Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Runs Very slow on bootup/shutdown/IE not working/Firefox unstable


  • Please log in to reply
16 replies to this topic

#1 hYlAnDeR~TFC

hYlAnDeR~TFC

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 14 May 2012 - 08:30 PM

I first detected a problem on my computer when I noticed the Windows Update icon on the bottom right on the monitor. I checked out what the updates were about and selected 1 important and 1 optional update. Normally, the updates are updated fairly quickly. However, after walking away from my computer for approximately 15 to 20 minutes, I came back to check the progress, and there was 0 % downloaded and 0 % data downloaded. The size of the files were not too large. These were the 2 updates selected:

The important update is for: Security Update Microsoft Silverlight

The 2 optional updates are for: Intel Corp Display HD Graphics 3000 and Bing Desktop

Then, after another 5 minutes, still nothing happened,so I decided to stop and shut down the update and reboot my system. That is where many of my problems began.

At this time, Windows IE no longer works. Firefox barely works, and is very unstable, but I am at least able to post this message to you now for the time being. Initial bootup takes about 3 to 4 times as long as it did before. Shutting down takes about 3 to 4 times as long as before. When I go to check my Windows Live Email account, it comes up, but once I shut it down, I am unable to bring it back online again unless I reboot, and the little 'envelope' icon on the bottom right of the task bar shows that it is still active, but I am unable to open or shut it down from the envelope icon. IE was up for a while today before I posted this to you, but now will not come up. It may come up again after I reboot, but only for a short time before it too crashes again. When the system is running for more than 1/2 hour, It runs extremely slow, takes several minutes to open up files/folders and or other programs. I am intermittently losing internet connectivity while my system is up. Additionally, after initial boot up, it takes about 2 minutes for my system to finally connect to the internet, whereas before I would be online almost immediately when the desktop comes up after the welcome page disappears. All This behavior suggests to me that I very possibly have a virus. I believe that I may have acquired a virus over the weekend as a result of web searching for free tv series viewing on the internet for the Star Trek TNG series. I recall a couple of websites that really hung up when I was trying to view the 1st season, 3rd episode on my system.

My first step to obtain assistance was posting on your Windows 7 forum for help on how to get my Windows 7 update unstuck so that it would properly update. After several reboots I was able to successfully update Windows 7. However, one of the Bleeping Computer Forum helpers suggested that I may be infected. So, first, I made sure my free version of Zone Alarm firewall was updated, and then ensured that my anti spyware was also updated. Next, I ran free version of SuperAntiSpyware anti virus in full scan mode, but it did not find anything. Then, I ran Malwarebytes, and it identified,
""Trojan_Fake_Alert" virus! I removed and quarantined it. I do not run the Malwarebytes or SuperAntivirus in the background, I only use them on a weekly bases to check and delete tracking cookies and, of course, for possible issues when they arise, just so you know. Then, I ran the Old Timer TFC program to get rid of temp files and rebooted. It still took a very long time to reboot. I then disabled my firewall and Spyware Blaster program which is all the security I use, and then attempted to go back to a date last week that I am certain was a good date where there was no downloading etc to recover my system to a good system restore point. But, I get an error message when I try to run it and it does not complete the task. Then, late last night, I ran the online free scan/removal program from ESET. In the morning, it indicated that my system was clean and did not find anything harmful. But, I still have all the aforementioned issues above.

Ran Malwarebytes again and it identified "Trojan.FakeAlert" virus, located in the c:\system volume information\System Restore... Removed and Quarantined again, but system again still has same issues.

Edited by hYlAnDeR~TFC, 14 May 2012 - 11:55 PM.

hYlAnDeR~TFC~
[OF/FA] Orion Faction-Retired
Game Squad Fleet Admiral~Retired

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 AM

Posted 15 May 2012 - 09:39 AM

Hello and welcome..

You have no Antivirus installed?


For the connection try these...

Please click Start > Run, type inetcpl.cpl in the runbox and press enter.
Click the Connections tab and click the LAN settings option.
Verify if "Use a proxy..." is checked, if so, UNcheck it and click OK/OK to exit.
Now check if the internet is working again.

OR

Go to Start ... Run and type in cmd
A dos Window will appear.
Type in the dos window: netsh winsock reset
Click on the enter key.

Reboot your system to complete the process.

If needed : type these one line at a time, press enter after each line. See if it works after each.


netsh interface ipv4 reset
netsh interface ipv6 reset
ipconfig /flushdns


WIN7.. Please Download this file, Click Me
Right-click on winsockfix.bat and click on Run as Administrator.


If Connected or run off a flashdrive >>>

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 hYlAnDeR~TFC

hYlAnDeR~TFC
  • Topic Starter

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 15 May 2012 - 01:05 PM

Thank you for your quick reply.

Yes, I do have an antivirus program that I run in the background called, "Spyware Blaster". It is the free version that you guys have recommended and works very well. I also run the free version Zone Alarm Firewall as well. I think I may have left out a detail regarding when my IE got hung up while searching for free TV series episodes to watch (e.g. StarTrek TNG), that IE actually froze up and crashed at one point and I had to actually reboot my system. This is most likely the point when and where I acquired the infection.

I will go through your instructions again once I get home late tonight and begin going through the required steps and post the appropriate logs and/or reports.

Thank you again for your help!
hYlAnDeR~TFC~
[OF/FA] Orion Faction-Retired
Game Squad Fleet Admiral~Retired

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 AM

Posted 15 May 2012 - 01:21 PM

OK,see if you can post thise 2 logs above.

SpywareBlaster,Malwarebytes or SuperAntivirus are Not antivirus'.. They are antimalware.. I use those along with my antivirus/.

I am going to suggest you install,update and scan with this free one ( I use this).. Avira Antivir
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 hYlAnDeR~TFC

hYlAnDeR~TFC
  • Topic Starter

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 15 May 2012 - 11:10 PM

Ok,

First, my connection does eventually come up after initial boot, but it takes much longer to have internet access than the way it performed before. However, my internet connection does have intermittent connectivity issues after I am online for more than 10 to 15 minutes. I checked the LAN settings and it was already set to "automatically detect settings." So, there was no need to make any changes there. Next, I tried the cmd instructions in the dos window and tried several of the various commands, but I got messages that stated that this operation requires elevation <Run as administrator>. So, I was not able to complete any of these steps.

Rebooted. Ran Winsock.bat file as administrator and rebooted again.

Ran MiniToolBox program: here is the log report:



******************************


MiniToolBox by Farbar Version: 18-01-2012
Ran by William (administrator) on 15-05-2012 at 20:47:19
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : William-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : sd.cox.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : sd.cox.net
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 50-E5-49-E6-8C-98
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1458:a8d0:5da4:6fb9%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, May 15, 2012 8:42:18 PM
Lease Expires . . . . . . . . . . : Wednesday, May 16, 2012 8:42:17 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 240182601
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-E1-D9-1C-50-E5-49-E6-8C-98
DNS Servers . . . . . . . . . . . : 68.105.28.11
68.105.29.11
68.105.28.12
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : sd.cox.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:9:2a68:3f57:fe9b(Preferred)
Link-local IPv6 Address . . . . . : fe80::9:2a68:3f57:fe9b%14(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: cdns1.cox.net
Address: 68.105.28.11

Name: google.com
Addresses: 74.125.224.228
74.125.224.229
74.125.224.230
74.125.224.231
74.125.224.232
74.125.224.233
74.125.224.238
74.125.224.224
74.125.224.225
74.125.224.226
74.125.224.227


Pinging google.com [74.125.224.227] with 32 bytes of data:
Reply from 74.125.224.227: bytes=32 time=41ms TTL=56
Reply from 74.125.224.227: bytes=32 time=34ms TTL=56

Ping statistics for 74.125.224.227:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 34ms, Maximum = 41ms, Average = 37ms
Server: cdns1.cox.net
Address: 68.105.28.11

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=139ms TTL=52
Reply from 98.139.183.24: bytes=32 time=138ms TTL=52

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 138ms, Maximum = 139ms, Average = 138ms
Server: cdns1.cox.net
Address: 68.105.28.11

