Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

How to detect if keylogger program is installed on your computer?

Started by s0nginmyheart , Jan 14 2013 10:33 AM

  • Please log in to reply

#16
s0nginmyheart
Posted 15 January 2013 - 02:33 PM

s0nginmyheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 151 posts
14:31:47.0136 3804 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:31:47.0136 3804 UEFI system
14:31:47.0541 3804 ============================================================
14:31:47.0541 3804 Current date / time: 2013/01/15 14:31:47.0541
14:31:47.0541 3804 SystemInfo:
14:31:47.0541 3804
14:31:47.0541 3804 OS Version: 6.1.7601 ServicePack: 1.0
14:31:47.0541 3804 Product type: Workstation
14:31:47.0541 3804 ComputerName: SCOTT-PC
14:31:47.0541 3804 UserName: Scott
14:31:47.0541 3804 Windows directory: C:\Windows
14:31:47.0541 3804 System windows directory: C:\Windows
14:31:47.0541 3804 Running under WOW64
14:31:47.0541 3804 Processor architecture: Intel x64
14:31:47.0541 3804 Number of processors: 4
14:31:47.0541 3804 Page size: 0x1000
14:31:47.0541 3804 Boot type: Normal boot
14:31:47.0541 3804 ============================================================
14:31:48.0072 3804 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:31:48.0072 3804 Drive \Device\Harddisk1\DR5 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:31:48.0072 3804 ============================================================
14:31:48.0072 3804 \Device\Harddisk0\DR0:
14:31:48.0072 3804 GPT partitions:
14:31:48.0072 3804 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4AA4663F-20B7-4BD4-AA25-581559E36D39}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x64000
14:31:48.0072 3804 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A569D816-B0DF-4C93-8CA8-A13F21D7FA37}, Name: Microsoft reserved partition, StartLBA 0x64800, BlocksNum 0x40000
14:31:48.0072 3804 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {298C2CC9-F552-4560-A6F1-2067A12D27D6}, Name: Basic data partition, StartLBA 0xA4800, BlocksNum 0x1749C000
14:31:48.0072 3804 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FC215BF3-8FA7-4963-8FEF-7C27D6B9309C}, Name: Basic data partition, StartLBA 0x17540800, BlocksNum 0x1FC45800
14:31:48.0072 3804 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {700FACD3-F7C3-4E66-8332-239AF6E511DC}, Name: Basic data partition, StartLBA 0x37186000, BlocksNum 0x3200000
14:31:48.0072 3804 MBR partitions:
14:31:48.0072 3804 \Device\Harddisk1\DR5:
14:31:48.0072 3804 MBR partitions:
14:31:48.0072 3804 \Device\Harddisk1\DR5\Partition1: MBR, Type 0xC, StartLBA 0x8, BlocksNum 0x777FF8
14:31:48.0072 3804 ============================================================
14:31:48.0087 3804 C: <-> \Device\Harddisk0\DR0\Partition3
14:31:48.0134 3804 D: <-> \Device\Harddisk0\DR0\Partition4
14:31:48.0134 3804 ============================================================
14:31:48.0134 3804 Initialize success
14:31:48.0134 3804 ============================================================
14:31:56.0574 2088 ============================================================
14:31:56.0574 2088 Scan started
14:31:56.0574 2088 Mode: Manual;
14:31:56.0574 2088 ============================================================
14:31:56.0995 2088 ================ Scan system memory ========================
14:31:56.0995 2088 System memory - ok
14:31:56.0995 2088 ================ Scan services =============================
14:31:57.0151 2088 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:31:57.0151 2088 1394ohci - ok
14:31:57.0198 2088 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:31:57.0198 2088 ACPI - ok
14:31:57.0213 2088 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:31:57.0213 2088 AcpiPmi - ok
14:31:57.0322 2088 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:31:57.0322 2088 AdobeFlashPlayerUpdateSvc - ok
14:31:57.0385 2088 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:31:57.0400 2088 adp94xx - ok
14:31:57.0432 2088 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:31:57.0447 2088 adpahci - ok
14:31:57.0478 2088 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:31:57.0478 2088 adpu320 - ok
14:31:57.0510 2088 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:31:57.0510 2088 AeLookupSvc - ok
14:31:57.0541 2088 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:31:57.0556 2088 AFD - ok
14:31:57.0619 2088 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
14:31:57.0634 2088 AgereSoftModem - ok
14:31:57.0681 2088 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:31:57.0681 2088 agp440 - ok
14:31:57.0744 2088 [ 16F6F6B7903B913AB41AB848C8BB5658 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
14:31:57.0744 2088 AiCharger - ok
14:31:57.0775 2088 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:31:57.0775 2088 ALG - ok
14:31:57.0806 2088 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:31:57.0806 2088 aliide - ok
14:31:57.0837 2088 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:31:57.0837 2088 amdide - ok
14:31:57.0853 2088 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:31:57.0853 2088 AmdK8 - ok
14:31:57.0853 2088 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:31:57.0853 2088 AmdPPM - ok
14:31:57.0868 2088 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:31:57.0884 2088 amdsata - ok
14:31:57.0915 2088 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:31:57.0915 2088 amdsbs - ok
14:31:57.0946 2088 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:31:57.0946 2088 amdxata - ok
14:31:57.0978 2088 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:31:57.0978 2088 AppID - ok
14:31:58.0009 2088 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:31:58.0009 2088 AppIDSvc - ok
14:31:58.0024 2088 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:31:58.0024 2088 Appinfo - ok
14:31:58.0087 2088 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:31:58.0087 2088 arc - ok
14:31:58.0102 2088 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:31:58.0102 2088 arcsas - ok
14:31:58.0196 2088 [ A3626C6D3F2DC95497F3F61842D7FD89 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
14:31:58.0196 2088 ASLDRService - ok
14:31:58.0227 2088 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
14:31:58.0227 2088 ASMMAP64 - ok
14:31:58.0352 2088 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:31:58.0368 2088 aspnet_state - ok
14:31:58.0414 2088 [ 6A122B4F0E5293CACFA8A5F2CBA9B356 ] ASUS InstantOn C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
14:31:58.0414 2088 ASUS InstantOn - ok
14:31:58.0461 2088 [ CBF4C9263F35A9E80E4AD5CBBAE6049C ] AsusVBus C:\Windows\system32\DRIVERS\AsusVBus.sys
14:31:58.0461 2088 AsusVBus - ok
14:31:58.0492 2088 [ C951F6F1D909E1AAD7160D9EE860A3F1 ] AsusVTouch C:\Windows\system32\DRIVERS\AsusVTouch.sys
14:31:58.0492 2088 AsusVTouch - ok
14:31:58.0524 2088 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:31:58.0524 2088 AsyncMac - ok
14:31:58.0539 2088 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:31:58.0539 2088 atapi - ok
14:31:58.0617 2088 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:31:58.0648 2088 athr - ok
