection (Connected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : blackone
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Unknown
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : home
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Connection-specific DNS Suffix  . : home
 
        Description . . . . . . . . . . . : Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC
 
        Physical Address. . . . . . . . . : 00-E0-4D-66-84-69
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.1.82
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.1.254
 
        DHCP Server . . . . . . . . . . . : 192.168.1.254
 
        DNS Servers . . . . . . . . . . . : 192.168.1.254
 
        Lease Obtained. . . . . . . . . . : 04 March 2014 08:57:53
 
        Lease Expires . . . . . . . . . . : 05 March 2014 08:57:53
 
Server:  api.home
Address:  192.168.1.254
 
Name:    google.com
Addresses:  173.194.34.161, 173.194.34.163, 173.194.34.164, 173.194.34.165
 173.194.34.160, 173.194.34.169, 173.194.34.168, 173.194.34.166, 173.194.34.162
 173.194.34.174, 173.194.34.167
 
 
 
Pinging google.com [173.194.34.165] with 32 bytes of data:
 
 
 
Reply from 173.194.34.165: bytes=32 time=28ms TTL=52
 
Reply from 173.194.34.165: bytes=32 time=29ms TTL=52
 
 
 
Ping statistics for 173.194.34.165:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 28ms, Maximum = 29ms, Average = 28ms
 
Server:  api.home
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109
 
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
 
 
 
Reply from 98.139.183.24: bytes=32 time=135ms TTL=45
 
Reply from 98.139.183.24: bytes=32 time=127ms TTL=45
 
 
 
Ping statistics for 98.139.183.24:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 127ms, Maximum = 135ms, Average = 131ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 e0 4d 66 84 69 ...... Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.82  20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
      192.168.1.0    255.255.255.0     192.168.1.82    192.168.1.82  20
     192.168.1.82  255.255.255.255        127.0.0.1       127.0.0.1  20
    192.168.1.255  255.255.255.255     192.168.1.82    192.168.1.82  20
        224.0.0.0        240.0.0.0     192.168.1.82    192.168.1.82  20
  255.255.255.255  255.255.255.255     192.168.1.82    192.168.1.82  1
Default Gateway:     192.168.1.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
 
**** End of log ****
 

 

 

TDSSKiller shows "no threats found"

Report Follows;

 