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
===========================================================================
Interface List
11...50 e5 49 e6 8c 98 ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 21
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 58 ::/0 On-link
1 306 ::1/128 On-link
14 58 2001::/32 On-link
14 306 2001:0:4137:9e76:9:2a68:3f57:fe9b/128
On-link
11 276 fe80::/64 On-link
14 306 fe80::/64 On-link
14 306 fe80::9:2a68:3f57:fe9b/128
On-link
11 276 fe80::1458:a8d0:5da4:6fb9/128
On-link
1 306 ff00::/8 On-link
14 306 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/15/2012 08:45:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: nmsrvc.exe, version: 10.0.8093.0, time stamp: 0x47f3f7af
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x00038dc9
Faulting process id: 0xa20
Faulting application start time: 0xnmsrvc.exe0
Faulting application path: nmsrvc.exe1
Faulting module path: nmsrvc.exe2
Report Id: nmsrvc.exe3

Error: (05/15/2012 08:44:01 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/15/2012 08:17:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: nmsrvc.exe, version: 10.0.8093.0, time stamp: 0x47f3f7af
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x00038dc9
Faulting process id: 0xa30
Faulting application start time: 0xnmsrvc.exe0
Faulting application path: nmsrvc.exe1
Faulting module path: nmsrvc.exe2
Report Id: nmsrvc.exe3

Error: (05/15/2012 08:16:53 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/15/2012 05:14:48 AM) (Source: Application Error) (User: )
Description: Faulting application name: nmsrvc.exe, version: 10.0.8093.0, time stamp: 0x47f3f7af
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x00038dc9
Faulting process id: 0xa40
Faulting application start time: 0xnmsrvc.exe0
Faulting application path: nmsrvc.exe1
Faulting module path: nmsrvc.exe2
Report Id: nmsrvc.exe3

Error: (05/15/2012 05:13:50 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2012 09:44:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: nmsrvc.exe, version: 10.0.8093.0, time stamp: 0x47f3f7af
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b8f
Exception code: 0xc0000005
Fault offset: 0x00038dc9
Faulting process id: 0xa18
Faulting application start time: 0xnmsrvc.exe0
Faulting application path: nmsrvc.exe1
Faulting module path: nmsrvc.exe2
Report Id: nmsrvc.exe3

Error: (05/14/2012 09:43:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2012 09:02:08 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1248

Start Time: 01cd324f63c357c4

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: bbd79282-9e42-11e1-bba1-50e549e68c98

Error: (05/14/2012 08:48:24 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16421 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: ac8

Start Time: 01cd324d8b62d60b

Termination Time: 0

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: d0573662-9e40-11e1-bba1-50e549e68c98


System errors:
=============
Error: (05/15/2012 08:45:23 PM) (Source: Service Control Manager) (User: )
Description: The Linksys Updater service terminated unexpectedly. It has done this 1 time(s).

Error: (05/15/2012 08:41:33 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (05/15/2012 08:41:30 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the nmservice service.

Error: (05/15/2012 08:18:30 PM) (Source: NetBT) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.100.
The computer with the IP address 192.168.1.105 did not allow the name to be claimed by
this computer.

Error: (05/15/2012 08:18:16 PM) (Source: Service Control Manager) (User: )
Description: The Linksys Updater service terminated unexpectedly. It has done this 1 time(s).

Error: (05/15/2012 05:22:17 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (05/15/2012 05:22:14 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the nmservice service.

Error: (05/15/2012 05:15:10 AM) (Source: Service Control Manager) (User: )
Description: The Linksys Updater service terminated unexpectedly. It has done this 1 time(s).

Error: (05/14/2012 10:10:28 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (05/14/2012 10:10:25 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the nmservice service.


Microsoft Office Sessions:
=========================
Error: (05/15/2012 08:45:01 PM) (Source: Application Error)(User: )
Description: nmsrvc.exe10.0.8093.047f3f7afntdll.dll6.1.7601.177254ec49b8fc000000500038dc9a2001cd3315e82124a3C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exeC:\Windows\SysWOW64\ntdll.dll83479926-9f09-11e1-9212-50e549e68c98

Error: (05/15/2012 08:44:01 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/15/2012 08:17:54 PM) (Source: Application Error)(User: )
Description: nmsrvc.exe10.0.8093.047f3f7afntdll.dll6.1.7601.177254ec49b8fc000000500038dc9a3001cd33121e423792C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exeC:\Windows\SysWOW64\ntdll.dllb982db38-9f05-11e1-8711-50e549e68c98

Error: (05/15/2012 08:16:53 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/15/2012 05:14:48 AM) (Source: Application Error)(User: )
Description: nmsrvc.exe10.0.8093.047f3f7afntdll.dll6.1.7601.177254ec49b8fc000000500038dc9a4001cd3293f5477ba9C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exeC:\Windows\SysWOW64\ntdll.dll901f62c3-9e87-11e1-8714-50e549e68c98

Error: (05/15/2012 05:13:50 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2012 09:44:37 PM) (Source: Application Error)(User: )
Description: nmsrvc.exe10.0.8093.047f3f7afntdll.dll6.1.7601.177254ec49b8fc000000500038dc9a1801cd325510eda9ebC:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exeC:\Windows\SysWOW64\ntdll.dllac6c3158-9e48-11e1-8767-50e549e68c98

Error: (05/14/2012 09:43:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/14/2012 09:02:08 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16421124801cd324f63c357c40C:\Program Files (x86)\Internet Explorer\iexplore.exebbd79282-9e42-11e1-bba1-50e549e68c98

Error: (05/14/2012 08:48:24 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16421ac801cd324d8b62d60b0C:\Program Files (x86)\Internet Explorer\iexplore.exed0573662-9e40-11e1-bba1-50e549e68c98


=========================== Installed Programs ============================

@BIOS (Version: 2.12)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.2.202.235)
Adobe Reader X (10.1.3) (Version: 10.1.3)
AutoGreen B10.1021.1 (Version: 1.00.0000)
Battlefield 1942
Battlefield 1942: Secret Weapons of WWII
Battlefield 1942: The Road To Rome
Battlefield 3 (Version: 1.0.0.0)
Battlelog Web Plugins (Version: 1.118.0)
Call of Duty
Call of Duty - United Offensive (Version: 1.00.0000)
D3DX10 (Version: 15.4.2368.0902)
DES 2.0 (Version: 1.00.0000)
DriverAgent by eSupport.com
e-Sword (Version: 10.01.0000)
Easy Tune 6 B11.0823.1 (Version: 1.00.0000)
ESET Online Scanner v3
ESN Sonar (Version: 0.70.4)
Etron USB3.0 Host Controller (Version: 0.104)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2418)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (64-bit) (Version: 6.0.310)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 15.4.3502.0922)
KeyScrambler (Version: 2.9.1.0)
Linksys EasyLink Advisor (Version: 3.0.8122.29)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MechWarrior 3
MechWarrior Black Knight
MechWarrior Vengeance
Medal of Honor Allied Assault
Medal of Honor Allied Assault™ Breakthrough
Medal of Honor Allied Assault™ Spearhead
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
NVIDIA 3D Vision Controller Driver 295.73 (Version: 295.73)
NVIDIA 3D Vision Driver 295.73 (Version: 295.73)
NVIDIA Control Panel 295.73 (Version: 295.73)
NVIDIA Graphics Driver 295.73 (Version: 295.73)
NVIDIA HD Audio Driver 1.3.12.0 (Version: 1.3.12.0)
NVIDIA Install Application (Version: 2.1002.62.312)
NVIDIA PhysX (Version: 9.12.0209)
NVIDIA PhysX System Software 9.12.0209 (Version: 9.12.0209)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.12.9573)
NVIDIA Update 1.7.11 (Version: 1.7.11)
NVIDIA Update Components (Version: 1.7.11)
ON_OFF Charge B11.0110.1 (Version: 1.00.0001)
Origin (Version: 8.5.0.4550)
PunkBuster Services (Version: 0.991)
Pure Networks Platform (Version: 10.1.8116.1)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek Ethernet Controller Driver (Version: 7.46.531.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6423)
RealUpgrade 1.1 (Version: 1.1.0)
Smart 6 B11.0824.1 (Version: 1.00.0000)
Speccy (Version: 1.16)
Splashtop Connect for Firefox (Version: 1.1.8.4)
Splashtop Connect IE (Version: 1.1.13.1)
SpywareBlaster 4.6 (Version: 4.6.0)
SUPERAntiSpyware (Version: 5.0.1148)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VC 9.0 Runtime (Version: 1.0.0)
WebEx Support Manager for Internet Explorer (Version: 6.5.47)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 4.10 (32-bit) (Version: 4.10.0)
WinRAR 4.11 (64-bit) (Version: 4.11.0)
WOT for Internet Explorer (Version: 11.11.7.0)
ZoneAlarm Firewall (Version: 10.1.101.000)
ZoneAlarm Free (Version: 10.1.101.000)
ZoneAlarm LTD Toolbar
ZoneAlarm Security (Version: 10.1.101.000)