14:31:58.0680 2088 [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
14:31:58.0680 2088 ATKGFNEXSrv - ok
14:31:58.0758 2088 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
14:31:58.0758 2088 ATKWMIACPIIO - ok
14:31:58.0804 2088 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:31:58.0820 2088 AudioEndpointBuilder - ok
14:31:58.0836 2088 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:31:58.0836 2088 AudioSrv - ok
14:31:58.0882 2088 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:31:58.0882 2088 AxInstSV - ok
14:31:58.0929 2088 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:31:58.0929 2088 b06bdrv - ok
14:31:58.0960 2088 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:31:58.0976 2088 b57nd60a - ok
14:31:59.0054 2088 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
14:31:59.0054 2088 BBSvc - ok
14:31:59.0085 2088 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
14:31:59.0085 2088 BBUpdate - ok
14:31:59.0132 2088 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:31:59.0132 2088 BDESVC - ok
14:31:59.0163 2088 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:31:59.0163 2088 Beep - ok
14:31:59.0241 2088 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:31:59.0241 2088 BFE - ok
14:31:59.0288 2088 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
14:31:59.0304 2088 BITS - ok
14:31:59.0335 2088 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:31:59.0335 2088 blbdrive - ok
14:31:59.0350 2088 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:31:59.0350 2088 bowser - ok
14:31:59.0397 2088 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:31:59.0397 2088 BrFiltLo - ok
14:31:59.0397 2088 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:31:59.0397 2088 BrFiltUp - ok
14:31:59.0413 2088 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:31:59.0428 2088 BridgeMP - ok
14:31:59.0460 2088 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:31:59.0460 2088 Browser - ok
14:31:59.0491 2088 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:31:59.0506 2088 Brserid - ok
14:31:59.0506 2088 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:31:59.0506 2088 BrSerWdm - ok
14:31:59.0522 2088 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:31:59.0522 2088 BrUsbMdm - ok
14:31:59.0522 2088 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:31:59.0522 2088 BrUsbSer - ok
14:31:59.0569 2088 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:31:59.0569 2088 BthEnum - ok
14:31:59.0600 2088 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:31:59.0600 2088 BTHMODEM - ok
14:31:59.0631 2088 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:31:59.0631 2088 BthPan - ok
14:31:59.0662 2088 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:31:59.0678 2088 BTHPORT - ok
14:31:59.0725 2088 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:31:59.0725 2088 bthserv - ok
14:31:59.0740 2088 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:31:59.0740 2088 BTHUSB - ok
14:31:59.0756 2088 catchme - ok
14:31:59.0772 2088 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:31:59.0772 2088 cdfs - ok
14:31:59.0834 2088 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:31:59.0834 2088 cdrom - ok
14:31:59.0881 2088 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:31:59.0881 2088 CertPropSvc - ok
14:31:59.0912 2088 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:31:59.0912 2088 circlass - ok
14:31:59.0943 2088 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:31:59.0943 2088 CLFS - ok
14:31:59.0990 2088 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:31:59.0990 2088 clr_optimization_v2.0.50727_32 - ok
14:32:00.0037 2088 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:32:00.0037 2088 clr_optimization_v2.0.50727_64 - ok
14:32:00.0130 2088 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:32:00.0130 2088 clr_optimization_v4.0.30319_32 - ok
14:32:00.0177 2088 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:32:00.0177 2088 clr_optimization_v4.0.30319_64 - ok
14:32:00.0224 2088 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:32:00.0224 2088 CmBatt - ok
14:32:00.0240 2088 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:32:00.0240 2088 cmdide - ok
14:32:00.0286 2088 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:32:00.0302 2088 CNG - ok
14:32:00.0333 2088 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:32:00.0333 2088 Compbatt - ok
14:32:00.0349 2088 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:32:00.0349 2088 CompositeBus - ok
14:32:00.0364 2088 COMSysApp - ok
14:32:00.0411 2088 [ DF3E8C2C443D3618260DFF5705CE2DF5 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:32:00.0411 2088 cphs - ok
14:32:00.0442 2088 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:32:00.0442 2088 crcdisk - ok
14:32:00.0489 2088 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:32:00.0489 2088 CryptSvc - ok
14:32:00.0520 2088 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:32:00.0520 2088 DcomLaunch - ok
14:32:00.0598 2088 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:32:00.0598 2088 defragsvc - ok
14:32:00.0614 2088 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:32:00.0614 2088 DfsC - ok
14:32:00.0676 2088 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:32:00.0692 2088 Dhcp - ok
14:32:00.0723 2088 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:32:00.0723 2088 discache - ok
14:32:00.0770 2088 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:32:00.0770 2088 Disk - ok
14:32:00.0786 2088 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:32:00.0801 2088 Dnscache - ok
14:32:00.0817 2088 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:32:00.0817 2088 dot3svc - ok
14:32:00.0817 2088 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:32:00.0832 2088 DPS - ok
14:32:00.0848 2088 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:32:00.0848 2088 drmkaud - ok
14:32:00.0895 2088 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:32:00.0910 2088 DXGKrnl - ok
14:32:00.0942 2088 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:32:00.0942 2088 EapHost - ok
14:32:01.0035 2088 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:32:01.0129 2088 ebdrv - ok
14:32:01.0176 2088 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:32:01.0176 2088 EFS - ok
14:32:01.0254 2088 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:32:01.0254 2088 ehRecvr - ok
14:32:01.0269 2088 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:32:01.0269 2088 ehSched - ok
14:32:01.0347 2088 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:32:01.0347 2088 elxstor - ok
14:32:01.0363 2088 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:32:01.0363 2088 ErrDev - ok
14:32:01.0425 2088 [ 42B4D3D746B3625EF42233C3897E1F68 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
14:32:01.0425 2088 ETD - ok
14:32:01.0456 2088 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:32:01.0456 2088 EventSystem - ok
14:32:01.0503 2088 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:32:01.0503 2088 exfat - ok
14:32:01.0534 2088 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:32:01.0534 2088 fastfat - ok
