Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with remote administarion trojan + botnet


  • This topic is locked This topic is locked
3 replies to this topic

#1 Zazzec

Zazzec

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 07 September 2012 - 10:34 AM

Hey im writing you about this im infected with RAT + botnet ...
The problem is that those nastyes remain even after reinstall of Windows.
Seconds after any fresh install of Windows the control on my pc is taken.
I tryed many things which i readed in google,but does not helped me.
I have scanned with few av's,who offcource dont found anything,except bootmgr.exe from MBAM as Trojan agent.
I suspect that may be mbr/tdl4 infection .... dunno.
Hope anyone here can analyze MBR logs,so i will can know from where to start.
Thanks.

Edited by Zazzec, 07 September 2012 - 10:38 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:56 AM

Posted 07 September 2012 - 11:38 AM

Hello and welcome ,lets see what these logs reveal.

Run RKill....


Download and Run RKill
  • Please download RKill by Grinler from one of the 4 links below and save it to your desktop.

    Link 1
    Link 2
    Link 3
    Link 4

  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • If nothing happens or if the tool does not run, please let me know in your next reply

Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.


If you continue having problems running rkill.com, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.




Next I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Zazzec

Zazzec
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:09:56 AM

Posted 08 September 2012 - 04:57 AM

Hey boopme,thanks for your fast reply.

Rkill 2.3.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/07/2012 08:33:57 PM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\MOB\Desktop\rkill\rkill-09-07-2012-08-34-00.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity: 

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

 * Security Center (wscsvc) is not Running.
   Startup Type set to: System

Searching for Missing Digital Signatures: 

 * No issues found.

Program finished at: 09/07/2012 08:34:10 PM
Execution time: 0 hours(s), 0 minute(s), and 12 seconds(s)