========================= Memory info: ===================================

Percentage of memory in use: 12%
Total physical RAM: 16301.12 MB
Available physical RAM: 14262.64 MB
Total Pagefile: 32600.43 MB
Available Pagefile: 30255.87 MB
Total Virtual: 4095.88 MB
Available Virtual: 3954.86 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:722.2 GB) NTFS
2 Drive d: (STARSIEGE2) (CDROM) (Total:0.21 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\WILLIAM-PC

Administrator Guest UpdatusUser
William


**** End of log ****



******************************
******************************








Ran TDSSKiller program and it found no threats. Below is the report:









21:05:18.0785 4408 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
21:05:20.0798 4408 ============================================================
21:05:20.0798 4408 Current date / time: 2012/05/15 21:05:20.0798
21:05:20.0798 4408 SystemInfo:
21:05:20.0798 4408
21:05:20.0798 4408 OS Version: 6.1.7601 ServicePack: 1.0
21:05:20.0798 4408 Product type: Workstation
21:05:20.0798 4408 ComputerName: WILLIAM-PC
21:05:20.0798 4408 UserName: William
21:05:20.0798 4408 Windows directory: C:\Windows
21:05:20.0798 4408 System windows directory: C:\Windows
21:05:20.0798 4408 Running under WOW64
21:05:20.0798 4408 Processor architecture: Intel x64
21:05:20.0798 4408 Number of processors: 8
21:05:20.0798 4408 Page size: 0x1000
21:05:20.0798 4408 Boot type: Normal boot
21:05:20.0798 4408 ============================================================
21:05:21.0437 4408 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
21:05:21.0453 4408 ============================================================
21:05:21.0453 4408 \Device\Harddisk0\DR0:
21:05:21.0453 4408 MBR partitions:
21:05:21.0453 4408 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:05:21.0453 4408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
21:05:21.0453 4408 ============================================================
21:05:21.0500 4408 C: <-> \Device\Harddisk0\DR0\Partition1
21:05:21.0500 4408 ============================================================
21:05:21.0500 4408 Initialize success
21:05:21.0500 4408 ============================================================
21:05:28.0957 2932 ============================================================
21:05:28.0957 2932 Scan started
21:05:28.0957 2932 Mode: Manual; TDLFS;
21:05:28.0957 2932 ============================================================
21:05:29.0237 2932 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
21:05:29.0237 2932 !SASCORE - ok
21:05:29.0331 2932 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:05:29.0347 2932 1394ohci - ok
21:05:29.0362 2932 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:05:29.0378 2932 ACPI - ok
21:05:29.0378 2932 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:05:29.0378 2932 AcpiPmi - ok
21:05:29.0440 2932 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:05:29.0440 2932 AdobeARMservice - ok
21:05:29.0534 2932 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:05:29.0534 2932 AdobeFlashPlayerUpdateSvc - ok
21:05:29.0565 2932 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:05:29.0565 2932 adp94xx - ok
21:05:29.0596 2932 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:05:29.0596 2932 adpahci - ok
21:05:29.0612 2932 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:05:29.0612 2932 adpu320 - ok
21:05:29.0643 2932 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:05:29.0643 2932 AeLookupSvc - ok
21:05:29.0690 2932 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:05:29.0690 2932 AFD - ok
21:05:29.0705 2932 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:05:29.0705 2932 agp440 - ok
21:05:29.0721 2932 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:05:29.0721 2932 ALG - ok
21:05:29.0737 2932 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:05:29.0737 2932 aliide - ok
21:05:29.0737 2932 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:05:29.0737 2932 amdide - ok
21:05:29.0752 2932 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:05:29.0752 2932 AmdK8 - ok
21:05:29.0752 2932 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:05:29.0752 2932 AmdPPM - ok
21:05:29.0768 2932 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:05:29.0768 2932 amdsata - ok
21:05:29.0815 2932 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:05:29.0815 2932 amdsbs - ok
21:05:29.0830 2932 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:05:29.0830 2932 amdxata - ok
21:05:29.0846 2932 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:05:29.0846 2932 AppID - ok
21:05:29.0846 2932 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:05:29.0846 2932 AppIDSvc - ok
21:05:29.0861 2932 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:05:29.0861 2932 Appinfo - ok
21:05:29.0877 2932 AppleCharger (6be11ad81d4527d299f0cb5f3731aabc) C:\Windows\system32\DRIVERS\AppleCharger.sys
21:05:29.0877 2932 AppleCharger - ok
21:05:29.0908 2932 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
21:05:29.0908 2932 AppleChargerSrv - ok
21:05:29.0908 2932 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:05:29.0908 2932 arc - ok
21:05:29.0924 2932 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:05:29.0924 2932 arcsas - ok
21:05:29.0939 2932 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:05:29.0939 2932 AsyncMac - ok
21:05:29.0955 2932 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:05:29.0955 2932 atapi - ok
21:05:29.0971 2932 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:05:29.0971 2932 AudioEndpointBuilder - ok
21:05:29.0971 2932 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:05:29.0986 2932 AudioSrv - ok
21:05:29.0986 2932 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:05:29.0986 2932 AxInstSV - ok
21:05:30.0017 2932 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:05:30.0017 2932 b06bdrv - ok
21:05:30.0033 2932 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:05:30.0033 2932 b57nd60a - ok
21:05:30.0049 2932 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:05:30.0049 2932 BDESVC - ok
21:05:30.0064 2932 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:05:30.0064 2932 Beep - ok
21:05:30.0095 2932 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:05:30.0095 2932 BFE - ok
21:05:30.0127 2932 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
21:05:30.0127 2932 BITS - ok
21:05:30.0173 2932 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:05:30.0173 2932 blbdrive - ok
21:05:30.0189 2932 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:05:30.0189 2932 bowser - ok
21:05:30.0189 2932 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:05:30.0205 2932 BrFiltLo - ok
21:05:30.0205 2932 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:05:30.0205 2932 BrFiltUp - ok
21:05:30.0205 2932 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:05:30.0205 2932 Browser - ok
21:05:30.0236 2932 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:05:30.0236 2932 Brserid - ok
21:05:30.0236 2932 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:05:30.0236 2932 BrSerWdm - ok
21:05:30.0251 2932 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:05:30.0251 2932 BrUsbMdm - ok
21:05:30.0251 2932 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:05:30.0251 2932 BrUsbSer - ok
21:05:30.0251 2932 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:05:30.0267 2932 BTHMODEM - ok
21:05:30.0283 2932 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:05:30.0283 2932 bthserv - ok
21:05:30.0283 2932 C-DillaCdaC11BA - ok
21:05:30.0298 2932 CdaC15BA - ok
21:05:30.0314 2932 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:05:30.0314 2932 cdfs - ok
21:05:30.0329 2932 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:05:30.0329 2932 cdrom - ok
21:05:30.0345 2932 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:05:30.0345 2932 CertPropSvc - ok
21:05:30.0345 2932 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:05:30.0345 2932 circlass - ok
21:05:30.0361 2932 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:05:30.0361 2932 CLFS - ok
21:05:30.0532 2932 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:05:30.0532 2932 clr_optimization_v2.0.50727_32 - ok
21:05:30.0595 2932 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:05:30.0595 2932 clr_optimization_v2.0.50727_64 - ok
21:05:30.0657 2932 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:05:30.0657 2932 clr_optimization_v4.0.30319_32 - ok
21:05:30.0688 2932 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:05:30.0688 2932 clr_optimization_v4.0.30319_64 - ok
21:05:30.0688 2932 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
21:05:30.0688 2932 CmBatt - ok
21:05:30.0704 2932 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:05:30.0704 2932 cmdide - ok
21:05:30.0735 2932 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:05:30.0735 2932 CNG - ok
21:05:30.0751 2932 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:05:30.0751 2932 Compbatt - ok
21:05:30.0766 2932 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:05:30.0766 2932 CompositeBus - ok
21:05:30.0766 2932 COMSysApp - ok
21:05:30.0860 2932 cphs (f08c6020e57f5e5bf2fd034db10bedfb) C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:05:30.0860 2932 cphs - ok
21:05:30.0875 2932 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:05:30.0875 2932 crcdisk - ok