18:13:47.0203 0xa664  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
18:13:53.0328 0xa664  ============================================================
18:13:53.0328 0xa664  Current date / time: 2014/03/04 18:13:53.0328
18:13:53.0328 0xa664  SystemInfo:
18:13:53.0328 0xa664  
18:13:53.0328 0xa664  OS Version: 5.1.2600 ServicePack: 3.0
18:13:53.0328 0xa664  Product type: Workstation
18:13:53.0328 0xa664  ComputerName: BLACKONE
18:13:53.0328 0xa664  UserName: Bill
18:13:53.0328 0xa664  Windows directory: C:\WINDOWS
18:13:53.0328 0xa664  System windows directory: C:\WINDOWS
18:13:53.0328 0xa664  Processor architecture: Intel x86
18:13:53.0328 0xa664  Number of processors: 2
18:13:53.0328 0xa664  Page size: 0x1000
18:13:53.0328 0xa664  Boot type: Safe boot with network
18:13:53.0328 0xa664  ============================================================
18:14:17.0468 0xa664  KLMD registered as C:\WINDOWS\system32\drivers\53679298.sys
18:14:18.0359 0xa664  System UUID: {18FBAB34-8826-7A64-20F6-13FE138AA190}
18:14:20.0718 0xa664  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:14:20.0734 0xa664  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB0000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:14:20.0750 0xa664  Drive \Device\Harddisk6\DR11 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:14:20.0750 0xa664  ============================================================
18:14:20.0750 0xa664  \Device\Harddisk0\DR0:
18:14:20.0750 0xa664  MBR partitions:
18:14:20.0750 0xa664  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x3A384C02
18:14:20.0750 0xa664  \Device\Harddisk1\DR1:
18:14:20.0750 0xa664  MBR partitions:
18:14:20.0750 0xa664  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C41AD8
18:14:20.0750 0xa664  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x9C41B17, BlocksNum 0x124F6C32
18:14:20.0750 0xa664  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x1C138749, BlocksNum 0x3D08FCBD
18:14:20.0750 0xa664  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x591C8406, BlocksNum 0x1B53D5BB
18:14:20.0750 0xa664  \Device\Harddisk6\DR11:
18:14:20.0750 0xa664  MBR partitions:
18:14:20.0750 0xa664  \Device\Harddisk6\DR11\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x747059C1
18:14:20.0750 0xa664  ============================================================
18:14:20.0843 0xa664  C: <-> \Device\Harddisk1\DR1\Partition1
18:14:20.0875 0xa664  D: <-> \Device\Harddisk1\DR1\Partition2
18:14:20.0937 0xa664  E: <-> \Device\Harddisk1\DR1\Partition3
18:14:20.0984 0xa664  F: <-> \Device\Harddisk1\DR1\Partition4
18:14:21.0171 0xa664  M: <-> \Device\Harddisk0\DR0\Partition1
18:14:21.0296 0xa664  L: <-> \Device\Harddisk6\DR11\Partition1
18:14:21.0328 0xa664  ============================================================
18:14:21.0328 0xa664  Initialize success
18:14:21.0328 0xa664  ============================================================
18:14:26.0828 0xa754  ============================================================
18:14:26.0828 0xa754  Scan started
18:14:26.0828 0xa754  Mode: Manual; 
18:14:26.0828 0xa754  ============================================================
18:14:26.0828 0xa754  KSN ping started
18:14:42.0406 0xa754  KSN ping finished: true
18:14:45.0500 0xa754  ================ Scan system memory ========================
18:14:45.0500 0xa754  System memory - ok
18:14:45.0500 0xa754  ================ Scan services =============================
18:14:45.0640 0xa754  Abiosdsk - ok
18:14:45.0656 0xa754  abp480n5 - ok
18:14:45.0671 0xa754  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:14:45.0687 0xa754  ACPI - ok
18:14:45.0781 0xa754  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:14:45.0781 0xa754  ACPIEC - ok
18:14:45.0843 0xa754  [ 8D268693A6DCE3D7319DF14834841BAF, 229C95FE2E6A692EBC2842823A1C7D438F8DF18F44691BD7AFE79DB76F092F9D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:14:45.0859 0xa754  AdobeFlashPlayerUpdateSvc - ok
18:14:45.0859 0xa754  adpu160m - ok
18:14:45.0984 0xa754  [ 993F7B0BA5188A0007C085AA10257B8E, D4F8B52DAD483287CDBA189ADCD027ABACE268E63C9A63E09A12A2E14CD36B88 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
18:14:46.0000 0xa754  AdvancedSystemCareService6 - ok
18:14:46.0015 0xa754  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:14:46.0015 0xa754  aec - ok
18:14:46.0046 0xa754  [ 2C5C22990156A1063E19AD162191DC1D, 6BB96C223E46F25669511A1EE647B0039ACCBDF7078462544E724029E4860804 ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys
18:14:46.0046 0xa754  AegisP - ok
18:14:46.0281 0xa754  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:14:46.0359 0xa754  AFD - ok
18:14:46.0500 0xa754  Aha154x - ok
18:14:46.0515 0xa754  aic78u2 - ok
18:14:46.0515 0xa754  aic78xx - ok
18:14:46.0546 0xa754  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:14:46.0562 0xa754  Alerter - ok
18:14:46.0562 0xa754  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
18:14:46.0562 0xa754  ALG - ok
18:14:46.0578 0xa754  AliIde - ok
18:14:46.0578 0xa754  amsint - ok
18:14:46.0609 0xa754  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:14:46.0609 0xa754  AppMgmt - ok
18:14:46.0625 0xa754  asc - ok
18:14:46.0625 0xa754  asc3350p - ok
18:14:46.0625 0xa754  asc3550 - ok
18:14:46.0796 0xa754  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:14:46.0828 0xa754  aspnet_state - ok
18:14:46.0843 0xa754  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:14:46.0859 0xa754  AsyncMac - ok
18:14:46.0875 0xa754  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:14:46.0875 0xa754  atapi - ok
18:14:46.0890 0xa754  Atdisk - ok
18:14:46.0890 0xa754  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:14:46.0921 0xa754  Atmarpc - ok
18:14:46.0937 0xa754  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:14:46.0953 0xa754  AudioSrv - ok
18:14:47.0015 0xa754  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:14:47.0015 0xa754  audstub - ok
18:14:47.0031 0xa754  [ 54DA0F700393AF2F1E9CD54A82F0C5A4, 489A9904E4E06EC354ABD46863FB616EFBF3214CCB09E2C89B96D5F083B6AB36 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
18:14:47.0046 0xa754  avgtp - ok
18:14:47.0125 0xa754  [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP             C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
18:14:47.0140 0xa754  AVP - ok
18:14:47.0156 0xa754  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:14:47.0156 0xa754  Beep - ok
18:14:47.0187 0xa754  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
18:14:47.0437 0xa754  BITS - ok
18:14:47.0500 0xa754  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:14:47.0531 0xa754  Bonjour Service - ok
18:14:47.0562 0xa754  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
18:14:47.0578 0xa754  Browser - ok
18:14:47.0640 0xa754  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:14:47.0656 0xa754  cbidf2k - ok
18:14:47.0718 0xa754  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:14:47.0781 0xa754  CCDECODE - ok
18:14:47.0796 0xa754  cd20xrnt - ok
18:14:47.0828 0xa754  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:14:47.0843 0xa754  Cdaudio - ok
18:14:47.0875 0xa754  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:14:47.0890 0xa754  Cdfs - ok
18:14:47.0921 0xa754  [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:14:47.0921 0xa754  Cdrom - ok
18:14:47.0921 0xa754  Changer - ok
18:14:47.0953 0xa754  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:14:47.0953 0xa754  CiSvc - ok
18:14:47.0968 0xa754  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:14:47.0968 0xa754  ClipSrv - ok
18:14:48.0109 0xa754  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:14:48.0281 0xa754  clr_optimization_v2.0.50727_32 - ok
18:14:48.0296 0xa754  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:14:48.0437 0xa754  clr_optimization_v4.0.30319_32 - ok
18:14:48.0625 0xa754  [ BF0EBA757BA82A33ED0763695DB0CBAA, 5852FF51863E296FB4B7C5E0CA49DD961A05404E27C0F473520A66AA5ACC9CD6 ] CltMngSvc       C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe
18:14:48.0781 0xa754  CltMngSvc - ok
18:14:48.0796 0xa754  CmdIde - ok
18:14:48.0796 0xa754  COMSysApp - ok
18:14:48.0812 0xa754  Cpqarray - ok
18:14:48.0843 0xa754  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:14:48.0843 0xa754  CryptSvc - ok
18:14:48.0859 0xa754  dac2w2k - ok
18:14:48.0859 0xa754  dac960nt - ok
18:14:48.0890 0xa754  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:14:48.0906 0xa754  DcomLaunch - ok
18:14:48.0937 0xa754  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:14:48.0953 0xa754  Dhcp - ok
18:14:48.0968 0xa754  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:14:48.0968 0xa754  Disk - ok
18:14:48.0984 0xa754  dmadmin - ok
18:14:49.0031 0xa754  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:14:49.0031 0xa754  dmboot - ok
18:14:49.0046 0xa754  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:14:49.0046 0xa754  dmio - ok