20:40:01.0336 5080  TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
20:40:03.0337 5080  ============================================================
20:40:03.0337 5080  Current date / time: 2012/09/07 20:40:03.0337
20:40:03.0337 5080  SystemInfo:
20:40:03.0337 5080  
20:40:03.0338 5080  OS Version: 6.1.7601 ServicePack: 1.0
20:40:03.0338 5080  Product type: Workstation
20:40:03.0338 5080  ComputerName: MOB-PC
20:40:03.0338 5080  UserName: MOB
20:40:03.0338 5080  Windows directory: C:\Windows
20:40:03.0338 5080  System windows directory: C:\Windows
20:40:03.0338 5080  Running under WOW64
20:40:03.0338 5080  Processor architecture: Intel x64
20:40:03.0338 5080  Number of processors: 4
20:40:03.0338 5080  Page size: 0x1000
20:40:03.0338 5080  Boot type: Normal boot
20:40:03.0338 5080  ============================================================
20:40:03.0918 5080  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:40:03.0931 5080  ============================================================
20:40:03.0931 5080  \Device\Harddisk0\DR0:
20:40:03.0947 5080  MBR partitions:
20:40:03.0947 5080  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2711637
20:40:03.0976 5080  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x1030354B
20:40:03.0976 5080  ============================================================
20:40:04.0046 5080  C: <-> \Device\Harddisk0\DR0\Partition1
20:40:04.0074 5080  D: <-> \Device\Harddisk0\DR0\Partition2
20:40:04.0074 5080  ============================================================
20:40:04.0075 5080  Initialize success
20:40:04.0075 5080  ============================================================
20:41:13.0995 3228  ============================================================
20:41:13.0995 3228  Scan started
20:41:13.0995 3228  Mode: Manual; TDLFS; 
20:41:13.0995 3228  ============================================================
20:41:14.0811 3228  ================ Scan system memory ========================
20:41:14.0811 3228  System memory - ok
20:41:14.0813 3228  ================ Scan services =============================
20:41:14.0975 3228  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
20:41:14.0981 3228  1394ohci - ok
20:41:15.0007 3228  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:41:15.0009 3228  ACPI - ok
20:41:15.0020 3228  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:41:15.0021 3228  AcpiPmi - ok
20:41:15.0105 3228  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:41:15.0107 3228  AdobeARMservice - ok
20:41:15.0221 3228  [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:41:15.0223 3228  AdobeFlashPlayerUpdateSvc - ok
20:41:15.0261 3228  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:41:15.0269 3228  adp94xx - ok
20:41:15.0309 3228  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:41:15.0315 3228  adpahci - ok
20:41:15.0354 3228  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:41:15.0358 3228  adpu320 - ok
20:41:15.0396 3228  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:41:15.0399 3228  AeLookupSvc - ok
20:41:15.0438 3228  [ D31DC7A16DEA4A9BAF179F3D6FBDB38C ] AFD             C:\Windows\system32\drivers\afd.sys
20:41:15.0442 3228  AFD - ok
20:41:15.0465 3228  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:41:15.0466 3228  agp440 - ok
20:41:15.0472 3228  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
20:41:15.0473 3228  ALG - ok
20:41:15.0488 3228  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:41:15.0489 3228  aliide - ok
20:41:15.0494 3228  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
20:41:15.0495 3228  amdide - ok
20:41:15.0513 3228  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:41:15.0515 3228  AmdK8 - ok
20:41:15.0545 3228  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:41:15.0546 3228  AmdPPM - ok
20:41:15.0571 3228  [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:41:15.0574 3228  amdsata - ok
20:41:15.0593 3228  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:41:15.0596 3228  amdsbs - ok
20:41:15.0616 3228  [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:41:15.0618 3228  amdxata - ok
20:41:15.0688 3228  [ B089C306D4DF73A28CEF5240D0142CB3 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
20:41:15.0698 3228  AntiVirMailService - ok
20:41:15.0723 3228  [ 45879699881C9FD3FB53BDE187163661 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:41:15.0725 3228  AntiVirSchedulerService - ok
20:41:15.0774 3228  [ EC5CBEDD47BAE12E7D369C3B5B857964 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:41:15.0776 3228  AntiVirService - ok
20:41:15.0794 3228  [ F7C781C4C098FC3F8E2E4DFB48EE019D ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:41:15.0801 3228  AntiVirWebService - ok
20:41:15.0833 3228  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
20:41:15.0835 3228  AppID - ok
20:41:15.0854 3228  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:41:15.0855 3228  AppIDSvc - ok
20:41:15.0883 3228  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
20:41:15.0885 3228  Appinfo - ok
20:41:15.0929 3228  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
20:41:15.0933 3228  AppMgmt - ok
20:41:15.0960 3228  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
20:41:15.0963 3228  arc - ok
20:41:16.0023 3228  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:41:16.0049 3228  arcsas - ok
20:41:16.0131 3228  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:41:16.0133 3228  AsyncMac - ok
20:41:16.0161 3228  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
20:41:16.0162 3228  atapi - ok
20:41:16.0213 3228  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:41:16.0247 3228  AudioEndpointBuilder - ok
20:41:16.0272 3228  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:41:16.0283 3228  AudioSrv - ok
20:41:16.0305 3228  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:41:16.0307 3228  avgntflt - ok
20:41:16.0342 3228  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:41:16.0345 3228  avipbb - ok
20:41:16.0359 3228  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:41:16.0360 3228  avkmgr - ok
20:41:16.0384 3228  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:41:16.0387 3228  AxInstSV - ok
20:41:16.0425 3228  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:41:16.0433 3228  b06bdrv - ok
20:41:16.0461 3228  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:41:16.0466 3228  b57nd60a - ok
20:41:16.0486 3228  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:41:16.0488 3228  BDESVC - ok
20:41:16.0502 3228  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:41:16.0502 3228  Beep - ok
20:41:16.0550 3228  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
20:41:16.0562 3228  BFE - ok
20:41:16.0602 3228  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
20:41:16.0618 3228  BITS - ok