21:05:30.0891 2932 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
21:05:30.0891 2932 CryptSvc - ok
21:05:30.0922 2932 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:05:30.0922 2932 DcomLaunch - ok
21:05:30.0953 2932 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:05:30.0953 2932 defragsvc - ok
21:05:31.0031 2932 DES2 Service (5c9f7e0e93d31f3a8de6732fd9f7e6fd) C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
21:05:31.0031 2932 DES2 Service - ok
21:05:31.0047 2932 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:05:31.0047 2932 DfsC - ok
21:05:31.0063 2932 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:05:31.0063 2932 Dhcp - ok
21:05:31.0078 2932 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:05:31.0078 2932 discache - ok
21:05:31.0094 2932 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:05:31.0094 2932 Disk - ok
21:05:31.0109 2932 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:05:31.0109 2932 Dnscache - ok
21:05:31.0125 2932 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:05:31.0141 2932 dot3svc - ok
21:05:31.0156 2932 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:05:31.0156 2932 DPS - ok
21:05:31.0172 2932 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:05:31.0172 2932 drmkaud - ok
21:05:31.0250 2932 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
21:05:31.0250 2932 DrvAgent64 - ok
21:05:31.0281 2932 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:05:31.0297 2932 DXGKrnl - ok
21:05:31.0312 2932 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:05:31.0312 2932 EapHost - ok
21:05:31.0406 2932 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:05:31.0421 2932 ebdrv - ok
21:05:31.0484 2932 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:05:31.0484 2932 EFS - ok
21:05:31.0546 2932 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:05:31.0546 2932 ehRecvr - ok
21:05:31.0562 2932 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:05:31.0562 2932 ehSched - ok
21:05:31.0609 2932 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:05:31.0624 2932 elxstor - ok
21:05:31.0624 2932 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:05:31.0624 2932 ErrDev - ok
21:05:31.0655 2932 etdrv (84486624268e078255bc7aa47f0960bc) C:\Windows\etdrv.sys
21:05:31.0655 2932 etdrv - ok
21:05:31.0671 2932 EtronHub3 (db6aec32faf5bd002d9ed6c38692d42b) C:\Windows\system32\Drivers\EtronHub3.sys
21:05:31.0687 2932 EtronHub3 - ok
21:05:31.0702 2932 EtronXHCI (9cc2f24274741e12f9df92125ea6d6d8) C:\Windows\system32\Drivers\EtronXHCI.sys
21:05:31.0702 2932 EtronXHCI - ok
21:05:31.0733 2932 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:05:31.0733 2932 EventSystem - ok
21:05:31.0749 2932 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:05:31.0749 2932 exfat - ok
21:05:31.0765 2932 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:05:31.0765 2932 fastfat - ok
21:05:31.0905 2932 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:05:31.0921 2932 Fax - ok
21:05:31.0921 2932 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:05:31.0921 2932 fdc - ok
21:05:31.0936 2932 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:05:31.0936 2932 fdPHost - ok
21:05:31.0952 2932 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:05:31.0952 2932 FDResPub - ok
21:05:31.0967 2932 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:05:31.0967 2932 FileInfo - ok
21:05:31.0983 2932 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:05:31.0983 2932 Filetrace - ok
21:05:31.0983 2932 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:05:31.0983 2932 flpydisk - ok
21:05:31.0999 2932 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:05:31.0999 2932 FltMgr - ok
21:05:32.0061 2932 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:05:32.0077 2932 FontCache - ok
21:05:32.0170 2932 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:05:32.0170 2932 FontCache3.0.0.0 - ok
21:05:32.0201 2932 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:05:32.0201 2932 FsDepends - ok
21:05:32.0233 2932 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:05:32.0233 2932 Fs_Rec - ok
21:05:32.0233 2932 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:05:32.0248 2932 fvevol - ok
21:05:32.0248 2932 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:05:32.0248 2932 gagp30kx - ok
21:05:32.0326 2932 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
21:05:32.0326 2932 gdrv - ok
21:05:32.0373 2932 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:05:32.0373 2932 gpsvc - ok
21:05:32.0451 2932 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:05:32.0451 2932 gupdate - ok
21:05:32.0451 2932 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:05:32.0451 2932 gupdatem - ok
21:05:32.0482 2932 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:05:32.0482 2932 gusvc - ok
21:05:32.0513 2932 GVTDrv64 (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys
21:05:32.0513 2932 GVTDrv64 - ok
21:05:32.0513 2932 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:05:32.0513 2932 hcw85cir - ok
21:05:32.0545 2932 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:05:32.0545 2932 HdAudAddService - ok
21:05:32.0576 2932 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:05:32.0576 2932 HDAudBus - ok
21:05:32.0576 2932 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:05:32.0576 2932 HidBatt - ok
21:05:32.0591 2932 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:05:32.0591 2932 HidBth - ok
21:05:32.0607 2932 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:05:32.0607 2932 HidIr - ok
21:05:32.0607 2932 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
21:05:32.0607 2932 hidserv - ok
21:05:32.0623 2932 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:05:32.0623 2932 HidUsb - ok
21:05:32.0638 2932 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:05:32.0638 2932 hkmsvc - ok
21:05:32.0654 2932 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:05:32.0654 2932 HomeGroupListener - ok
21:05:32.0669 2932 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:05:32.0685 2932 HomeGroupProvider - ok
21:05:32.0701 2932 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:05:32.0701 2932 HpSAMD - ok
21:05:32.0732 2932 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:05:32.0732 2932 HTTP - ok
21:05:32.0732 2932 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:05:32.0732 2932 hwpolicy - ok
21:05:32.0747 2932 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
21:05:32.0747 2932 i8042prt - ok
21:05:32.0794 2932 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:05:32.0794 2932 iaStorV - ok
21:05:32.0857 2932 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:05:32.0857 2932 IDriverT - ok
21:05:32.0966 2932 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:05:32.0966 2932 idsvc - ok
21:05:33.0387 2932 igfx (371d7f91c0d2314eb984a4a6cbeabc92) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:05:33.0434 2932 igfx - ok
21:05:33.0512 2932 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:05:33.0512 2932 iirsp - ok
21:05:33.0527 2932 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:05:33.0543 2932 IKEEXT - ok
21:05:33.0637 2932 IntcAzAudAddService (98f4e841ea43ed5a442f0dc60cab4326) C:\Windows\system32\drivers\RTKVHD64.sys
21:05:33.0652 2932 IntcAzAudAddService - ok
21:05:33.0746 2932 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:05:33.0746 2932 IntcDAud - ok
21:05:33.0761 2932 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:05:33.0761 2932 intelide - ok
21:05:33.0793 2932 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:05:33.0793 2932 intelppm - ok
21:05:33.0808 2932 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:05:33.0808 2932 IPBusEnum - ok
21:05:33.0824 2932 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:05:33.0824 2932 IpFilterDriver - ok
21:05:33.0839 2932 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
21:05:33.0855 2932 iphlpsvc - ok
21:05:33.0855 2932 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:05:33.0855 2932 IPMIDRV - ok
21:05:33.0855 2932 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:05:33.0871 2932 IPNAT - ok
21:05:33.0917 2932 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:05:33.0917 2932 IRENUM - ok
21:05:33.0949 2932 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:05:33.0949 2932 isapnp - ok
21:05:33.0964 2932 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:05:33.0964 2932 iScsiPrt - ok
21:05:34.0027 2932 ISWKL (2f062e9aa964c05241a213bd7b6ff935) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
21:05:34.0027 2932 ISWKL - ok
21:05:34.0120 2932 IswSvc (9a7e564c1d2a8b6768e9c6872b9d0e2f) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
21:05:34.0120 2932 IswSvc - ok
21:05:34.0136 2932 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:05:34.0136 2932 kbdclass - ok
21:05:34.0151 2932 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:05:34.0151 2932 kbdhid - ok
21:05:34.0183 2932 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:05:34.0183 2932 KeyIso - ok
21:05:34.0198 2932 KeyScrambler (e3cf421210ebddacb4590ae67a0226dc) C:\Windows\system32\drivers\keyscrambler.sys
21:05:34.0214 2932 KeyScrambler - ok
21:05:34.0214 2932 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:05:34.0229 2932 KSecDD - ok
21:05:34.0245 2932 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:05:34.0245 2932 KSecPkg - ok
21:05:34.0245 2932 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:05:34.0245 2932 ksthunk - ok
