Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Major Computer Issues PLEASE HELP


  • This topic is locked This topic is locked
12 replies to this topic

#1 senck

senck

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 03 June 2012 - 08:06 PM

MY COMPUTER DETAILS

-Windows 7 Home Premium
-Service Pack 1
-Gateway ZX6900
-Intel® Core™ i3CPU 530@2.9GHz 2.93GHz
-4GB (3.80 GB usable)
-64-bit Operating System
-Internet Explorer 9
-Computer Name: PrivatePC
-Computer Description: Private
-Workgroup: ************
-Security Programs: Miscrosoft Security Essentials, Malwarebytes, CCleaner

MY COMPUTER ISSUES

1) Google is homepage, but whenever I click on a search result, I am redirected.

2) Under Computer, then Gateway (c:), I have the following folders listed and all have a + beside them to expand to other folders:
a) Program Files
b) Program Files (x86)
c) Windows- under this folder there is a System 32 folder AND a SysWOW64 folder

3) Under Users, it lists the following accounts:(the only accounts I actually have to log into are a) ****Family AND B) Guest) which are below...
a) ****Family (with + by it)
b) ****Family Standard (with + by it)
c) Guest
d) Mcx1-****Family-PC (it has 2 programs in it)

4) When I right click A PROGRAM, click "Properties" and then "Compatibilty", it shows one of the following three scenarios: 1. A check mark in compatibility mode box and Windows Server 2008 (Service Pack 1) chosen, OR 2. A check mark in compatibility mode box and Windows 7 chosen, OR 3. There is no check mark in the compatibility mode box and has Windows XP (Service Pack 3) in the box and grayed-out.

5) Sometimes, Programs I select or links I click on will not run

6) I often get a box pop up that says "something caused internet explorer to close" OR "reopen"

Can anyone PLEASE HELP ME FIX THIS? With the redirect issue, I don't trust any website I go to for help. I am lost and it's killing me because I work from home. ANY ADVICE IS GREATLY APPRECIATED!!!

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 AM

Posted 03 June 2012 - 09:00 PM

Hello and welcome.
please do these next.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


>>>
Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).


>>>>
Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).



Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 senck

senck
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 03 June 2012 - 09:32 PM

Going to do it all now. Thank You!

#4 senck

senck
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 04 June 2012 - 06:35 PM

The very first instruction was to download minitoolbox. However, the URL the link goes to is- http://www.bleepingcomputer.com/download/minitoolbox/dl/65/ -which is no longer working.

#5 senck

senck
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 04 June 2012 - 07:03 PM

I downloaded the minitoolbox from bleepingcomputer.com's downloads page. Here is the minitoolbox log:

MiniToolBox by Farbar Version: 04-06-2012
Ran by **** Family (administrator) on 04-06-2012 at 18:53:07
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

802.11n Wireless LAN Card = Wireless Network Connection (Connected)
Intel® 82578DC Gigabit Network Connection = Time Warner Connection

(Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2

(Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64 icmpredirects=enabled
set interface interface="Wireless Network Connection" forwarding=disabled

advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled

routerdiscovery=disabled managedaddress=disabled otherstateful=disabled

weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled

advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0

forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Time Warner Connection" forwarding=disabled

advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled

routerdiscovery=disabled managedaddress=disabled otherstateful=disabled

weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled

advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0

forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 2" forwarding=disabled

advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled

routerdiscovery=disabled managedaddress=disabled otherstateful=disabled

weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled

advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0

forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : PrivatePC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport

Adapter
Physical Address. . . . . . . . . : 70-F1-A1-61-55-8B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 802.11n Wireless LAN Card
Physical Address. . . . . . . . . : 70-F1-A1-61-55-8A
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a9c4:221d:2e60:9680%10

(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, June 04, 2012 5:40:26 PM
Lease Expires . . . . . . . . . . : Tuesday, June 05, 2012 5:40:26 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 191896068
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-75-ED-77-C8-0A-A9-7D-

AA-FC
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{02F5CC2E-66F5-4181-BDEC-24EA3F252B56}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:104a:2df5:3f57:fefa

(Preferred)
Link-local IPv6 Address . . . . . : fe80::104a:2df5:3f57:fefa%12

(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 74.125.227.142
74.125.227.128
74.125.227.129
74.125.227.130
74.125.227.131
74.125.227.132
74.125.227.133
74.125.227.134
74.125.227.135
74.125.227.136
74.125.227.137


Pinging google.com [74.125.227.36] with 32 bytes of data:
Reply from 74.125.227.36: bytes=32 time=647ms TTL=53
Reply from 74.125.227.36: bytes=32 time=669ms TTL=53

Ping statistics for 74.125.227.36:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 647ms, Maximum = 669ms, Average = 658ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=827ms TTL=51
Reply from 72.30.38.140: bytes=32 time=375ms TTL=51

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 375ms, Maximum = 827ms, Average = 601ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
16...70 f1 a1 61 55 8b ......Microsoft Virtual WiFi Miniport Adapter
10...70 f1 a1 61 55 8a ......802.11n Wireless LAN Card
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
15...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.5 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.5 281
192.168.1.5 255.255.255.255 On-link 192.168.1.5 281
192.168.1.255 255.255.255.255 On-link 192.168.1.5 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.5 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:4137:9e76:104a:2df5:3f57:fefa/128
On-link
10 281 fe80::/64 On-link
12 306 fe80::/64 On-link
12 306 fe80::104a:2df5:3f57:fefa/128
On-link
10 281 fe80::a9c4:221d:2e60:9680/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries

=====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows

Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows

Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft

Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft

Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft

Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft

Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live

\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft

Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft

Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft

Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft

Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft

Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft

Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft

Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft

Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft

Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft

Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft

Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft

Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (06/04/2012 10:41:54 AM) (Source: ESENT) (User: )
Description: Windows (3384) Windows: Unable to write a shadowed header for

file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk.

Error -1032.

Error: (06/04/2012 10:41:54 AM) (Source: ESENT) (User: )
Description: Windows (3384) Windows: An attempt to open the file "C:

\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read /

write access failed with system error 32 (0x00000020): "The process cannot

access the file because it is being used by another process. ". The open

file operation will fail with error -1032 (0xfffffbf8).

Error: (06/04/2012 10:38:24 AM) (Source: ESENT) (User: )
Description: Windows (3384) Windows: Unable to write a shadowed header for

file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk.

Error -1032.

Error: (06/04/2012 10:38:24 AM) (Source: ESENT) (User: )
Description: Windows (3384) Windows: An attempt to open the file "C:

\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read /

write access failed with system error 32 (0x00000020): "The process cannot

access the file because it is being used by another process. ". The open

file operation will fail with error -1032 (0xfffffbf8).

Error: (06/04/2012 10:38:03 AM) (Source: ESENT) (User: )
Description: Windows (3384) Windows: Unable to write a shadowed header for

file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk.

Error -1032.

Error: (06/04/2012 10:38:03 AM) (Source: ESENT) (User: )
Description: Windows (3384) Windows: An attempt to open the file "C:

\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read /

write access failed with system error 32 (0x00000020): "The process cannot

access the file because it is being used by another process. ". The open

file operation will fail with error -1032 (0xfffffbf8).