14:32:01.0581 2088 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:32:01.0597 2088 Fax - ok
14:32:01.0612 2088 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:32:01.0612 2088 fdc - ok
14:32:01.0644 2088 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:32:01.0644 2088 fdPHost - ok
14:32:01.0659 2088 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:32:01.0659 2088 FDResPub - ok
14:32:01.0690 2088 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:32:01.0690 2088 FileInfo - ok
14:32:01.0706 2088 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:32:01.0706 2088 Filetrace - ok
14:32:01.0706 2088 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:32:01.0706 2088 flpydisk - ok
14:32:01.0722 2088 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:32:01.0722 2088 FltMgr - ok
14:32:01.0768 2088 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:32:01.0784 2088 FontCache - ok
14:32:01.0831 2088 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:32:01.0831 2088 FontCache3.0.0.0 - ok
14:32:01.0846 2088 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:32:01.0846 2088 FsDepends - ok
14:32:01.0878 2088 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
14:32:01.0878 2088 fssfltr - ok
14:32:01.0956 2088 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
14:32:01.0971 2088 fsssvc - ok
14:32:02.0002 2088 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:32:02.0002 2088 Fs_Rec - ok
14:32:02.0049 2088 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:32:02.0049 2088 fvevol - ok
14:32:02.0065 2088 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:32:02.0080 2088 gagp30kx - ok
14:32:02.0127 2088 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:32:02.0143 2088 gpsvc - ok
14:32:02.0158 2088 gupdate - ok
14:32:02.0190 2088 gupdatem - ok
14:32:02.0205 2088 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:32:02.0221 2088 hcw85cir - ok
14:32:02.0252 2088 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:32:02.0268 2088 HdAudAddService - ok
14:32:02.0299 2088 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:32:02.0314 2088 HDAudBus - ok
14:32:02.0361 2088 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:32:02.0361 2088 HidBatt - ok
14:32:02.0377 2088 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:32:02.0377 2088 HidBth - ok
14:32:02.0392 2088 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:32:02.0392 2088 HidIr - ok
14:32:02.0408 2088 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:32:02.0408 2088 hidserv - ok
14:32:02.0470 2088 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:32:02.0470 2088 HidUsb - ok
14:32:02.0517 2088 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:32:02.0517 2088 hkmsvc - ok
14:32:02.0548 2088 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:32:02.0564 2088 HomeGroupListener - ok
14:32:02.0580 2088 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:32:02.0580 2088 HomeGroupProvider - ok
14:32:02.0626 2088 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:32:02.0626 2088 HpSAMD - ok
14:32:02.0673 2088 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:32:02.0689 2088 HTTP - ok
14:32:02.0720 2088 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:32:02.0720 2088 hwpolicy - ok
14:32:02.0751 2088 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:32:02.0751 2088 i8042prt - ok
14:32:02.0798 2088 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:32:02.0798 2088 iaStor - ok
14:32:02.0845 2088 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:32:02.0845 2088 iaStorV - ok
14:32:02.0907 2088 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:32:02.0923 2088 idsvc - ok
14:32:03.0172 2088 [ 276EE9CDAB16C50E1DF0E4CEFA882F5F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:32:03.0422 2088 igfx - ok
14:32:03.0469 2088 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:32:03.0469 2088 iirsp - ok
14:32:03.0516 2088 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:32:03.0531 2088 IKEEXT - ok
14:32:03.0672 2088 [ E83BB47C3446F0497019DE7FD6C6A86F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:32:03.0765 2088 IntcAzAudAddService - ok
14:32:03.0812 2088 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:32:03.0828 2088 IntcDAud - ok
14:32:03.0890 2088 [ 2D66067C7A8A0112156BCD1C0BAA7042 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:32:03.0906 2088 Intel® Capability Licensing Service Interface - ok
14:32:03.0968 2088 [ 92DB7D70D029C6C8584EBFABF18F8D3C ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
14:32:03.0968 2088 Intel® ME Service - ok
14:32:03.0984 2088 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:32:03.0999 2088 intelide - ok
14:32:04.0015 2088 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:32:04.0015 2088 intelppm - ok
14:32:04.0062 2088 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:32:04.0062 2088 IPBusEnum - ok
14:32:04.0077 2088 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:32:04.0093 2088 IpFilterDriver - ok
14:32:04.0124 2088 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:32:04.0140 2088 iphlpsvc - ok
14:32:04.0171 2088 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:32:04.0171 2088 IPMIDRV - ok
14:32:04.0171 2088 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:32:04.0171 2088 IPNAT - ok
14:32:04.0202 2088 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:32:04.0202 2088 IRENUM - ok
14:32:04.0249 2088 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:32:04.0249 2088 isapnp - ok
14:32:04.0249 2088 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:32:04.0264 2088 iScsiPrt - ok
14:32:04.0311 2088 [ 6BCEF45131C8B8E1C558BE540B190B3C ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
14:32:04.0311 2088 iusb3hcs - ok
14:32:04.0342 2088 [ F080EADA8715F811B58BD35BB774F2F9 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
14:32:04.0358 2088 iusb3hub - ok
14:32:04.0405 2088 [ 0F1756D9396740F053221FA6260FCE66 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
14:32:04.0405 2088 iusb3xhc - ok
14:32:04.0452 2088 [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
14:32:04.0452 2088 jhi_service - ok
14:32:04.0483 2088 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:32:04.0483 2088 kbdclass - ok
14:32:04.0514 2088 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:32:04.0514 2088 kbdhid - ok
14:32:04.0561 2088 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
14:32:04.0561 2088 kbfiltr - ok
14:32:04.0592 2088 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:32:04.0592 2088 KeyIso - ok
14:32:04.0623 2088 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:32:04.0623 2088 KSecDD - ok
14:32:04.0654 2088 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:32:04.0654 2088 KSecPkg - ok
14:32:04.0701 2088 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:32:04.0701 2088 ksthunk - ok
14:32:04.0732 2088 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:32:04.0748 2088 KtmRm - ok
14:32:04.0779 2088 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
14:32:04.0779 2088 L1C - ok
14:32:04.0826 2088 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:32:04.0826 2088 LanmanServer - ok
