Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus and hacked account


  • This topic is locked This topic is locked
16 replies to this topic

#1 4theHorde

4theHorde

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 14 September 2012 - 02:21 PM

It all started when I recieved an e-mail from my battle.net account, telling me that some of my information had recently been changed. I had canceled the account some time ago and it concerned me so I logged on to verify my information and change my password just to be safe, I had also changed my e-mail password. After a couple of days a friend of mine who still had an active account told me via facebook that he didn't know I started playing again and that I was online. I had to call battle.net coustomer service and stay on hold for about half an hour because when I tried to log in my password had been changed along with my security questions. After proving who I was the person who was playing as me was kicked off and my account was locked. Once again I changed my account and e-mail password. Battle.net suggested that it was a keylogger virus and I should run a full scan along with malwarebytes. I tried to run a full scan of my computer with kaspersky and it froze about halfway and said it couldn't connect to the internet. On my desktop is a display of accuweather and it also was showing it had lost connection. When I ran malwarebytes it also stopped halfway through saying not responding reading that it had found 22 threats, again with my accuweather showing lost connection. Both times I ran the scans I had to force shutdown my computer because it locked up and nothing would run. My computer only locks up when I run the scans, other than that I can go online and open any other programs. Currently I am using my laptop just in case and don't know exactly what I should and shouldn't do on my desktop with it being infected. I think keylogger may be part of it, but since my computer got locked up after scans I think there may be something else as well. I purchased a backup drive and saved all of my important files that I want to keep and I hope you can help me with this issue. My brother told me about this site and how helpful you were to him through his redirect virus issue. I hope you can help me also.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:10 AM

Posted 14 September 2012 - 08:11 PM

You need to change the passwords from a non infected PC as they may be monitoring you.

Lets see if there is something on here.

I don't know your Operating System so...

Reboot into Safe Mode with Networking
How to start Windows 7 in Safe Mode

<<><<><><><><><><><><><><><><><><><><><><><>
Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.


>>>> Download this file and doubleclick on it to run it. Allow the information to be merged with the registry.

Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Next run Superantisypware (SAS):

Please download and scan with SUPERAntiSpyware Free
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
    For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
  • Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the Control Center screen.
  • Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
  • If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
  • Click the Scan your computer... button.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes" and reboot normally.

To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
  • Click the View Scan Logs button at the bottom.
  • This will open the Scanner Logs Window.
  • Click on the log to highlight it and then click on View Selected Log to open it.
  • Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



Rerun MBAM (MalwareBytes) like this:

Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select Quick scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 4theHorde

4theHorde
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 15 September 2012 - 04:20 PM

Ok, I ran the SuperAntiSpyware scan and tried to copy and past the log you requested here. I kept getting an error that the message was too long here, so I messaged you directly and according to what I saw it went through to you that way. I will be waiting to hear what to do next and I hope to get the all clear from you soon. Thank you sooo much for helping me with this issue. After the SuperAntiSpyware scan did you also want me to do TDSSKiller.exe. and the MBAM you mention after or is that if the SuperAntiSpyware scan didn't work?

Edited by 4theHorde, 15 September 2012 - 04:26 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:10 AM

Posted 15 September 2012 - 07:25 PM

Hello, yes I would like too run those next and let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 4theHorde

4theHorde
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 16 September 2012 - 11:50 AM