Error: (06/04/2012 10:37:40 AM) (Source: ESENT) (User: )
Description: Windows (3384) Windows: Unable to write a shadowed header for

file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk.

Error -1032.

Error: (06/04/2012 10:37:40 AM) (Source: ESENT) (User: )
Description: Windows (3384) Windows: An attempt to open the file "C:

\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read /

write access failed with system error 32 (0x00000020): "The process cannot

access the file because it is being used by another process. ". The open

file operation will fail with error -1032 (0xfffffbf8).

Error: (06/03/2012 11:00:10 PM) (Source: Application Error) (User: )
Description: Faulting application name: EXCEL.EXE, version: 12.0.6661.5000,

time stamp: 0x4f7cda6d
Faulting module name: EXCEL.EXE, version: 12.0.6661.5000, time stamp:

0x4f7cda6d
Exception code: 0xc0000005
Fault offset: 0x00013246
Faulting process id: 0xe9c
Faulting application start time: 0xEXCEL.EXE0
Faulting application path: EXCEL.EXE1
Faulting module path: EXCEL.EXE2
Report Id: EXCEL.EXE3

Error: (06/03/2012 11:33:13 AM) (Source: ESENT) (User: )
Description: Windows (3604) Windows: The database engine stopped the

instance (0) with error (-510).


System errors:
=============
Error: (06/04/2012 05:40:29 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following

error:
%%126

Error: (06/04/2012 03:17:26 PM) (Source: Microsoft-Windows-DNS-Client)

(User: NETWORK SERVICE)
Description: There was an error while attempting to read the local hosts

file.

Error: (06/04/2012 03:02:35 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following

error:
%%126

Error: (06/04/2012 02:51:22 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following

error:
%%126

Error: (06/04/2012 02:50:06 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following

error:
%%126

Error: (06/04/2012 02:50:03 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following

error:
%%126

Error: (06/04/2012 02:50:00 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following

error:
%%126

Error: (06/04/2012 02:49:57 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following

error:
%%126

Error: (06/04/2012 02:49:54 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following

error:
%%126

Error: (06/04/2012 02:49:51 PM) (Source: Service Control Manager) (User: )
Description: The Windows Defender service terminated with the following

error:
%%126


Microsoft Office Sessions:
=========================
Error: (05/29/2012 09:15:05 PM) (Source: Microsoft Office 12 Sessions)(User:

)
Description: ID: 0, Application Name: Microsoft Office Word, Application

Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This

session lasted 37168 seconds with 13860 seconds of active time. This

session ended with a crash.

Error: (05/21/2012 09:17:11 PM) (Source: Microsoft Office 12 Sessions)(User:

)
Description: ID: 1, Application Name: Microsoft Office Excel, Application

Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This

session lasted 13009 seconds with 0 seconds of active time. This session

ended with a crash.

Error: (05/08/2012 00:13:33 PM) (Source: Microsoft Office 12 Sessions)(User:

)
Description: ID: 1, Application Name: Microsoft Office Excel, Application

Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This

session lasted 8562 seconds with 660 seconds of active time. This session

ended with a crash.

Error: (04/24/2012 08:47:04 PM) (Source: Microsoft Office 12 Sessions)(User:

)
Description: ID: 1, Application Name: Microsoft Office Excel, Application

Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This

session lasted 5494 seconds with 1620 seconds of active time. This session

ended with a crash.

Error: (04/16/2012 08:05:12 AM) (Source: Microsoft Office 12 Sessions)(User:

)
Description: ID: 1, Application Name: Microsoft Office Excel, Application

Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6612.1000. This

session lasted 350 seconds with 120 seconds of active time. This session

ended with a crash.

Error: (03/24/2012 09:44:08 PM) (Source: Microsoft Office 12 Sessions)(User:

)
Description: ID: 0, Application Name: Microsoft Office Word, Application

Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This

session lasted 23 seconds with 0 seconds of active time. This session ended

with a crash.

Error: (03/24/2012 09:43:20 PM) (Source: Microsoft Office 12 Sessions)(User:

)
Description: ID: 0, Application Name: Microsoft Office Word, Application

Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This

session lasted 568 seconds with 480 seconds of active time. This session

ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe AIR (Version: 3.2.0.2070)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.63)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.63)
Adobe Illustrator CS5.1 (Version: 15.1)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Advertising Center (Version: 0.0.0.2)
aioscnnr (Version: 7.3.4.0)
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
AVG 2012 (Version: 12.0.2178)
Bejeweled 2 Deluxe (Version: 2.2.0.82)
Blackhawk Striker 2 (Version: 2.2.0.82)
Bob the Builder Can-Do-Zoo (Version: 2.2.0.82)
Bonjour (Version: 3.0.0.10)
Build-a-lot 2 (Version: 2.2.0.82)
CCleaner (Version: 3.19)
center (Version: 6.2.5.0)
Classic Menu for Office 2007 v6.80 (Version: 6.80)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink PowerCinema (Version: 7.0.3929)
CyberLink PowerCinema Movie (Version: 9.0.6326)
CyberLink Touch Browser (Version: 1.0.0224)
CyberLink YouCam (Version: 3.0.2624)
D3DX10 (Version: 15.4.2368.0902)
Escape Rosecliff Island (Version: 2.2.0.82)
essentials (Version: 6.0.14.0)
Exl-Plan Free
Faerie Solitaire (Version: 2.2.0.82)
FATE - The Traitor Soul (Version: 2.2.0.82)
Gateway Game Console
Gateway Games (Version: 1.0.0.80)
Gateway InfoCentre (Version: 3.02.3000)
Gateway Recovery Management (Version: 4.05.3007)
Gateway Registration (Version: 1.02.3006)
Gateway ScreenSaver (Version: 1.2.0811)
Gateway Touch Suite (Version: 2.00.3003)
Gateway Updater (Version: 1.02.3001)
Google Update Helper (Version: 1.3.21.111)
HP Photosmart Essential 3.5 (Version: 3.5)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.04.0000)
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.04.0000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
hpphotosmartdisclabelplugin (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
Identity Card (Version: 1.00.3003)
ImagXpress (Version: 7.0.74.0)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2092)
Intel® Management Engine Components (Version: 6.0.0.1179)
ITE Infrared Transceiver (Version: 1.00.0000)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
Jewel Quest Solitaire 3 (Version: 2.2.0.82)
Junk Mail filter update (Version: 15.4.3502.0922)
Kodak AIO Printer (Version: 7.3.4.0)
KODAK AiO Software (Version: 7.3.8.20)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version:

12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version:

12.0.6612.1000)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Online Services Sign-in Assistant (Version: 7.250.4287.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Touch Pack for Windows 7 (Version: 1.0.40517.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version:

8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version:

8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

(Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

(Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version:

9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version:

9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version:

9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version:

9.0.30729.6161)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Monopoly (Version: 2.2.0.82)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery P.I. - Lost in Los Angeles (Version: 2.2.0.82)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.13.100)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.12.100)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.6.2.101)
Nero InfoTool (Version: 6.4.12.100)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.9.0)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.37.100)
Nero StartSmart Help (Version: 9.4.27.100)
Nero StartSmart OEM (Version: 9.4.10.100)
NeroExpress (Version: 9.4.33.100)
neroxml (Version: 1.0.0)
ocr (Version: 6.2.3.50)
PDF Settings CS5 (Version: 10.0)
Penguins! (Version: 2.2.0.82)
PhotoScape
Plants vs. Zombies (Version: 2.2.0.82)
Polar Bowler (Version: 2.2.0.82)
Polar Golfer (Version: 2.2.0.82)
PreReq (Version: 6.2.3.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6051)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30113)
Scrabble Plus (Version: 2.2.0.82)
The Price is Right (Version: 2.2.0.82)
THX TruStudio PC (Version: 1.0)
TouchSettings (Version: 1.00.0005)
TurboTax 2009
TurboTax 2009 WinPerFedFormset (Version: 009.000.2881)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0245)
TurboTax 2009 wrapper (Version: 009.000.0145)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version:

1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version:

1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version:

1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version:

1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-

Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Virtual Earth 3D (Beta) (Version: 4.0.903.16005)
Virtual Families (Version: 2.2.0.82)
Virtual Villagers - A New Home (Version: 2.2.0.82)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
Welcome Center (Version: 1.00.3013)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version:

15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahtzee (Version: 2.2.0.82)
Zuma Deluxe (Version: 2.2.0.82)

========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 3895.11 MB
Available physical RAM: 2045.18 MB
Total Pagefile: 7788.42 MB
Available Pagefile: 5883.68 MB
Total Virtual: 4095.88 MB
Available Virtual: 3979.13 MB

========================= Partitions: =====================================

1 Drive c: (Gateway) (Fixed) (Total:581.07 GB) (Free:400.45 GB) NTFS

========================= Users: ========================================

User accounts for \\PRIVATEPC

Administrator **** Family Guest
Mcx1-****FAMILY-PC


**** End of log ****

#6 senck

senck
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 04 June 2012 - 07:14 PM

Here is GooredFix Log:

GooredFix by jpshortstuff (03.07.10.1)
Log created at 19:12 on 04/06/2012 (**** Family)
Firefox version [Unable to determine]

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
(none)

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{F53C93F1-07D5-430c-86D4-C9531B27DFAF}"="C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\" [04:59 27/05/2012]

---------- Old Logs ----------
GooredFix[00.12.18_05-06-2012].txt

-=E.O.F=-

#7 senck

senck
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 04 June 2012 - 07:25 PM

TDSSKiller Report:(No detected objects & no reboot needed)