21:05:34.0261 2932 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:05:34.0276 2932 KtmRm - ok
21:05:34.0323 2932 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
21:05:34.0323 2932 LanmanServer - ok
21:05:34.0339 2932 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:05:34.0339 2932 LanmanWorkstation - ok
21:05:34.0417 2932 LinksysUpdater (06dc2fdc6282f0d68910417b1150c848) C:\Program Files (x86)\Linksys\Linksys Updater\bin\LinksysUpdater.exe
21:05:34.0417 2932 LinksysUpdater - ok
21:05:34.0432 2932 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:05:34.0432 2932 lltdio - ok
21:05:34.0463 2932 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:05:34.0463 2932 lltdsvc - ok
21:05:34.0479 2932 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:05:34.0479 2932 lmhosts - ok
21:05:34.0495 2932 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:05:34.0495 2932 LSI_FC - ok
21:05:34.0510 2932 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:05:34.0510 2932 LSI_SAS - ok
21:05:34.0526 2932 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:05:34.0526 2932 LSI_SAS2 - ok
21:05:34.0541 2932 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:05:34.0541 2932 LSI_SCSI - ok
21:05:34.0541 2932 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:05:34.0541 2932 luafv - ok
21:05:34.0557 2932 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:05:34.0557 2932 Mcx2Svc - ok
21:05:34.0573 2932 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:05:34.0573 2932 megasas - ok
21:05:34.0588 2932 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:05:34.0588 2932 MegaSR - ok
21:05:34.0619 2932 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
21:05:34.0619 2932 MEIx64 - ok
21:05:34.0619 2932 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:05:34.0619 2932 MMCSS - ok
21:05:34.0635 2932 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:05:34.0635 2932 Modem - ok
21:05:34.0635 2932 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:05:34.0651 2932 monitor - ok
21:05:34.0666 2932 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:05:34.0666 2932 mouclass - ok
21:05:34.0729 2932 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:05:34.0729 2932 mouhid - ok
21:05:34.0760 2932 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:05:34.0760 2932 mountmgr - ok
21:05:34.0822 2932 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:05:34.0822 2932 MozillaMaintenance - ok
21:05:34.0853 2932 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
21:05:34.0853 2932 MpFilter - ok
21:05:34.0869 2932 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:05:34.0869 2932 mpio - ok
21:05:34.0885 2932 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:05:34.0885 2932 mpsdrv - ok
21:05:34.0916 2932 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
21:05:34.0916 2932 MpsSvc - ok
21:05:34.0963 2932 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:05:34.0963 2932 MRxDAV - ok
21:05:34.0994 2932 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:05:34.0994 2932 mrxsmb - ok
21:05:35.0009 2932 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:05:35.0009 2932 mrxsmb10 - ok
21:05:35.0025 2932 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:05:35.0025 2932 mrxsmb20 - ok
21:05:35.0041 2932 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:05:35.0041 2932 msahci - ok
21:05:35.0041 2932 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:05:35.0041 2932 msdsm - ok
21:05:35.0072 2932 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:05:35.0072 2932 MSDTC - ok
21:05:35.0087 2932 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:05:35.0087 2932 Msfs - ok
21:05:35.0103 2932 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:05:35.0103 2932 mshidkmdf - ok
21:05:35.0119 2932 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:05:35.0134 2932 msisadrv - ok
21:05:35.0150 2932 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:05:35.0150 2932 MSiSCSI - ok
21:05:35.0150 2932 msiserver - ok
21:05:35.0165 2932 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:05:35.0165 2932 MSKSSRV - ok
21:05:35.0228 2932 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
21:05:35.0228 2932 MsMpSvc - ok
21:05:35.0243 2932 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:05:35.0243 2932 MSPCLOCK - ok
21:05:35.0243 2932 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:05:35.0243 2932 MSPQM - ok
21:05:35.0275 2932 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:05:35.0275 2932 MsRPC - ok
21:05:35.0290 2932 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:05:35.0290 2932 mssmbios - ok
21:05:35.0290 2932 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:05:35.0290 2932 MSTEE - ok
21:05:35.0321 2932 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:05:35.0321 2932 MTConfig - ok
21:05:35.0321 2932 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:05:35.0321 2932 Mup - ok
21:05:35.0353 2932 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:05:35.0368 2932 napagent - ok
21:05:35.0384 2932 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:05:35.0384 2932 NativeWifiP - ok
21:05:35.0431 2932 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:05:35.0446 2932 NDIS - ok
21:05:35.0446 2932 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:05:35.0446 2932 NdisCap - ok
21:05:35.0462 2932 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:05:35.0462 2932 NdisTapi - ok
21:05:35.0477 2932 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:05:35.0477 2932 Ndisuio - ok
21:05:35.0477 2932 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:05:35.0477 2932 NdisWan - ok
21:05:35.0493 2932 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:05:35.0493 2932 NDProxy - ok
21:05:35.0493 2932 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:05:35.0493 2932 NetBIOS - ok
21:05:35.0509 2932 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:05:35.0509 2932 NetBT - ok
21:05:35.0524 2932 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:05:35.0524 2932 Netlogon - ok
21:05:35.0555 2932 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:05:35.0555 2932 Netman - ok
21:05:35.0571 2932 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:05:35.0571 2932 netprofm - ok
21:05:35.0665 2932 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:05:35.0665 2932 NetTcpPortSharing - ok
21:05:35.0680 2932 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:05:35.0680 2932 nfrd960 - ok
21:05:35.0711 2932 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:05:35.0711 2932 NisDrv - ok
21:05:35.0743 2932 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
21:05:35.0743 2932 NisSrv - ok
21:05:35.0758 2932 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:05:35.0758 2932 NlaSvc - ok
21:05:35.0836 2932 nmservice (82c5a813e8ea7e94dc1afa24cd803b80) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
21:05:35.0852 2932 nmservice - ok
21:05:35.0867 2932 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:05:35.0867 2932 Npfs - ok
21:05:35.0883 2932 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:05:35.0883 2932 nsi - ok
21:05:35.0883 2932 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:05:35.0883 2932 nsiproxy - ok
21:05:35.0945 2932 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:05:35.0945 2932 Ntfs - ok
21:05:36.0055 2932 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:05:36.0055 2932 Null - ok
21:05:36.0086 2932 NVHDA (8d4aac74b571fc356560e5b308955e93) C:\Windows\system32\drivers\nvhda64v.sys
21:05:36.0101 2932 NVHDA - ok
21:05:36.0413 2932 nvlddmkm (9c1996dd3c0469bc8933321f15709f5a) C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:05:36.0460 2932 nvlddmkm - ok
21:05:36.0569 2932 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:05:36.0569 2932 nvraid - ok
21:05:36.0585 2932 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:05:36.0585 2932 nvstor - ok
21:05:36.0632 2932 nvsvc (34e5498528bb3d5a951f889f8756ad26) C:\Windows\system32\nvvsvc.exe
21:05:36.0632 2932 nvsvc - ok
21:05:36.0757 2932 nvUpdatusService (cd0bfaa6872cfe38c908d313ae17c350) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:05:36.0757 2932 nvUpdatusService - ok
21:05:36.0819 2932 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:05:36.0819 2932 nv_agp - ok
21:05:36.0819 2932 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:05:36.0819 2932 ohci1394 - ok
21:05:36.0850 2932 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:05:36.0850 2932 p2pimsvc - ok
21:05:36.0866 2932 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:05:36.0866 2932 p2psvc - ok
21:05:36.0881 2932 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:05:36.0881 2932 Parport - ok
21:05:36.0928 2932 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
21:05:36.0928 2932 partmgr - ok
21:05:36.0944 2932 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:05:36.0944 2932 PcaSvc - ok
21:05:36.0959 2932 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:05:36.0959 2932 pci - ok
21:05:36.0975 2932 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:05:36.0975 2932 pciide - ok
21:05:36.0991 2932 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:05:36.0991 2932 pcmcia - ok
21:05:37.0006 2932 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:05:37.0006 2932 pcw - ok
21:05:37.0022 2932 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:05:37.0022 2932 PEAUTH - ok