18:14:49.0062 0xa754  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:14:49.0062 0xa754  dmload - ok
18:14:49.0093 0xa754  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:14:49.0093 0xa754  dmserver - ok
18:14:49.0109 0xa754  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:14:49.0125 0xa754  DMusic - ok
18:14:49.0140 0xa754  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:14:49.0156 0xa754  Dnscache - ok
18:14:49.0187 0xa754  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:14:49.0203 0xa754  Dot3svc - ok
18:14:49.0203 0xa754  dpti2o - ok
18:14:49.0218 0xa754  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:14:49.0234 0xa754  drmkaud - ok
18:14:49.0250 0xa754  [ 5B131ED45BE8F8803F977CC32125EA37, 8A839AFB2F599BED263C3C0F0EB1B85CCE4FA178E1AC0B39E70CD8FA130F07E4 ] DrvAgent32      C:\WINDOWS\system32\Drivers\DrvAgent32.sys
18:14:49.0265 0xa754  DrvAgent32 - ok
18:14:49.0281 0xa754  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:14:49.0281 0xa754  EapHost - ok
18:14:49.0359 0xa754  [ B60D3EF0DD05CCD9AD4443DD9A4AF11B, 9A760A240A21D02A6091784E8C2626C9F1A3B7C48DF03F41CE5814D2399EA8F0 ] EaseUS Agent    C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
18:14:49.0375 0xa754  EaseUS Agent - ok
18:14:49.0437 0xa754  [ F07BA56B0235F15EFF8F10DC6389C42E, A7202CCB418D03606A97679BCF166ACA12F8341E8AB97DF044AE00401B8496B4 ] epmntdrv        C:\WINDOWS\system32\epmntdrv.sys
18:14:49.0453 0xa754  epmntdrv - ok
18:14:49.0468 0xa754  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:14:49.0484 0xa754  ERSvc - ok
18:14:50.0000 0xa754  [ F8EFD04DB94B1DA2568C53A546613E43, AF417543D292C55D28C92D51D975ED41FB07A29644374ACDDDC3D110A03521E0 ] EUBAKUP         C:\WINDOWS\system32\drivers\eubakup.sys
18:14:50.0000 0xa754  EUBAKUP - ok
18:14:50.0171 0xa754  [ 4CD0B4D145CF39F8221765952301941B, 439D2FE8BF9AEC3E34C8861576CC7489FEB2CF30E28909360F97987506E31798 ] EUBKMON         C:\WINDOWS\system32\drivers\EUBKMON.sys
18:14:50.0171 0xa754  EUBKMON - ok
18:14:50.0203 0xa754  [ 8D980D175E17C88AA07ECAB23E38C70D, E63304164775EA6F219161A34F4B29B715DDE42F1088A0D062ACCD7C10AD2416 ] EUDSKACS        C:\WINDOWS\system32\drivers\eudskacs.sys
18:14:50.0203 0xa754  EUDSKACS - ok
18:14:50.0250 0xa754  [ F8EF4F17D136DA000AE15333376F4CBF, FDC14ED510938BBB78A37CDBBDFBC3218B30A6859DF30590A2D47FE475FBB38D ] EUFDDISK        C:\WINDOWS\system32\drivers\EuFdDisk.sys
18:14:50.0265 0xa754  EUFDDISK - ok
18:14:50.0281 0xa754  [ 1F2F4AB15CE03ECC257FEB2F6DC5A013, FB06406AD9CCD946155C4E8CA769E0430589A4E4BBBDA2C90A67C84E0D2F8EE0 ] EuGdiDrv        C:\WINDOWS\system32\EuGdiDrv.sys
18:14:50.0281 0xa754  EuGdiDrv - ok
18:14:50.0296 0xa754  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
18:14:50.0328 0xa754  Eventlog - ok
18:14:50.0359 0xa754  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
18:14:50.0375 0xa754  EventSystem - ok
18:14:50.0406 0xa754  [ 9A8DFBCD14A37D3139AACD671A8444A6, 8B11414D66DF2CECC66C20714CDC36A56B9AF5AAC82720D704FC748A95845C57 ] ewusbnet        C:\WINDOWS\system32\DRIVERS\ewusbnet.sys
18:14:50.0421 0xa754  ewusbnet - ok
18:14:50.0671 0xa754  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:14:50.0671 0xa754  Fastfat - ok
18:14:50.0703 0xa754  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:14:50.0718 0xa754  FastUserSwitchingCompatibility - ok
18:14:50.0718 0xa754  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
18:14:50.0734 0xa754  Fdc - ok
18:14:50.0765 0xa754  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:14:50.0765 0xa754  Fips - ok
18:14:50.0781 0xa754  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:14:50.0781 0xa754  Flpydisk - ok
18:14:50.0796 0xa754  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:14:50.0812 0xa754  FltMgr - ok
18:14:50.0843 0xa754  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:14:50.0906 0xa754  FontCache3.0.0.0 - ok
18:14:50.0921 0xa754  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:14:50.0937 0xa754  Fs_Rec - ok
18:14:50.0953 0xa754  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:14:50.0968 0xa754  Ftdisk - ok
18:14:51.0015 0xa754  [ 2973B4EB7BE10A0D491B2037DCAAE88F, 17219885FF89EFD3538C7D780179060E3255B1E0D7BA5DF01AEA737123C07B59 ] Garmin Core Update Service C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
18:14:51.0031 0xa754  Garmin Core Update Service - ok
18:14:51.0046 0xa754  [ AB8A6A87D9D7255C3884D5B9541A6E80, D073B5D8A06EFA6415E8F22DFE486DE913113AE23F59CFC5EEF1B3E694CE86F3 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:14:51.0046 0xa754  GEARAspiWDM - ok
18:14:51.0062 0xa754  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:14:51.0078 0xa754  Gpc - ok
18:14:51.0109 0xa754  [ 18547153CE3F5FC8BC45FC5ABA843F71, 4C5365CDED54C8634FEB33C6E5A1EC62774B6279CC91032F04B0D2CE737EAFDF ] gpslc           C:\WINDOWS\system32\Drivers\gpslc.sys
18:14:51.0125 0xa754  gpslc - ok
18:14:51.0140 0xa754  [ B0AFB269EBA85F9EC264035640319138, CE3BC3F531D91E5DA4B9440E0FCB55728E9146ADCCA2B931715193BA5A7DBAAE ] gpt_loader      C:\WINDOWS\system32\DRIVERS\gpt_loader.sys
18:14:51.0140 0xa754  gpt_loader - ok
18:14:51.0156 0xa754  [ B5B81876470C099E6DB3B63BDFBE58FC, B04221680BF4890829B817B6A89BF0408CE6AF3BFA9BFBF25D55BF7F99BAA8DE ] Guard Agent     C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
18:14:51.0203 0xa754  Guard Agent - ok
18:14:51.0515 0xa754  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
18:14:51.0531 0xa754  gupdate - ok
18:14:51.0562 0xa754  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
18:14:51.0562 0xa754  gupdatem - ok
18:14:51.0593 0xa754  [ 408DDD80EEDE47175F6844817B90213E, 836822885D90DAFFD25A7D7EE363F4DACD41AA4B59095243E2798B137DC55FE3 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:14:51.0625 0xa754  gusvc - ok
18:14:51.0640 0xa754  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:14:51.0656 0xa754  HDAudBus - ok
18:14:51.0703 0xa754  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:14:51.0703 0xa754  helpsvc - ok
18:14:51.0750 0xa754  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:14:51.0750 0xa754  HidServ - ok
18:14:51.0750 0xa754  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:14:51.0765 0xa754  hidusb - ok
18:14:51.0796 0xa754  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:14:51.0796 0xa754  hkmsvc - ok
18:14:51.0796 0xa754  [ 39AE0BE51F51A660CE2B14AF9BE8548F, 7B438C9D4479F625541076C75E9821F6654CE7B671DFAC4CF4A3F45989F32B7B ] hotcore3        C:\WINDOWS\system32\DRIVERS\hotcore3.sys
18:14:51.0812 0xa754  hotcore3 - ok
18:14:51.0812 0xa754  hpn - ok
18:14:51.0843 0xa754  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:14:51.0875 0xa754  HTTP - ok
18:14:51.0906 0xa754  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:14:51.0937 0xa754  HTTPFilter - ok
18:14:52.0453 0xa754  [ 93E5D34D95FF9011BEED886E3627F442, 78C5924CD6C4FA19DE0CC8BF9B180DD8A04CC3C0A6C554DEB964BFBCD8C77BA1 ] hwdatacard      C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
18:14:52.0453 0xa754  hwdatacard - ok
18:14:52.0468 0xa754  i2omgmt - ok
18:14:52.0468 0xa754  i2omp - ok
18:14:52.0484 0xa754  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:14:52.0484 0xa754  i8042prt - ok
18:14:52.0546 0xa754  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:14:52.0578 0xa754  IDriverT - ok
18:14:52.0656 0xa754  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:14:52.0687 0xa754  idsvc - ok
18:14:52.0765 0xa754  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] IISADMIN        C:\WINDOWS\system32\inetsrv\inetinfo.exe
18:14:52.0781 0xa754  IISADMIN - ok
18:14:52.0781 0xa754  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:14:52.0781 0xa754  Imapi - ok
18:14:52.0812 0xa754  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:14:52.0828 0xa754  ImapiService - ok
18:14:52.0828 0xa754  [ 580904D6CDB481BB72FEE15AA575B5BD, 1A950B515120C720B297A0038D816ED3DAD1CC40651A1190DB714E394C69DFAC ] InCDfs          C:\WINDOWS\system32\drivers\InCDfs.sys
18:14:52.0843 0xa754  InCDfs - ok
18:14:52.0843 0xa754  [ 37B31B5741674525BBA5C1659B132418, 7AD059B56EF571099CAC81D2E02C3A4210AF8FA109F4A394340D67DD2E270A89 ] InCDPass        C:\WINDOWS\system32\DRIVERS\InCDPass.sys
18:14:52.0843 0xa754  InCDPass - ok
18:14:52.0859 0xa754  [ A2F6306E5E12B9F78CCA5485B312FCBD, 36A4CBA8D5A979C5357D7F74256CCB289E047AAA72EEEB2FC24CA6BEF5CF401C ] InCDrec         C:\WINDOWS\system32\drivers\InCDrec.sys
18:14:52.0875 0xa754  InCDrec - ok
18:14:52.0875 0xa754  [ 084F6C2E3E2BE980242984B74279BFB6, 51E972FE5B75372016496769ADF87F508DC1676476308C881B7663F8A3C7D4B1 ] incdrm          C:\WINDOWS\system32\drivers\incdrm.sys
18:14:52.0875 0xa754  incdrm - ok
18:14:52.0937 0xa754  [ EDBF2717F21A9F0DB6065EA166E6EE1D, DF7F1D798F65CFD83290FA56677C5C77B4C7A080CCF3DAA4BE7AF83AAA078CBC ] InCDsrv         C:\Program Files\Ahead\InCD\InCDsrv.exe