14:32:04.0857 2088 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:32:04.0857 2088 LanmanWorkstation - ok
14:32:04.0888 2088 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:32:04.0888 2088 lltdio - ok
14:32:04.0920 2088 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:32:04.0920 2088 lltdsvc - ok
14:32:04.0951 2088 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:32:04.0966 2088 lmhosts - ok
14:32:05.0013 2088 [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:32:05.0013 2088 LMS - ok
14:32:05.0044 2088 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:32:05.0044 2088 LSI_FC - ok
14:32:05.0076 2088 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:32:05.0076 2088 LSI_SAS - ok
14:32:05.0091 2088 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:32:05.0091 2088 LSI_SAS2 - ok
14:32:05.0091 2088 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:32:05.0091 2088 LSI_SCSI - ok
14:32:05.0122 2088 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:32:05.0122 2088 luafv - ok
14:32:05.0169 2088 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
14:32:05.0169 2088 MBAMProtector - ok
14:32:05.0200 2088 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:32:05.0216 2088 MBAMScheduler - ok
14:32:05.0232 2088 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:32:05.0247 2088 MBAMService - ok
14:32:05.0263 2088 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:32:05.0263 2088 Mcx2Svc - ok
14:32:05.0310 2088 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:32:05.0310 2088 megasas - ok
14:32:05.0325 2088 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:32:05.0325 2088 MegaSR - ok
14:32:05.0372 2088 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:32:05.0372 2088 MEIx64 - ok
14:32:05.0403 2088 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:32:05.0403 2088 MMCSS - ok
14:32:05.0419 2088 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:32:05.0419 2088 Modem - ok
14:32:05.0450 2088 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:32:05.0450 2088 monitor - ok
14:32:05.0466 2088 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:32:05.0481 2088 mouclass - ok
14:32:05.0497 2088 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:32:05.0497 2088 mouhid - ok
14:32:05.0528 2088 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:32:05.0528 2088 mountmgr - ok
14:32:05.0559 2088 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
14:32:05.0559 2088 MpFilter - ok
14:32:05.0590 2088 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:32:05.0590 2088 mpio - ok
14:32:05.0606 2088 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:32:05.0606 2088 mpsdrv - ok
14:32:05.0653 2088 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:32:05.0668 2088 MpsSvc - ok
14:32:05.0684 2088 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:32:05.0684 2088 MRxDAV - ok
14:32:05.0715 2088 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:32:05.0715 2088 mrxsmb - ok
14:32:05.0731 2088 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:32:05.0731 2088 mrxsmb10 - ok
14:32:05.0731 2088 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:32:05.0731 2088 mrxsmb20 - ok
14:32:05.0731 2088 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:32:05.0731 2088 msahci - ok
14:32:05.0746 2088 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:32:05.0746 2088 msdsm - ok
14:32:05.0778 2088 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:32:05.0778 2088 MSDTC - ok
14:32:05.0809 2088 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:32:05.0809 2088 Msfs - ok
14:32:05.0840 2088 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:32:05.0840 2088 mshidkmdf - ok
14:32:05.0840 2088 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:32:05.0840 2088 msisadrv - ok
14:32:05.0871 2088 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:32:05.0871 2088 MSiSCSI - ok
14:32:05.0871 2088 msiserver - ok
14:32:05.0887 2088 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:32:05.0887 2088 MSKSSRV - ok
14:32:05.0934 2088 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:32:05.0934 2088 MsMpSvc - ok
14:32:05.0949 2088 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:32:05.0949 2088 MSPCLOCK - ok
14:32:05.0965 2088 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:32:05.0965 2088 MSPQM - ok
14:32:06.0012 2088 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:32:06.0012 2088 MsRPC - ok
14:32:06.0027 2088 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:32:06.0027 2088 mssmbios - ok
14:32:06.0043 2088 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:32:06.0043 2088 MSTEE - ok
14:32:06.0058 2088 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:32:06.0058 2088 MTConfig - ok
14:32:06.0074 2088 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:32:06.0074 2088 Mup - ok
14:32:06.0105 2088 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:32:06.0105 2088 napagent - ok
14:32:06.0152 2088 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:32:06.0152 2088 NativeWifiP - ok
14:32:06.0214 2088 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:32:06.0230 2088 NDIS - ok
14:32:06.0261 2088 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:32:06.0261 2088 NdisCap - ok
14:32:06.0292 2088 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:32:06.0292 2088 NdisTapi - ok
14:32:06.0308 2088 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:32:06.0324 2088 Ndisuio - ok
14:32:06.0324 2088 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:32:06.0324 2088 NdisWan - ok
14:32:06.0339 2088 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:32:06.0339 2088 NDProxy - ok
14:32:06.0370 2088 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:32:06.0370 2088 NetBIOS - ok
14:32:06.0386 2088 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:32:06.0386 2088 NetBT - ok
14:32:06.0402 2088 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:32:06.0402 2088 Netlogon - ok
14:32:06.0448 2088 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:32:06.0448 2088 Netman - ok
14:32:06.0480 2088 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:32:06.0480 2088 NetMsmqActivator - ok
14:32:06.0495 2088 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:32:06.0495 2088 NetPipeActivator - ok
14:32:06.0542 2088 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:32:06.0558 2088 netprofm - ok
14:32:06.0573 2088 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:32:06.0573 2088 NetTcpActivator - ok
14:32:06.0573 2088 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:32:06.0573 2088 NetTcpPortSharing - ok
14:32:06.0620 2088 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:32:06.0620 2088 nfrd960 - ok
14:32:06.0651 2088 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:32:06.0651 2088 NisDrv - ok
14:32:06.0698 2088 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
14:32:06.0698 2088 NisSrv - ok
14:32:06.0760 2088 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:32:06.0760 2088 NlaSvc - ok
14:32:06.0792 2088 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:32:06.0792 2088 Npfs - ok