After my post yesterday I tried to shutdown my computer untill I could continue. I noticed that my accuweather had lost connection and during shutdown it was installing updates 1 of 7. When I came home several hours later it was still saying installing updates 1 of 7. This morning I ran the TDSSKiller and it said no threats detected. The time took 11sec and it processed 435 objects with no reboot needed. Here is the report.
09:39:09.0712 2028 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
09:39:10.0134 2028 ============================================================
09:39:10.0134 2028 Current date / time: 2012/09/16 09:39:10.0134
09:39:10.0134 2028 SystemInfo:
09:39:10.0134 2028
09:39:10.0134 2028 OS Version: 6.1.7601 ServicePack: 1.0
09:39:10.0134 2028 Product type: Workstation
09:39:10.0134 2028 ComputerName: JOSHUA-PC
09:39:10.0134 2028 UserName: Joshua
09:39:10.0134 2028 Windows directory: C:\Windows
09:39:10.0134 2028 System windows directory: C:\Windows
09:39:10.0134 2028 Running under WOW64
09:39:10.0134 2028 Processor architecture: Intel x64
09:39:10.0134 2028 Number of processors: 8
09:39:10.0134 2028 Page size: 0x1000
09:39:10.0134 2028 Boot type: Safe boot with network
09:39:10.0134 2028 ============================================================
09:39:11.0288 2028 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:39:11.0694 2028 Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x17A84B, SectorsPerTrack: 0xE, TracksPerCylinder: 0x87, Type 'K0', Flags 0x00000040
09:39:11.0709 2028 Drive \Device\Harddisk7\DR7 - Size: 0xEFC00000 (3.75 Gb), SectorSize: 0x200, Cylinders: 0x1E9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:39:11.0709 2028 ============================================================
09:39:11.0709 2028 \Device\Harddisk0\DR0:
09:39:11.0725 2028 MBR partitions:
09:39:11.0725 2028 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A80000
09:39:11.0725 2028 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A94000, BlocksNum 0x72C72000
09:39:11.0725 2028 \Device\Harddisk1\DR1:
09:39:11.0725 2028 MBR partitions:
09:39:11.0725 2028 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:39:11.0725 2028 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAEA54800
09:39:11.0725 2028 \Device\Harddisk7\DR7:
09:39:11.0725 2028 MBR partitions:
09:39:11.0725 2028 \Device\Harddisk7\DR7\Partition1: MBR, Type 0xB, StartLBA 0x448, BlocksNum 0x77DBB8
09:39:11.0725 2028 ============================================================
09:39:11.0756 2028 C: <-> \Device\Harddisk0\DR0\Partition2
09:39:11.0756 2028 E: <-> \Device\Harddisk1\DR1\Partition1
09:39:11.0772 2028 F: <-> \Device\Harddisk1\DR1\Partition2
09:39:11.0772 2028 ============================================================
09:39:11.0772 2028 Initialize success
09:39:11.0772 2028 ============================================================
09:39:46.0606 1116 ============================================================
09:39:46.0606 1116 Scan started
09:39:46.0606 1116 Mode: Manual; TDLFS;
09:39:46.0606 1116 ============================================================
09:39:47.0402 1116 ================ Scan system memory ========================
09:39:47.0402 1116 System memory - ok
09:39:47.0402 1116 ================ Scan services =============================
09:39:47.0449 1116 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
09:39:47.0449 1116 !SASCORE - ok
09:39:47.0542 1116 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:39:47.0542 1116 1394ohci - ok
09:39:47.0558 1116 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:39:47.0558 1116 ACPI - ok
09:39:47.0574 1116 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:39:47.0574 1116 AcpiPmi - ok
09:39:47.0667 1116 [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
09:39:47.0667 1116 Adobe Version Cue CS3 - ok
09:39:47.0714 1116 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:39:47.0714 1116 AdobeARMservice - ok
09:39:47.0823 1116 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:39:47.0823 1116 AdobeFlashPlayerUpdateSvc - ok
09:39:47.0839 1116 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:39:47.0854 1116 adp94xx - ok
09:39:47.0854 1116 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:39:47.0854 1116 adpahci - ok
09:39:47.0854 1116 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:39:47.0870 1116 adpu320 - ok
09:39:47.0870 1116 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:39:47.0886 1116 AeLookupSvc - ok
09:39:47.0932 1116 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
09:39:47.0948 1116 AFD - ok
09:39:47.0948 1116 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
09:39:47.0948 1116 agp440 - ok
09:39:47.0964 1116 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:39:47.0964 1116 ALG - ok
09:39:47.0964 1116 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
09:39:47.0964 1116 aliide - ok
09:39:47.0995 1116 [ 310F88A93C3B02E3D1F906FB57B9E01E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:39:47.0995 1116 AMD External Events Utility - ok
09:39:47.0995 1116 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
09:39:47.0995 1116 amdide - ok
09:39:48.0010 1116 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:39:48.0010 1116 AmdK8 - ok
09:39:48.0135 1116 [ 62DDF55680F8C53E4B8DDE4189ADA0B8 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:39:48.0244 1116 amdkmdag - ok
09:39:48.0260 1116 [ 51F027DFFEDFB8D763FABFFA06B56E6D ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:39:48.0260 1116 amdkmdap - ok
09:39:48.0276 1116 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:39:48.0276 1116 AmdPPM - ok
09:39:48.0291 1116 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:39:48.0291 1116 amdsata - ok
09:39:48.0307 1116 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:39:48.0307 1116 amdsbs - ok
09:39:48.0322 1116 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:39:48.0322 1116 amdxata - ok
09:39:48.0322 1116 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
09:39:48.0322 1116 AppID - ok
09:39:48.0322 1116 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:39:48.0322 1116 AppIDSvc - ok
09:39:48.0338 1116 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
09:39:48.0338 1116 Appinfo - ok
09:39:48.0338 1116 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
09:39:48.0338 1116 arc - ok
09:39:48.0338 1116 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:39:48.0338 1116 arcsas - ok
09:39:48.0400 1116 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:39:48.0416 1116 aspnet_state - ok
09:39:48.0416 1116 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:39:48.0416 1116 AsyncMac - ok
09:39:48.0447 1116 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
09:39:48.0447 1116 atapi - ok
09:39:48.0478 1116 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
09:39:48.0478 1116 AtiHDAudioService - ok
09:39:48.0510 1116 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:39:48.0510 1116 AudioEndpointBuilder - ok
09:39:48.0510 1116 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:39:48.0525 1116 AudioSrv - ok
09:39:48.0588 1116 [ 2718DC27571BD1E37813F5759D2DC118 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
09:39:48.0588 1116 AVP - ok
09:39:48.0619 1116 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:39:48.0619 1116 AxInstSV - ok
09:39:48.0650 1116 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:39:48.0650 1116 b06bdrv - ok
09:39:48.0666 1116 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:39:48.0666 1116 b57nd60a - ok
09:39:48.0681 1116 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:39:48.0681 1116 BDESVC - ok
09:39:48.0697 1116 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:39:48.0697 1116 Beep - ok
09:39:48.0712 1116 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
09:39:48.0728 1116 BFE - ok
09:39:48.0744 1116 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
09:39:48.0822 1116 BITS - ok
09:39:48.0837 1116 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:39:48.0837 1116 blbdrive - ok
09:39:48.0868 1116 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
09:39:48.0868 1116 Bonjour Service - ok
09:39:48.0900 1116 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:39:48.0900 1116 bowser - ok
09:39:48.0900 1116 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:39:48.0900 1116 BrFiltLo - ok
09:39:48.0900 1116 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:39:48.0900 1116 BrFiltUp - ok
09:39:48.0931 1116 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
09:39:48.0931 1116 Browser - ok
09:39:48.0962 1116 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:39:48.0962 1116 Brserid - ok
09:39:48.0962 1116 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:39:48.0962 1116 BrSerWdm - ok
09:39:48.0962 1116 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:39:48.0962 1116 BrUsbMdm - ok
09:39:48.0978 1116 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:39:48.0978 1116 BrUsbSer - ok
09:39:48.0993 1116 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:39:48.0993 1116 BTHMODEM - ok
09:39:48.0993 1116 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:39:49.0009 1116 bthserv - ok
09:39:49.0009 1116 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:39:49.0009 1116 cdfs - ok
09:39:49.0024 1116 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:39:49.0024 1116 cdrom - ok
09:39:49.0024 1116 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
09:39:49.0040 1116 CertPropSvc - ok
09:39:49.0056 1116 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
09:39:49.0056 1116 circlass - ok
09:39:49.0071 1116 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:39:49.0071 1116 CLFS - ok
09:39:49.0118 1116 [ BB86F147B2A7152E4B4D71A2F0A87D41 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe
09:39:49.0118 1116 CLKMSVC10_9EC60124 - ok
09:39:49.0149 1116 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:39:49.0196 1116 clr_optimization_v2.0.50727_32 - ok
09:39:49.0243 1116 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:39:49.0243 1116 clr_optimization_v2.0.50727_64 - ok
09:39:49.0290 1116 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:39:49.0321 1116 clr_optimization_v4.0.30319_32 - ok
09:39:49.0336 1116 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:39:49.0352 1116 clr_optimization_v4.0.30319_64 - ok
09:39:49.0383 1116 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:39:49.0399 1116 CmBatt - ok
09:39:49.0399 1116 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:39:49.0399 1116 cmdide - ok
09:39:49.0430 1116 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
09:39:49.0446 1116 CNG - ok
09:39:49.0461 1116 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:39:49.0461 1116 Compbatt - ok
09:39:49.0477 1116 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:39:49.0477 1116 CompositeBus - ok
09:39:49.0492 1116 COMSysApp - ok
09:39:49.0508 1116 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:39:49.0508 1116 crcdisk - ok
09:39:49.0508 1116 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:39:49.0524 1116 CryptSvc - ok
09:39:49.0539 1116 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:39:49.0539 1116 DcomLaunch - ok
09:39:49.0555 1116 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:39:49.0570 1116 defragsvc - ok
09:39:49.0570 1116 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:39:49.0586 1116 DfsC - ok
09:39:49.0586 1116 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
09:39:49.0586 1116 Dhcp - ok
09:39:49.0602 1116 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:39:49.0602 1116 discache - ok
09:39:49.0617 1116 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
09:39:49.0617 1116 Disk - ok
09:39:49.0633 1116 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:39:49.0633 1116 Dnscache - ok
09:39:49.0648 1116 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
09:39:49.0648 1116 dot3svc - ok
09:39:49.0664 1116 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
09:39:49.0664 1116 DPS - ok
09:39:49.0695 1116 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:39:49.0695 1116 drmkaud - ok
09:39:49.0711 1116 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:39:49.0726 1116 DXGKrnl - ok
09:39:49.0726 1116 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:39:49.0742 1116 EapHost - ok
09:39:49.0789 1116 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:39:49.0836 1116 ebdrv - ok
09:39:49.0867 1116 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
09:39:49.0867 1116 EFS - ok
09:39:49.0914 1116 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:39:49.0929 1116 ehRecvr - ok
09:39:49.0945 1116 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:39:49.0945 1116 ehSched - ok
09:39:49.0960 1116 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:39:49.0960 1116 elxstor - ok
09:39:49.0960 1116 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:39:49.0960 1116 ErrDev - ok
09:39:49.0992 1116 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:39:49.0992 1116 EventSystem - ok
09:39:50.0007 1116 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:39:50.0007 1116 exfat - ok
09:39:50.0023 1116 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:39:50.0023 1116 fastfat - ok
09:39:50.0038 1116 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
09:39:50.0038 1116 Fax - ok
09:39:50.0054 1116 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
09:39:50.0054 1116 fdc - ok
09:39:50.0054 1116 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:39:50.0070 1116 fdPHost - ok
09:39:50.0085 1116 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:39:50.0085 1116 FDResPub - ok
09:39:50.0085 1116 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:39:50.0085 1116 FileInfo - ok
09:39:50.0101 1116 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:39:50.0101 1116 Filetrace - ok
09:39:50.0132 1116 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:39:50.0132 1116 FLEXnet Licensing Service - ok
09:39:50.0148 1116 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:39:50.0148 1116 flpydisk - ok
09:39:50.0148 1116 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:39:50.0163 1116 FltMgr - ok
09:39:50.0194 1116 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
09:39:50.0210 1116 FontCache - ok
09:39:50.0241 1116 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:39:50.0241 1116 FontCache3.0.0.0 - ok
09:39:50.0257 1116 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:39:50.0257 1116 FsDepends - ok
09:39:50.0272 1116 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:39:50.0272 1116 Fs_Rec - ok
09:39:50.0288 1116 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:39:50.0288 1116 fvevol - ok
09:39:50.0304 1116 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:39:50.0304 1116 gagp30kx - ok
09:39:50.0319 1116 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
09:39:50.0335 1116 gpsvc - ok
09:39:50.0428 1116 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:39:50.0428 1116 gupdate - ok
09:39:50.0428 1116 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:39:50.0428 1116 gupdatem - ok
09:39:50.0460 1116 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:39:50.0460 1116 gusvc - ok
09:39:50.0475 1116 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:39:50.0475 1116 hcw85cir - ok
09:39:50.0506 1116 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:39:50.0506 1116 HdAudAddService - ok
09:39:50.0538 1116 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:39:50.0538 1116 HDAudBus - ok
09:39:50.0538 1116 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:39:50.0538 1116 HidBatt - ok
09:39:50.0538 1116 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:39:50.0553 1116 HidBth - ok
09:39:50.0553 1116 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
09:39:50.0553 1116 HidIr - ok
09:39:50.0569 1116 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:39:50.0569 1116 hidserv - ok
09:39:50.0584 1116 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:39:50.0584 1116 HidUsb - ok
09:39:50.0616 1116 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:39:50.0616 1116 hkmsvc - ok
09:39:50.0616 1116 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:39:50.0616 1116 HomeGroupListener - ok
09:39:50.0631 1116 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:39:50.0631 1116 HomeGroupProvider - ok
09:39:50.0631 1116 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:39:50.0631 1116 HpSAMD - ok
09:39:50.0662 1116 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:39:50.0662 1116 HTTP - ok
09:39:50.0678 1116 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:39:50.0678 1116 hwpolicy - ok
09:39:50.0694 1116 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:39:50.0694 1116 i8042prt - ok
09:39:50.0709 1116 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
09:39:50.0709 1116 iaStor - ok
09:39:50.0756 1116 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:39:50.0756 1116 IAStorDataMgrSvc - ok
09:39:50.0772 1116 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:39:50.0787 1116 iaStorV - ok
09:39:50.0818 1116 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:39:50.0834 1116 idsvc - ok
09:39:50.0834 1116 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:39:50.0834 1116 iirsp - ok
09:39:50.0850 1116 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
09:39:50.0865 1116 IKEEXT - ok
09:39:50.0912 1116 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:39:50.0959 1116 IntcAzAudAddService - ok
09:39:50.0974 1116 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
09:39:50.0974 1116 IntcDAud - ok
09:39:50.0990 1116 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
09:39:50.0990 1116 intelide - ok
09:39:51.0006 1116 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:39:51.0006 1116 intelppm - ok
09:39:51.0021 1116 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:39:51.0021 1116 IPBusEnum - ok
09:39:51.0021 1116 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:39:51.0037 1116 IpFilterDriver - ok
09:39:51.0052 1116 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:39:51.0052 1116 iphlpsvc - ok
09:39:51.0068 1116 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:39:51.0068 1116 IPMIDRV - ok
09:39:51.0068 1116 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:39:51.0068 1116 IPNAT - ok
09:39:51.0084 1116 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:39:51.0084 1116 IRENUM - ok
09:39:51.0099 1116 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:39:51.0099 1116 isapnp - ok
09:39:51.0115 1116 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:39:51.0115 1116 iScsiPrt - ok
09:39:51.0130 1116 [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
09:39:51.0130 1116 k57nd60a - ok
09:39:51.0146 1116 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:39:51.0146 1116 kbdclass - ok
09:39:51.0162 1116 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:39:51.0162 1116 kbdhid - ok
09:39:51.0177 1116 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
09:39:51.0177 1116 KeyIso - ok
09:39:51.0240 1116 [ E656FE10D6D27794AFA08136685A69E8 ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
09:39:51.0240 1116 KL1 - ok
09:39:51.0271 1116 [ D865DD8B0448E3F963D68C04C532858F ] kl2 C:\Windows\system32\DRIVERS\kl2.sys
09:39:51.0271 1116 kl2 - ok
09:39:51.0302 1116 [ C7D4F357C482DD37E2B05F34093B7B0C ] KLIF C:\Windows\system32\DRIVERS\klif.sys
09:39:51.0318 1116 KLIF - ok
09:39:51.0349 1116 [ 89FB5A33D7171B6D84F5EB721D5055E1 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