18:14:52.0953 0xa754  InCDsrv - ok
18:14:52.0953 0xa754  InCDsrvR - ok
18:14:52.0968 0xa754  ini910u - ok
18:14:53.0187 0xa754  [ 12E9A40D13EDBB63A61F6B3196452F0D, C0D44A35FF0775AAFD41A22817D79DD6BC1F7921659629CBBF05B8520012F2BE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:14:53.0312 0xa754  IntcAzAudAddService - ok
18:14:53.0328 0xa754  IntelIde - ok
18:14:53.0359 0xa754  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:14:53.0359 0xa754  intelppm - ok
18:14:53.0375 0xa754  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
18:14:53.0390 0xa754  Ip6Fw - ok
18:14:53.0406 0xa754  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:14:53.0406 0xa754  IpFilterDriver - ok
18:14:53.0421 0xa754  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:14:53.0437 0xa754  IpInIp - ok
18:14:53.0437 0xa754  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:14:53.0437 0xa754  IpNat - ok
18:14:53.0453 0xa754  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:14:53.0468 0xa754  IPSec - ok
18:14:53.0468 0xa754  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:14:53.0484 0xa754  IRENUM - ok
18:14:53.0500 0xa754  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:14:53.0500 0xa754  isapnp - ok
18:14:53.0500 0xa754  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:14:53.0500 0xa754  Kbdclass - ok
18:14:53.0531 0xa754  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:14:53.0546 0xa754  kbdhid - ok
18:14:53.0578 0xa754  [ 871C226234A48C24DFE7478F36C0050C, 657CAB49387E0E40311D4DEC93D9860B2DAC2C05F223698CFA2F9BB50B5F3022 ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
18:14:53.0593 0xa754  kl1 - ok
18:14:53.0656 0xa754  [ 9A1649010C0D0FEF966511129075CBCC, 3DB4155FC2A77B8C63472EE1B1922F8CBEFCD2B91D0CC78D03561E35D4011D93 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
18:14:53.0671 0xa754  KLIF - ok
18:14:53.0703 0xa754  [ 2C85E9963B1F71E3B631B61F00790512, B2D0938DD1F0619B73A3A309CF0087EF71EAB2DA339F2265AAB539F74E61A0B5 ] klim5           C:\WINDOWS\system32\DRIVERS\klim5.sys
18:14:53.0703 0xa754  klim5 - ok
18:14:53.0734 0xa754  [ E46C091AE3B8CEDD234DA57020870A0A, 8929707859ED3860B17EFB0551CA4E5F69580A095B1A9C0AF10C6CF98858730C ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
18:14:53.0750 0xa754  klkbdflt - ok
18:14:53.0750 0xa754  [ 480E19A71C6EDE70B7536E96B223CE1F, B9C5E76F68B2DAB0DC9F6DB080D3E785D18AA86ADB2AB0F497B68A58222CF59C ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
18:14:53.0750 0xa754  klmouflt - ok
18:14:53.0765 0xa754  [ EB0D72D2844C57F5F146D7A15B04FBF9, 3DFEDA024AD5D54EEAF7D4411153CFA8AD95FCF217E09F2B7AFD2D91EE623BF2 ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
18:14:53.0765 0xa754  klpd - ok
18:14:53.0781 0xa754  [ 040A3BC4AF5A0430A1D9A758F076465E, D371BC29283AA645CF31D6EDB7D4562B7CF8D664D681B9033B948D71F4CC3EE6 ] kltdi           C:\WINDOWS\system32\DRIVERS\kltdi.sys
18:14:53.0781 0xa754  kltdi - ok
18:14:53.0796 0xa754  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:14:53.0812 0xa754  kmixer - ok
18:14:53.0828 0xa754  [ 4D19D96447E160A7E4B479037761BBC1, AD34C9C678030744ADD00B09A96C368167AA303DDC39BE74B1538E7AF8A82CB8 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
18:14:53.0843 0xa754  kneps - ok
18:14:53.0859 0xa754  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:14:53.0859 0xa754  KSecDD - ok
18:14:53.0890 0xa754  [ 0F8B7BF7097D1E8D78F2F52A2BEA03CD, 62E92E7D1C523E6C16DA42D7E4B86B2E02665B63387484867FFDE9AC4712075A ] L8042PR2        C:\WINDOWS\system32\Drivers\l8042pr2.sys
18:14:53.0890 0xa754  L8042PR2 - ok
18:14:53.0906 0xa754  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
18:14:53.0906 0xa754  lanmanserver - ok
18:14:53.0937 0xa754  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:14:53.0968 0xa754  lanmanworkstation - ok
18:14:53.0984 0xa754  Lbd - ok
18:14:53.0984 0xa754  lbrtfdc - ok
18:14:54.0125 0xa754  [ A97EEB81F05BCE3D7AA6C81F04EF39A4, 5FE994FD8CA68BD9182C058F2A3C97AADF529BD10BE6E14E4825DB1F934D7F77 ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
18:14:54.0171 0xa754  LiveUpdate - ok
18:14:54.0203 0xa754  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:14:54.0203 0xa754  LmHosts - ok
18:14:54.0234 0xa754  [ AEF09673376A4D93C09E8341854F1BF4, A760244ABE5801AB4BEA91702F7926943DBEAC46311D50DAB8C635338585AFD5 ] LMouFlt2        C:\WINDOWS\system32\Drivers\LMouFlt2.sys
18:14:54.0250 0xa754  LMouFlt2 - ok
18:14:54.0296 0xa754  [ 780D96F551833E0DCFE0A33B02B774E8, 856F4E361A5956FE30CFF73112C3E2E59B4034C47F1B051A39DD9787FCABC9A2 ] MemeoBackgroundService C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
18:14:54.0312 0xa754  MemeoBackgroundService - ok
18:14:54.0359 0xa754  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:14:54.0375 0xa754  Messenger - ok
18:14:54.0390 0xa754  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:14:54.0390 0xa754  mnmdd - ok
18:14:54.0406 0xa754  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:14:54.0406 0xa754  mnmsrvc - ok
18:14:54.0421 0xa754  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:14:54.0437 0xa754  Modem - ok
18:14:54.0453 0xa754  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:14:54.0484 0xa754  Mouclass - ok
18:14:54.0500 0xa754  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:14:54.0515 0xa754  mouhid - ok
18:14:54.0515 0xa754  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:14:54.0515 0xa754  MountMgr - ok
18:14:54.0562 0xa754  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:14:54.0562 0xa754  MozillaMaintenance - ok
18:14:54.0562 0xa754  mraid35x - ok
18:14:54.0578 0xa754  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:14:54.0578 0xa754  MRxDAV - ok
18:14:54.0609 0xa754  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:14:54.0625 0xa754  MRxSmb - ok
18:14:54.0640 0xa754  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
18:14:54.0640 0xa754  MSDTC - ok
18:14:54.0656 0xa754  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:14:54.0656 0xa754  Msfs - ok
18:14:54.0656 0xa754  MSIServer - ok
18:14:54.0671 0xa754  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:14:54.0687 0xa754  MSKSSRV - ok
18:14:54.0687 0xa754  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:14:54.0687 0xa754  MSPCLOCK - ok
18:14:54.0703 0xa754  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:14:54.0703 0xa754  MSPQM - ok
18:14:54.0703 0xa754  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:14:54.0718 0xa754  mssmbios - ok
18:14:54.0718 0xa754  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:14:54.0718 0xa754  MSTEE - ok
18:14:54.0750 0xa754  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:14:54.0781 0xa754  Mup - ok
18:14:54.0812 0xa754  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:14:54.0828 0xa754  NABTSFEC - ok
18:14:54.0875 0xa754  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:14:54.0875 0xa754  napagent - ok
18:14:54.0890 0xa754  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:14:54.0890 0xa754  NDIS - ok
18:14:54.0906 0xa754  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:14:54.0921 0xa754  NdisIP - ok
18:14:54.0953 0xa754  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:14:54.0953 0xa754  NdisTapi - ok
18:14:54.0968 0xa754  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:14:54.0968 0xa754  Ndisuio - ok
18:14:54.0968 0xa754  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:14:54.0968 0xa754  NdisWan - ok
18:14:55.0000 0xa754  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:14:55.0062 0xa754  NDProxy - ok
18:14:55.0062 0xa754  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:14:55.0062 0xa754  NetBIOS - ok
18:14:55.0078 0xa754  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:14:55.0093 0xa754  NetBT - ok
18:14:55.0109 0xa754  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:14:55.0109 0xa754  NetDDE - ok
18:14:55.0125 0xa754  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:14:55.0125 0xa754  NetDDEdsdm - ok
18:14:55.0140 0xa754  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:14:55.0156 0xa754  Netlogon - ok
18:14:55.0171 0xa754  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
18:14:55.0187 0xa754  Netman - ok
18:14:55.0203 0xa754  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:14:55.0296 0xa754  NetTcpPortSharing - ok
18:14:55.0328 0xa754  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:14:55.0343 0xa754  Nla - ok
18:14:55.0359 0xa754  [ 48FB907B069524F2DC7BA62A0762850C, 069FDABF61DEA0D74753D6E76601898D21E8C0E74C98413706FA48CBEB0BECEF ] nmwcd           C:\WINDOWS\system32\drivers\ccdcmb.sys
18:14:55.0359 0xa754  nmwcd - ok
18:14:55.0390 0xa754  [ 2914CEB789964141AC6E22C6BC980C42, CD0B1D59C1A37A5E558839A1F4760A219A47D58089459A474A5419DDE3F831C8 ] nmwcdc          C:\WINDOWS\system32\drivers\ccdcmbo.sys
18:14:55.0390 0xa754  nmwcdc - ok