19:18:49.0860 3280 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
19:18:50.0297 3280 ============================================================
19:18:50.0297 3280 Current date / time: 2012/06/04 19:18:50.0297
19:18:50.0297 3280 SystemInfo:
19:18:50.0297 3280
19:18:50.0297 3280 OS Version: 6.1.7601 ServicePack: 1.0
19:18:50.0297 3280 Product type: Workstation
19:18:50.0297 3280 ComputerName: PRIVATEPC
19:18:50.0297 3280 UserName: **** Family
19:18:50.0297 3280 Windows directory: C:\Windows
19:18:50.0297 3280 System windows directory: C:\Windows
19:18:50.0297 3280 Running under WOW64
19:18:50.0297 3280 Processor architecture: Intel x64
19:18:50.0297 3280 Number of processors: 1
19:18:50.0297 3280 Page size: 0x1000
19:18:50.0297 3280 Boot type: Normal boot
19:18:50.0297 3280 ============================================================
19:18:51.0264 3280 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:18:51.0373 3280 ============================================================
19:18:51.0373 3280 \Device\Harddisk0\DR0:
19:18:51.0373 3280 MBR partitions:
19:18:51.0373 3280 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
19:18:51.0373 3280 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x48A25000
19:18:51.0373 3280 ============================================================
19:18:51.0389 3280 C: <-> \Device\Harddisk0\DR0\Partition1
19:18:51.0389 3280 ============================================================
19:18:51.0389 3280 Initialize success
19:18:51.0389 3280 ============================================================
19:19:08.0112 3364 ============================================================
19:19:08.0112 3364 Scan started
19:19:08.0112 3364 Mode: Manual; TDLFS;
19:19:08.0112 3364 ============================================================
19:19:08.0439 3364 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:19:08.0439 3364 1394ohci - ok
19:19:08.0471 3364 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:19:08.0486 3364 ACPI - ok
19:19:08.0517 3364 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:19:08.0517 3364 AcpiPmi - ok
19:19:08.0611 3364 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:19:08.0611 3364 AdobeARMservice - ok
19:19:08.0658 3364 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:19:08.0673 3364 adp94xx - ok
19:19:08.0689 3364 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:19:08.0705 3364 adpahci - ok
19:19:08.0720 3364 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:19:08.0736 3364 adpu320 - ok
19:19:08.0767 3364 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:19:08.0767 3364 AeLookupSvc - ok
19:19:08.0814 3364 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:19:08.0814 3364 AFD - ok
19:19:08.0829 3364 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:19:08.0829 3364 agp440 - ok
19:19:08.0845 3364 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:19:08.0861 3364 ALG - ok
19:19:08.0876 3364 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:19:08.0876 3364 aliide - ok
19:19:08.0892 3364 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:19:08.0892 3364 amdide - ok
19:19:08.0907 3364 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:19:08.0907 3364 AmdK8 - ok
19:19:08.0923 3364 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:19:08.0923 3364 AmdPPM - ok
19:19:08.0939 3364 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:19:08.0939 3364 amdsata - ok
19:19:08.0970 3364 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:19:08.0985 3364 amdsbs - ok
19:19:08.0985 3364 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:19:08.0985 3364 amdxata - ok
19:19:09.0017 3364 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:19:09.0017 3364 AppID - ok
19:19:09.0032 3364 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:19:09.0032 3364 AppIDSvc - ok
19:19:09.0063 3364 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:19:09.0079 3364 Appinfo - ok
19:19:09.0157 3364 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:19:09.0157 3364 Apple Mobile Device - ok
19:19:09.0188 3364 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:19:09.0188 3364 arc - ok
19:19:09.0204 3364 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:19:09.0219 3364 arcsas - ok
19:19:09.0297 3364 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:19:09.0297 3364 aspnet_state - ok
19:19:09.0313 3364 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:19:09.0313 3364 AsyncMac - ok
19:19:09.0313 3364 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:19:09.0313 3364 atapi - ok
19:19:09.0375 3364 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:19:09.0407 3364 AudioEndpointBuilder - ok
19:19:09.0407 3364 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:19:09.0422 3364 AudioSrv - ok
19:19:09.0453 3364 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:19:09.0453 3364 AxInstSV - ok
19:19:09.0500 3364 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:19:09.0500 3364 b06bdrv - ok
19:19:09.0531 3364 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:19:09.0531 3364 b57nd60a - ok
19:19:09.0563 3364 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:19:09.0563 3364 BDESVC - ok
19:19:09.0578 3364 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:19:09.0578 3364 Beep - ok
19:19:09.0641 3364 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:19:09.0672 3364 BFE - ok
19:19:09.0734 3364 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:19:09.0765 3364 BITS - ok
19:19:09.0797 3364 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:19:09.0797 3364 blbdrive - ok
19:19:09.0890 3364 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:19:09.0890 3364 Bonjour Service - ok
19:19:09.0953 3364 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:19:09.0953 3364 bowser - ok
19:19:09.0984 3364 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:19:09.0984 3364 BrFiltLo - ok
19:19:09.0999 3364 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:19:09.0999 3364 BrFiltUp - ok
19:19:10.0031 3364 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
19:19:10.0031 3364 BridgeMP - ok
19:19:10.0077 3364 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:19:10.0093 3364 Browser - ok
19:19:10.0124 3364 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:19:10.0124 3364 Brserid - ok
19:19:10.0140 3364 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:19:10.0140 3364 BrSerWdm - ok
19:19:10.0155 3364 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:19:10.0155 3364 BrUsbMdm - ok
19:19:10.0171 3364 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:19:10.0171 3364 BrUsbSer - ok
19:19:10.0187 3364 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:19:10.0187 3364 BTHMODEM - ok
19:19:10.0218 3364 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:19:10.0218 3364 bthserv - ok
19:19:10.0233 3364 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
19:19:10.0233 3364 BVRPMPR5a64 - ok
19:19:10.0249 3364 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:19:10.0249 3364 cdfs - ok
19:19:10.0296 3364 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:19:10.0311 3364 cdrom - ok
19:19:10.0327 3364 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:19:10.0343 3364 CertPropSvc - ok
19:19:10.0358 3364 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:19:10.0358 3364 circlass - ok
19:19:10.0389 3364 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:19:10.0389 3364 CLFS - ok
19:19:10.0436 3364 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:19:10.0452 3364 clr_optimization_v2.0.50727_32 - ok
19:19:10.0483 3364 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:19:10.0483 3364 clr_optimization_v2.0.50727_64 - ok
19:19:10.0545 3364 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:19:10.0545 3364 clr_optimization_v4.0.30319_32 - ok
19:19:10.0577 3364 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:19:10.0577 3364 clr_optimization_v4.0.30319_64 - ok
19:19:10.0592 3364 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:19:10.0592 3364 CmBatt - ok
19:19:10.0608 3364 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:19:10.0608 3364 cmdide - ok
19:19:10.0655 3364 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:19:10.0655 3364 CNG - ok
19:19:10.0670 3364 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:19:10.0670 3364 Compbatt - ok
19:19:10.0701 3364 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:19:10.0701 3364 CompositeBus - ok
19:19:10.0717 3364 COMSysApp - ok
19:19:10.0733 3364 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:19:10.0733 3364 crcdisk - ok
19:19:10.0764 3364 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:19:10.0779 3364 CryptSvc - ok
19:19:10.0842 3364 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:19:10.0842 3364 DcomLaunch - ok
19:19:10.0873 3364 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:19:10.0889 3364 defragsvc - ok
19:19:10.0920 3364 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:19:10.0935 3364 DfsC - ok
19:19:10.0967 3364 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:19:10.0998 3364 Dhcp - ok
19:19:11.0013 3364 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:19:11.0013 3364 discache - ok
19:19:11.0045 3364 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:19:11.0045 3364 Disk - ok
19:19:11.0076 3364 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:19:11.0107 3364 Dnscache - ok
19:19:11.0138 3364 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:19:11.0138 3364 dot3svc - ok
19:19:11.0169 3364 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
19:19:11.0185 3364 Dot4 - ok
19:19:11.0201 3364 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:19:11.0201 3364 Dot4Print - ok