14:32:06.0823 2088 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:32:06.0823 2088 nsi - ok
14:32:06.0823 2088 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:32:06.0823 2088 nsiproxy - ok
14:32:06.0916 2088 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:32:06.0932 2088 Ntfs - ok
14:32:06.0963 2088 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:32:06.0963 2088 Null - ok
14:32:07.0010 2088 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:32:07.0010 2088 nvraid - ok
14:32:07.0010 2088 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:32:07.0010 2088 nvstor - ok
14:32:07.0041 2088 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:32:07.0041 2088 nv_agp - ok
14:32:07.0135 2088 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:32:07.0150 2088 odserv - ok
14:32:07.0166 2088 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:32:07.0166 2088 ohci1394 - ok
14:32:07.0197 2088 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:32:07.0213 2088 ose - ok
14:32:07.0260 2088 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:32:07.0275 2088 p2pimsvc - ok
14:32:07.0291 2088 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:32:07.0306 2088 p2psvc - ok
14:32:07.0322 2088 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:32:07.0338 2088 Parport - ok
14:32:07.0369 2088 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:32:07.0369 2088 partmgr - ok
14:32:07.0400 2088 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:32:07.0400 2088 PcaSvc - ok
14:32:07.0431 2088 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:32:07.0431 2088 pci - ok
14:32:07.0447 2088 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:32:07.0462 2088 pciide - ok
14:32:07.0478 2088 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:32:07.0478 2088 pcmcia - ok
14:32:07.0494 2088 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:32:07.0494 2088 pcw - ok
14:32:07.0525 2088 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:32:07.0525 2088 PEAUTH - ok
14:32:07.0603 2088 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:32:07.0603 2088 PerfHost - ok
14:32:07.0681 2088 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:32:07.0712 2088 pla - ok
14:32:07.0759 2088 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:32:07.0759 2088 PlugPlay - ok
14:32:07.0774 2088 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:32:07.0774 2088 PNRPAutoReg - ok
14:32:07.0790 2088 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:32:07.0790 2088 PNRPsvc - ok
14:32:07.0821 2088 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:32:07.0821 2088 PolicyAgent - ok
14:32:07.0852 2088 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:32:07.0852 2088 Power - ok
14:32:07.0899 2088 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:32:07.0899 2088 PptpMiniport - ok
14:32:07.0915 2088 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:32:07.0915 2088 Processor - ok
14:32:07.0946 2088 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:32:07.0946 2088 ProfSvc - ok
14:32:07.0962 2088 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:32:07.0962 2088 ProtectedStorage - ok
14:32:07.0993 2088 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:32:07.0993 2088 Psched - ok
14:32:08.0040 2088 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:32:08.0055 2088 ql2300 - ok
14:32:08.0086 2088 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:32:08.0086 2088 ql40xx - ok
14:32:08.0118 2088 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:32:08.0118 2088 QWAVE - ok
14:32:08.0133 2088 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:32:08.0133 2088 QWAVEdrv - ok
14:32:08.0149 2088 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:32:08.0149 2088 RasAcd - ok
14:32:08.0180 2088 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:32:08.0180 2088 RasAgileVpn - ok
14:32:08.0211 2088 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:32:08.0211 2088 RasAuto - ok
14:32:08.0242 2088 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:32:08.0242 2088 Rasl2tp - ok
14:32:08.0258 2088 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:32:08.0258 2088 RasMan - ok
14:32:08.0274 2088 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:32:08.0274 2088 RasPppoe - ok
14:32:08.0274 2088 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:32:08.0274 2088 RasSstp - ok
14:32:08.0305 2088 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:32:08.0305 2088 rdbss - ok
14:32:08.0320 2088 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:32:08.0320 2088 rdpbus - ok
14:32:08.0352 2088 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:32:08.0352 2088 RDPCDD - ok
14:32:08.0367 2088 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:32:08.0367 2088 RDPENCDD - ok
14:32:08.0398 2088 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:32:08.0398 2088 RDPREFMP - ok
14:32:08.0414 2088 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:32:08.0414 2088 RDPWD - ok
14:32:08.0445 2088 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:32:08.0445 2088 rdyboost - ok
14:32:08.0476 2088 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:32:08.0476 2088 RemoteAccess - ok
14:32:08.0508 2088 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:32:08.0508 2088 RemoteRegistry - ok
14:32:08.0539 2088 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:32:08.0554 2088 RFCOMM - ok
14:32:08.0570 2088 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:32:08.0570 2088 RpcEptMapper - ok
14:32:08.0601 2088 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:32:08.0601 2088 RpcLocator - ok
14:32:08.0632 2088 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
14:32:08.0632 2088 RpcSs - ok
14:32:08.0664 2088 [ 7D9A999CCBB82020321BCCFEB9BB3C91 ] RSBASTOR C:\Windows\system32\DRIVERS\RtsBaStor.sys
14:32:08.0664 2088 RSBASTOR - ok
14:32:08.0710 2088 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:32:08.0710 2088 rspndr - ok
14:32:08.0742 2088 [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:32:08.0742 2088 RTL8167 - ok
14:32:08.0773 2088 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:32:08.0773 2088 SamSs - ok
14:32:08.0788 2088 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:32:08.0788 2088 sbp2port - ok
14:32:08.0804 2088 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:32:08.0820 2088 SCardSvr - ok
14:32:08.0851 2088 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:32:08.0851 2088 scfilter - ok
14:32:08.0898 2088 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:32:08.0913 2088 Schedule - ok
14:32:08.0929 2088 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:32:08.0929 2088 SCPolicySvc - ok
14:32:08.0960 2088 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:32:08.0960 2088 SDRSVC - ok
14:32:08.0976 2088 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:32:08.0991 2088 secdrv - ok
14:32:09.0007 2088 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:32:09.0007 2088 seclogon - ok
14:32:09.0022 2088 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:32:09.0022 2088 SENS - ok
14:32:09.0054 2088 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:32:09.0054 2088 SensrSvc - ok