21:05:37.0069 2932 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:05:37.0084 2932 PerfHost - ok
21:05:37.0115 2932 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:05:37.0131 2932 pla - ok
21:05:37.0162 2932 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:05:37.0178 2932 PlugPlay - ok
21:05:37.0225 2932 pnarp (328b99e25901d314fdfb31f18a7e302e) C:\Windows\system32\DRIVERS\pnarp.sys
21:05:37.0225 2932 pnarp - ok
21:05:37.0256 2932 PnkBstrA - ok
21:05:37.0271 2932 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:05:37.0271 2932 PNRPAutoReg - ok
21:05:37.0287 2932 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:05:37.0287 2932 PNRPsvc - ok
21:05:37.0318 2932 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:05:37.0318 2932 PolicyAgent - ok
21:05:37.0349 2932 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:05:37.0349 2932 Power - ok
21:05:37.0365 2932 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:05:37.0365 2932 PptpMiniport - ok
21:05:37.0365 2932 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:05:37.0365 2932 Processor - ok
21:05:37.0396 2932 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
21:05:37.0396 2932 ProfSvc - ok
21:05:37.0427 2932 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:05:37.0427 2932 ProtectedStorage - ok
21:05:37.0443 2932 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:05:37.0443 2932 Psched - ok
21:05:37.0459 2932 purendis (e33ae01d03ebe68cd6a934bf52702bfd) C:\Windows\system32\DRIVERS\purendis.sys
21:05:37.0459 2932 purendis - ok
21:05:37.0505 2932 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:05:37.0521 2932 ql2300 - ok
21:05:37.0615 2932 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:05:37.0615 2932 ql40xx - ok
21:05:37.0646 2932 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:05:37.0646 2932 QWAVE - ok
21:05:37.0661 2932 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:05:37.0661 2932 QWAVEdrv - ok
21:05:37.0661 2932 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:05:37.0661 2932 RasAcd - ok
21:05:37.0693 2932 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:05:37.0693 2932 RasAgileVpn - ok
21:05:37.0708 2932 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:05:37.0708 2932 RasAuto - ok
21:05:37.0708 2932 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:05:37.0708 2932 Rasl2tp - ok
21:05:37.0755 2932 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:05:37.0755 2932 RasMan - ok
21:05:37.0771 2932 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:05:37.0771 2932 RasPppoe - ok
21:05:37.0802 2932 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:05:37.0802 2932 RasSstp - ok
21:05:37.0817 2932 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:05:37.0817 2932 rdbss - ok
21:05:37.0833 2932 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:05:37.0833 2932 rdpbus - ok
21:05:37.0864 2932 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:05:37.0864 2932 RDPCDD - ok
21:05:37.0880 2932 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:05:37.0880 2932 RDPENCDD - ok
21:05:37.0895 2932 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:05:37.0895 2932 RDPREFMP - ok
21:05:37.0927 2932 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
21:05:37.0927 2932 RDPWD - ok
21:05:37.0942 2932 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:05:37.0942 2932 rdyboost - ok
21:05:37.0958 2932 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:05:37.0958 2932 RemoteAccess - ok
21:05:37.0973 2932 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:05:37.0973 2932 RemoteRegistry - ok
21:05:37.0973 2932 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:05:37.0989 2932 RpcEptMapper - ok
21:05:37.0989 2932 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:05:37.0989 2932 RpcLocator - ok
21:05:38.0020 2932 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:05:38.0020 2932 RpcSs - ok
21:05:38.0036 2932 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:05:38.0036 2932 rspndr - ok
21:05:38.0067 2932 RTL8167 (0039de6a0a1293889a3f21ecc473263d) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:05:38.0067 2932 RTL8167 - ok
21:05:38.0098 2932 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:05:38.0098 2932 SamSs - ok
21:05:38.0161 2932 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
21:05:38.0161 2932 SASDIFSV - ok
21:05:38.0176 2932 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
21:05:38.0176 2932 SASKUTIL - ok
21:05:38.0192 2932 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:05:38.0192 2932 sbp2port - ok
21:05:38.0207 2932 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:05:38.0207 2932 SCardSvr - ok
21:05:38.0301 2932 SCBackService (8475e746eb72d04f1015e6f091f50e09) C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
21:05:38.0301 2932 SCBackService - ok
21:05:38.0317 2932 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:05:38.0317 2932 scfilter - ok
21:05:38.0363 2932 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:05:38.0363 2932 Schedule - ok
21:05:38.0379 2932 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:05:38.0379 2932 SCPolicySvc - ok
21:05:38.0410 2932 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:05:38.0410 2932 SDRSVC - ok
21:05:38.0441 2932 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:05:38.0441 2932 secdrv - ok
21:05:38.0441 2932 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:05:38.0441 2932 seclogon - ok
21:05:38.0457 2932 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
21:05:38.0473 2932 SENS - ok
21:05:38.0535 2932 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:05:38.0535 2932 SensrSvc - ok
21:05:38.0535 2932 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:05:38.0535 2932 Serenum - ok
21:05:38.0566 2932 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:05:38.0566 2932 Serial - ok
21:05:38.0582 2932 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:05:38.0582 2932 sermouse - ok
21:05:38.0597 2932 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:05:38.0597 2932 SessionEnv - ok
21:05:38.0597 2932 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:05:38.0597 2932 sffdisk - ok
21:05:38.0597 2932 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:05:38.0597 2932 sffp_mmc - ok
21:05:38.0613 2932 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:05:38.0613 2932 sffp_sd - ok
21:05:38.0613 2932 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:05:38.0613 2932 sfloppy - ok
21:05:38.0629 2932 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:05:38.0644 2932 SharedAccess - ok
21:05:38.0660 2932 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:05:38.0660 2932 ShellHWDetection - ok
21:05:38.0675 2932 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:05:38.0675 2932 SiSRaid2 - ok
21:05:38.0675 2932 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:05:38.0675 2932 SiSRaid4 - ok
21:05:38.0738 2932 Smart TimeLock (101556f6216e97f1258d87c38203695f) C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
21:05:38.0738 2932 Smart TimeLock - ok
21:05:38.0738 2932 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:05:38.0738 2932 Smb - ok
21:05:38.0769 2932 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:05:38.0769 2932 SNMPTRAP - ok
21:05:38.0769 2932 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:05:38.0769 2932 spldr - ok
21:05:38.0800 2932 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:05:38.0800 2932 Spooler - ok
21:05:38.0894 2932 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:05:38.0894 2932 sppsvc - ok
21:05:39.0908 2932 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:05:39.0908 2932 sppuinotify - ok
21:05:39.0955 2932 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:05:39.0970 2932 srv - ok
21:05:39.0986 2932 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:05:39.0986 2932 srv2 - ok
21:05:40.0001 2932 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:05:40.0001 2932 srvnet - ok
21:05:40.0017 2932 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:05:40.0017 2932 SSDPSRV - ok
21:05:40.0033 2932 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:05:40.0033 2932 SstpSvc - ok
21:05:40.0079 2932 Stereo Service (8544a200c40447e465f06e58687428bb) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:05:40.0079 2932 Stereo Service - ok
21:05:40.0142 2932 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:05:40.0142 2932 stexstor - ok
21:05:40.0173 2932 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:05:40.0189 2932 stisvc - ok
21:05:40.0204 2932 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:05:40.0204 2932 swenum - ok
21:05:40.0235 2932 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:05:40.0235 2932 swprv - ok
21:05:40.0282 2932 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:05:40.0298 2932 SysMain - ok
21:05:40.0329 2932 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:05:40.0345 2932 TabletInputService - ok
21:05:40.0360 2932 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:05:40.0360 2932 TapiSrv - ok
21:05:40.0376 2932 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:05:40.0376 2932 TBS - ok
21:05:40.0469 2932 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
21:05:40.0469 2932 Tcpip - ok
21:05:40.0563 2932 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
21:05:40.0579 2932 TCPIP6 - ok
21:05:40.0625 2932 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:05:40.0641 2932 tcpipreg - ok