09:39:51.0349 1116 KLIM6 - ok
09:39:51.0364 1116 [ 9468D07E91BA136D82415F5DFC1FE168 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
09:39:51.0364 1116 klmouflt - ok
09:39:51.0396 1116 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:39:51.0396 1116 KSecDD - ok
09:39:51.0411 1116 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:39:51.0411 1116 KSecPkg - ok
09:39:51.0411 1116 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:39:51.0411 1116 ksthunk - ok
09:39:51.0427 1116 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:39:51.0442 1116 KtmRm - ok
09:39:51.0474 1116 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:39:51.0474 1116 LanmanServer - ok
09:39:51.0474 1116 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:39:51.0489 1116 LanmanWorkstation - ok
09:39:51.0505 1116 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:39:51.0505 1116 lltdio - ok
09:39:51.0520 1116 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:39:51.0520 1116 lltdsvc - ok
09:39:51.0536 1116 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:39:51.0536 1116 lmhosts - ok
09:39:51.0552 1116 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:39:51.0552 1116 LSI_FC - ok
09:39:51.0552 1116 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:39:51.0552 1116 LSI_SAS - ok
09:39:51.0567 1116 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:39:51.0567 1116 LSI_SAS2 - ok
09:39:51.0567 1116 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:39:51.0567 1116 LSI_SCSI - ok
09:39:51.0583 1116 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:39:51.0583 1116 luafv - ok
09:39:51.0614 1116 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:39:51.0614 1116 MBAMProtector - ok
09:39:51.0645 1116 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:39:51.0661 1116 MBAMService - ok
09:39:51.0676 1116 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:39:51.0676 1116 Mcx2Svc - ok
09:39:51.0754 1116 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
09:39:51.0754 1116 MDM - ok
09:39:51.0754 1116 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
09:39:51.0754 1116 megasas - ok
09:39:51.0770 1116 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:39:51.0770 1116 MegaSR - ok
09:39:51.0786 1116 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:39:51.0786 1116 MEIx64 - ok
09:39:51.0817 1116 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:39:51.0817 1116 MMCSS - ok
09:39:51.0817 1116 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:39:51.0817 1116 Modem - ok
09:39:51.0817 1116 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:39:51.0817 1116 monitor - ok
09:39:51.0832 1116 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:39:51.0832 1116 mouclass - ok
09:39:51.0848 1116 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:39:51.0848 1116 mouhid - ok
09:39:51.0848 1116 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:39:51.0848 1116 mountmgr - ok
09:39:51.0864 1116 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
09:39:51.0864 1116 mpio - ok
09:39:51.0879 1116 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:39:51.0879 1116 mpsdrv - ok
09:39:51.0910 1116 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:39:51.0910 1116 MpsSvc - ok
09:39:51.0910 1116 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:39:51.0910 1116 MRxDAV - ok
09:39:51.0942 1116 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:39:51.0942 1116 mrxsmb - ok
09:39:51.0957 1116 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:39:51.0957 1116 mrxsmb10 - ok
09:39:51.0957 1116 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:39:51.0957 1116 mrxsmb20 - ok
09:39:51.0973 1116 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
09:39:51.0973 1116 msahci - ok
09:39:51.0988 1116 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:39:51.0988 1116 msdsm - ok
09:39:52.0004 1116 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:39:52.0004 1116 MSDTC - ok
09:39:52.0004 1116 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:39:52.0004 1116 Msfs - ok
09:39:52.0020 1116 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:39:52.0020 1116 mshidkmdf - ok
09:39:52.0020 1116 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:39:52.0020 1116 msisadrv - ok
09:39:52.0035 1116 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:39:52.0035 1116 MSiSCSI - ok
09:39:52.0051 1116 msiserver - ok
09:39:52.0066 1116 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:39:52.0066 1116 MSKSSRV - ok
09:39:52.0066 1116 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:39:52.0066 1116 MSPCLOCK - ok
09:39:52.0082 1116 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:39:52.0082 1116 MSPQM - ok
09:39:52.0098 1116 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:39:52.0098 1116 MsRPC - ok
09:39:52.0113 1116 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:39:52.0113 1116 mssmbios - ok
09:39:52.0129 1116 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:39:52.0129 1116 MSTEE - ok
09:39:52.0129 1116 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:39:52.0129 1116 MTConfig - ok
09:39:52.0129 1116 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:39:52.0129 1116 Mup - ok
09:39:52.0160 1116 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
09:39:52.0160 1116 napagent - ok
09:39:52.0191 1116 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:39:52.0191 1116 NativeWifiP - ok
09:39:52.0222 1116 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:39:52.0222 1116 NDIS - ok
09:39:52.0222 1116 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:39:52.0222 1116 NdisCap - ok
09:39:52.0254 1116 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:39:52.0254 1116 NdisTapi - ok
09:39:52.0254 1116 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:39:52.0254 1116 Ndisuio - ok
09:39:52.0269 1116 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:39:52.0269 1116 NdisWan - ok
09:39:52.0269 1116 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:39:52.0269 1116 NDProxy - ok
09:39:52.0285 1116 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:39:52.0285 1116 NetBIOS - ok
09:39:52.0300 1116 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:39:52.0300 1116 NetBT - ok
09:39:52.0300 1116 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
09:39:52.0300 1116 Netlogon - ok
09:39:52.0332 1116 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:39:52.0332 1116 Netman - ok
09:39:52.0363 1116 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:39:52.0410 1116 NetMsmqActivator - ok
09:39:52.0410 1116 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:39:52.0410 1116 NetPipeActivator - ok
09:39:52.0425 1116 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:39:52.0425 1116 netprofm - ok
09:39:52.0441 1116 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:39:52.0441 1116 NetTcpActivator - ok
09:39:52.0441 1116 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:39:52.0441 1116 NetTcpPortSharing - ok
09:39:52.0441 1116 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:39:52.0441 1116 nfrd960 - ok
09:39:52.0456 1116 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:39:52.0456 1116 NlaSvc - ok
09:39:52.0472 1116 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:39:52.0472 1116 Npfs - ok
09:39:52.0472 1116 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:39:52.0472 1116 nsi - ok
09:39:52.0488 1116 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:39:52.0488 1116 nsiproxy - ok
09:39:52.0519 1116 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:39:52.0534 1116 Ntfs - ok
09:39:52.0550 1116 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:39:52.0550 1116 Null - ok
09:39:52.0581 1116 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:39:52.0581 1116 NVHDA - ok
09:39:52.0784 1116 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:39:52.0956 1116 nvlddmkm - ok
09:39:52.0971 1116 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:39:52.0987 1116 nvraid - ok
09:39:52.0987 1116 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:39:52.0987 1116 nvstor - ok
09:39:53.0034 1116 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:39:53.0034 1116 nvsvc - ok
09:39:53.0096 1116 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:39:53.0127 1116 nvUpdatusService - ok
09:39:53.0143 1116 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:39:53.0143 1116 nv_agp - ok
09:39:53.0190 1116 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:39:53.0190 1116 odserv - ok
09:39:53.0205 1116 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:39:53.0205 1116 ohci1394 - ok
09:39:53.0236 1116 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:39:53.0236 1116 ose - ok
09:39:53.0268 1116 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:39:53.0283 1116 p2pimsvc - ok
09:39:53.0299 1116 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:39:53.0299 1116 p2psvc - ok
09:39:53.0314 1116 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
09:39:53.0314 1116 Parport - ok
09:39:53.0346 1116 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:39:53.0346 1116 partmgr - ok
09:39:53.0361 1116 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:39:53.0361 1116 PcaSvc - ok
09:39:53.0377 1116 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
09:39:53.0377 1116 pci - ok
09:39:53.0392 1116 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
09:39:53.0408 1116 pciide - ok
09:39:53.0424 1116 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:39:53.0424 1116 pcmcia - ok
09:39:53.0439 1116 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:39:53.0439 1116 pcw - ok
09:39:53.0455 1116 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:39:53.0455 1116 PEAUTH - ok