20:41:16.0655 3228  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:41:16.0657 3228  blbdrive - ok
20:41:16.0663 3228  [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:41:16.0665 3228  bowser - ok
20:41:16.0683 3228  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:41:16.0684 3228  BrFiltLo - ok
20:41:16.0699 3228  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:41:16.0700 3228  BrFiltUp - ok
20:41:16.0730 3228  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\Windows\System32\browser.dll
20:41:16.0731 3228  Browser - ok
20:41:16.0749 3228  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:41:16.0754 3228  Brserid - ok
20:41:16.0775 3228  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:41:16.0777 3228  BrSerWdm - ok
20:41:16.0782 3228  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:41:16.0784 3228  BrUsbMdm - ok
20:41:16.0789 3228  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:41:16.0790 3228  BrUsbSer - ok
20:41:16.0803 3228  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:41:16.0805 3228  BTHMODEM - ok
20:41:16.0844 3228  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
20:41:16.0846 3228  bthserv - ok
20:41:16.0866 3228  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:41:16.0867 3228  cdfs - ok
20:41:16.0901 3228  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:41:16.0903 3228  cdrom - ok
20:41:16.0942 3228  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
20:41:16.0944 3228  CertPropSvc - ok
20:41:16.0968 3228  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
20:41:16.0969 3228  circlass - ok
20:41:17.0007 3228  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
20:41:17.0013 3228  CLFS - ok
20:41:17.0095 3228  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:41:17.0097 3228  clr_optimization_v2.0.50727_32 - ok
20:41:17.0144 3228  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:41:17.0147 3228  clr_optimization_v2.0.50727_64 - ok
20:41:17.0176 3228  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
20:41:17.0177 3228  CmBatt - ok
20:41:17.0348 3228  [ CEE48CCC4D561DDB19C72F9FB55D28D5 ] cmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
20:41:17.0410 3228  cmdAgent - ok
20:41:17.0455 3228  [ 0599D5A458D4E0E37AB84E9D1C5C73E5 ] cmdGuard        C:\Windows\system32\DRIVERS\cmdguard.sys
20:41:17.0481 3228  cmdGuard - ok
20:41:17.0524 3228  [ 2D3E08C7106F748F9EFF3DEC14142D3E ] cmdHlp          C:\Windows\system32\DRIVERS\cmdhlp.sys
20:41:17.0525 3228  cmdHlp - ok
20:41:17.0547 3228  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:41:17.0548 3228  cmdide - ok
20:41:17.0593 3228  [ D5FEA92400F12412B3922087C09DA6A5 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:41:17.0628 3228  CNG - ok
20:41:17.0656 3228  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:41:17.0657 3228  Compbatt - ok
20:41:17.0679 3228  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
20:41:17.0681 3228  CompositeBus - ok
20:41:17.0692 3228  COMSysApp - ok
20:41:17.0719 3228  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:41:17.0721 3228  crcdisk - ok
20:41:17.0774 3228  [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:41:17.0776 3228  CryptSvc - ok
20:41:17.0818 3228  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
20:41:17.0852 3228  CSC - ok
20:41:17.0888 3228  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
20:41:17.0899 3228  CscService - ok
20:41:17.0951 3228  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:41:17.0963 3228  DcomLaunch - ok
20:41:18.0008 3228  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
20:41:18.0017 3228  defragsvc - ok
20:41:18.0047 3228  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:41:18.0050 3228  DfsC - ok
20:41:18.0087 3228  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:41:18.0093 3228  Dhcp - ok
20:41:18.0152 3228  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
20:41:18.0153 3228  discache - ok
20:41:18.0190 3228  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
20:41:18.0192 3228  Disk - ok
20:41:18.0222 3228  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
20:41:18.0226 3228  dmvsc - ok
20:41:18.0265 3228  [ CD55F5355D8F55D44C9F4ED875705BD6 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:41:18.0271 3228  Dnscache - ok
20:41:18.0290 3228  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:41:18.0298 3228  dot3svc - ok
20:41:18.0314 3228  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
20:41:18.0317 3228  DPS - ok
20:41:18.0341 3228  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:41:18.0341 3228  drmkaud - ok
20:41:18.0389 3228  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
20:41:18.0394 3228  dtsoftbus01 - ok
20:41:18.0441 3228  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:41:18.0466 3228  DXGKrnl - ok
20:41:18.0489 3228  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
20:41:18.0490 3228  EapHost - ok
20:41:18.0582 3228  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:41:18.0672 3228  ebdrv - ok
20:41:18.0697 3228  [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS             C:\Windows\System32\lsass.exe
20:41:18.0699 3228  EFS - ok
20:41:18.0770 3228  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:41:18.0795 3228  ehRecvr - ok
20:41:18.0814 3228  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
20:41:18.0817 3228  ehSched - ok
20:41:18.0865 3228  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:41:18.0880 3228  elxstor - ok
20:41:18.0900 3228  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:41:18.0902 3228  ErrDev - ok
20:41:18.0952 3228  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
20:41:18.0955 3228  EventSystem - ok
20:41:18.0974 3228  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
20:41:18.0978 3228  exfat - ok
20:41:19.0001 3228  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:41:19.0003 3228  fastfat - ok
20:41:19.0046 3228  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
20:41:19.0063 3228  Fax - ok
20:41:19.0077 3228  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:41:19.0078 3228  fdc - ok
20:41:19.0094 3228  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
20:41:19.0096 3228  fdPHost - ok
20:41:19.0104 3228  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:41:19.0105 3228  FDResPub - ok
20:41:19.0119 3228  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:41:19.0121 3228  FileInfo - ok
20:41:19.0137 3228  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:41:19.0138 3228  Filetrace - ok
20:41:19.0143 3228  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:41:19.0144 3228  flpydisk - ok
20:41:19.0172 3228  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:41:19.0175 3228  FltMgr - ok
20:41:19.0212 3228  [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache       C:\Windows\system32\FntCache.dll
20:41:19.0239 3228  FontCache - ok
20:41:19.0295 3228  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:41:19.0295 3228  FontCache3.0.0.0 - ok
20:41:19.0323 3228  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:41:19.0325 3228  FsDepends - ok
20:41:19.0330 3228  [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:41:19.0331 3228  Fs_Rec - ok
20:41:19.0348 3228  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:41:19.0353 3228  fvevol - ok
20:41:19.0372 3228  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:41:19.0374 3228  gagp30kx - ok
20:41:19.0415 3228  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
20:41:19.0441 3228  gpsvc - ok
20:41:19.0454 3228  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:41:19.0455 3228  hcw85cir - ok
20:41:19.0487 3228  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:41:19.0493 3228  HdAudAddService - ok
20:41:19.0507 3228  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:41:19.0509 3228  HDAudBus - ok
20:41:19.0521 3228  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:41:19.0522 3228  HidBatt - ok
20:41:19.0531 3228  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:41:19.0534 3228  HidBth - ok
20:41:19.0538 3228  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:41:19.0539 3228  HidIr - ok
20:41:19.0558 3228  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
20:41:19.0559 3228  hidserv - ok
20:41:19.0572 3228  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
20:41:19.0573 3228  HidUsb - ok
20:41:19.0601 3228  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:41:19.0604 3228  hkmsvc - ok
20:41:19.0616 3228  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:41:19.0620 3228  HomeGroupListener - ok
20:41:19.0644 3228  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:41:19.0648 3228  HomeGroupProvider - ok
20:41:19.0668 3228  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:41:19.0669 3228  HpSAMD - ok
20:41:19.0784 3228  [ BEF7D9760E0B00973E0F7EFCE68875C1 ] hshld           C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
20:41:19.0797 3228  hshld - ok
20:41:19.0844 3228  [ BBC89DA4065BDCE34257BE95B2F636EE ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
20:41:19.0847 3228  HssDRV6 - ok
20:41:19.0914 3228  [ 01947D3CBAFCFEF066E1EB45DADC182D ] HssSrv          C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
20:41:19.0924 3228  HssSrv - ok
20:41:19.0952 3228  [ 5527CF1FF457E819112EAC7DC0AA69CB ] HssTrayService  C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
20:41:19.0954 3228  HssTrayService - ok
20:41:19.0976 3228  [ F4C1B3C4847BBA031ACFDCE5A3F0CFCB ] HssWd           C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
20:41:19.0982 3228  HssWd - ok
20:41:20.0019 3228  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:41:20.0025 3228  HTTP - ok
20:41:20.0051 3228  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:41:20.0052 3228  hwpolicy - ok
20:41:20.0059 3228  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:41:20.0060 3228  i8042prt - ok
20:41:20.0095 3228  [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:41:20.0102 3228  iaStorV - ok
20:41:20.0159 3228  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:41:20.0184 3228  idsvc - ok
20:41:20.0204 3228  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:41:20.0206 3228  iirsp - ok
20:41:20.0245 3228  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
20:41:20.0270 3228  IKEEXT - ok
20:41:20.0334 3228  [ EFFF0AFD27CC97BF0E5E0BAB78419DE7 ] inspect         C:\Windows\system32\DRIVERS\inspect.sys
20:41:20.0336 3228  inspect - ok
20:41:20.0359 3228  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
20:41:20.0360 3228  intelide - ok
20:41:20.0379 3228  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
20:41:20.0380 3228  intelppm - ok
20:41:20.0395 3228  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:41:20.0398 3228  IPBusEnum - ok
20:41:20.0403 3228  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:41:20.0404 3228  IpFilterDriver - ok
20:41:20.0427 3228  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:41:20.0436 3228  iphlpsvc - ok
20:41:20.0443 3228  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:41:20.0445 3228  IPMIDRV - ok
20:41:20.0451 3228  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:41:20.0453 3228  IPNAT - ok
20:41:20.0482 3228  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:41:20.0483 3228  IRENUM - ok
20:41:20.0495 3228  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:41:20.0496 3228  isapnp - ok
20:41:20.0523 3228  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:41:20.0528 3228  iScsiPrt - ok
20:41:20.0542 3228  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:41:20.0543 3228  kbdclass - ok
20:41:20.0566 3228  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:41:20.0568 3228  kbdhid - ok
20:41:20.0580 3228  [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso          C:\Windows\system32\lsass.exe
20:41:20.0581 3228  KeyIso - ok
20:41:20.0626 3228  [ E3CF421210EBDDACB4590AE67A0226DC ] KeyScrambler    C:\Windows\system32\drivers\keyscrambler.sys
20:41:20.0630 3228  KeyScrambler - ok
20:41:20.0646 3228  [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:41:20.0647 3228  KSecDD - ok
20:41:20.0655 3228  [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:41:20.0658 3228  KSecPkg - ok
20:41:20.0663 3228  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:41:20.0665 3228  ksthunk - ok
20:41:20.0694 3228  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:41:20.0700 3228  KtmRm - ok
20:41:20.0724 3228  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:41:20.0729 3228  LanmanServer - ok
20:41:20.0765 3228  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:41:20.0782 3228  LanmanWorkstation - ok
20:41:20.0825 3228  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:41:20.0828 3228  lltdio - ok
20:41:20.0862 3228  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:41:20.0880 3228  lltdsvc - ok
20:41:20.0896 3228  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:41:20.0900 3228  lmhosts - ok
20:41:20.0940 3228  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:41:20.0943 3228  LSI_FC - ok
20:41:20.0959 3228  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:41:20.0961 3228  LSI_SAS - ok
20:41:20.0982 3228  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:41:20.0984 3228  LSI_SAS2 - ok
20:41:21.0003 3228  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:41:21.0005 3228  LSI_SCSI - ok
20:41:21.0032 3228  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:41:21.0035 3228  luafv - ok
20:41:21.0073 3228  [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
20:41:21.0074 3228  MBAMProtector - ok
20:41:21.0127 3228  [ 43683E970F008C93C9429EF428147A54 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:41:21.0143 3228  MBAMService - ok