14:32:09.0085 2088 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
14:32:09.0085 2088 Serenum - ok
14:32:09.0116 2088 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
14:32:09.0132 2088 Serial - ok
14:32:09.0147 2088 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:32:09.0147 2088 sermouse - ok
14:32:09.0178 2088 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:32:09.0194 2088 SessionEnv - ok
14:32:09.0194 2088 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:32:09.0194 2088 sffdisk - ok
14:32:09.0194 2088 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:32:09.0210 2088 sffp_mmc - ok
14:32:09.0225 2088 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:32:09.0225 2088 sffp_sd - ok
14:32:09.0225 2088 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:32:09.0225 2088 sfloppy - ok
14:32:09.0256 2088 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:32:09.0256 2088 SharedAccess - ok
14:32:09.0288 2088 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:32:09.0288 2088 ShellHWDetection - ok
14:32:09.0334 2088 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
14:32:09.0334 2088 SiSGbeLH - ok
14:32:09.0350 2088 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:32:09.0350 2088 SiSRaid2 - ok
14:32:09.0366 2088 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:32:09.0366 2088 SiSRaid4 - ok
14:32:09.0366 2088 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:32:09.0366 2088 Smb - ok
14:32:09.0412 2088 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:32:09.0412 2088 SNMPTRAP - ok
14:32:09.0428 2088 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:32:09.0428 2088 spldr - ok
14:32:09.0459 2088 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:32:09.0459 2088 Spooler - ok
14:32:09.0553 2088 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:32:09.0646 2088 sppsvc - ok
14:32:09.0662 2088 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:32:09.0662 2088 sppuinotify - ok
14:32:09.0693 2088 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:32:09.0709 2088 srv - ok
14:32:09.0709 2088 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:32:09.0709 2088 srv2 - ok
14:32:09.0724 2088 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:32:09.0724 2088 srvnet - ok
14:32:09.0756 2088 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:32:09.0756 2088 SSDPSRV - ok
14:32:09.0756 2088 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:32:09.0771 2088 SstpSvc - ok
14:32:09.0787 2088 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:32:09.0787 2088 stexstor - ok
14:32:09.0834 2088 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:32:09.0834 2088 stisvc - ok
14:32:09.0865 2088 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:32:09.0865 2088 swenum - ok
14:32:09.0896 2088 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:32:09.0912 2088 swprv - ok
14:32:09.0974 2088 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:32:09.0990 2088 SysMain - ok
14:32:09.0990 2088 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:32:10.0005 2088 TabletInputService - ok
14:32:10.0005 2088 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:32:10.0021 2088 TapiSrv - ok
14:32:10.0021 2088 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:32:10.0021 2088 TBS - ok
14:32:10.0083 2088 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:32:10.0099 2088 Tcpip - ok
14:32:10.0161 2088 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:32:10.0177 2088 TCPIP6 - ok
14:32:10.0192 2088 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:32:10.0208 2088 tcpipreg - ok
14:32:10.0224 2088 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:32:10.0224 2088 TDPIPE - ok
14:32:10.0239 2088 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:32:10.0239 2088 TDTCP - ok
14:32:10.0270 2088 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:32:10.0270 2088 tdx - ok
14:32:10.0286 2088 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:32:10.0286 2088 TermDD - ok
14:32:10.0317 2088 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:32:10.0317 2088 TermService - ok
14:32:10.0333 2088 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:32:10.0333 2088 Themes - ok
14:32:10.0333 2088 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:32:10.0348 2088 THREADORDER - ok
14:32:10.0364 2088 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
14:32:10.0380 2088 TPM - ok
14:32:10.0411 2088 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:32:10.0411 2088 TrkWks - ok
14:32:10.0458 2088 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:32:10.0458 2088 TrustedInstaller - ok
14:32:10.0473 2088 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:32:10.0473 2088 tssecsrv - ok
14:32:10.0520 2088 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:32:10.0520 2088 TsUsbFlt - ok
14:32:10.0520 2088 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:32:10.0520 2088 TsUsbGD - ok
14:32:10.0551 2088 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:32:10.0551 2088 tunnel - ok
14:32:10.0567 2088 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:32:10.0567 2088 uagp35 - ok
14:32:10.0598 2088 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:32:10.0598 2088 udfs - ok
14:32:10.0645 2088 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:32:10.0645 2088 UI0Detect - ok
14:32:10.0692 2088 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:32:10.0692 2088 uliagpkx - ok
14:32:10.0723 2088 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:32:10.0723 2088 umbus - ok
14:32:10.0754 2088 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:32:10.0754 2088 UmPass - ok
14:32:10.0832 2088 [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:32:10.0832 2088 UNS - ok
14:32:10.0863 2088 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:32:10.0863 2088 upnphost - ok
14:32:10.0894 2088 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:32:10.0894 2088 usbccgp - ok
14:32:10.0910 2088 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:32:10.0910 2088 usbcir - ok
14:32:10.0926 2088 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:32:10.0926 2088 usbehci - ok
14:32:10.0957 2088 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:32:10.0957 2088 usbhub - ok
14:32:10.0972 2088 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:32:10.0972 2088 usbohci - ok
14:32:10.0988 2088 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:32:10.0988 2088 usbprint - ok
14:32:11.0004 2088 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:32:11.0004 2088 USBSTOR - ok
14:32:11.0004 2088 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:32:11.0004 2088 usbuhci - ok
14:32:11.0050 2088 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:32:11.0050 2088 usbvideo - ok
14:32:11.0082 2088 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:32:11.0082 2088 UxSms - ok
14:32:11.0097 2088 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:32:11.0097 2088 VaultSvc - ok
14:32:11.0128 2088 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:32:11.0128 2088 vdrvroot - ok
14:32:11.0144 2088 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:32:11.0160 2088 vds - ok