09:39:53.0502 1116 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:39:53.0533 1116 PerfHost - ok
09:39:53.0564 1116 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
09:39:53.0595 1116 pla - ok
09:39:53.0626 1116 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:39:53.0626 1116 PlugPlay - ok
09:39:53.0626 1116 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:39:53.0642 1116 PNRPAutoReg - ok
09:39:53.0642 1116 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:39:53.0642 1116 PNRPsvc - ok
09:39:53.0658 1116 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:39:53.0673 1116 PolicyAgent - ok
09:39:53.0689 1116 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
09:39:53.0689 1116 Power - ok
09:39:53.0704 1116 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:39:53.0704 1116 PptpMiniport - ok
09:39:53.0704 1116 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
09:39:53.0720 1116 Processor - ok
09:39:53.0751 1116 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:39:53.0751 1116 ProfSvc - ok
09:39:53.0767 1116 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:39:53.0767 1116 ProtectedStorage - ok
09:39:53.0767 1116 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:39:53.0767 1116 Psched - ok
09:39:53.0814 1116 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
09:39:53.0814 1116 PxHlpa64 - ok
09:39:53.0845 1116 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:39:53.0876 1116 ql2300 - ok
09:39:53.0876 1116 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:39:53.0876 1116 ql40xx - ok
09:39:53.0892 1116 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:39:53.0892 1116 QWAVE - ok
09:39:53.0907 1116 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:39:53.0907 1116 QWAVEdrv - ok
09:39:53.0907 1116 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:39:53.0907 1116 RasAcd - ok
09:39:53.0923 1116 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:39:53.0923 1116 RasAgileVpn - ok
09:39:53.0938 1116 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:39:53.0938 1116 RasAuto - ok
09:39:53.0938 1116 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:39:53.0954 1116 Rasl2tp - ok
09:39:53.0970 1116 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
09:39:53.0970 1116 RasMan - ok
09:39:53.0970 1116 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:39:53.0970 1116 RasPppoe - ok
09:39:53.0985 1116 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:39:53.0985 1116 RasSstp - ok
09:39:53.0985 1116 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:39:54.0001 1116 rdbss - ok
09:39:54.0001 1116 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:39:54.0001 1116 rdpbus - ok
09:39:54.0016 1116 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:39:54.0016 1116 RDPCDD - ok
09:39:54.0032 1116 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:39:54.0032 1116 RDPENCDD - ok
09:39:54.0032 1116 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:39:54.0032 1116 RDPREFMP - ok
09:39:54.0063 1116 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:39:54.0079 1116 RDPWD - ok
09:39:54.0094 1116 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:39:54.0094 1116 rdyboost - ok
09:39:54.0126 1116 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:39:54.0126 1116 RemoteAccess - ok
09:39:54.0126 1116 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:39:54.0126 1116 RemoteRegistry - ok
09:39:54.0172 1116 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
09:39:54.0204 1116 RoxMediaDB12OEM - ok
09:39:54.0250 1116 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
09:39:54.0250 1116 RoxWatch12 - ok
09:39:54.0250 1116 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:39:54.0250 1116 RpcEptMapper - ok
09:39:54.0266 1116 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:39:54.0266 1116 RpcLocator - ok
09:39:54.0282 1116 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
09:39:54.0282 1116 RpcSs - ok
09:39:54.0297 1116 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:39:54.0297 1116 rspndr - ok
09:39:54.0297 1116 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
09:39:54.0297 1116 SamSs - ok
09:39:54.0344 1116 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
09:39:54.0344 1116 SASDIFSV - ok
09:39:54.0344 1116 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
09:39:54.0344 1116 SASKUTIL - ok
09:39:54.0360 1116 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:39:54.0360 1116 sbp2port - ok
09:39:54.0360 1116 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:39:54.0360 1116 SCardSvr - ok
09:39:54.0375 1116 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:39:54.0375 1116 scfilter - ok
09:39:54.0406 1116 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
09:39:54.0422 1116 Schedule - ok
09:39:54.0438 1116 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:39:54.0438 1116 SCPolicySvc - ok
09:39:54.0453 1116 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:39:54.0453 1116 SDRSVC - ok
09:39:54.0453 1116 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:39:54.0453 1116 secdrv - ok
09:39:54.0469 1116 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
09:39:54.0469 1116 seclogon - ok
09:39:54.0484 1116 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:39:54.0484 1116 SENS - ok
09:39:54.0484 1116 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:39:54.0484 1116 SensrSvc - ok
09:39:54.0500 1116 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:39:54.0500 1116 Serenum - ok
09:39:54.0516 1116 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
09:39:54.0531 1116 Serial - ok
09:39:54.0531 1116 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:39:54.0531 1116 sermouse - ok
09:39:54.0547 1116 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
09:39:54.0547 1116 SessionEnv - ok
09:39:54.0562 1116 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:39:54.0562 1116 sffdisk - ok
09:39:54.0562 1116 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:39:54.0562 1116 sffp_mmc - ok
09:39:54.0578 1116 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:39:54.0578 1116 sffp_sd - ok
09:39:54.0578 1116 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:39:54.0578 1116 sfloppy - ok
09:39:54.0625 1116 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
09:39:54.0656 1116 SftService - ok
09:39:54.0656 1116 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:39:54.0672 1116 SharedAccess - ok
09:39:54.0687 1116 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:39:54.0687 1116 ShellHWDetection - ok
09:39:54.0703 1116 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:39:54.0703 1116 SiSRaid2 - ok
09:39:54.0718 1116 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:39:54.0718 1116 SiSRaid4 - ok
09:39:54.0718 1116 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:39:54.0718 1116 Smb - ok
09:39:54.0734 1116 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:39:54.0734 1116 SNMPTRAP - ok
09:39:54.0750 1116 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:39:54.0750 1116 spldr - ok
09:39:54.0781 1116 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
09:39:54.0781 1116 Spooler - ok
09:39:54.0828 1116 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
09:39:54.0874 1116 sppsvc - ok
09:39:54.0890 1116 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:39:54.0890 1116 sppuinotify - ok
09:39:54.0921 1116 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
09:39:54.0921 1116 srv - ok
09:39:54.0921 1116 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:39:54.0937 1116 srv2 - ok
09:39:54.0937 1116 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:39:54.0937 1116 srvnet - ok
09:39:54.0952 1116 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:39:54.0968 1116 SSDPSRV - ok
09:39:54.0984 1116 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:39:54.0984 1116 SstpSvc - ok
09:39:55.0046 1116 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:39:55.0046 1116 Stereo Service - ok
09:39:55.0062 1116 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:39:55.0062 1116 stexstor - ok
09:39:55.0093 1116 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
09:39:55.0093 1116 stisvc - ok
09:39:55.0124 1116 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
09:39:55.0140 1116 stllssvr - ok
09:39:55.0140 1116 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:39:55.0140 1116 swenum - ok
09:39:55.0171 1116 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:39:55.0171 1116 swprv - ok
09:39:55.0202 1116 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
09:39:55.0233 1116 SysMain - ok
09:39:55.0249 1116 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:39:55.0249 1116 TabletInputService - ok
09:39:55.0264 1116 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:39:55.0264 1116 TapiSrv - ok
09:39:55.0264 1116 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:39:55.0280 1116 TBS - ok
09:39:55.0327 1116 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:39:55.0358 1116 Tcpip - ok
09:39:55.0389 1116 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:39:55.0389 1116 TCPIP6 - ok
09:39:55.0420 1116 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:39:55.0420 1116 tcpipreg - ok
09:39:55.0436 1116 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:39:55.0436 1116 TDPIPE - ok
09:39:55.0452 1116 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:39:55.0452 1116 TDTCP - ok
09:39:55.0467 1116 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:39:55.0483 1116 tdx - ok
09:39:55.0483 1116 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:39:55.0483 1116 TermDD - ok
09:39:55.0498 1116 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
09:39:55.0514 1116 TermService - ok
09:39:55.0514 1116 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:39:55.0530 1116 Themes - ok
09:39:55.0545 1116 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:39:55.0545 1116 THREADORDER - ok
09:39:55.0561 1116 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:39:55.0561 1116 TrkWks - ok
09:39:55.0592 1116 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:39:55.0592 1116 TrustedInstaller - ok
09:39:55.0592 1116 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:39:55.0592 1116 tssecsrv - ok
09:39:55.0608 1116 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:39:55.0608 1116 TsUsbFlt - ok
09:39:55.0623 1116 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:39:55.0623 1116 TsUsbGD - ok
09:39:55.0639 1116 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:39:55.0639 1116 tunnel - ok
09:39:55.0654 1116 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:39:55.0654 1116 uagp35 - ok
09:39:55.0670 1116 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:39:55.0670 1116 udfs - ok
09:39:55.0686 1116 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:39:55.0686 1116 UI0Detect - ok
09:39:55.0686 1116 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:39:55.0686 1116 uliagpkx - ok
09:39:55.0701 1116 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:39:55.0701 1116 umbus - ok
09:39:55.0701 1116 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
09:39:55.0701 1116 UmPass - ok
09:39:55.0717 1116 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:39:55.0717 1116 upnphost - ok
09:39:55.0732 1116 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:39:55.0732 1116 usbccgp - ok
09:39:55.0748 1116 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:39:55.0748 1116 usbcir - ok
09:39:55.0748 1116 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:39:55.0748 1116 usbehci - ok
09:39:55.0764 1116 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:39:55.0779 1116 usbhub - ok
09:39:55.0795 1116 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:39:55.0795 1116 usbohci - ok
09:39:55.0810 1116 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:39:55.0810 1116 usbprint - ok
09:39:55.0857 1116 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
09:39:55.0857 1116 usbscan - ok
09:39:55.0857 1116 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:39:55.0857 1116 USBSTOR - ok
09:39:55.0888 1116 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:39:55.0888 1116 usbuhci - ok
09:39:55.0888 1116 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:39:55.0888 1116 UxSms - ok
09:39:55.0904 1116 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
09:39:55.0904 1116 VaultSvc - ok
09:39:55.0920 1116 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:39:55.0920 1116 vdrvroot - ok
09:39:55.0935 1116 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
09:39:55.0935 1116 vds - ok
09:39:55.0935 1116 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:39:55.0935 1116 vga - ok
09:39:55.0951 1116 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:39:55.0951 1116 VgaSave - ok
09:39:55.0951 1116 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:39:55.0966 1116 vhdmp - ok
09:39:55.0982 1116 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
09:39:55.0982 1116 viaide - ok
09:39:55.0982 1116 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:39:55.0982 1116 volmgr - ok
09:39:55.0998 1116 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:39:55.0998 1116 volmgrx - ok
09:39:56.0013 1116 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:39:56.0013 1116 volsnap - ok
09:39:56.0013 1116 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:39:56.0013 1116 vsmraid - ok
09:39:56.0044 1116 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
09:39:56.0076 1116 VSS - ok
09:39:56.0076 1116 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:39:56.0076 1116 vwifibus - ok
09:39:56.0091 1116 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:39:56.0091 1116 W32Time - ok
09:39:56.0091 1116 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:39:56.0107 1116 WacomPen - ok
09:39:56.0107 1116 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:39:56.0107 1116 WANARP - ok
09:39:56.0107 1116 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:39:56.0107 1116 Wanarpv6 - ok
09:39:56.0185 1116 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:39:56.0200 1116 WatAdminSvc - ok
09:39:56.0216 1116 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
09:39:56.0247 1116 wbengine - ok
09:39:56.0263 1116 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:39:56.0263 1116 WbioSrvc - ok
09:39:56.0278 1116 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:39:56.0278 1116 wcncsvc - ok
09:39:56.0294 1116 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:39:56.0294 1116 WcsPlugInService - ok
09:39:56.0294 1116 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
09:39:56.0310 1116 Wd - ok
09:39:56.0325 1116 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
09:39:56.0341 1116 WDC_SAM - ok
09:39:56.0356 1116 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:39:56.0356 1116 Wdf01000 - ok
09:39:56.0372 1116 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:39:56.0372 1116 WdiServiceHost - ok
09:39:56.0372 1116 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:39:56.0372 1116 WdiSystemHost - ok
09:39:56.0388 1116 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
09:39:56.0388 1116 WebClient - ok
09:39:56.0388 1116 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:39:56.0388 1116 Wecsvc - ok
09:39:56.0403 1116 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:39:56.0403 1116 wercplsupport - ok
09:39:56.0419 1116 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:39:56.0419 1116 WerSvc - ok
09:39:56.0434 1116 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:39:56.0434 1116 WfpLwf - ok
09:39:56.0466 1116 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:39:56.0466 1116 WimFltr - ok
09:39:56.0481 1116 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:39:56.0481 1116 WIMMount - ok
09:39:56.0481 1116 WinDefend - ok
09:39:56.0481 1116 WinHttpAutoProxySvc - ok
09:39:56.0528 1116 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:39:56.0528 1116 Winmgmt - ok
09:39:56.0559 1116 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
09:39:56.0590 1116 WinRM - ok
09:39:56.0606 1116 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:39:56.0622 1116 Wlansvc - ok
09:39:56.0653 1116 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:39:56.0653 1116 wlcrasvc - ok
09:39:56.0700 1116 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:39:56.0731 1116 wlidsvc - ok
09:39:56.0731 1116 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:39:56.0731 1116 WmiAcpi - ok
09:39:56.0746 1116 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:39:56.0762 1116 wmiApSrv - ok
09:39:56.0762 1116 WMPNetworkSvc - ok
09:39:56.0793 1116 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:39:56.0793 1116 WPCSvc - ok
09:39:56.0809 1116 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:39:56.0809 1116 WPDBusEnum - ok
09:39:56.0824 1116 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:39:56.0824 1116 ws2ifsl - ok
09:39:56.0840 1116 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
09:39:56.0840 1116 wscsvc - ok
09:39:56.0840 1116 WSearch - ok
09:39:56.0902 1116 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:39:56.0934 1116 wuauserv - ok
09:39:56.0949 1116 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:39:56.0949 1116 WudfPf - ok
09:39:56.0965 1116 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:39:56.0965 1116 WUDFRd - ok
09:39:56.0980 1116 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:39:56.0980 1116 wudfsvc - ok
09:39:56.0996 1116 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:39:57.0012 1116 WwanSvc - ok
09:39:57.0012 1116 ================ Scan global ===============================
09:39:57.0027 1116 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:39:57.0043 1116 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:39:57.0058 1116 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
09:39:57.0074 1116 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:39:57.0074 1116 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:39:57.0074 1116 [Global] - ok
09:39:57.0074 1116 ================ Scan MBR ==================================
09:39:57.0090 1116 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:39:57.0355 1116 \Device\Harddisk0\DR0 - ok
09:39:57.0355 1116 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:39:58.0026 1116 \Device\Harddisk1\DR1 - ok
09:39:58.0026 1116 [ 66D0B28C8B44E531D0C19F436252ABAA ] \Device\Harddisk7\DR7
09:39:58.0244 1116 \Device\Harddisk7\DR7 - ok
09:39:58.0244 1116 ================ Scan VBR ==================================
09:39:58.0244 1116 [ CCE9EBC8901812502EC9BF865CF234E6 ] \Device\Harddisk0\DR0\Partition1
09:39:58.0244 1116 \Device\Harddisk0\DR0\Partition1 - ok
09:39:58.0260 1116 [ 8D5F512A1BC2C0453AF709A5EF5422B7 ] \Device\Harddisk0\DR0\Partition2
09:39:58.0260 1116 \Device\Harddisk0\DR0\Partition2 - ok
09:39:58.0260 1116 [ 2BBFB991DD0348D7FDEF78F92BB50C9A ] \Device\Harddisk1\DR1\Partition1
09:39:58.0260 1116 \Device\Harddisk1\DR1\Partition1 - ok
09:39:58.0260 1116 [ 6BB9C975CBA662BA9CDB9077DFECA104 ] \Device\Harddisk1\DR1\Partition2
09:39:58.0260 1116 \Device\Harddisk1\DR1\Partition2 - ok
09:39:58.0260 1116 [ 9CE00A666DB261285151E0BE7CDBF98C ] \Device\Harddisk7\DR7\Partition1
09:39:58.0275 1116 \Device\Harddisk7\DR7\Partition1 - ok
09:39:58.0275 1116 ============================================================
09:39:58.0275 1116 Scan finished
09:39:58.0275 1116 ============================================================
09:39:58.0275 1504 Detected object count: 0
09:39:58.0275 1504 Actual detected object count: 0