20:41:21.0182 3228  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:41:21.0185 3228  Mcx2Svc - ok
20:41:21.0214 3228  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:41:21.0216 3228  megasas - ok
20:41:21.0246 3228  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:41:21.0251 3228  MegaSR - ok
20:41:21.0321 3228  Microsoft SharePoint Workspace Audit Service - ok
20:41:21.0361 3228  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
20:41:21.0366 3228  MMCSS - ok
20:41:21.0388 3228  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
20:41:21.0389 3228  Modem - ok
20:41:21.0412 3228  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:41:21.0414 3228  monitor - ok
20:41:21.0433 3228  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:41:21.0434 3228  mouclass - ok
20:41:21.0448 3228  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
20:41:21.0448 3228  mouhid - ok
20:41:21.0454 3228  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:41:21.0455 3228  mountmgr - ok
20:41:21.0473 3228  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:41:21.0475 3228  mpio - ok
20:41:21.0500 3228  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:41:21.0502 3228  mpsdrv - ok
20:41:21.0538 3228  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:41:21.0573 3228  MpsSvc - ok
20:41:21.0596 3228  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:41:21.0599 3228  MRxDAV - ok
20:41:21.0608 3228  [ FAF015B07E3A2874A790A39B7D2C579F ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:41:21.0610 3228  mrxsmb - ok
20:41:21.0619 3228  [ 08E2345DF129082BCDFFDC1440F9C00D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:41:21.0625 3228  mrxsmb10 - ok
20:41:21.0642 3228  [ 108D87409C5812EF47D81E22843E8C9D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:41:21.0644 3228  mrxsmb20 - ok
20:41:21.0663 3228  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:41:21.0664 3228  msahci - ok
20:41:21.0675 3228  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:41:21.0677 3228  msdsm - ok
20:41:21.0698 3228  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
20:41:21.0700 3228  MSDTC - ok
20:41:21.0706 3228  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:41:21.0706 3228  Msfs - ok
20:41:21.0727 3228  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:41:21.0728 3228  mshidkmdf - ok
20:41:21.0746 3228  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:41:21.0747 3228  msisadrv - ok
20:41:21.0781 3228  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:41:21.0786 3228  MSiSCSI - ok
20:41:21.0795 3228  msiserver - ok
20:41:21.0827 3228  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:41:21.0828 3228  MSKSSRV - ok
20:41:21.0833 3228  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:41:21.0833 3228  MSPCLOCK - ok
20:41:21.0839 3228  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:41:21.0839 3228  MSPQM - ok
20:41:21.0859 3228  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:41:21.0864 3228  MsRPC - ok
20:41:21.0870 3228  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:41:21.0871 3228  mssmbios - ok
20:41:21.0875 3228  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:41:21.0876 3228  MSTEE - ok
20:41:21.0887 3228  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:41:21.0888 3228  MTConfig - ok
20:41:21.0893 3228  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:41:21.0893 3228  Mup - ok
20:41:21.0932 3228  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
20:41:21.0944 3228  napagent - ok
20:41:21.0987 3228  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:41:21.0992 3228  NativeWifiP - ok
20:41:22.0012 3228  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:41:22.0019 3228  NDIS - ok
20:41:22.0035 3228  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:41:22.0036 3228  NdisCap - ok
20:41:22.0050 3228  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:41:22.0051 3228  NdisTapi - ok
20:41:22.0055 3228  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:41:22.0056 3228  Ndisuio - ok
20:41:22.0062 3228  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:41:22.0063 3228  NdisWan - ok
20:41:22.0068 3228  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:41:22.0069 3228  NDProxy - ok
20:41:22.0073 3228  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:41:22.0074 3228  NetBIOS - ok
20:41:22.0081 3228  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:41:22.0082 3228  NetBT - ok
20:41:22.0097 3228  [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon        C:\Windows\system32\lsass.exe
20:41:22.0098 3228  Netlogon - ok
20:41:22.0139 3228  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
20:41:22.0141 3228  Netman - ok
20:41:22.0154 3228  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
20:41:22.0161 3228  netprofm - ok
20:41:22.0183 3228  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:41:22.0184 3228  NetTcpPortSharing - ok
20:41:22.0198 3228  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:41:22.0199 3228  nfrd960 - ok
20:41:22.0228 3228  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:41:22.0234 3228  NlaSvc - ok
20:41:22.0256 3228  [ C31FA031335EFF434B2D94278E74BCCE ] NPF             C:\Windows\system32\drivers\npf.sys
20:41:22.0257 3228  NPF - ok
20:41:22.0269 3228  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:41:22.0270 3228  Npfs - ok
20:41:22.0298 3228  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
20:41:22.0299 3228  nsi - ok
20:41:22.0303 3228  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:41:22.0304 3228  nsiproxy - ok
20:41:22.0339 3228  [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:41:22.0347 3228  Ntfs - ok
20:41:22.0351 3228  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
20:41:22.0351 3228  Null - ok
20:41:22.0699 3228  [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:41:22.0985 3228  nvlddmkm - ok
20:41:23.0018 3228  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:41:23.0021 3228  nvraid - ok
20:41:23.0033 3228  [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:41:23.0035 3228  nvstor - ok
20:41:23.0093 3228  [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:41:23.0097 3228  nvsvc - ok
20:41:23.0163 3228  [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:41:23.0207 3228  nvUpdatusService - ok
20:41:23.0234 3228  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:41:23.0237 3228  nv_agp - ok
20:41:23.0253 3228  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:41:23.0255 3228  ohci1394 - ok
20:41:23.0310 3228  [ 4965B005492CBA7719E82B71E3245495 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:41:23.0313 3228  ose64 - ok
20:41:23.0499 3228  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:41:23.0627 3228  osppsvc - ok
20:41:23.0663 3228  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:41:23.0667 3228  p2pimsvc - ok