18:14:55.0593 0xa754  [ 9878A4F006D5D95FCDCBE172FA0FE381, 627D4A0FD1310C2E4220097437DB51289F4110C0B6C46E01C4BDC968A45C13DA ] Norton Ghost    C:\Program Files\Norton Ghost\Agent\VProSvc.exe
18:14:55.0687 0xa754  Norton Ghost - ok
18:14:55.0703 0xa754  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:14:55.0703 0xa754  Npfs - ok
18:14:55.0750 0xa754  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:14:55.0765 0xa754  Ntfs - ok
18:14:55.0765 0xa754  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:14:55.0765 0xa754  NtLmSsp - ok
18:14:55.0796 0xa754  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:14:55.0812 0xa754  NtmsSvc - ok
18:14:55.0812 0xa754  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:14:55.0828 0xa754  Null - ok
18:14:56.0250 0xa754  [ 8E72E452B9CC1E455D19E3C9FA964D37, 5242982754402BB7F1D05A467EF98CFA62BC14AC901E975477F8332000AD1D57 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:14:56.0484 0xa754  nv - ok
18:14:56.0531 0xa754  [ 20E15B182DE3EFDFEA3AECB86A04E5CA, 23C0D83486DD9C39829D79BDA2C0A6FAA167DF5674E3E15F53CC69FF06139CCE ] nvgts           C:\WINDOWS\system32\drivers\nvgts.sys
18:14:56.0546 0xa754  nvgts - ok
18:14:56.0593 0xa754  [ 50ACB7253D1104E5917E15A0670D63D5, 654003938B75E905F592305BB4011F3A79D406B165A77072655F5D8FA3A6504C ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32.sys
18:14:56.0593 0xa754  NVHDA - ok
18:14:56.0625 0xa754  [ 55907E139E9AD988241E7194158800D9, 7684D05C183B16E3015C4E3C2FC4FAC0B763380AFC3BE91ED21F359353208193 ] nvrd32          C:\WINDOWS\system32\drivers\nvrd32.sys
18:14:56.0625 0xa754  nvrd32 - ok
18:14:56.0656 0xa754  [ 934833B3CD462A6F8A96F64D024C8B20, D64DC1BACF732F7EBDB0698C181C492A51C88B932E8E18C7A22814D3155E5D37 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
18:14:56.0671 0xa754  NVSvc - ok
18:14:56.0703 0xa754  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:14:56.0703 0xa754  NwlnkFlt - ok
18:14:56.0718 0xa754  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:14:56.0734 0xa754  NwlnkFwd - ok
18:14:56.0781 0xa754  [ B90ED00CA338EC1943CF167605AD8746, BDEAC2733ADF021A6CD4E9277D758222A213E2677C18E7C54CF11370793EFB9D ] OlyUsbCam       C:\WINDOWS\system32\DRIVERS\OlyUsbCam.sys
18:14:56.0781 0xa754  OlyUsbCam - ok
18:14:56.0828 0xa754  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:14:56.0828 0xa754  ose - ok
18:14:56.0875 0xa754  [ 85DDEEB05D78E2E0B3C43B233D46A8E0, 785808D06D1834A51FA61C3C1CDCC7ED63FEF00028A4B693B5C342D4E6E5232F ] Paragon System Backup Service C:\Program Files\Paragon Software\System Backup 10 Special Edition - GOTD (English)\program\dbhservice.exe
18:14:56.0890 0xa754  Paragon System Backup Service - ok
18:14:56.0921 0xa754  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
18:14:56.0953 0xa754  Parport - ok
18:14:56.0953 0xa754  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:14:56.0968 0xa754  PartMgr - ok
18:14:56.0984 0xa754  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:14:57.0000 0xa754  ParVdm - ok
18:14:57.0015 0xa754  [ FD2041E9BA03DB7764B2248F02475079, DECEED110524BF83B4097188BF24BF0DDE1CE838DF7748B0DC807ABE351EB20A ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
18:14:57.0015 0xa754  pccsmcfd - ok
18:14:57.0031 0xa754  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:14:57.0046 0xa754  PCI - ok
18:14:57.0046 0xa754  PCIDump - ok
18:14:57.0078 0xa754  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:14:57.0078 0xa754  PCIIde - ok
18:14:57.0093 0xa754  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:14:57.0109 0xa754  Pcmcia - ok
18:14:57.0109 0xa754  PDCOMP - ok
18:14:57.0109 0xa754  PDFRAME - ok
18:14:57.0109 0xa754  PDRELI - ok
18:14:57.0125 0xa754  PDRFRAME - ok
18:14:57.0125 0xa754  perc2 - ok
18:14:57.0125 0xa754  perc2hib - ok
18:14:57.0140 0xa754  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
18:14:57.0140 0xa754  PlugPlay - ok
18:14:57.0156 0xa754  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:14:57.0156 0xa754  PolicyAgent - ok
18:14:57.0171 0xa754  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:14:57.0171 0xa754  PptpMiniport - ok
18:14:57.0187 0xa754  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:14:57.0187 0xa754  ProtectedStorage - ok
18:14:57.0203 0xa754  [ F115AF58ABE5605D7D709CBFBD83F418, 4855FCD6E455D6E374CE92E5B37D61E7E6D8A861BA76521E7CC2542621853471 ] ProtexisLicensing C:\WINDOWS\system32\PSIService.exe
18:14:57.0218 0xa754  ProtexisLicensing - ok
18:14:57.0250 0xa754  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:14:57.0250 0xa754  PSched - ok
18:14:57.0265 0xa754  [ D24DFD16A1E2A76034DF5AA18125C35D, BB1F2BB3EB69DE742AA8ED33DCB572888BC473182E0F7DA860CB57903C9924A6 ] PSI             C:\WINDOWS\system32\DRIVERS\psi_mf.sys
18:14:57.0265 0xa754  PSI - ok
18:14:57.0296 0xa754  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
18:14:57.0296 0xa754  PSI_SVC_2 - ok
18:14:57.0296 0xa754  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:14:57.0296 0xa754  Ptilink - ok
18:14:57.0328 0xa754  [ 688983E03C0D82B2EFA1DB89792C4C6C, 70F885B0FD7A83AB60D06BBADABF15FCB92CBB43388C02623C5891DC711BE3BE ] PTSimBus        C:\WINDOWS\system32\DRIVERS\PTSimBus.sys
18:14:57.0328 0xa754  PTSimBus - ok
18:14:57.0343 0xa754  [ FDC1A2E536B5CBCE1C2245CD5AD910EB, 955941E1E1D97F713845D1055C0FC99BBC2CD57B433A12B1E99BFA10CE0404C0 ] PTSimHid        C:\WINDOWS\system32\DRIVERS\PTSimHid.sys
18:14:57.0343 0xa754  PTSimHid - ok
18:14:57.0359 0xa754  [ 81088114178112618B1C414A65E50F7C, A3376C35D9D9AA3F81904DB58A1C3B8E096582220E480E7E1D16F737AA18271B ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:14:57.0359 0xa754  PxHelp20 - ok
18:14:57.0375 0xa754  [ FDDD1AEB9F81EF1E6E48AE1EDC2A97D6, 262F3EA6BDBA3D432D5F0323FA58E5C8736A91D39C12B9B7513E1704E991BDDD ] QCDonner        C:\WINDOWS\system32\DRIVERS\OVCD.sys
18:14:57.0375 0xa754  QCDonner - ok
18:14:57.0390 0xa754  ql1080 - ok
18:14:57.0390 0xa754  Ql10wnt - ok
18:14:57.0390 0xa754  ql12160 - ok
18:14:57.0406 0xa754  ql1240 - ok
18:14:57.0406 0xa754  ql1280 - ok
18:14:57.0421 0xa754  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:14:57.0421 0xa754  RasAcd - ok
18:14:57.0453 0xa754  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:14:57.0468 0xa754  RasAuto - ok
18:14:57.0500 0xa754  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:14:57.0500 0xa754  Rasl2tp - ok
18:14:57.0515 0xa754  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:14:57.0531 0xa754  RasMan - ok
18:14:57.0546 0xa754  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:14:57.0546 0xa754  RasPppoe - ok
18:14:57.0546 0xa754  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:14:57.0546 0xa754  Raspti - ok
18:14:57.0562 0xa754  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:14:57.0562 0xa754  Rdbss - ok
18:14:57.0578 0xa754  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:14:57.0578 0xa754  RDPCDD - ok
18:14:57.0578 0xa754  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:14:57.0593 0xa754  rdpdr - ok
18:14:57.0625 0xa754  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:14:57.0640 0xa754  RDPWD - ok
18:14:57.0656 0xa754  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:14:57.0656 0xa754  RDSessMgr - ok
18:14:57.0671 0xa754  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:14:57.0671 0xa754  redbook - ok
18:14:57.0687 0xa754  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:14:57.0703 0xa754  RemoteAccess - ok
18:14:57.0718 0xa754  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:14:57.0718 0xa754  RemoteRegistry - ok
18:14:57.0734 0xa754  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:14:57.0765 0xa754  RpcLocator - ok
18:14:57.0796 0xa754  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:14:57.0796 0xa754  RpcSs - ok
18:14:57.0828 0xa754  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:14:57.0828 0xa754  RSVP - ok
18:14:57.0859 0xa754  [ 493B54A894A6E70DD02961A68DB8863F, 49E0C3A1AA8F23BED6650DA0FADD9C9F234132C1D1772BA15D59ACE9E42F66EF ] rtl8029         C:\WINDOWS\system32\DRIVERS\RTL8029.SYS
18:14:57.0859 0xa754  rtl8029 - ok
18:14:57.0875 0xa754  [ F0A21C62B9B835E1C96268EAAE31D239, F30C75406E3F1D7161DAEAE516D977A4F26ABC6FBFE925B7DF556BA447E4944D ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
18:14:57.0875 0xa754  RTLE8023xp - ok
18:14:57.0890 0xa754  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:14:57.0890 0xa754  SamSs - ok
18:14:57.0906 0xa754  [ 2A54EFF79B03A8C2389F2BB0F2264F1E, FC69411236DBB59A1FB92A580224B1F0D34CCF791FA77CEC4CA10F441FBF787A ] Samsung UPD Service2 C:\WINDOWS\system32\SUPDSvc2.exe
18:14:57.0921 0xa754  Samsung UPD Service2 - ok
18:14:57.0937 0xa754  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:14:57.0953 0xa754  SCardSvr - ok
18:14:57.0968 0xa754  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:14:57.0984 0xa754  Schedule - ok
18:14:58.0046 0xa754  [ 16B44D246835EAC156F8DAF0AA4F530C, F882BE1B27C0500AEE34BB9D9B69EBD258A19418475DB5552345DC844CDA1ECB ] SeagateDashboardService C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