21:05:40.0641 2932 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:05:40.0641 2932 TDPIPE - ok
21:05:40.0672 2932 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:05:40.0672 2932 TDTCP - ok
21:05:40.0688 2932 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:05:40.0688 2932 tdx - ok
21:05:40.0703 2932 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
21:05:40.0703 2932 TermDD - ok
21:05:40.0735 2932 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:05:40.0735 2932 TermService - ok
21:05:40.0750 2932 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:05:40.0750 2932 Themes - ok
21:05:40.0766 2932 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:05:40.0766 2932 THREADORDER - ok
21:05:40.0781 2932 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:05:40.0781 2932 TrkWks - ok
21:05:40.0828 2932 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:05:40.0828 2932 TrustedInstaller - ok
21:05:40.0844 2932 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:05:40.0844 2932 tssecsrv - ok
21:05:40.0844 2932 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:05:40.0844 2932 TsUsbFlt - ok
21:05:40.0844 2932 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:05:40.0844 2932 TsUsbGD - ok
21:05:40.0875 2932 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:05:40.0875 2932 tunnel - ok
21:05:40.0875 2932 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:05:40.0875 2932 uagp35 - ok
21:05:40.0906 2932 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:05:40.0906 2932 udfs - ok
21:05:40.0922 2932 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:05:40.0922 2932 UI0Detect - ok
21:05:40.0937 2932 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:05:40.0937 2932 uliagpkx - ok
21:05:40.0937 2932 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:05:40.0937 2932 umbus - ok
21:05:40.0937 2932 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:05:40.0953 2932 UmPass - ok
21:05:40.0969 2932 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:05:40.0969 2932 upnphost - ok
21:05:40.0984 2932 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:05:40.0984 2932 usbccgp - ok
21:05:41.0000 2932 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:05:41.0000 2932 usbcir - ok
21:05:41.0015 2932 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
21:05:41.0015 2932 usbehci - ok
21:05:41.0031 2932 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:05:41.0031 2932 usbhub - ok
21:05:41.0047 2932 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:05:41.0047 2932 usbohci - ok
21:05:41.0062 2932 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
21:05:41.0062 2932 usbprint - ok
21:05:41.0078 2932 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:05:41.0078 2932 USBSTOR - ok
21:05:41.0078 2932 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:05:41.0078 2932 usbuhci - ok
21:05:41.0093 2932 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:05:41.0093 2932 UxSms - ok
21:05:41.0125 2932 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:05:41.0125 2932 VaultSvc - ok
21:05:41.0125 2932 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:05:41.0125 2932 vdrvroot - ok
21:05:41.0156 2932 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:05:41.0156 2932 vds - ok
21:05:41.0171 2932 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:05:41.0171 2932 vga - ok
21:05:41.0171 2932 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:05:41.0187 2932 VgaSave - ok
21:05:41.0187 2932 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:05:41.0187 2932 vhdmp - ok
21:05:41.0203 2932 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:05:41.0203 2932 viaide - ok
21:05:41.0218 2932 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:05:41.0218 2932 volmgr - ok
21:05:41.0234 2932 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:05:41.0234 2932 volmgrx - ok
21:05:41.0234 2932 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:05:41.0249 2932 volsnap - ok
21:05:41.0281 2932 Vsdatant (239d8d72730226cd460bdc8ca0a23d43) C:\Windows\system32\DRIVERS\vsdatant.sys
21:05:41.0281 2932 Vsdatant - ok
21:05:41.0390 2932 vsmon - ok
21:05:41.0437 2932 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:05:41.0437 2932 vsmraid - ok
21:05:41.0499 2932 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:05:41.0499 2932 VSS - ok
21:05:41.0593 2932 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:05:41.0593 2932 vwifibus - ok
21:05:41.0624 2932 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:05:41.0624 2932 W32Time - ok
21:05:41.0655 2932 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:05:41.0655 2932 WacomPen - ok
21:05:41.0671 2932 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:05:41.0671 2932 WANARP - ok
21:05:41.0671 2932 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:05:41.0671 2932 Wanarpv6 - ok
21:05:41.0733 2932 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
21:05:41.0749 2932 WatAdminSvc - ok
21:05:41.0811 2932 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:05:41.0827 2932 wbengine - ok
21:05:41.0873 2932 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:05:41.0873 2932 WbioSrvc - ok
21:05:41.0889 2932 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:05:41.0889 2932 wcncsvc - ok
21:05:41.0905 2932 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:05:41.0905 2932 WcsPlugInService - ok
21:05:41.0936 2932 WCUService_STC_FF (e47e66538692b1cfd6cc8021546fcc83) C:\Program Files (x86)\Splashtop\Splashtop Connect Firefox Software Updater\WCUService.exe
21:05:41.0951 2932 WCUService_STC_FF - ok
21:05:41.0967 2932 WCUService_STC_IE (147c60622cb53e901efd8bb6d44a4c46) C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
21:05:41.0983 2932 WCUService_STC_IE - ok
21:05:42.0014 2932 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:05:42.0014 2932 Wd - ok
21:05:42.0029 2932 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:05:42.0029 2932 Wdf01000 - ok
21:05:42.0045 2932 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:05:42.0045 2932 WdiServiceHost - ok
21:05:42.0045 2932 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:05:42.0045 2932 WdiSystemHost - ok
21:05:42.0061 2932 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:05:42.0076 2932 WebClient - ok
21:05:42.0076 2932 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:05:42.0092 2932 Wecsvc - ok
21:05:42.0092 2932 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:05:42.0107 2932 wercplsupport - ok
21:05:42.0123 2932 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:05:42.0123 2932 WerSvc - ok
21:05:42.0154 2932 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:05:42.0154 2932 WfpLwf - ok
21:05:42.0170 2932 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:05:42.0170 2932 WIMMount - ok
21:05:42.0170 2932 WinDefend - ok
21:05:42.0170 2932 WinHttpAutoProxySvc - ok
21:05:42.0232 2932 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:05:42.0232 2932 Winmgmt - ok
21:05:42.0295 2932 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:05:42.0310 2932 WinRM - ok
21:05:42.0404 2932 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:05:42.0404 2932 WinUsb - ok
21:05:42.0435 2932 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:05:42.0451 2932 Wlansvc - ok
21:05:42.0560 2932 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:05:42.0575 2932 wlidsvc - ok
21:05:42.0622 2932 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:05:42.0622 2932 WmiAcpi - ok
21:05:42.0638 2932 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:05:42.0638 2932 wmiApSrv - ok
21:05:42.0685 2932 WMPNetworkSvc - ok
21:05:42.0700 2932 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:05:42.0700 2932 WPCSvc - ok
21:05:42.0716 2932 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:05:42.0716 2932 WPDBusEnum - ok
21:05:42.0716 2932 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:05:42.0716 2932 ws2ifsl - ok
21:05:42.0731 2932 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
21:05:42.0731 2932 wscsvc - ok
21:05:42.0731 2932 WSearch - ok
21:05:42.0825 2932 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
21:05:42.0841 2932 wuauserv - ok
21:05:42.0903 2932 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:05:42.0919 2932 WudfPf - ok
21:05:42.0934 2932 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:05:42.0934 2932 WUDFRd - ok
21:05:42.0950 2932 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:05:42.0950 2932 wudfsvc - ok
21:05:42.0965 2932 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:05:42.0965 2932 WwanSvc - ok
21:05:42.0997 2932 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:05:43.0137 2932 \Device\Harddisk0\DR0 - ok
21:05:43.0137 2932 Boot (0x1200) (4e39988b40cd528e38e4408df226f482) \Device\Harddisk0\DR0\Partition0
21:05:43.0137 2932 \Device\Harddisk0\DR0\Partition0 - ok
21:05:43.0168 2932 Boot (0x1200) (3adabd639c1e51dffd551f7709226759) \Device\Harddisk0\DR0\Partition1
21:05:43.0168 2932 \Device\Harddisk0\DR0\Partition1 - ok
21:05:43.0168 2932 ============================================================
21:05:43.0168 2932 Scan finished
21:05:43.0168 2932 ============================================================
21:05:43.0184 5656 Detected object count: 0
21:05:43.0184 5656 Actual detected object count: 0
21:05:47.0380 5744 Deinitialize success
hYlAnDeR~TFC~
[OF/FA] Orion Faction-Retired
Game Squad Fleet Admiral~Retired