19:19:11.0216 3364 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
19:19:11.0216 3364 dot4usb - ok
19:19:11.0232 3364 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:19:11.0247 3364 DPS - ok
19:19:11.0263 3364 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:19:11.0263 3364 drmkaud - ok
19:19:11.0341 3364 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:19:11.0341 3364 DXGKrnl - ok
19:19:11.0372 3364 e1kexpress (f369e83f6cdab987ca2dd764278659a6) C:\Windows\system32\DRIVERS\e1k62x64.sys
19:19:11.0388 3364 e1kexpress - ok
19:19:11.0403 3364 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:19:11.0419 3364 EapHost - ok
19:19:11.0591 3364 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:19:11.0637 3364 ebdrv - ok
19:19:11.0715 3364 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:19:11.0731 3364 EFS - ok
19:19:11.0809 3364 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:19:11.0825 3364 ehRecvr - ok
19:19:11.0840 3364 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:19:11.0871 3364 ehSched - ok
19:19:11.0918 3364 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:19:11.0918 3364 elxstor - ok
19:19:11.0934 3364 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:19:11.0934 3364 ErrDev - ok
19:19:11.0996 3364 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:19:11.0996 3364 EventSystem - ok
19:19:12.0043 3364 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:19:12.0043 3364 exfat - ok
19:19:12.0074 3364 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:19:12.0090 3364 fastfat - ok
19:19:12.0152 3364 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:19:12.0168 3364 Fax - ok
19:19:12.0168 3364 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:19:12.0183 3364 fdc - ok
19:19:12.0183 3364 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:19:12.0215 3364 fdPHost - ok
19:19:12.0230 3364 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:19:12.0246 3364 FDResPub - ok
19:19:12.0261 3364 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:19:12.0261 3364 FileInfo - ok
19:19:12.0277 3364 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:19:12.0277 3364 Filetrace - ok
19:19:12.0293 3364 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:19:12.0293 3364 flpydisk - ok
19:19:12.0339 3364 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:19:12.0339 3364 FltMgr - ok
19:19:12.0417 3364 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:19:12.0449 3364 FontCache - ok
19:19:12.0511 3364 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:19:12.0511 3364 FontCache3.0.0.0 - ok
19:19:12.0527 3364 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:19:12.0527 3364 FsDepends - ok
19:19:12.0558 3364 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
19:19:12.0558 3364 fssfltr - ok
19:19:12.0667 3364 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:19:12.0683 3364 fsssvc - ok
19:19:12.0776 3364 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:19:12.0776 3364 Fs_Rec - ok
19:19:12.0807 3364 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:19:12.0823 3364 fvevol - ok
19:19:12.0839 3364 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:19:12.0839 3364 gagp30kx - ok
19:19:12.0870 3364 GameConsoleService (6858c318e8daa40e747e6fb9b214e104) C:\Program Files (x86)\Gateway Games\Gateway Game Console\GameConsoleService.exe
19:19:12.0885 3364 GameConsoleService - ok
19:19:12.0901 3364 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:19:12.0901 3364 GEARAspiWDM - ok
19:19:12.0979 3364 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:19:13.0010 3364 gpsvc - ok
19:19:13.0104 3364 Greg_Service (816fd5a6f3c2f3d600900096632fc60e) C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe
19:19:13.0135 3364 Greg_Service - ok
19:19:13.0166 3364 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:13.0166 3364 gupdate - ok
19:19:13.0182 3364 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:13.0182 3364 gupdatem - ok
19:19:13.0260 3364 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:19:13.0260 3364 hcw85cir - ok
19:19:13.0307 3364 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:19:13.0307 3364 HdAudAddService - ok
19:19:13.0338 3364 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:19:13.0338 3364 HDAudBus - ok
19:19:13.0353 3364 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
19:19:13.0353 3364 HECIx64 - ok
19:19:13.0369 3364 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:19:13.0369 3364 HidBatt - ok
19:19:13.0400 3364 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:19:13.0400 3364 HidBth - ok
19:19:13.0416 3364 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:19:13.0416 3364 HidIr - ok
19:19:13.0431 3364 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
19:19:13.0447 3364 hidserv - ok
19:19:13.0463 3364 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:19:13.0463 3364 HidUsb - ok
19:19:13.0494 3364 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:19:13.0494 3364 hkmsvc - ok
19:19:13.0541 3364 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:19:13.0541 3364 HomeGroupListener - ok
19:19:13.0587 3364 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:19:13.0587 3364 HomeGroupProvider - ok
19:19:13.0603 3364 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:19:13.0603 3364 HpSAMD - ok
19:19:13.0681 3364 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:19:13.0681 3364 HTTP - ok
19:19:13.0712 3364 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:19:13.0712 3364 hwpolicy - ok
19:19:13.0728 3364 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:19:13.0743 3364 i8042prt - ok
19:19:13.0775 3364 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:19:13.0775 3364 iaStorV - ok
19:19:13.0899 3364 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:19:13.0899 3364 idsvc - ok
19:19:14.0523 3364 igfx (f4f91789c7c7a159ce8215c1f69f2a85) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:19:14.0648 3364 igfx - ok
19:19:14.0742 3364 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:19:14.0742 3364 iirsp - ok
19:19:14.0804 3364 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:19:14.0851 3364 IKEEXT - ok
19:19:14.0976 3364 IntcAzAudAddService (935faa1a0af889f1ef46be55666100d0) C:\Windows\system32\drivers\RTKVHD64.sys
19:19:14.0991 3364 IntcAzAudAddService - ok
19:19:15.0054 3364 IntcDAud (da24c1f66ee1b5a92e045376d7a44b58) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:19:15.0054 3364 IntcDAud - ok
19:19:15.0085 3364 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:19:15.0085 3364 intelide - ok
19:19:15.0116 3364 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:19:15.0116 3364 intelppm - ok
19:19:15.0163 3364 IntuitUpdateService (7bdb4e00e1cb174b56e5b2c31dde68a7) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
19:19:15.0163 3364 IntuitUpdateService - ok
19:19:15.0194 3364 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:19:15.0225 3364 IPBusEnum - ok
19:19:15.0241 3364 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:19:15.0241 3364 IpFilterDriver - ok
19:19:15.0288 3364 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:19:15.0319 3364 iphlpsvc - ok
19:19:15.0350 3364 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:19:15.0350 3364 IPMIDRV - ok
19:19:15.0366 3364 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:19:15.0381 3364 IPNAT - ok
19:19:15.0459 3364 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
19:19:15.0475 3364 iPod Service - ok
19:19:15.0491 3364 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:19:15.0491 3364 IRENUM - ok
19:19:15.0506 3364 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:19:15.0506 3364 isapnp - ok
19:19:15.0537 3364 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:19:15.0553 3364 iScsiPrt - ok
19:19:15.0584 3364 itecir (8d990a44b4f2b68e2c56a3724ec3eb84) C:\Windows\system32\DRIVERS\itecir.sys
19:19:15.0584 3364 itecir - ok
19:19:15.0600 3364 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:19:15.0600 3364 kbdclass - ok
19:19:15.0615 3364 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:19:15.0615 3364 kbdhid - ok
19:19:15.0631 3364 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:19:15.0631 3364 KeyIso - ok
19:19:15.0725 3364 Kodak AiO Network Discovery Service (27277a11db52fefae5b01dc8fb570b28) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
19:19:15.0725 3364 Kodak AiO Network Discovery Service - ok
19:19:15.0740 3364 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:19:15.0740 3364 KSecDD - ok
19:19:15.0771 3364 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:19:15.0787 3364 KSecPkg - ok
19:19:15.0803 3364 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:19:15.0803 3364 ksthunk - ok
19:19:15.0834 3364 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:19:15.0849 3364 KtmRm - ok
19:19:15.0881 3364 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
19:19:15.0912 3364 LanmanServer - ok
19:19:15.0943 3364 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:19:15.0959 3364 LanmanWorkstation - ok
19:19:15.0990 3364 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:19:15.0990 3364 lltdio - ok
19:19:16.0021 3364 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:19:16.0021 3364 lltdsvc - ok
19:19:16.0037 3364 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:19:16.0052 3364 lmhosts - ok
19:19:16.0099 3364 LMS (1d82a01a368255fe78c65cf66b5b8281) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:19:16.0115 3364 LMS - ok
19:19:16.0130 3364 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:19:16.0130 3364 LSI_FC - ok
19:19:16.0146 3364 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:19:16.0161 3364 LSI_SAS - ok
19:19:16.0161 3364 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:19:16.0177 3364 LSI_SAS2 - ok
19:19:16.0208 3364 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:19:16.0208 3364 LSI_SCSI - ok
19:19:16.0224 3364 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:19:16.0224 3364 luafv - ok
19:19:16.0255 3364 MBfilt (8ff2d95cba49b405c5de27039ff0bf35) C:\Windows\system32\drivers\MBfilt64.sys
19:19:16.0255 3364 MBfilt - ok
19:19:16.0271 3364 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:19:16.0302 3364 Mcx2Svc - ok
19:19:16.0364 3364 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
19:19:16.0364 3364 MDM - ok
19:19:16.0380 3364 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:19:16.0380 3364 megasas - ok
19:19:16.0411 3364 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:19:16.0411 3364 MegaSR - ok
19:19:16.0442 3364 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:19:16.0442 3364 MMCSS - ok
19:19:16.0458 3364 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:19:16.0458 3364 Modem - ok
19:19:16.0473 3364 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:19:16.0473 3364 monitor - ok
19:19:16.0505 3364 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
19:19:16.0505 3364 mouclass - ok
19:19:16.0520 3364 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:19:16.0520 3364 mouhid - ok
19:19:16.0551 3364 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:19:16.0551 3364 mountmgr - ok
19:19:16.0614 3364 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
19:19:16.0614 3364 MpFilter - ok
19:19:16.0645 3364 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:19:16.0661 3364 mpio - ok
19:19:16.0676 3364 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:19:16.0676 3364 mpsdrv - ok
19:19:16.0739 3364 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:19:16.0785 3364 MpsSvc - ok
19:19:16.0801 3364 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:19:16.0817 3364 MRxDAV - ok
19:19:16.0848 3364 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:19:16.0863 3364 mrxsmb - ok
19:19:16.0895 3364 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:19:16.0910 3364 mrxsmb10 - ok
19:19:16.0926 3364 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:19:16.0926 3364 mrxsmb20 - ok
19:19:16.0957 3364 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:19:16.0957 3364 msahci - ok
19:19:17.0004 3364 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:19:17.0004 3364 msdsm - ok
19:19:17.0035 3364 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:19:17.0066 3364 MSDTC - ok
19:19:17.0097 3364 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:19:17.0097 3364 Msfs - ok
19:19:17.0097 3364 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:19:17.0097 3364 mshidkmdf - ok
19:19:17.0113 3364 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:19:17.0113 3364 msisadrv - ok
19:19:17.0144 3364 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:19:17.0160 3364 MSiSCSI - ok
19:19:17.0175 3364 msiserver - ok
19:19:17.0191 3364 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:19:17.0191 3364 MSKSSRV - ok
19:19:17.0253 3364 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:19:17.0253 3364 MsMpSvc - ok
19:19:17.0409 3364 msoidsvc (3d9df5c79abe835e58df426b14600a33) C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
19:19:17.0425 3364 msoidsvc - ok
19:19:17.0487 3364 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:19:17.0487 3364 MSPCLOCK - ok
19:19:17.0503 3364 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:19:17.0503 3364 MSPQM - ok
19:19:17.0550 3364 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:19:17.0565 3364 MsRPC - ok
19:19:17.0597 3364 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:19:17.0597 3364 mssmbios - ok
19:19:17.0612 3364 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:19:17.0612 3364 MSTEE - ok
19:19:17.0643 3364 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:19:17.0659 3364 MTConfig - ok
19:19:17.0675 3364 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:19:17.0675 3364 Mup - ok
19:19:17.0706 3364 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:19:17.0721 3364 napagent - ok
19:19:17.0753 3364 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:19:17.0768 3364 NativeWifiP - ok
19:19:17.0846 3364 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:19:17.0846 3364 NDIS - ok
19:19:17.0862 3364 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:19:17.0862 3364 NdisCap - ok
19:19:17.0877 3364 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:19:17.0877 3364 NdisTapi - ok
19:19:17.0909 3364 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:19:17.0909 3364 Ndisuio - ok
19:19:17.0940 3364 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:19:17.0955 3364 NdisWan - ok
19:19:18.0002 3364 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:19:18.0002 3364 NDProxy - ok
19:19:18.0111 3364 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
19:19:18.0111 3364 Nero BackItUp Scheduler 4.0 - ok
19:19:18.0143 3364 Net Driver HPZ12 (2334dc48997ba203b794df3ee70521db) C:\Windows\system32\HPZinw12.dll
19:19:18.0158 3364 Net Driver HPZ12 - ok
19:19:18.0174 3364 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
19:19:18.0174 3364 Netaapl - ok
19:19:18.0189 3364 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:19:18.0205 3364 NetBIOS - ok
19:19:18.0236 3364 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:19:18.0236 3364 NetBT - ok
19:19:18.0267 3364 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:19:18.0267 3364 Netlogon - ok
19:19:18.0299 3364 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:19:18.0314 3364 Netman - ok
19:19:18.0392 3364 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:18.0408 3364 NetMsmqActivator - ok
19:19:18.0408 3364 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:18.0408 3364 NetPipeActivator - ok
19:19:18.0439 3364 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:19:18.0455 3364 netprofm - ok
19:19:18.0517 3364 netr28x (064ab63c9a588d2611306ae16d017e7e) C:\Windows\system32\DRIVERS\netr28x.sys
19:19:18.0533 3364 netr28x - ok
19:19:18.0564 3364 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:18.0564 3364 NetTcpActivator - ok
19:19:18.0564 3364 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:18.0564 3364 NetTcpPortSharing - ok
19:19:18.0595 3364 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:19:18.0595 3364 nfrd960 - ok
19:19:18.0642 3364 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:19:18.0642 3364 NisDrv - ok
19:19:18.0720 3364 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
19:19:18.0735 3364 NisSrv - ok
19:19:18.0798 3364 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:19:18.0813 3364 NlaSvc - ok
19:19:18.0829 3364 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:19:18.0829 3364 Npfs - ok
19:19:18.0860 3364 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:19:18.0876 3364 nsi - ok
19:19:18.0891 3364 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:19:18.0891 3364 nsiproxy - ok
19:19:19.0001 3364 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:19:19.0016 3364 Ntfs - ok
19:19:19.0094 3364 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:19:19.0094 3364 Null - ok
19:19:19.0141 3364 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:19:19.0141 3364 nvraid - ok
19:19:19.0172 3364 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:19:19.0172 3364 nvstor - ok
19:19:19.0203 3364 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:19:19.0203 3364 nv_agp - ok
19:19:19.0266 3364 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:19:19.0266 3364 odserv - ok
19:19:19.0297 3364 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:19:19.0297 3364 ohci1394 - ok
19:19:19.0328 3364 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:19:19.0344 3364 ose - ok
19:19:19.0375 3364 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:19:19.0391 3364 p2pimsvc - ok
19:19:19.0422 3364 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:19:19.0422 3364 p2psvc - ok
19:19:19.0453 3364 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:19:19.0453 3364 Parport - ok
19:19:19.0484 3364 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
19:19:19.0484 3364 partmgr - ok
19:19:19.0500 3364 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:19:19.0531 3364 PcaSvc - ok
19:19:19.0547 3364 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:19:19.0562 3364 pci - ok
19:19:19.0562 3364 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:19:19.0578 3364 pciide - ok
19:19:19.0593 3364 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:19:19.0593 3364 pcmcia - ok
19:19:19.0625 3364 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:19:19.0625 3364 pcw - ok
19:19:19.0656 3364 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:19:19.0671 3364 PEAUTH - ok
19:19:19.0734 3364 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:19:19.0734 3364 PerfHost - ok
19:19:19.0843 3364 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:19:19.0859 3364 pla - ok
19:19:19.0905 3364 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:19:19.0921 3364 PlugPlay - ok
19:19:19.0937 3364 Pml Driver HPZ12 (ac78df349f0e4cfb8b667c0cfff83cce) C:\Windows\system32\HPZipm12.dll
19:19:19.0968 3364 Pml Driver HPZ12 - ok
19:19:19.0983 3364 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:19:19.0983 3364 PNRPAutoReg - ok
19:19:20.0015 3364 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:19:20.0015 3364 PNRPsvc - ok
19:19:20.0046 3364 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:19:20.0077 3364 PolicyAgent - ok
19:19:20.0108 3364 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:19:20.0139 3364 Power - ok
19:19:20.0171 3364 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:19:20.0171 3364 PptpMiniport - ok
19:19:20.0186 3364 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:19:20.0202 3364 Processor - ok
19:19:20.0217 3364 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:19:20.0217 3364 ProfSvc - ok
19:19:20.0233 3364 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:19:20.0233 3364 ProtectedStorage - ok
19:19:20.0280 3364 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:19:20.0280 3364 Psched - ok
19:19:20.0373 3364 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:19:20.0389 3364 ql2300 - ok
19:19:20.0467 3364 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:19:20.0483 3364 ql40xx - ok
19:19:20.0514 3364 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:19:20.0514 3364 QWAVE - ok
19:19:20.0529 3364 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:19:20.0529 3364 QWAVEdrv - ok
19:19:20.0545 3364 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:19:20.0545 3364 RasAcd - ok
19:19:20.0576 3364 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:19:20.0576 3364 RasAgileVpn - ok
19:19:20.0592 3364 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:19:20.0592 3364 RasAuto - ok
19:19:20.0623 3364 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:19:20.0623 3364 Rasl2tp - ok
19:19:20.0670 3364 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:19:20.0685 3364 RasMan - ok
19:19:20.0717 3364 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:19:20.0717 3364 RasPppoe - ok
19:19:20.0732 3364 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:19:20.0732 3364 RasSstp - ok
19:19:20.0763 3364 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:19:20.0779 3364 rdbss - ok
19:19:20.0779 3364 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:19:20.0795 3364 rdpbus - ok
19:19:20.0795 3364 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:19:20.0795 3364 RDPCDD - ok
19:19:20.0810 3364 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:19:20.0810 3364 RDPENCDD - ok
19:19:20.0826 3364 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:19:20.0826 3364 RDPREFMP - ok
19:19:20.0857 3364 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:19:20.0873 3364 RDPWD - ok
19:19:20.0904 3364 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:19:20.0919 3364 rdyboost - ok
19:19:20.0935 3364 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:19:20.0951 3364 RemoteAccess - ok
19:19:20.0982 3364 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:19:20.0997 3364 RemoteRegistry - ok
19:19:21.0013 3364 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:19:21.0029 3364 RpcEptMapper - ok
19:19:21.0060 3364 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:19:21.0060 3364 RpcLocator - ok
19:19:21.0107 3364 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:19:21.0122 3364 RpcSs - ok
19:19:21.0138 3364 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:19:21.0138 3364 rspndr - ok
19:19:21.0169 3364 RSUSBSTOR (3ceee53bbf8ba284ff44585cec0162fe) C:\Windows\system32\Drivers\RtsUStor.sys
19:19:21.0185 3364 RSUSBSTOR - ok
19:19:21.0200 3364 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:19:21.0200 3364 SamSs - ok
19:19:21.0231 3364 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:19:21.0231 3364 sbp2port - ok
19:19:21.0263 3364 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:19:21.0263 3364 SCardSvr - ok
19:19:21.0294 3364 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:19:21.0294 3364 scfilter - ok
19:19:21.0372 3364 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:19:21.0434 3364 Schedule - ok
19:19:21.0465 3364 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:19:21.0465 3364 SCPolicySvc - ok
19:19:21.0481 3364 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:19:21.0497 3364 SDRSVC - ok
19:19:21.0512 3364 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:19:21.0512 3364 secdrv - ok
19:19:21.0543 3364 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:19:21.0575 3364 seclogon - ok
19:19:21.0590 3364 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:19:21.0590 3364 SENS - ok
19:19:21.0606 3364 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:19:21.0606 3364 SensrSvc - ok
19:19:21.0621 3364 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:19:21.0621 3364 Serenum - ok
19:19:21.0637 3364 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:19:21.0637 3364 Serial - ok
19:19:21.0668 3364 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:19:21.0668 3364 sermouse - ok
19:19:21.0715 3364 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:19:21.0731 3364 SessionEnv - ok
19:19:21.0762 3364 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:19:21.0762 3364 sffdisk - ok
19:19:21.0777 3364 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:19:21.0777 3364 sffp_mmc - ok
19:19:21.0777 3364 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:19:21.0777 3364 sffp_sd - ok
19:19:21.0793 3364 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:19:21.0793 3364 sfloppy - ok
19:19:21.0855 3364 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:19:21.0855 3364 SharedAccess - ok
19:19:21.0918 3364 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:19:21.0949 3364 ShellHWDetection - ok
19:19:21.0965 3364 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:19:21.0965 3364 SiSRaid2 - ok
19:19:21.0965 3364 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:19:21.0980 3364 SiSRaid4 - ok
19:19:21.0996 3364 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:19:21.0996 3364 Smb - ok
19:19:22.0011 3364 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:19:22.0027 3364 SNMPTRAP - ok
19:19:22.0027 3364 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:19:22.0027 3364 spldr - ok
19:19:22.0074 3364 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:19:22.0136 3364 Spooler - ok
19:19:22.0339 3364 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:19:22.0370 3364 sppsvc - ok
19:19:22.0448 3364 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:19:22.0448 3364 sppuinotify - ok
19:19:22.0511 3364 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:19:22.0526 3364 srv - ok
19:19:22.0542 3364 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:19:22.0557 3364 srv2 - ok
19:19:22.0573 3364 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:19:22.0589 3364 srvnet - ok
19:19:22.0604 3364 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:19:22.0635 3364 SSDPSRV - ok
19:19:22.0651 3364 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:19:22.0651 3364 SstpSvc - ok
19:19:22.0667 3364 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:19:22.0667 3364 stexstor - ok
19:19:22.0698 3364 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
19:19:22.0698 3364 StillCam - ok
19:19:22.0760 3364 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:19:22.0776 3364 stisvc - ok
19:19:22.0807 3364 SWDUMon (b6432149c4cd703109f98f2e8c2bb9fd) C:\Windows\system32\DRIVERS\SWDUMon.sys
19:19:22.0823 3364 SWDUMon - ok
19:19:22.0838 3364 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:19:22.0838 3364 swenum - ok
19:19:22.0885 3364 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:19:22.0901 3364 swprv - ok
19:19:23.0025 3364 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:19:23.0041 3364 SysMain - ok
19:19:23.0135 3364 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:19:23.0150 3364 TabletInputService - ok
19:19:23.0197 3364 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:19:23.0213 3364 TapiSrv - ok
19:19:23.0228 3364 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:19:23.0228 3364 TBS - ok
19:19:23.0353 3364 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
19:19:23.0384 3364 Tcpip - ok
19:19:23.0509 3364 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
19:19:23.0509 3364 TCPIP6 - ok
19:19:23.0571 3364 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:19:23.0571 3364 tcpipreg - ok
19:19:23.0603 3364 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:19:23.0603 3364 TDPIPE - ok
19:19:23.0634 3364 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:19:23.0634 3364 TDTCP - ok
19:19:23.0665 3364 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:19:23.0681 3364 tdx - ok
19:19:23.0712 3364 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:19:23.0712 3364 TermDD - ok
19:19:23.0759 3364 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:19:23.0790 3364 TermService - ok
19:19:23.0805 3364 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:19:23.0821 3364 Themes - ok
19:19:23.0837 3364 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:19:23.0837 3364 THREADORDER - ok
19:19:23.0868 3364 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:19:23.0883 3364 TrkWks - ok
19:19:23.0930 3364 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:19:23.0961 3364 TrustedInstaller - ok
19:19:23.0993 3364 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:19:23.0993 3364 tssecsrv - ok
19:19:24.0024 3364 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:19:24.0024 3364 TsUsbFlt - ok
19:19:24.0055 3364 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:19:24.0055 3364 tunnel - ok
19:19:24.0086 3364 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:19:24.0086 3364 uagp35 - ok
19:19:24.0117 3364 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:19:24.0133 3364 udfs - ok
19:19:24.0149 3364 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:19:24.0164 3364 UI0Detect - ok
19:19:24.0180 3364 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:19:24.0180 3364 uliagpkx - ok
19:19:24.0211 3364 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:19:24.0211 3364 umbus - ok
19:19:24.0227 3364 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:19:24.0242 3364 UmPass - ok