14:32:11.0191 2088 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:32:11.0191 2088 vga - ok
14:32:11.0206 2088 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:32:11.0206 2088 VgaSave - ok
14:32:11.0222 2088 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:32:11.0222 2088 vhdmp - ok
14:32:11.0238 2088 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:32:11.0238 2088 viaide - ok
14:32:11.0269 2088 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:32:11.0269 2088 volmgr - ok
14:32:11.0300 2088 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:32:11.0300 2088 volmgrx - ok
14:32:11.0316 2088 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:32:11.0316 2088 volsnap - ok
14:32:11.0362 2088 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:32:11.0362 2088 vsmraid - ok
14:32:11.0425 2088 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:32:11.0440 2088 VSS - ok
14:32:11.0456 2088 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:32:11.0456 2088 vwifibus - ok
14:32:11.0472 2088 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:32:11.0472 2088 vwififlt - ok
14:32:11.0534 2088 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:32:11.0534 2088 W32Time - ok
14:32:11.0550 2088 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:32:11.0550 2088 WacomPen - ok
14:32:11.0596 2088 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:32:11.0596 2088 WANARP - ok
14:32:11.0612 2088 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:32:11.0612 2088 Wanarpv6 - ok
14:32:11.0674 2088 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:32:11.0690 2088 WatAdminSvc - ok
14:32:11.0752 2088 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:32:11.0768 2088 wbengine - ok
14:32:11.0784 2088 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:32:11.0799 2088 WbioSrvc - ok
14:32:11.0846 2088 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:32:11.0846 2088 wcncsvc - ok
14:32:11.0846 2088 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:32:11.0862 2088 WcsPlugInService - ok
14:32:11.0877 2088 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:32:11.0877 2088 Wd - ok
14:32:11.0908 2088 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:32:11.0924 2088 Wdf01000 - ok
14:32:11.0940 2088 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:32:11.0940 2088 WdiServiceHost - ok
14:32:11.0940 2088 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:32:11.0940 2088 WdiSystemHost - ok
14:32:11.0971 2088 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:32:11.0971 2088 WebClient - ok
14:32:11.0986 2088 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:32:11.0986 2088 Wecsvc - ok
14:32:11.0986 2088 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:32:11.0986 2088 wercplsupport - ok
14:32:12.0033 2088 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:32:12.0049 2088 WerSvc - ok
14:32:12.0080 2088 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:32:12.0080 2088 WfpLwf - ok
14:32:12.0111 2088 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
14:32:12.0111 2088 WimFltr - ok
14:32:12.0158 2088 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:32:12.0158 2088 WIMMount - ok
14:32:12.0174 2088 WinDefend - ok
14:32:12.0189 2088 WinHttpAutoProxySvc - ok
14:32:12.0220 2088 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:32:12.0220 2088 Winmgmt - ok
14:32:12.0298 2088 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:32:12.0314 2088 WinRM - ok
14:32:12.0345 2088 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
14:32:12.0345 2088 WinUsb - ok
14:32:12.0392 2088 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:32:12.0408 2088 Wlansvc - ok
14:32:12.0454 2088 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:32:12.0454 2088 wlcrasvc - ok
14:32:12.0579 2088 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:32:12.0610 2088 wlidsvc - ok
14:32:12.0642 2088 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:32:12.0642 2088 WmiAcpi - ok
14:32:12.0657 2088 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:32:12.0673 2088 wmiApSrv - ok
14:32:12.0704 2088 WMPNetworkSvc - ok
14:32:12.0720 2088 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:32:12.0735 2088 WPCSvc - ok
14:32:12.0735 2088 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:32:12.0735 2088 WPDBusEnum - ok
14:32:12.0766 2088 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:32:12.0766 2088 ws2ifsl - ok
14:32:12.0782 2088 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
14:32:12.0782 2088 wscsvc - ok
14:32:12.0782 2088 WSearch - ok
14:32:12.0860 2088 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:32:12.0891 2088 wuauserv - ok
14:32:12.0907 2088 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:32:12.0907 2088 WudfPf - ok
14:32:12.0922 2088 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:32:12.0922 2088 WUDFRd - ok
14:32:12.0938 2088 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:32:12.0938 2088 wudfsvc - ok
14:32:12.0969 2088 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:32:12.0969 2088 WwanSvc - ok
14:32:12.0985 2088 ================ Scan global ===============================
14:32:13.0000 2088 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:32:13.0032 2088 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
14:32:13.0032 2088 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
14:32:13.0063 2088 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:32:13.0094 2088 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:32:13.0094 2088 [Global] - ok
14:32:13.0094 2088 ================ Scan MBR ==================================
14:32:13.0094 2088 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:32:13.0110 2088 \Device\Harddisk0\DR0 - ok
14:32:13.0110 2088 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR5
14:32:14.0654 2088 \Device\Harddisk1\DR5 - ok
14:32:14.0654 2088 ================ Scan VBR ==================================
14:32:14.0670 2088 [ 0EC50756AC849A05CBA08A8E4996DBE7 ] \Device\Harddisk0\DR0\Partition1
14:32:14.0670 2088 \Device\Harddisk0\DR0\Partition1 - ok
14:32:14.0685 2088 [ 78210174E40617E6F8BFBF4041B6E54B ] \Device\Harddisk0\DR0\Partition2
14:32:14.0685 2088 \Device\Harddisk0\DR0\Partition2 - ok
14:32:14.0701 2088 [ EF2EC3886DC61F296F04EB6991949A27 ] \Device\Harddisk0\DR0\Partition3
14:32:14.0701 2088 \Device\Harddisk0\DR0\Partition3 - ok
14:32:14.0716 2088 [ EE8206BA55D99B3CA4429825687ABDE3 ] \Device\Harddisk0\DR0\Partition4
14:32:14.0716 2088 \Device\Harddisk0\DR0\Partition4 - ok
14:32:14.0748 2088 [ 1809896BCE2D188E7306DF6AE5D8C321 ] \Device\Harddisk0\DR0\Partition5
14:32:14.0748 2088 \Device\Harddisk0\DR0\Partition5 - ok
14:32:14.0748 2088 [ 8BBA7B77AAD34CB2A1137A300598AD2F ] \Device\Harddisk1\DR5\Partition1
14:32:14.0763 2088 \Device\Harddisk1\DR5\Partition1 - ok
14:32:14.0763 2088 ============================================================
14:32:14.0763 2088 Scan finished
14:32:14.0763 2088 ============================================================
14:32:14.0763 2492 Detected object count: 0
14:32:14.0763 2492 Actual detected object count: 0
  • 0