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 AM

Posted 16 May 2012 - 04:08 PM

Hello if you search in Linksys do you see Pure Networks?? It may need to be updatded or reinstalled.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 hYlAnDeR~TFC

hYlAnDeR~TFC
  • Topic Starter

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 16 May 2012 - 04:21 PM

I will need to check out the Linksys issue tonight when I get home. Where do I look in Linksys for this "pure networks"?

I actually installed and updated all the Lynksys software 2 months ago when I got this new computer.

Thanks.
hYlAnDeR~TFC~
[OF/FA] Orion Faction-Retired
Game Squad Fleet Admiral~Retired

#8 hYlAnDeR~TFC

hYlAnDeR~TFC
  • Topic Starter

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 16 May 2012 - 07:10 PM

Ok,

checked my Cisco/Linksys router, and I apologize, I could not find any info regarding, "Pure Networks". I opened up router through FF browser at:
http://192.168.1.1, and searched around the various tabs in the Cisco console to see if I could find it and was unsuccessful.

Here is the info on my router:

Cisco/Linksys model: WRT160Nv2
Firmware Version: v2.0.03 (this is the latest version)

I have 3 hard wired computers that run through this router (including mine). All other computers are running fine and are not experiencing any connectivity problems. Additionally, there are 2 other computer's in the household that access the same router via WiFi, and they too work fine.

While I am on line with my computer logging this information to you, all appears to work fine now, but eventually I may lose my connection. If the system stays idle for more than 10 to 15 minutes. Or, if I click on the sleep option and turn off my monitor for a 15 to 30 minutes, when I come back, I move the mouse around to wake up the system, I notice that the system has no internet connection. But, after a few seconds my system comes back on line with the router through the internet. So, I am at a loss what to do next, as it is apparent that what ever type of infection I have, it has obviously attacked may aspects and areas of my computer.

Edited by hYlAnDeR~TFC, 16 May 2012 - 07:11 PM.

hYlAnDeR~TFC~
[OF/FA] Orion Faction-Retired
Game Squad Fleet Admiral~Retired

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 AM

Posted 16 May 2012 - 07:34 PM

Ok what sent me there were all the event log errors for Nmsrvc.exe.
Process/File Name Nmsrvc.exe
Manufacturer Pure Networks
Associated Program Pure Networks Network Magic
File Path %programfiles%Pure NetworksNetwork Magicnmsrvc.exe


Network Magic Service. This is the core program of your Network Magic software : "It enables file sharing, printer sharing, and network monitoring.

Network magic helps home network users quickly solve network related problems as well as configure network related services.
File Location: C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe

Is yours here?

Edited by boopme, 16 May 2012 - 07:35 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 hYlAnDeR~TFC

hYlAnDeR~TFC
  • Topic Starter

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 16 May 2012 - 07:53 PM

Just checked,

I did not see or locate any Network Magic Service, or Pure Networks or any file or folder in C:. Also check control panel programs installed, could not see any traces of it there either.

I am not familiar with the above program. However, prior to me posting for help with both the windows 7 stuck update and this request for help on this forum, I did download what I thought was a safe file for help to get windows 7 to accept the updates when updates get stuck. I downloaded the program and scanned it with Malwarebytes and the other program I use, and it did not find anything malicious. I don't recall if I used it or not. Actually, I'm pretty sure I did not use it because I thought I would make a post to your website for help with the windows 7 stuck update first, and then decided to just delete that easy fix program I downloaded. I just can't recall what the name of it was.

Edited by hYlAnDeR~TFC, 16 May 2012 - 08:06 PM.

hYlAnDeR~TFC~
[OF/FA] Orion Faction-Retired
Game Squad Fleet Admiral~Retired

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 AM

Posted 16 May 2012 - 08:21 PM

If you do a file search for Nmsrvc.exe.
where does it find it?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 hYlAnDeR~TFC

hYlAnDeR~TFC
  • Topic Starter

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 16 May 2012 - 11:40 PM

Ok,

I did a search in computer. Sorry, I am still learning how to use Windows 7. I have only had this new computer for almost 2 months and this is my first computer upgrade in 8 yrs. The last system I had I was using Windows XP Home Edition. So, again, I am still a bit slow at this and still figuring out how to use Windows7.

Anyways. I ran the file search and this is where it found the Nmsrvc.exe


*********************
*********************


C:\Program Files (x86)\Common Files\Pure Networks Shar... ( I think this is the one you are referring to?)

There are a bunch of logfile.nmsrvc_exe_1 files in C:\ProgramData\Pure Networks\Log

There are also a bunch of AppCrash_nmsrvc.exe_b3277..... files located at C:\ProgramData\Microsoft\Windows\WER\ReportQueue

There is an Nmsrvc file in C:\Users|William\Recent
hYlAnDeR~TFC~
[OF/FA] Orion Faction-Retired
Game Squad Fleet Admiral~Retired

#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 AM

Posted 17 May 2012 - 03:06 PM

Thanks ,,I am not razor sharp on 6 either. As I think there is no malware and I feel that file is the issue,ask about it in WIN7 and thise guys will tell you how to replace or whatever with it. They can look at other things and be sure.. as it is part of a service we can't just disable it.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 hYlAnDeR~TFC

hYlAnDeR~TFC
  • Topic Starter

  • Members
  • 257 posts
  • OFFLINE
  •  
  • Local time:03:10 AM

Posted 17 May 2012 - 05:55 PM

Ok,

I am at work and have access to your forum at the moment. Once I get home tonight, I will go ahead and start another thread on the Win7 forum. May we please keep this thread open until we determine for certain that I am not infected with a viurs/es??

Having said that, I just want to confirm that you strongly believe that my system is not infected. My system is running 10x + slower than it did since last Saturday; It takes almost 5 minutes to boot up, whereas it used to take about 1 1/2 to 2 mins to boot up; it takes longer to shut down; I did not install any new or major programs onto my system that would cause it to slow down to the crawl it works at now; IE is completely inoperalbe and is totally broke; Firefox works ok, but it too is very shaky at times and if I use it too much when I am at home reading this forum, it eventually crashes; internet gaming is inoperable; My Windows 7 Live Mail works initially when I need to read my email, but I am unable to close it all the way, and when I try to reopen it, it does not work-in order to open it up again requires reboot; my internet connection takes approximately 30 to 40 seconds to come on line from my network after boot up, whereas before my connection was nearly instantaneous before; I have intermittant connectivity issues; and all this began suddently last Sunday. So, based on my experience from having acquired infections before, all these conditions described hints toward infection.

I truly hope I am wrong. I really don't know what would have caused a file, like the one you are referencing above, to become corrupted or damaged when I haven't really uploaded any major programs or software.

But, I will go ahead and post a new thread when I get home tonight as you recommend. I do thank you for all your help so far. Again, please keep this thread open pending the response and/or help I get from the Win7 forum.

Blessings!
hYlAnDeR~TFC~
[OF/FA] Orion Faction-Retired
Game Squad Fleet Admiral~Retired

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:10 AM

Posted 17 May 2012 - 07:12 PM

Yes ,it will stay open. nebtion I said to go there so they don't skip you for having 2 threads. you can link gere so they see its OK.

http://www.bleepingcomputer.com/forums/topic453659.html/page__pid__2702421#entry2702421
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users