19:19:24.0398 3364 UNS (c6142b8cb72558d91cea8e38f1b7d905) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:19:24.0414 3364 UNS - ok
19:19:24.0476 3364 Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
19:19:24.0476 3364 Updater Service - ok
19:19:24.0570 3364 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:19:24.0585 3364 upnphost - ok
19:19:24.0632 3364 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
19:19:24.0632 3364 USBAAPL64 - ok
19:19:24.0663 3364 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:19:24.0663 3364 usbccgp - ok
19:19:24.0695 3364 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:19:24.0695 3364 usbcir - ok
19:19:24.0710 3364 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:19:24.0710 3364 usbehci - ok
19:19:24.0726 3364 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:19:24.0741 3364 usbhub - ok
19:19:24.0773 3364 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:19:24.0773 3364 usbohci - ok
19:19:24.0788 3364 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:19:24.0788 3364 usbprint - ok
19:19:24.0804 3364 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:19:24.0804 3364 usbscan - ok
19:19:24.0819 3364 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:19:24.0819 3364 USBSTOR - ok
19:19:24.0835 3364 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:19:24.0835 3364 usbuhci - ok
19:19:24.0866 3364 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:19:24.0866 3364 usbvideo - ok
19:19:24.0897 3364 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:19:24.0913 3364 UxSms - ok
19:19:24.0944 3364 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:19:24.0944 3364 VaultSvc - ok
19:19:24.0960 3364 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:19:24.0960 3364 vdrvroot - ok
19:19:25.0007 3364 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:19:25.0022 3364 vds - ok
19:19:25.0053 3364 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:19:25.0053 3364 vga - ok
19:19:25.0069 3364 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:19:25.0069 3364 VgaSave - ok
19:19:25.0085 3364 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:19:25.0100 3364 vhdmp - ok
19:19:25.0116 3364 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:19:25.0116 3364 viaide - ok
19:19:25.0131 3364 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:19:25.0131 3364 volmgr - ok
19:19:25.0178 3364 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:19:25.0178 3364 volmgrx - ok
19:19:25.0209 3364 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:19:25.0209 3364 volsnap - ok
19:19:25.0225 3364 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:19:25.0241 3364 vsmraid - ok
19:19:25.0334 3364 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:19:25.0350 3364 VSS - ok
19:19:25.0428 3364 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:19:25.0428 3364 vwifibus - ok
19:19:25.0443 3364 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:19:25.0443 3364 vwififlt - ok
19:19:25.0459 3364 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:19:25.0459 3364 vwifimp - ok
19:19:25.0506 3364 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:19:25.0537 3364 W32Time - ok
19:19:25.0553 3364 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:19:25.0553 3364 WacomPen - ok
19:19:25.0568 3364 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:19:25.0584 3364 WANARP - ok
19:19:25.0584 3364 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:19:25.0584 3364 Wanarpv6 - ok
19:19:25.0677 3364 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
19:19:25.0693 3364 WatAdminSvc - ok
19:19:25.0802 3364 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:19:25.0818 3364 wbengine - ok
19:19:25.0911 3364 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:19:25.0911 3364 WbioSrvc - ok
19:19:25.0974 3364 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:19:25.0989 3364 wcncsvc - ok
19:19:26.0005 3364 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:19:26.0005 3364 WcsPlugInService - ok
19:19:26.0036 3364 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:19:26.0036 3364 Wd - ok
19:19:26.0083 3364 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:19:26.0099 3364 Wdf01000 - ok
19:19:26.0114 3364 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:19:26.0114 3364 WdiServiceHost - ok
19:19:26.0130 3364 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:19:26.0130 3364 WdiSystemHost - ok
19:19:26.0161 3364 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:19:26.0192 3364 WebClient - ok
19:19:26.0208 3364 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:19:26.0223 3364 Wecsvc - ok
19:19:26.0239 3364 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:19:26.0239 3364 wercplsupport - ok
19:19:26.0255 3364 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:19:26.0255 3364 WerSvc - ok
19:19:26.0270 3364 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:19:26.0286 3364 WfpLwf - ok
19:19:26.0301 3364 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:19:26.0301 3364 WIMMount - ok
19:19:26.0317 3364 WinDefend - ok
19:19:26.0333 3364 WinHttpAutoProxySvc - ok
19:19:26.0379 3364 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:19:26.0411 3364 Winmgmt - ok
19:19:26.0535 3364 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:19:26.0551 3364 WinRM - ok
19:19:26.0629 3364 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:19:26.0645 3364 WinUsb - ok
19:19:26.0723 3364 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:19:26.0723 3364 Wlansvc - ok
19:19:26.0801 3364 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:19:26.0801 3364 wlcrasvc - ok
19:19:26.0957 3364 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:19:26.0957 3364 wlidsvc - ok
19:19:27.0019 3364 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:19:27.0019 3364 WmiAcpi - ok
19:19:27.0066 3364 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:19:27.0081 3364 wmiApSrv - ok
19:19:27.0097 3364 WMPNetworkSvc - ok
19:19:27.0128 3364 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:19:27.0128 3364 WPCSvc - ok
19:19:27.0159 3364 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:19:27.0175 3364 WPDBusEnum - ok
19:19:27.0206 3364 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:19:27.0206 3364 ws2ifsl - ok
19:19:27.0222 3364 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
19:19:27.0222 3364 wscsvc - ok
19:19:27.0237 3364 WSearch - ok
19:19:27.0378 3364 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:19:27.0393 3364 wuauserv - ok
19:19:27.0487 3364 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:19:27.0487 3364 WudfPf - ok
19:19:27.0518 3364 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:19:27.0534 3364 WUDFRd - ok
19:19:27.0549 3364 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:19:27.0581 3364 wudfsvc - ok
19:19:27.0596 3364 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:19:27.0612 3364 WwanSvc - ok
19:19:27.0674 3364 {60DB6561-0A84-4c94-AF33-288405CFD56D} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerCinema Movie\000.fcl
19:19:27.0690 3364 {60DB6561-0A84-4c94-AF33-288405CFD56D} - ok
19:19:27.0705 3364 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
19:19:27.0986 3364 \Device\Harddisk0\DR0 - ok
19:19:27.0986 3364 Boot (0x1200) (e92c85d1871f944a7358aedb4d595ccd) \Device\Harddisk0\DR0\Partition0
19:19:27.0986 3364 \Device\Harddisk0\DR0\Partition0 - ok
19:19:28.0017 3364 Boot (0x1200) (bd7fd74880275346a6a483b20edaeba4) \Device\Harddisk0\DR0\Partition1
19:19:28.0017 3364 \Device\Harddisk0\DR0\Partition1 - ok
19:19:28.0017 3364 ============================================================
19:19:28.0017 3364 Scan finished
19:19:28.0017 3364 ============================================================
19:19:28.0033 0296 Detected object count: 0
19:19:28.0033 0296 Actual detected object count: 0

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 AM

Posted 04 June 2012 - 07:46 PM

Hello,sorry I don't see it. We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 senck

senck
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 04 June 2012 - 07:46 PM

Malwarebytes Log:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.04.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
**** Family :: PRIVATEPC [administrator]

6/4/2012 7:43:08 PM
mbam-log-2012-06-04 (19-43-08).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 264630
Time elapsed: 2 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 AM

Posted 04 June 2012 - 07:47 PM

See post 8
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 senck

senck
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 04 June 2012 - 08:04 PM

Malwarebytes Chameleon Scan Log:

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.06.04.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
**** Family :: PRIVATEPC [administrator]

6/4/2012 7:51:56 PM
mbam-log-2012-06-04 (19-51-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 264653
Time elapsed: 1 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#12 senck

senck
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:03:42 AM

Posted 04 June 2012 - 08:05 PM

Ok. Doing Post 8. Thank You.

#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 60,929 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:11:42 AM

Posted 06 June 2012 - 10:31 AM

As you have successfully posted your logs here, I am now closing this topic to avoid confusion.

Please be patient until a Malware Response Team member picks up your topic. As logs are picked up oldest first this may take a few days.
Thank you for your understanding!

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users