20:41:23.0703 3228  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:41:23.0742 3228  p2psvc - ok
20:41:23.0783 3228  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:41:23.0785 3228  Parport - ok
20:41:23.0799 3228  Partizan - ok
20:41:23.0806 3228  [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:41:23.0807 3228  partmgr - ok
20:41:23.0815 3228  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:41:23.0819 3228  PcaSvc - ok
20:41:23.0827 3228  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
20:41:23.0828 3228  pci - ok
20:41:23.0841 3228  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
20:41:23.0842 3228  pciide - ok
20:41:23.0858 3228  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:41:23.0859 3228  pcmcia - ok
20:41:23.0864 3228  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:41:23.0865 3228  pcw - ok
20:41:23.0877 3228  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:41:23.0886 3228  PEAUTH - ok
20:41:23.0939 3228  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
20:41:23.0965 3228  PeerDistSvc - ok
20:41:24.0028 3228  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:41:24.0029 3228  PerfHost - ok
20:41:24.0107 3228  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
20:41:24.0153 3228  pla - ok
20:41:24.0193 3228  [ B806E50427511BCF4AD8E8239C3E25FA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:41:24.0210 3228  PlugPlay - ok
20:41:24.0232 3228  PnkBstrA - ok
20:41:24.0245 3228  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:41:24.0248 3228  PNRPAutoReg - ok
20:41:24.0264 3228  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:41:24.0267 3228  PNRPsvc - ok
20:41:24.0304 3228  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:41:24.0308 3228  PolicyAgent - ok
20:41:24.0326 3228  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
20:41:24.0329 3228  Power - ok
20:41:24.0363 3228  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:41:24.0366 3228  PptpMiniport - ok
20:41:24.0385 3228  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
20:41:24.0387 3228  Processor - ok
20:41:24.0432 3228  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
20:41:24.0438 3228  ProfSvc - ok
20:41:24.0446 3228  [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
20:41:24.0448 3228  ProtectedStorage - ok
20:41:24.0473 3228  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:41:24.0475 3228  Psched - ok
20:41:24.0528 3228  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:41:24.0583 3228  ql2300 - ok
20:41:24.0609 3228  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:41:24.0614 3228  ql40xx - ok
20:41:24.0648 3228  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
20:41:24.0665 3228  QWAVE - ok
20:41:24.0690 3228  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:41:24.0693 3228  QWAVEdrv - ok
20:41:24.0711 3228  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:41:24.0712 3228  RasAcd - ok
20:41:24.0752 3228  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:41:24.0754 3228  RasAgileVpn - ok
20:41:24.0775 3228  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
20:41:24.0781 3228  RasAuto - ok
20:41:24.0801 3228  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:41:24.0803 3228  Rasl2tp - ok
20:41:24.0818 3228  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
20:41:24.0826 3228  RasMan - ok
20:41:24.0832 3228  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:41:24.0833 3228  RasPppoe - ok
20:41:24.0839 3228  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:41:24.0842 3228  RasSstp - ok
20:41:24.0860 3228  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:41:24.0862 3228  rdbss - ok
20:41:24.0866 3228  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:41:24.0868 3228  rdpbus - ok
20:41:24.0878 3228  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:41:24.0879 3228  RDPCDD - ok
20:41:24.0911 3228  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:41:24.0912 3228  RDPDR - ok
20:41:24.0938 3228  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:41:24.0939 3228  RDPENCDD - ok
20:41:24.0946 3228  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:41:24.0947 3228  RDPREFMP - ok
20:41:24.0964 3228  [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:41:24.0965 3228  RDPWD - ok
20:41:24.0999 3228  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:41:25.0017 3228  rdyboost - ok
20:41:25.0050 3228  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:41:25.0055 3228  RemoteAccess - ok
20:41:25.0084 3228  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:41:25.0087 3228  RemoteRegistry - ok
20:41:25.0137 3228  [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
20:41:25.0139 3228  Revoflt - ok
20:41:25.0162 3228  [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
20:41:25.0163 3228  rpcapd - ok
20:41:25.0198 3228  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:41:25.0203 3228  RpcEptMapper - ok
20:41:25.0229 3228  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
20:41:25.0232 3228  RpcLocator - ok
20:41:25.0266 3228  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
20:41:25.0277 3228  RpcSs - ok
20:41:25.0314 3228  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:41:25.0317 3228  rspndr - ok
20:41:25.0348 3228  [ 68DD0457D18FCCEF7384AE84022F0C86 ] RTL8023x64      C:\Windows\system32\DRIVERS\Rtnic64.sys
20:41:25.0349 3228  RTL8023x64 - ok
20:41:25.0370 3228  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
20:41:25.0374 3228  RTL8167 - ok
20:41:25.0426 3228  [ A0EEA6F631349D0E0B7A6CAA7E099CB0 ] RUBotSrv        C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
20:41:25.0438 3228  RUBotSrv - ok
20:41:25.0467 3228  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
20:41:25.0469 3228  s3cap - ok
20:41:25.0488 3228  [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs           C:\Windows\system32\lsass.exe
20:41:25.0491 3228  SamSs - ok
20:41:25.0516 3228  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:41:25.0518 3228  sbp2port - ok
20:41:25.0541 3228  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:41:25.0546 3228  SCardSvr - ok
20:41:25.0573 3228  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:41:25.0575 3228  scfilter - ok
20:41:25.0611 3228  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
20:41:25.0620 3228  Schedule - ok
20:41:25.0648 3228  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:41:25.0649 3228  SCPolicySvc - ok
20:41:25.0665 3228  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:41:25.0670 3228  SDRSVC - ok
20:41:25.0695 3228  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:41:25.0696 3228  secdrv - ok
20:41:25.0708 3228  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
20:41:25.0710 3228  seclogon - ok
20:41:25.0724 3228  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