Advertisements

#17
s0nginmyheart
Posted 15 January 2013 - 02:36 PM

s0nginmyheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 151 posts

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.


Hi, when I hit on the I.E. icons, I get this message:
"C:\Program Files (x86)\Internet Explorer\iexplore.exe
Illegal operation attempted on a registry key that has been marked for deletion."

and... I get the same message trying to open Google Chrome.

Please advise? Thanks again in advance!

Edited by s0nginmyheart, 15 January 2013 - 02:37 PM.

  • 0

#18
RKinner
Posted 15 January 2013 - 02:49 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Happens after combofix sometimes. Just reboot and the error should go away.
  • 0

#19
s0nginmyheart
Posted 15 January 2013 - 04:04 PM

s0nginmyheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 151 posts
ESET SCAN:

C:\Qoobox\Quarantine\C\Windows\chmadsql\ipxidpop.dll.vir a variant of Win32/Urlbot.NAO trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\chmadsql\tabudker.exe.vir a variant of Win32/Urlbot.NAT trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\chmadsql\vocukcat.dll.vir a variant of Win32/Urlbot.NAS trojan cleaned by deleting - quarantined
  • 0

#20
s0nginmyheart
Posted 15 January 2013 - 04:22 PM

s0nginmyheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 151 posts

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator. Then type (with an Enter after each line).

sfc  /scannow
Does this finish without complaining?


Windows Resource Protection did not find any integrity violations.
  • 0

#21
s0nginmyheart
Posted 15 January 2013 - 04:25 PM

s0nginmyheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 151 posts

1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

Ron


Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 15/01/2013 4:24:22 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/01/2013 10:23:13 PM
Type: Error Category: 0
Event: 11 Source: Disk
The driver detected a controller error on \Device\Harddisk1\DR1.

Log: 'System' Date/Time: 15/01/2013 10:23:12 PM
Type: Error Category: 0
Event: 11 Source: Disk
The driver detected a controller error on \Device\Harddisk1\DR1.

Log: 'System' Date/Time: 15/01/2013 10:23:11 PM
Type: Error Category: 0
Event: 11 Source: Disk
The driver detected a controller error on \Device\Harddisk1\DR1.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 15/01/2013 10:23:13 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_LEXAR&PROD_JUMPDRIVE&REV_1100#AAVQKROQMVIRPNHG&0#.

Log: 'System' Date/Time: 15/01/2013 10:07:21 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 15/01/2013 10:07:20 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll
  • 0

#22
RKinner
Posted 15 January 2013 - 04:37 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Looks good. ESET only found stuff we had already removed with Combofix. The only error is probably a USB drive that is either not connected or is defective. I think we got rid of the keylogger and there is no sign of anything else evil. If it's running OK and there are no other problems I think we are done and can cleanup now:

Copy the following:


:Commands
[CLEARALLRESTOREPOINTS]
[Reboot]
Right click on OTL and Run As Administrator. In the Custom Scans/Fixes box at the bottom, paste in the copied text (Ctrl + v) and then hit Run Fix.

That will get the last of the malware off the system.



You can uninstall or delete any tools we had you download and their logs.
To uninstall combofix, copy the next line:

"c:\users\Scott\Downloads\ComboFix.exe" /Uninstall

Start, All Programs, Accessories then right click on Command Prompt and Run As Administrator.
then right click, Paste, then hit Enter.

OTL has a cleanup tab but DO NOT USE IT!. There are reports that it leaves the PC unbootable. Instead just delete OTL.exe and the folder c:\_OTL.

To hide hidden files again:

Vista or Win7

# Open the Control Panel menu and click Folder Options.
# After the new window appears select the View tab.
# Remove the check in the checkbox labeled Display the contents of system folders.
# Under the Hidden files and folders section select the radio button labeled Do not Show hidden files and folders.
# Check the checkbox labeled Hide protected operating system files.
# Press the Apply button and then the OK button and exit My Computer.

Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. Exception is MSN messenger which appears to be part of Windows.)
If you get a blocked program notice after installing updatechecker then change it to not run at start then manually run it once a week.
Seems to work best if Firefox is the default browser. You can also try Secunia PSI http://secunia.com/v...l/download_psi/ Same kind of info. You don't need both.
If you use Firefox then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: http://simple-adblock.com/
The free version only blocks 200 ads a day so another reason to use Firefox or Chrome.

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . You can run it any time that Firefox seems slow.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.


If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Special note on Java. Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
http://www.java.com/...lugin_cache.xml
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 9 or better. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE. Get the latest version from Java.com. They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download. Just uncheck the garbage before the download (or install) starts. If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it. IF that is the case then you should install No-Script (Firefox) or Script-No add-ons (Chrome) and only use Firefox or Chrome to visit the site. You will need to tell No-Script/Script-No that the site is allowed to run Java.

Make sure Windows Updates is turned and that it works. Go to Control panel, Windows Updates and see if it works. http://support.microsoft.com/kb/294871

If you are feeling especially paranoid you can install the free firewall called Online Armor:
http://www.online-armor.com/


My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's a local environmental organization that I volunteer with: http://www.kwiaht.org/donate.htm
(The name means something like "clean place" in one of the local native-American dialects)

Ron
  • 0

#23
s0nginmyheart
Posted 15 January 2013 - 05:07 PM

s0nginmyheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 151 posts
Thank you so much! I appreciate your patience, time and assistance. I am sure my friend will be happy to hear his laptop is now clear of ex-wife problems, ha!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP