Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015 Ran by User at 2015-03-26 17:17:31 Running from C:\Users\User\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.) Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader X (10.1.4) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.) AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies) AVG 2014 (Version: 14.0.4311 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell) Cake Queen (HKLM\...\Cake Queen_is1) (Version: 1.0 - Media Contact LLC) CleanUp! (HKLM\...\CleanUp!) (Version: - ) Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: 7.74.00 - Conexant) Dell Best of Web (HKLM\...\{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}) (Version: 1.00.0000 - Dell) Dell Dock (HKLM\...\{F6CB42B9-F033-4152-8813-FF11DA8E6A78}) (Version: 1.0.0 - Dell) Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell Support Center (Support Software) (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.2.08267 - Dell) Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.103.4 - Alps Electric) Dell-eBay (HKLM\...\{B935C985-A17F-484B-8470-09E4FC27DC26}) (Version: 1.00.0000 - Dell) Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.122 - Google Inc.) Google Earth Plug-in (HKLM\...\{79361740-EAE3-11E2-9911-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - ) Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.01.0000 - Intel Corporation) Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Java(TM) 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.) LG United Mobile Drivers (HKLM\...\{B03954CC-E130-4E57-BC83-869978685902}) (Version: 3.3.0.0 - LG Electronics) Lovely Kitchen (HKLM\...\Lovely Kitchen_is1) (Version: 1.0 - Media Contact LLC) Magic Jigsaw (HKLM\...\MagicJigsaw_is1) (Version: 1.0 - Media Contact LLC) Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation) mCore (Version: 9.24.0000 - Intel Corporation) Hidden MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell) mHelp (Version: 9.24.0000 - Intel) Hidden Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation) mMHouse (Version: 9.24.0000 - Intel Corporation) Hidden Modem Diagnostic Tool (HKLM\...\{294EAADF-E50F-4DD8-AD8D-19587EA10512}) (Version: 1.0.24.0 - Dell) mPfMgr (Version: 9.24.0000 - Intel Corporation) Hidden MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) mWMI (Version: 9.24.0000 - Intel Corporation) Hidden OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink) Plants vs. Zombies (HKLM\...\Plants vs. Zombies) (Version: - PopCap Games) QualXServ Service Agreement (HKLM\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.) QuickSet (HKLM\...\{4B6AD248-D3BF-426A-8D64-847288154F13}) (Version: 8.2.20 - Dell Inc.) Red Light Center 3D Client (HKLM\...\Red Light Center 3D Client) (Version: 1.9.4421 - Utherverse Digital Inc) Slingo Supreme (HKLM\...\am-slingosupreme) (Version: - gamehouse) SweetIM for Messenger 3.7 (Version: 3.7.0007 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden THE GAME OF LIFE (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005734}) (Version: - Oberon Media) Unity Web Player (HKU\S-1-5-21-2194354101-4259944992-3842031963-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - ) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2194354101-4259944992-3842031963-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-2194354101-4259944992-3842031963-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-2194354101-4259944992-3842031963-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\User\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-2194354101-4259944992-3842031963-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\User\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited) CustomCLSID: HKU\S-1-5-21-2194354101-4259944992-3842031963-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 05:23 - 2006-09-18 16:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {04744CBC-0A96-4219-8639-E4240B02621B} - System32\Tasks\Norton Security Scan for User => C:\PROGRA~1\NORTON~2\Engine\401~1.16\Nss.exe Task: {1A5B2D1D-CD0B-4F55-93D7-4022758B62CC} - System32\Tasks\{288F86D8-25FB-40BC-B881-F089F1049D84} => pcalua.exe -a C:\LGMobileUpgrade\LGMOBILEAX\BYRLauncher.exe -d C:\LGMobileUpgrade\LGMOBILEAX\ Task: {303987C1-3B80-4F2F-867A-6202D1EF7ADA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2194354101-4259944992-3842031963-1000Core => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-04] (Facebook Inc.) Task: {30C33844-0890-478C-B53D-5C931729608A} - \Advanced System Protector_startup No Task File <==== ATTENTION Task: {432E53D9-BEDD-43B3-8C18-417C6AB2E394} - \PC Performer_DEFAULT No Task File <==== ATTENTION Task: {6DBA4281-7CF3-4A7F-A999-655DCAB254A7} - \PC Performer_UPDATES No Task File <==== ATTENTION Task: {7FCEE231-2EE7-45A2-8E80-1360841F04C3} - \PC Performer No Task File <==== ATTENTION Task: {A232FB45-58C3-45FB-8C94-14E75E56818F} - \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan No Task File <==== ATTENTION Task: {A6395106-69A9-4E31-8F2C-72A228E58990} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-25] (Google Inc.) Task: {ACFDE225-0A48-47CC-B88E-2E429FFE5774} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2194354101-4259944992-3842031963-1000UA => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-04] (Facebook Inc.) Task: {D14638DE-33A9-4FB6-85EF-C82BDF3F066C} - \RegClean Pro No Task File <==== ATTENTION Task: {E0A878AE-6048-43AE-A079-078F9C9508DF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-25] (Adobe Systems Incorporated) Task: {EEE9DDB4-669C-45F9-AF52-428DDCBA6DC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-25] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\0214dUpdateInfo.job => C:\ProgramData\Avg_Update_0214d\0214d_AVG-Secure-Search-Update.exe Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2194354101-4259944992-3842031963-1000Core.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2194354101-4259944992-3842031963-1000UA.