20:41:25.0727 3228  SENS - ok
20:41:25.0743 3228  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:41:25.0746 3228  SensrSvc - ok
20:41:25.0763 3228  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:41:25.0763 3228  Serenum - ok
20:41:25.0770 3228  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:41:25.0771 3228  Serial - ok
20:41:25.0786 3228  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:41:25.0787 3228  sermouse - ok
20:41:25.0803 3228  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:41:25.0805 3228  SessionEnv - ok
20:41:25.0838 3228  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:41:25.0839 3228  sffdisk - ok
20:41:25.0843 3228  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:41:25.0844 3228  sffp_mmc - ok
20:41:25.0848 3228  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:41:25.0848 3228  sffp_sd - ok
20:41:25.0852 3228  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:41:25.0853 3228  sfloppy - ok
20:41:25.0884 3228  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:41:25.0889 3228  SharedAccess - ok
20:41:25.0904 3228  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:41:25.0907 3228  ShellHWDetection - ok
20:41:25.0924 3228  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:41:25.0925 3228  SiSRaid2 - ok
20:41:25.0932 3228  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:41:25.0933 3228  SiSRaid4 - ok
20:41:25.0969 3228  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:41:25.0970 3228  SkypeUpdate - ok
20:41:25.0999 3228  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:41:26.0004 3228  Smb - ok
20:41:26.0051 3228  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:41:26.0056 3228  SNMPTRAP - ok
20:41:26.0077 3228  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:41:26.0078 3228  spldr - ok
20:41:26.0100 3228  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
20:41:26.0105 3228  Spooler - ok
20:41:26.0221 3228  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
20:41:26.0243 3228  sppsvc - ok
20:41:26.0257 3228  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:41:26.0259 3228  sppuinotify - ok
20:41:26.0327 3228  [ 9AB59CF736981ED1F83C6AB5FAA8BA5C ] sptd            C:\Windows\system32\Drivers\sptd.sys
20:41:26.0347 3228  sptd - ok
20:41:26.0382 3228  [ 2098B8556D1CEC2ACA9A29CD479E3692 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:41:26.0386 3228  srv - ok
20:41:26.0398 3228  [ D0F73A42040F21F92FD314B42AC5C9E7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:41:26.0405 3228  srv2 - ok
20:41:26.0412 3228  [ 2BA8F3250828CCDB4204ECF2C6F40B6A ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:41:26.0416 3228  srvnet - ok
20:41:26.0460 3228  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:41:26.0464 3228  SSDPSRV - ok
20:41:26.0475 3228  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:41:26.0478 3228  SstpSvc - ok
20:41:26.0555 3228  [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:41:26.0565 3228  Stereo Service - ok
20:41:26.0590 3228  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:41:26.0592 3228  stexstor - ok
20:41:26.0639 3228  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
20:41:26.0652 3228  stisvc - ok
20:41:26.0683 3228  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
20:41:26.0684 3228  storflt - ok
20:41:26.0711 3228  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
20:41:26.0714 3228  StorSvc - ok
20:41:26.0748 3228  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:41:26.0749 3228  storvsc - ok
20:41:26.0774 3228  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:41:26.0774 3228  swenum - ok
20:41:26.0797 3228  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
20:41:26.0815 3228  swprv - ok
20:41:26.0870 3228  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
20:41:26.0911 3228  SysMain - ok
20:41:26.0925 3228  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:41:26.0928 3228  TabletInputService - ok
20:41:26.0970 3228  [ B70DF208E97536CA9F29289E609F5B16 ] taphss          C:\Windows\system32\DRIVERS\taphss.sys
20:41:26.0972 3228  taphss - ok
20:41:26.0988 3228  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:41:26.0992 3228  TapiSrv - ok
20:41:26.0998 3228  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
20:41:27.0001 3228  TBS - ok
20:41:27.0074 3228  [ 509383E505C973ED7534A06B3D19688D ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:41:27.0098 3228  Tcpip - ok
20:41:27.0160 3228  [ 509383E505C973ED7534A06B3D19688D ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:41:27.0173 3228  TCPIP6 - ok
20:41:27.0190 3228  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:41:27.0191 3228  tcpipreg - ok
20:41:27.0211 3228  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:41:27.0211 3228  TDPIPE - ok
20:41:27.0221 3228  [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:41:27.0222 3228  TDTCP - ok
20:41:27.0239 3228  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:41:27.0240 3228  tdx - ok
20:41:27.0245 3228  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:41:27.0246 3228  TermDD - ok
20:41:27.0286 3228  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
20:41:27.0291 3228  TermService - ok
20:41:27.0306 3228  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
20:41:27.0308 3228  Themes - ok
20:41:27.0316 3228  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
20:41:27.0318 3228  THREADORDER - ok
20:41:27.0335 3228  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
20:41:27.0338 3228  TrkWks - ok
20:41:27.0370 3228  [ 21EB0ACE1D6C03759ED5747A398E39F2 ] Trufos          C:\Windows\system32\DRIVERS\Trufos.sys
20:41:27.0375 3228  Trufos - ok
20:41:27.0418 3228  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:41:27.0420 3228  TrustedInstaller - ok
20:41:27.0450 3228  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:41:27.0452 3228  tssecsrv - ok
20:41:27.0475 3228  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:41:27.0478 3228  TsUsbFlt - ok
20:41:27.0487 3228  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:41:27.0488 3228  TsUsbGD - ok
20:41:27.0513 3228  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:41:27.0515 3228  tunnel - ok
20:41:27.0534 3228  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:41:27.0535 3228  uagp35 - ok
20:41:27.0544 3228  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:41:27.0545 3228  udfs - ok
20:41:27.0575 3228  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:41:27.0577 3228  UI0Detect - ok
20:41:27.0607 3228  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:41:27.0609 3228  uliagpkx - ok
20:41:27.0624 3228  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:41:27.0625 3228  umbus - ok
20:41:27.0647 3228  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
20:41:27.0648 3228  UmPass - ok