#6 4theHorde

4theHorde
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 16 September 2012 - 11:51 AM

I'll be running the next scan as soon as I can today.

#7 4theHorde

4theHorde
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 16 September 2012 - 12:03 PM

Here are the results of my MBAM quick scan.
Malwarebytes Anti-Malware (PRO) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.16.07

Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Joshua :: JOSHUA-PC [administrator]

Protection: Disabled

9/16/2012 9:54:42 AM
mbam-log-2012-09-16 (09-54-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 238277
Time elapsed: 2 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:10 AM

Posted 16 September 2012 - 03:52 PM

Hi,are you certain it was Accuweather and not Windows updating?

Lets look at this..
Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed



Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 4theHorde

4theHorde
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 16 September 2012 - 06:19 PM

The updates that locked up were the windows updates, but the accuweather app on the desktop was the first indication of lost connection. I'm running the two other scans you gave me now and will post the logs as soon as I finish them.

#10 4theHorde

4theHorde
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 16 September 2012 - 06:27 PM

Here is the result of the MiniToolBox scan.

MiniToolBox by Farbar Version: 23-07-2012
Ran by Joshua (administrator) on 16-09-2012 at 16:23:31
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Joshua-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : socal.rr.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : socal.rr.com
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : D4-BE-D9-91-73-71
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::939:6787:149f:78f5%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.196(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, September 16, 2012 4:16:57 PM
Lease Expires . . . . . . . . . . : Monday, September 17, 2012 4:16:57 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 248823513
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-EB-1F-2B-D4-BE-D9-91-73-71
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.socal.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 2001:4860:4007:801::1006
74.125.239.8
74.125.239.9
74.125.239.14
74.125.239.0
74.125.239.1
74.125.239.2
74.125.239.3
74.125.239.4
74.125.239.5
74.125.239.6
74.125.239.7


Pinging google.com [74.125.224.192] with 32 bytes of data:
Reply from 74.125.224.192: bytes=32 time=11ms TTL=55
Reply from 74.125.224.192: bytes=32 time=11ms TTL=55

Ping statistics for 74.125.224.192:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 11ms, Average = 11ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=343ms TTL=53
Reply from 72.30.38.140: bytes=32 time=173ms TTL=53

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 173ms, Maximum = 343ms, Average = 258ms
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.0.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
11...d4 be d9 91 73 71 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.196 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.196 266
192.168.0.196 255.255.255.255 On-link 192.168.0.196 266
192.168.0.255 255.255.255.255 On-link 192.168.0.196 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.196 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.196 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
11 266 fe80::/64 On-link
11 266 fe80::939:6787:149f:78f5/128
On-link
1 306 ff00::/8 On-link
11 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/16/2012 04:18:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2012 10:08:04 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/16/2012 09:36:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2012 01:58:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/15/2012 11:22:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/09/2012 01:26:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/09/2012 01:26:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/09/2012 00:58:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/05/2012 02:18:26 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/05/2012 02:08:30 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.62.0.87 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1980