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2007-04-25 11:55 - 2007-04-25 11:55 - 01167360 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll 2007-07-25 17:25 - 2007-07-25 17:25 - 00118784 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL 2013-08-16 03:46 - 2013-08-16 03:46 - 00284160 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\VistaBridgeLibrary\0e47927f23b2b510e83586cabb6dfa3e\VistaBridgeLibrary.ni.dll 2014-11-15 23:29 - 2014-11-05 18:57 - 08911176 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.122\pdf.dll 2014-11-15 23:29 - 2014-11-05 18:56 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.122\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:CCB55ECB ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2194354101-4259944992-3842031963-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Public\Pictures\Sample Pictures\Oryx Antelope.jpg DNS Servers: 24.220.0.10 - 24.220.0.11 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-2194354101-4259944992-3842031963-500 - Administrator - Disabled) Guest (S-1-5-21-2194354101-4259944992-3842031963-501 - Limited - Disabled) => C:\Users\Guest User (S-1-5-21-2194354101-4259944992-3842031963-1000 - Administrator - Enabled) => C:\Users\User ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/25/2015 10:56:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/25/2015 10:49:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application svchost.exe_wuauserv, version 6.0.6001.18000, time stamp 0x47918b89, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6, exception code 0xc0000005, fault offset 0x00071cf6, process id 0x1404, application start time 0xsvchost.exe_wuauserv0. Error: (03/25/2015 10:42:53 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/25/2015 10:38:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application svchost.exe_wuauserv, version 6.0.6001.18000, time stamp 0x47918b89, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6, exception code 0xc0000005, fault offset 0x00071cf6, process id 0x1724, application start time 0xsvchost.exe_wuauserv0. Error: (03/25/2015 10:17:55 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/25/2015 10:10:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application svchost.exe_wuauserv, version 6.0.6001.18000, time stamp 0x47918b89, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6, exception code 0xc0000005, fault offset 0x00071cf6, process id 0x1720, application start time 0xsvchost.exe_wuauserv0. Error: (03/25/2015 10:07:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/25/2015 10:03:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application svchost.exe_wuauserv, version 6.0.6001.18000, time stamp 0x47918b89, faulting module kernel32.dll, version 6.0.6002.18704, time stamp 0x5065ccb6, exception code 0xc0000005, fault offset 0x00071cf6, process id 0x590, application start time 0xsvchost.exe_wuauserv0. Error: (03/25/2015 09:57:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/25/2015 09:29:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (03/25/2015 10:07:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: 1Restart the serviceRemote Access Connection Manager%%1056 Error: (03/25/2015 10:07:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: 1Restart the serviceWindows Management Instrumentation%%1056 Error: (03/25/2015 09:57:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Parallel port driver%%1058 Error: (03/25/2015 09:56:10 PM) (Source: volsnap) (EventID: 25) (User: ) Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied. Error: (03/25/2015 09:56:30 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 9:43:37 PM on 3/25/2015 was unexpected. Error: (03/25/2015 09:19:02 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: 1Restart the serviceWindows Management Instrumentation%%1056 Error: (03/25/2015 08:49:44 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: AVGIDSAgent3758213661 (0xE001CA1D) Error: (03/25/2015 08:49:08 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: AVGIDSAgent3758213661 (0xE001CA1D) Error: (03/25/2015 08:48:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: AVGIDSAgent3758213661 (0xE001CA1D) Error: (03/25/2015 08:48:31 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: AVGIDSAgent3758213661 (0xE001CA1D) Microsoft Office Sessions: ========================= Error: (03/25/2015 10:56:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/25/2015 10:49:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe_wuauserv6.0.6001.1800047918b89kernel32.dll6.0.6002.187045065ccb6c000000500071cf6140401d06776cc9f8608 Error: (03/25/2015 10:42:53 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/25/2015 10:38:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe_wuauserv6.0.6001.1800047918b89kernel32.dll6.0.6002.187045065ccb6c000000500071cf6172401d06772ceabc537 Error: (03/25/2015 10:17:55 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/25/2015 10:10:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe_wuauserv6.0.6001.1800047918b89kernel32.dll6.0.6002.187045065ccb6c000000500071cf6172001d06771c9c903e4 Error: (03/25/2015 10:07:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/25/2015 10:03:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: svchost.exe_wuauserv6.0.6001.1800047918b89kernel32.dll6.0.6002.187045065ccb6c000000500071cf659001d067707629ed17 Error: (03/25/2015 09:57:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (03/25/2015 09:29:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2015-03-26 17:17:22.514 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-26 17:17:22.140 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-26 17:17:21.695 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-26 17:17:21.227 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-26 17:17:20.619 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-26 17:17:20.213 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-26 17:17:19.784 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-26 17:17:19.362 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-26 17:16:44.807 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-03-26 17:16:44.339 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU 560 @ 2.13GHz Percentage of memory in use: 60% Total physical RAM: 2037.31 MB Available physical RAM: 794.8 MB Total Pagefile: 4311.9 MB Available Pagefile: 2773.76 MB Total Virtual: 2047.88 MB Available Virtual: 1919.05 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:57.34 GB) (Free:23.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:9.32 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 74.5 GB) (Disk ID: 696D9402) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS) Partition 3: (Active) - (Size=57.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=2.5 GB) - (Type=OF Extended) ==================== End Of Log ============================