18:14:58.0046 0xa754  SeagateDashboardService - ok
18:14:58.0062 0xa754  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:14:58.0062 0xa754  Secdrv - ok
18:14:58.0078 0xa754  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:14:58.0078 0xa754  seclogon - ok
18:14:58.0156 0xa754  [ 7198BBFBE46C0070257278C536386687, 8670549D1C26F5924B3FADC35AD526C56728A51D377369B1C74397496497BE5D ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
18:14:58.0218 0xa754  Secunia PSI Agent - ok
18:14:58.0281 0xa754  [ D2FCA567F9BE87E29B9A9FA32FFE79CA, 2DEFC814B5979A80FFC74242871C9ECB09FBCA994BF9069D6B1E94A5F7588F17 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
18:14:58.0359 0xa754  Secunia Update Agent - ok
18:14:58.0375 0xa754  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
18:14:58.0390 0xa754  SENS - ok
18:14:58.0406 0xa754  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:14:58.0421 0xa754  serenum - ok
18:14:58.0437 0xa754  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:14:58.0437 0xa754  Serial - ok
18:14:58.0546 0xa754  [ 7D3903AF48E6C1DC2704EAFCB608D031, 95B0F3F4958357C919ADF31D76744D16810325C7313767395521838F65DB3FE0 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
18:14:58.0625 0xa754  ServiceLayer - ok
18:14:58.0734 0xa754  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
18:14:58.0750 0xa754  Sfloppy - ok
18:14:58.0812 0xa754  [ 73A4BB091A1374203C8DD1598EE91223, 95CE6CE92F8E07B93352B2C7D7132CE25DCBBCF825B4CF76A0AC3A44E542BFA0 ] SFSZ            C:\WINDOWS\system32\drivers\sfsz.sys
18:14:58.0890 0xa754  SFSZ - ok
18:14:58.0937 0xa754  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:14:58.0937 0xa754  SharedAccess - ok
18:14:58.0953 0xa754  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:14:58.0953 0xa754  ShellHWDetection - ok
18:14:58.0968 0xa754  Simbad - ok
18:14:58.0984 0xa754  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:14:59.0000 0xa754  SLIP - ok
18:14:59.0015 0xa754  [ 14BB60A4F1C5291217A05D5728C403E6, 0F4DD318A58576DC867AB9DDD33393948DB795C187DED5D6DDD7D6A54E0F157B ] SmartDefragDriver C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys
18:14:59.0015 0xa754  SmartDefragDriver - ok
18:14:59.0031 0xa754  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] SMTPSVC         C:\WINDOWS\system32\inetsrv\inetinfo.exe
18:14:59.0031 0xa754  SMTPSVC - ok
18:14:59.0046 0xa754  [ 60C377BE6B3CC83F6A8584934B181D2E, 58F94CAD0149F634BE2F630A39561073F9399A904E3E3143C0D0BEC348A0C3B2 ] SNMP            C:\WINDOWS\System32\snmp.exe
18:14:59.0046 0xa754  SNMP - ok
18:14:59.0093 0xa754  [ 80A050795A107A76C2B1CD4CFBE010E6, DA5BFB0E8E990BE998F1ED5991CA3318A99E0F252669CE9FAE2EF67C535140B8 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
18:14:59.0093 0xa754  SNMPTRAP - ok
18:14:59.0093 0xa754  Sparrow - ok
18:14:59.0109 0xa754  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:14:59.0109 0xa754  splitter - ok
18:14:59.0140 0xa754  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:14:59.0140 0xa754  Spooler - ok
18:14:59.0187 0xa754  [ 527BBE1A1E98E634B540325491927EFE, E7F3EFA9CC310886431E8EA015ED6773645DEE881581048F3E500D0CBBDDCAD3 ] Spyder2         C:\WINDOWS\system32\DRIVERS\Spyder2.sys
18:14:59.0187 0xa754  Spyder2 - ok
18:14:59.0203 0xa754  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:14:59.0203 0xa754  sr - ok
18:14:59.0203 0xa754  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
18:14:59.0218 0xa754  srservice - ok
18:14:59.0265 0xa754  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:14:59.0281 0xa754  Srv - ok
18:14:59.0312 0xa754  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:14:59.0328 0xa754  SSDPSRV - ok
18:14:59.0359 0xa754  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:14:59.0375 0xa754  stisvc - ok
18:14:59.0390 0xa754  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:14:59.0390 0xa754  streamip - ok
18:14:59.0406 0xa754  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:14:59.0421 0xa754  swenum - ok
18:14:59.0437 0xa754  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:14:59.0453 0xa754  swmidi - ok
18:14:59.0468 0xa754  SwPrv - ok
18:14:59.0468 0xa754  Symantec SymSnap VSS Provider - ok
18:14:59.0484 0xa754  symc810 - ok
18:14:59.0484 0xa754  symc8xx - ok
18:14:59.0500 0xa754  [ 4B016FA3594B04506B9246D8E3EB0B66, B0C86004ABEB4B9E6A367214C76FA159EDE0487B051273FD3B3E32AE8C5DED07 ] symsnap         C:\WINDOWS\system32\DRIVERS\symsnap.sys
18:14:59.0515 0xa754  symsnap - ok
18:14:59.0625 0xa754  [ 510A2C7D11415E770DB2B270A267E682, 363FCDC9820FA4495C6C8124CE519828574A471D8C6A1F266892CC7F58AC34AA ] SymSnapService  C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe
18:14:59.0734 0xa754  SymSnapService - ok
18:14:59.0750 0xa754  sym_hi - ok
18:14:59.0750 0xa754  sym_u3 - ok
18:14:59.0765 0xa754  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:14:59.0765 0xa754  sysaudio - ok
18:14:59.0781 0xa754  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:14:59.0812 0xa754  SysmonLog - ok
18:14:59.0828 0xa754  Tablet2k - ok
18:14:59.0843 0xa754  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:14:59.0859 0xa754  TapiSrv - ok
18:14:59.0875 0xa754  [ 1B3C28D36E669DEEB39331255A3FEEEB, 0710BD72D747BFD3E4BD54114FED0D34907E356CDF8204ABE43AF6CFA40BE401 ] TClass2k        C:\WINDOWS\system32\DRIVERS\TClass2k.sys
18:14:59.0875 0xa754  TClass2k - ok
18:14:59.0921 0xa754  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:14:59.0921 0xa754  Tcpip - ok
18:14:59.0937 0xa754  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:14:59.0953 0xa754  TDPIPE - ok
18:14:59.0968 0xa754  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:14:59.0968 0xa754  TDTCP - ok
18:14:59.0968 0xa754  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:14:59.0968 0xa754  TermDD - ok
18:15:00.0000 0xa754  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:15:00.0015 0xa754  TermService - ok
18:15:00.0031 0xa754  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:15:00.0031 0xa754  Themes - ok
18:15:00.0062 0xa754  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
18:15:00.0062 0xa754  TlntSvr - ok
18:15:00.0078 0xa754  TosIde - ok
18:15:00.0093 0xa754  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:15:00.0109 0xa754  TrkWks - ok
18:15:00.0125 0xa754  [ 051AA2BB2BD20C55A8BE41B10765B621, A1B07BC3F12B59965256598D48CF9E06A9D26F187F8E7D6B23E601531185A922 ] UCTblHid        C:\WINDOWS\system32\DRIVERS\UCTblHid.sys
18:15:00.0125 0xa754  UCTblHid - ok
18:15:00.0140 0xa754  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:15:00.0140 0xa754  Udfs - ok
18:15:00.0156 0xa754  [ D596E6D2793C5B12D6B4180AEF802E7B, 169B62ED66A53E7EA9FF02356FE1F26D890433C9A67E40730055B96C17A795BB ] UimBus          C:\WINDOWS\system32\DRIVERS\UimBus.sys
18:15:00.0156 0xa754  UimBus - ok
18:15:00.0187 0xa754  [ 0B8957E99178DC6B9306B5F95DB7C542, A8152961080FBCAC591CBA752A275BFD9C57308B7EE0C91FCA1CF439F54B016B ] Uim_DEVIM       C:\WINDOWS\system32\DRIVERS\uim_devim.sys
18:15:00.0187 0xa754  Uim_DEVIM - ok
18:15:00.0218 0xa754  [ 6B0339DAC02B529CB9FC6C012F78A105, 3B2B60D1844BD9DD416D3073E6749E5482A4B038EB0424F84BB828A145B8EA26 ] Uim_IM          C:\WINDOWS\system32\Drivers\Uim_IM.sys
18:15:00.0250 0xa754  Uim_IM - ok
18:15:00.0250 0xa754  [ 01679E434C97D78655DC69864FEA06AD, 8D1FE558F6D868846842407593569A06CFAB03D90EEF95536412123810655304 ] Uim_Vim         C:\WINDOWS\system32\Drivers\Uim_Vim.sys
18:15:00.0265 0xa754  Uim_Vim - ok
18:15:00.0265 0xa754  ultra - ok
18:15:00.0312 0xa754  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:15:00.0343 0xa754  Update - ok
18:15:00.0359 0xa754  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:15:00.0375 0xa754  upnphost - ok
18:15:00.0421 0xa754  [ E526A166E6ACAFD0A9B3841D3941669E, 3DDB92995C57A0A453D20F36EA192D6878DA18D49E737D63903D9FF919FF14F7 ] upperdev        C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
18:15:00.0421 0xa754  upperdev - ok
18:15:00.0437 0xa754  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
18:15:00.0437 0xa754  UPS - ok
18:15:00.0468 0xa754  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:15:00.0468 0xa754  usbccgp - ok
18:15:00.0500 0xa754  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:15:00.0515 0xa754  usbehci - ok
18:15:00.0515 0xa754  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:15:00.0515 0xa754  usbhub - ok
18:15:00.0531 0xa754  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:15:00.0531 0xa754  usbohci - ok
18:15:00.0546 0xa754  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:15:00.0546 0xa754  usbprint - ok
18:15:00.0578 0xa754  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:15:00.0578 0xa754  usbscan - ok
18:15:00.0593 0xa754  [ 84C44D720655A8AA475E57A9E764D675, 2D450199338A217FBD951317812A74223E8B477974C7634667E8896316C3FEA0 ] usbser          C:\WINDOWS\system32\DRIVERS\usbser.sys