Start Time: 01cd8b8d9ae4e11d

Termination Time: 60000

Application Path: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

Report Id: 7fde7527-f79d-11e1-b1bb-d4bed9917371


System errors:
=============
Error: (09/16/2012 04:17:58 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (09/16/2012 04:17:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/16/2012 04:17:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/16/2012 04:17:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/16/2012 04:17:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/16/2012 04:17:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/16/2012 04:17:57 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (09/16/2012 04:17:57 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (09/16/2012 04:17:57 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (09/16/2012 04:17:56 PM) (Source: DCOM) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
Add or Remove Adobe Creative Suite 3 Design Premium (Version: 1.0)
Adobe Acrobat 8 Professional (Version: 8.0.0)
Adobe Anchor Service CS3 (Version: 1.0)
Adobe Asset Services CS3 (Version: 3)
Adobe Bridge CS3 (Version: 2)
Adobe Bridge Start Meeting (Version: 1.0)
Adobe BridgeTalk Plugin CS3 (Version: 1.0)
Adobe Camera Raw 4.0 (Version: 4.0)
Adobe CMaps (Version: 1.0)
Adobe Color - Photoshop Specific (Version: 1.0)
Adobe Color Common Settings (Version: 1.0)
Adobe Color EU Extra Settings (Version: 1.0)
Adobe Color JA Extra Settings (Version: 1.0)
Adobe Color NA Recommended Settings (Version: 1.0)
Adobe Default Language CS3 (Version: 1.0)
Adobe Device Central CS3 (Version: 1.0)
Adobe Dreamweaver CS3 (Version: 9)
Adobe ExtendScript Toolkit 2 (Version: 2.0)
Adobe Extension Manager CS3 (Version: 1.8)
Adobe Flash CS3 (Version: 9.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 9 Plugin (Version: 9.0.45.0)
Adobe Flash Video Encoder (Version: 2.0)
Adobe Fonts All (Version: 1.0)
Adobe Help Viewer CS3 (Version: 1)
Adobe Illustrator CS3 (Version: 13.0)
Adobe InDesign CS3 (Version: 5.0)
Adobe InDesign CS3 Icon Handler (Version: 5.0)
Adobe Linguistics CS3 (Version: 3.0.0)
Adobe MotionPicture Color Files (Version: 1.0)
Adobe PDF Library Files (Version: 8.0)
Adobe Photoshop CS3 (Version: 10)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Setup (Version: 1.0)
Adobe SING CS3 (Version: 0.1)
Adobe Stock Photos CS3 (Version: 1.5)
Adobe Type Support (Version: 1.0)
Adobe Update Manager CS3 (Version: 5.1.0)
Adobe Version Cue CS3 Client (Version: 3)
Adobe Version Cue CS3 Server (Version: 3.0)
Adobe WAS CS3 (Version: 1.0)
Adobe WinSoft Linguistics Plugin (Version: 1.0)
Adobe XMP Panels CS3 (Version: 1.0)
AHV content for Acrobat and Flash (Version: 1)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Canon MX880 series MP Drivers
Catalyst Control Center InstallProxy (Version: 2011.0628.2340.40663)
Consumer In-Home Service Agreement (Version: 2.0.0)
CyberLink PowerDVD 9.5 (Version: 9.5.1.4418)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 9.4.61)
Dell DataSafe Local Backup (Version: 9.4.61)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell MusicStage (Version: 1.6.225.0)
Dell PhotoStage (Version: 1.5.0.65)
Dell Stage (Version: 1.7.209.0)
Dell Support Center (Version: 3.2.6032.55)
Dell VideoStage (Version: 1.2.0.1719)
DirectX 9 Runtime (Version: 1.00.0000)
Google Chrome (Version: 21.0.1180.89)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.123)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Rapid Storage Technology (Version: 10.6.0.1002)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 1 (64-bit) (Version: 7.0.10)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Internet Security 2012 (Version: 12.0.0.374)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Multimedia Card Reader (Version: 1.7.915.93)
NVIDIA 3D Vision Controller Driver 301.42 (Version: 301.42)
NVIDIA 3D Vision Driver 301.42 (Version: 301.42)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA HD Audio Driver 1.3.16.0 (Version: 1.3.16.0)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.0142)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
PDF Settings (Version: 1.0)
PhotoShowExpress (Version: 2.0.063)
RBVirtualFolder64Inst (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.6141)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SUPERAntiSpyware (Version: 5.5.1016)
THX TruStudio PC (Version: 1.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Wizard101 (Version: 1.0.0)
World of Warcraft (Version: 4.3.3.15354)

========================= Memory info: ===================================

Percentage of memory in use: 7%
Total physical RAM: 16366.45 MB
Available physical RAM: 15196.93 MB
Total Pagefile: 32731.08 MB
Available Pagefile: 31582.02 MB
Total Virtual: 4095.88 MB
Available Virtual: 3974.89 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:918.22 GB) (Free:797.78 GB) NTFS
3 Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
4 Drive f: () (Fixed) (Total:1397.17 GB) (Free:1271.53 GB) NTFS
10 Drive l: (KINGSTON) (Removable) (Total:3.74 GB) (Free:3.61 GB) FAT32

========================= Users: ========================================

User accounts for \\JOSHUA-PC

Administrator Guest Joshua
UpdatusUser


**** End of log ****

#11 4theHorde

4theHorde
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 16 September 2012 - 06:37 PM

I double clicked the aswMBR to scan my computer and got a popup box. It reads:

aswMBR
This application can use the Avast! Free Antivirus for scanning.
It is recommended to download it for better detection results.
Would you like to download latest Avast! virus definitions?
Yes No

Is this just a simple advertising ploy or should I actually download this to get an accurate scan?

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:10 AM

Posted 16 September 2012 - 06:57 PM

Hi
aswMBR does not need the definitions to run, so you can safely click now. However if you click yes, it will not install Avast, but merely download the definitions and aswmbr will run a scan with it.
The only difference is the download volume: aswmbr.exe is roughly 4.5Mb now and the definitions are over 50Mb, so we usually advise to click no.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 4theHorde

4theHorde
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 16 September 2012 - 07:38 PM

Here is the log from aswMBR. I hope we're about there. :)

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-16 16:29:57
-----------------------------
16:29:57.349 OS Version: Windows x64 6.1.7601 Service Pack 1
16:29:57.349 Number of processors: 8 586 0x2A07
16:29:57.349 ComputerName: JOSHUA-PC UserName: Joshua
16:30:02.622 Initialize success
17:31:30.967 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:31:30.967 Disk 0 Vendor: ST310005 JC4A Size: 953869MB BusType: 3
17:31:30.967 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
17:31:30.967 Disk 1 Vendor: WDC_WD15 01.0 Size: 1430799MB BusType: 3
17:31:30.983 Disk 0 MBR read successfully
17:31:30.983 Disk 0 MBR scan
17:31:30.983 Disk 0 Windows VISTA default MBR code
17:31:30.983 Disk 0 Partition 1 00 DE Dell Utility DELL 4.1 39 MB offset 63
17:31:30.999 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 13568 MB offset 81920
17:31:30.999 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 940260 MB offset 27869184
17:31:31.014 Disk 0 scanning C:\Windows\system32\drivers
17:31:35.881 Service scanning
17:31:44.352 Modules scanning
17:31:44.352 Disk 0 trace - called modules:
17:31:44.368 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
17:31:44.368 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800ffce790]
17:31:44.368 3 CLASSPNP.SYS[fffff8800205143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800db85050]
17:31:44.368 Scan finished successfully
17:36:17.165 Disk 0 MBR has been saved successfully to "C:\Users\Joshua\Desktop\MBR.dat"
17:36:17.181 The log file has been saved successfully to "C:\Users\Joshua\Desktop\aswMBR.txt"

#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:10 AM

Posted 16 September 2012 - 07:43 PM

Rats! It's not showing here.. we need stronger tools,a deeper look and you need to make a new topic.
You can link back to here.

Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 4theHorde

4theHorde
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:10 AM

Posted 16 September 2012 - 09:09 PM

I followed the instructions you gave me and got the DDS and Attach logs. GMER didn't come up with anything, but I also couldn't check everything listed in the image example. I created the thread Topic: Passed on from "Am I infected? What do I do?" (Topic was Virus and hacked account) Forum: Virus, Trojan, Spyware, and Malware Removal Logs. I hope this is what you wanted me to do. Is someone else going to be working with me now? If so thank you so much for being patient and working with me.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users