18:15:00.0593 0xa754  usbser - ok
18:15:00.0593 0xa754  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:15:00.0593 0xa754  USBSTOR - ok
18:15:00.0687 0xa754  [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
18:15:00.0703 0xa754  usbvideo - ok
18:15:00.0734 0xa754  [ 2A7A8AD9D39A2FAF9D9293B5DAFF3A4B, 38C6F6A440B718C75F7A1361297ACE671FC258B75BDCE9E0C27D497E3DF03C61 ] USB_RNDIS       C:\WINDOWS\system32\DRIVERS\usb8023.sys
18:15:00.0750 0xa754  USB_RNDIS - ok
18:15:00.0781 0xa754  [ 1747E022B76BC248795B0AEDECCCF96F, 5A75E9C2C2D5EB51543F8143DA5B41CBEEA4CDC330E3749BB64688F25A8338D6 ] v2imount        C:\WINDOWS\system32\DRIVERS\v2imount.sys
18:15:00.0796 0xa754  v2imount - ok
18:15:00.0812 0xa754  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:15:00.0812 0xa754  VgaSave - ok
18:15:00.0812 0xa754  ViaIde - ok
18:15:00.0937 0xa754  [ 4DE25C5721B6C7B74A62DBDC7FA8B577, 84AC9EBA584D574D2187E3C66061D2225D59F0BFF21BB62778DA7F12189E683D ] VmbService      C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
18:15:00.0937 0xa754  VmbService - ok
18:15:00.0953 0xa754  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:15:00.0968 0xa754  VolSnap - ok
18:15:00.0984 0xa754  [ E78781B2C86C92A0A738DF566460F716, FF6FCCF1C9FD6AB0139793EE117CC6E09FAF690F3F93B78C498C75AEEBA01762 ] VProEventMonitor C:\WINDOWS\system32\DRIVERS\vproeventmonitor.sys
18:15:01.0000 0xa754  VProEventMonitor - ok
18:15:01.0031 0xa754  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
18:15:01.0031 0xa754  VSS - ok
18:15:01.0046 0xa754  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
18:15:01.0062 0xa754  W32Time - ok
18:15:01.0078 0xa754  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] W3SVC           C:\WINDOWS\system32\inetsrv\inetinfo.exe
18:15:01.0078 0xa754  W3SVC - ok
18:15:01.0093 0xa754  WACService - ok
18:15:01.0109 0xa754  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:15:01.0125 0xa754  Wanarp - ok
18:15:01.0140 0xa754  [ 46A247F6617526AFE38B6F12F5512120, 24931910E3D678829A7A6CF1140CFE428E05057A4D3A14086ED66B884E847D2D ] wceusbsh        C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
18:15:01.0140 0xa754  wceusbsh - ok
18:15:01.0187 0xa754  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
18:15:01.0203 0xa754  Wdf01000 - ok
18:15:01.0218 0xa754  WDICA - ok
18:15:01.0234 0xa754  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:15:01.0234 0xa754  wdmaud - ok
18:15:01.0250 0xa754  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:15:01.0265 0xa754  WebClient - ok
18:15:01.0296 0xa754  [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4, A6020D41FEA0CC76D0C3CA3A88F3E9493022CD5A549E18B02D69A482B579F339 ] WimFltr         C:\WINDOWS\system32\DRIVERS\wimfltr.sys
18:15:01.0312 0xa754  WimFltr - ok
18:15:01.0328 0xa754  [ 05FB36A51E04A6C6B3A5F125FA692E6B, 2EC85CEA38C19CB8FF369565074A6A261804AAE016337AB193943162AE270D2D ] wimmount        C:\WINDOWS\system32\DRIVERS\wimmount.sys
18:15:01.0328 0xa754  wimmount - ok
18:15:01.0390 0xa754  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:15:01.0406 0xa754  winmgmt - ok
18:15:01.0453 0xa754  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:15:01.0531 0xa754  WinRM - ok
18:15:01.0562 0xa754  [ A44B42FDE757208224F11E16458870D3, EE1C8289A378AB506F6DEEDF99CC37EA987F2F2C0BC3F07DC060484394A2BBBD ] WinTabService   C:\WINDOWS\System32\Drivers\WTSRV.EXE
18:15:01.0578 0xa754  WinTabService - ok
18:15:01.0593 0xa754  wltrysvc - ok
18:15:01.0609 0xa754  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
18:15:01.0609 0xa754  WmdmPmSN - ok
18:15:01.0703 0xa754  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
18:15:01.0718 0xa754  Wmi - ok
18:15:01.0765 0xa754  [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
18:15:01.0781 0xa754  WmiAcpi - ok
18:15:01.0812 0xa754  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:15:01.0906 0xa754  WmiApSrv - ok
18:15:01.0984 0xa754  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
18:15:02.0015 0xa754  WMPNetworkSvc - ok
18:15:02.0031 0xa754  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:15:02.0031 0xa754  WpdUsb - ok
18:15:02.0093 0xa754  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:15:02.0140 0xa754  WPFFontCache_v0400 - ok
18:15:02.0171 0xa754  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:15:02.0187 0xa754  wscsvc - ok
18:15:02.0187 0xa754  WSearch - ok
18:15:02.0203 0xa754  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:15:02.0203 0xa754  WSTCODEC - ok
18:15:02.0234 0xa754  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:15:02.0265 0xa754  wuauserv - ok
18:15:02.0281 0xa754  [ EAA6324F51214D2F6718977EC9CE0DEF, B9DE1521395E09233FE519873702979C3EAF65FEC4B94B12A46CECB16C488543 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:15:02.0296 0xa754  WudfPf - ok
18:15:02.0312 0xa754  [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
18:15:02.0328 0xa754  WudfRd - ok
18:15:02.0343 0xa754  [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
18:15:02.0359 0xa754  WudfSvc - ok
18:15:02.0390 0xa754  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:15:02.0406 0xa754  WZCSVC - ok
18:15:02.0421 0xa754  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:15:02.0437 0xa754  xmlprov - ok
18:15:02.0468 0xa754  [ 00AE175B903D45ED4A62384D3315DC2A, FAAAD00B96DDCDEB396D479F89207A0EEC374871C6340AACDDB95BF289D6330C ] ZDPSp50         C:\WINDOWS\system32\Drivers\ZDPSp50.sys
18:15:02.0484 0xa754  ZDPSp50 - ok
18:15:02.0515 0xa754  [ D2B32E42CFC9E6762F114AA07D302698, 8D9308E1AEEF9939CAEC9AA68C73C364EB7D735372ED77DB5946585FC1AF1C3B ] ZetBus          C:\WINDOWS\system32\DRIVERS\ZetBus.sys
18:15:02.0515 0xa754  ZetBus - ok
18:15:02.0531 0xa754  [ 482F4E0517163118C4F1A58DC9F01C5C, 97757472BAD57B33E84C7A64379158B11189B5FAF9C8401413930F95E5848436 ] ZetMPD          C:\WINDOWS\system32\DRIVERS\ZetMPD.sys
18:15:02.0531 0xa754  ZetMPD - ok
18:15:02.0546 0xa754  [ 023742125E77ED9BF306EC027F0BF942, BFE03E68BC2A81BDC7F7FB713CC038BA17156482DD7A2246320F5DB256156C32 ] ZetSFD          C:\WINDOWS\system32\DRIVERS\ZetSFD.sys
18:15:02.0562 0xa754  ZetSFD - ok
18:15:02.0562 0xa754  ================ Scan global ===============================
18:15:02.0609 0xa754  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
18:15:02.0718 0xa754  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:15:02.0765 0xa754  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:15:02.0781 0xa754  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
18:15:02.0796 0xa754  [ Global ] - ok
18:15:02.0796 0xa754  ================ Scan MBR ==================================
18:15:02.0812 0xa754  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
18:15:02.0890 0xa754  \Device\Harddisk0\DR0 - ok
18:15:02.0906 0xa754  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
18:15:03.0234 0xa754  \Device\Harddisk1\DR1 - ok
18:15:03.0250 0xa754  [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk6\DR11
18:15:03.0390 0xa754  \Device\Harddisk6\DR11 - ok
18:15:03.0390 0xa754  ================ Scan VBR ==================================
18:15:03.0406 0xa754  [ F0678EAF12D3A004C838EDE8CC527A13 ] \Device\Harddisk0\DR0\Partition1
18:15:03.0421 0xa754  \Device\Harddisk0\DR0\Partition1 - ok
18:15:03.0421 0xa754  [ B4029665334DFC4AD2DF491937A76C56 ] \Device\Harddisk1\DR1\Partition1
18:15:03.0484 0xa754  \Device\Harddisk1\DR1\Partition1 - ok
18:15:03.0484 0xa754  [ C97BCC3491D5FBF85ABCC7EC28EC1868 ] \Device\Harddisk1\DR1\Partition2
18:15:03.0578 0xa754  \Device\Harddisk1\DR1\Partition2 - ok
18:15:03.0578 0xa754  [ 06EA785B28B6D1BAE4798DCE1C2D4720 ] \Device\Harddisk1\DR1\Partition3
18:15:03.0703 0xa754  \Device\Harddisk1\DR1\Partition3 - ok
18:15:03.0718 0xa754  [ 2AC953251262348876DA404F914D5DE3 ] \Device\Harddisk1\DR1\Partition4
18:15:03.0796 0xa754  \Device\Harddisk1\DR1\Partition4 - ok
18:15:03.0796 0xa754  [ 9BAC2565AB510A87CF6739C769D16152 ] \Device\Harddisk6\DR11\Partition1
18:15:03.0859 0xa754  \Device\Harddisk6\DR11\Partition1 - ok
18:15:03.0859 0xa754  Waiting for KSN requests completion. In queue: 263
18:15:04.0859 0xa754  Waiting for KSN requests completion. In queue: 263
18:15:05.0859 0xa754  Waiting for KSN requests completion. In queue: 263
18:15:06.0921 0xa754  AV detected via SS1: AVG Anti-Virus Free Edition 2013, 2013.0, enabled, updated
18:15:06.0921 0xa754  AV detected via SS1: Kaspersky Internet Security, 14.0.0.4651, enabled, updated
18:15:06.0937 0xa754  FW detected via SS1: Kaspersky Internet Security, 14.0.0.4651, enabled
18:15:09.0437 0xa754  ============================================================
18:15:09.0437 0xa754  Scan finished
18:15:09.0437 0xa754  ============================================================
18:15:09.0453 0x9e24  Detected object count: 0
18:15:09.0453 0x9e24  Actual detected object count: 0
 
 
ADAWARE Cleaner report to follow, but I thought I'd post this bit first in acase I lose the info during a re-start


#11 peak4

peak4
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sheffield England
  • Local time:12:03 AM

Posted 04 March 2014 - 01:58 PM

OK, now for the ADWCleaner section of the reports.

I followed written process exactly and received error message after the screen where it says it will close all programs

Message as follows;

 

ADW Cleaner Error Message

AUTOLT Error

Line 3943 (File "e:\mydocuments\adawarecleaner.exe") This is where the program downloaded to and was run from

Error subscript used with non-array variable

OK

 

Clicked OK button but wasn't informed about mandatory re-start

Therefore re-scanned and re-cleaned, hence two reports to follow.

 

Firstly 

AdwCleaner[S0].txt

# AdwCleaner v3.020 - Report created 04/03/2014 at 18:31:07

# Updated 27/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Bill - BLACKONE
# Running from : E:\My Documents\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : CltMngSvc
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\eSupport.com
Folder Deleted : C:\Program Files\eSupport.com
Folder Deleted : C:\Program Files\File Type Assistant
Folder Deleted : C:\Program Files\FinalMediaPlayer
Folder Deleted : C:\Program Files\SearchProtect
Folder Deleted : C:\Program Files\Toolbar Cleaner
Folder Deleted : C:\Documents and Settings\Bill\Local Settings\Application Data\AVG Security Toolbar
Folder Deleted : C:\Documents and Settings\Bill\Local Settings\Application Data\eSupport.com
Folder Deleted : C:\Documents and Settings\Bill\Local Settings\Application Data\SearchProtect
Folder Deleted : C:\Documents and Settings\Bill\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\Bill\Application Data\Mozilla\Firefox\Profiles\fff6fspr.default\Extensions\Avg@toolbar
[!] Folder Deleted : C:\Documents and Settings\Bill\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
File Deleted : C:\Documents and Settings\Bill\Start Menu\Programs\Search.lnk
File Deleted : C:\Documents and Settings\Bill\Application Data\Mozilla\Firefox\Profiles\fff6fspr.default\searchplugins\Web Search.xml
File Deleted : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1slaf31k.default\searchplugins\Web Search.xml
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
 
***** [ Shortcuts ] *****
 
And that was the full extent of the file
Second run AdwCleaner[S1].txt
 
# AdwCleaner v3.020 - Report created 04/03/2014 at 18:35:46
# Updated 27/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Bill - BLACKONE
# Running from : E:\My Documents\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
[!] Folder Deleted : C:\Documents and Settings\Bill\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\adawaretb
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
 
-\\ Mozilla Firefox v27.0.1 (en-GB)
 
[ File : C:\Documents and Settings\Bill\Application Data\Mozilla\Firefox\Profiles\fff6fspr.default\prefs.js ]
 
Line Deleted : user_pref("browser.newtab.url", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=f2c786a5-b7f7-3bdd-e90b-8840da486b7e&searchtype=nt&fr=linkury-tb&installDate=05/12/2013&type=hp1[...]
Line Deleted : user_pref("browser.search.defaultenginename", "Web Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Line Deleted : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Line Deleted : user_pref("extensions.asktb.abar-war-timeout", "4000");
Line Deleted : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
Line Deleted : user_pref("extensions.asktb.cbid", "FU");
Line Deleted : user_pref("extensions.asktb.config-updated", false);
Line Deleted : user_pref("extensions.asktb.crumb", "2011.09.01+09.53.53-toolbar012iad-GB-TG9uZG9uLFVuaXRlZCBLaW5nZG9t");
Line Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://uk.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all");
Line Deleted : user_pref("extensions.asktb.displaybehavior", "");
Line Deleted : user_pref("extensions.asktb.displaytext", "");
Line Deleted : user_pref("extensions.asktb.dtid", "YYYYYYYYGB");
Line Deleted : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
Line Deleted : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "UKXX0085");
Line Deleted : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
Line Deleted : user_pref("extensions.asktb.fresh-install", false);
Line Deleted : user_pref("extensions.asktb.guid", "72C0A13E-7397-4510-8041-692A6844CA8D");
Line Deleted : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"hxxps://websearch.ask.com\", [...]
Line Deleted : user_pref("extensions.asktb.if", "su");
Line Deleted : user_pref("extensions.asktb.l", "dis");
Line Deleted : user_pref("extensions.asktb.last-config-req", "1336084248521");
Line Deleted : user_pref("extensions.asktb.locale", "en_UK");
Line Deleted : user_pref("extensions.asktb.location", "London,United Kingdom");
Line Deleted : user_pref("extensions.asktb.lstation", "");
Line Deleted : user_pref("extensions.asktb.new-tab-enabled", true);
Line Deleted : user_pref("extensions.asktb.news-native-on", true);
Line Deleted : user_pref("extensions.asktb.o", "14406");
Line Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Line Deleted : user_pref("extensions.asktb.pstate", "");
Line Deleted : user_pref("extensions.asktb.qsrc", "2871");
Line Deleted : user_pref("extensions.asktb.r", "2");
Line Deleted : user_pref("extensions.asktb.sa", "NO");
Line Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Line Deleted : user_pref("extensions.asktb.silent-upgrade", true);
Line Deleted : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);
Line Deleted : user_pref("extensions.asktb.socialmini-first", true);
Line Deleted : user_pref("extensions.asktb.socialmini-interval", "1200000");
Line Deleted : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Line Deleted : user_pref("extensions.asktb.socialmini-max-items", "30");
Line Deleted : user_pref("extensions.asktb.socialmini-native-on", true);
Line Deleted : user_pref("extensions.asktb.socialmini-speed", "10000");
Line Deleted : user_pref("extensions.asktb.socialmini-transition-first-open", false);
Line Deleted : user_pref("extensions.asktb.themeid", "");
Line Deleted : user_pref("extensions.asktb.timeinstalled", "03/05/2012 12:19:26");
Line Deleted : user_pref("extensions.asktb.to", "");
Line Deleted : user_pref("extensions.asktb.v", "3.15.1.100010");
Line Deleted : user_pref("extensions.asktb.version", "5.15.1.22229");
Line Deleted : user_pref("extensions.asktb.volume", "");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", true);
Line Deleted : user_pref("extensions.helperbar.countryiso", "gb");
Line Deleted : user_pref("extensions.helperbar.downloadprovider", "yahoooc");
Line Deleted : user_pref("extensions.helperbar.installationid", "f2c786a5-b7f7-3bdd-e90b-8840da486b7e");
Line Deleted : user_pref("extensions.helperbar.installdate", "05/12/2013");
Line Deleted : user_pref("extensions.helperbar.publisher", "yahoooc");
Line Deleted : user_pref("extensions.helperbar.type", "hp1000");
Line Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bd70878b0-86ba-4569-8d24-154d3f3325bf%7D&mid=&ds=&v=13.2.0.5&lang=&pr=&d=2012-11-28%2017%3A20%3A17&sap=ku&q=");
 
[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\1slaf31k.default\prefs.js ]
 
Line Deleted : user_pref("browser.startup.homepage", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=f2c786a5-b7f7-3bdd-e90b-8840da486b7e&searchtype=hp&fr=linkury-tb&installDate=05/12/2013&ty[...]
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Line Deleted : user_pref("keyword.URL", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=f2c786a5-b7f7-3bdd-e90b-8840da486b7e&searchtype=ds&fr=linkury-tb&installDate=05/12/2013&type=hp1000&p="[...]
Line Deleted : user_pref("browser.newtab.url", "hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=GB&userid=f2c786a5-b7f7-3bdd-e90b-8840da486b7e&searchtype=nt&fr=linkury-tb&installDate=05/12/2013&type=hp1[...]
 
-\\ Google Chrome v
 
[ File : C:\Documents and Settings\Bill\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
Deleted : search_url
 
*************************
 
AdwCleaner[R0].txt - [17096 octets] - [04/03/2014 18:24:52]
AdwCleaner[R1].txt - [15710 octets] - [04/03/2014 18:34:55]
AdwCleaner[S0].txt - [1825 octets] - [04/03/2014 18:31:07]
AdwCleaner[S1].txt - [15528 octets] - [04/03/2014 18:35:46]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15589 octets] ##########
 
System re-started automatically as expected this time, but also as expected BSOD, so safe mode with Networking at second re-boot. [It still auto re-boots so I can't read the stop error, but had another try with DSLR to film the monitor showing STOP 0x0000007f (0x03??????) I couldn't read the rest.] BlueScreenView still hasn't recorded a MiniDump

 

Junkware removal to follow in next post



#12 peak4

peak4
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sheffield England
  • Local time:12:03 AM

Posted 04 March 2014 - 02:09 PM

Junkware Removal Tool Section

Ran program as requested

Error message part way through

 

Windows No Disk

Exception Processing Message

c0000013 Parameters 75b6b7fc 75b6b7fc 75b6b7fc

 

Pressed Cancel Twice and scan completed

Results to follow;

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by Bill on 04/03/2014 at 19:01:19.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{16C8C46E-C811-4977-BF0A-B5CC1FA78D95}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npmozcouponprinter.dll"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Documents and Settings\Bill\Application Data\getrighttogo"
Successfully deleted: [Folder] "C:\Documents and Settings\Bill\Application Data\software informer"
Successfully deleted: [Folder] "C:\Program Files\software informer"
 
 
 
~~~ FireFox
 
Emptied folder: C:\Documents and Settings\Bill\Application Data\mozilla\firefox\profiles\fff6fspr.default\minidumps [13 files]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04/03/2014 at 19:06:17.54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 
ESET to follow in next post


#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 PM

Posted 04 March 2014 - 02:18 PM

OK, hang in there
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 peak4

peak4
  • Topic Starter

  • Members
  • 40 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sheffield England
  • Local time:12:03 AM

Posted 04 March 2014 - 03:33 PM

OK, hang in there

 

OK No problem, currently at about 12% after about an hour and a quarter.

Several other folks have told me I need hanging in the past, so you're not alone.   :)

Many thanks for your assistance on this one.

 

The problem arose after some MS updates, a couple of which I uninstalled, but two others were not uninstallable.

Following the mandatory restart, I got BSOD from a system which had been running quite stable after the previous BSOD episode when I plugged an SD card in.

Strangely reverting to an earlier restore point from when the system was running normally hasn't helped either.

Starting to lose the plot, so I can't remember actually how old the current restore point that I'm using now is, but don't worry I'll not alter it and invalidate some of this scanning.



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:03 PM

Posted 04 March 2014 - 07:09 PM

Is ESET complete?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users