20:41:27.0676 3228  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
20:41:27.0679 3228  UmRdpService - ok
20:41:27.0719 3228  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
20:41:27.0722 3228  upnphost - ok
20:41:27.0738 3228  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
20:41:27.0739 3228  usbccgp - ok
20:41:27.0766 3228  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:41:27.0768 3228  usbcir - ok
20:41:27.0784 3228  [ 74EE782B1D9C241EFE425565854C661C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:41:27.0785 3228  usbehci - ok
20:41:27.0821 3228  [ DC96BD9CCB8403251BCF25047573558E ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:41:27.0823 3228  usbhub - ok
20:41:27.0833 3228  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
20:41:27.0834 3228  usbohci - ok
20:41:27.0850 3228  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
20:41:27.0852 3228  usbprint - ok
20:41:27.0862 3228  [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
20:41:27.0863 3228  USBSTOR - ok
20:41:27.0878 3228  [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:41:27.0879 3228  usbuhci - ok
20:41:27.0909 3228  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
20:41:27.0911 3228  UxSms - ok
20:41:27.0920 3228  [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc        C:\Windows\system32\lsass.exe
20:41:27.0921 3228  VaultSvc - ok
20:41:27.0959 3228  [ CF619CAFDABFF0A46E17509D5A24D8A6 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
20:41:27.0963 3228  VBoxDrv - ok
20:41:28.0004 3228  [ A20B65C4C40AA8E5C351DBEA4CE45636 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
20:41:28.0010 3228  VBoxNetAdp - ok
20:41:28.0048 3228  [ 08202237262B9D9654B609FFBD8BD725 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
20:41:28.0054 3228  VBoxNetFlt - ok
20:41:28.0089 3228  [ 14EB14D8FC182C0D1CF82220025486B5 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
20:41:28.0094 3228  VBoxUSBMon - ok
20:41:28.0135 3228  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:41:28.0136 3228  vdrvroot - ok
20:41:28.0191 3228  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
20:41:28.0215 3228  vds - ok
20:41:28.0241 3228  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:41:28.0244 3228  vga - ok
20:41:28.0256 3228  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:41:28.0258 3228  VgaSave - ok
20:41:28.0282 3228  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:41:28.0286 3228  vhdmp - ok
20:41:28.0301 3228  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:41:28.0302 3228  viaide - ok
20:41:28.0318 3228  VMAuthdService - ok
20:41:28.0353 3228  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:41:28.0358 3228  vmbus - ok
20:41:28.0381 3228  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
20:41:28.0384 3228  VMBusHID - ok
20:41:28.0403 3228  vmci - ok
20:41:28.0439 3228  [ B259C31378BC855AFD1B53F59311C251 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
20:41:28.0440 3228  VMnetAdapter - ok
20:41:28.0450 3228  [ DEC4CE720FFEDA939CF1BA315CFBD993 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
20:41:28.0453 3228  VMnetBridge - ok
20:41:28.0464 3228  VMnetDHCP - ok
20:41:28.0480 3228  [ 41F8BFC7A658FF4FA27AC10E9C5D14A7 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
20:41:28.0482 3228  VMnetuserif - ok
20:41:28.0490 3228  VMware NAT Service - ok
20:41:28.0512 3228  VMwareHostd - ok
20:41:28.0530 3228  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:41:28.0532 3228  volmgr - ok
20:41:28.0547 3228  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:41:28.0552 3228  volmgrx - ok
20:41:28.0572 3228  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:41:28.0574 3228  volsnap - ok
20:41:28.0594 3228  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:41:28.0598 3228  vsmraid - ok
20:41:28.0651 3228  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
20:41:28.0684 3228  VSS - ok
20:41:28.0701 3228  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:41:28.0702 3228  vwifibus - ok
20:41:28.0725 3228  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
20:41:28.0728 3228  W32Time - ok
20:41:28.0749 3228  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:41:28.0750 3228  WacomPen - ok
20:41:28.0779 3228  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:41:28.0780 3228  WANARP - ok
20:41:28.0784 3228  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:41:28.0785 3228  Wanarpv6 - ok
20:41:28.0821 3228  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
20:41:28.0854 3228  wbengine - ok
20:41:28.0861 3228  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:41:28.0865 3228  WbioSrvc - ok
20:41:28.0886 3228  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:41:28.0892 3228  wcncsvc - ok
20:41:28.0906 3228  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:41:28.0908 3228  WcsPlugInService - ok
20:41:28.0933 3228  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
20:41:28.0934 3228  Wd - ok
20:41:28.0957 3228  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:41:28.0966 3228  Wdf01000 - ok
20:41:28.0977 3228  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:41:28.0979 3228  WdiServiceHost - ok
20:41:28.0983 3228  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:41:28.0985 3228  WdiSystemHost - ok
20:41:28.0992 3228  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
20:41:28.0997 3228  WebClient - ok
20:41:29.0008 3228  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:41:29.0013 3228  Wecsvc - ok
20:41:29.0020 3228  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:41:29.0022 3228  wercplsupport - ok
20:41:29.0036 3228  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:41:29.0038 3228  WerSvc - ok
20:41:29.0059 3228  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:41:29.0060 3228  WfpLwf - ok
20:41:29.0072 3228  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:41:29.0073 3228  WIMMount - ok
20:41:29.0083 3228  WinDefend - ok
20:41:29.0089 3228  WinHttpAutoProxySvc - ok
20:41:29.0140 3228  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:41:29.0147 3228  Winmgmt - ok
20:41:29.0229 3228  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
20:41:29.0281 3228  WinRM - ok
20:41:29.0316 3228  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:41:29.0342 3228  Wlansvc - ok
20:41:29.0371 3228  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:41:29.0372 3228  WmiAcpi - ok
20:41:29.0410 3228  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:41:29.0413 3228  wmiApSrv - ok
20:41:29.0433 3228  WMPNetworkSvc - ok
20:41:29.0445 3228  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:41:29.0448 3228  WPCSvc - ok
20:41:29.0465 3228  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:41:29.0469 3228  WPDBusEnum - ok
20:41:29.0480 3228  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:41:29.0481 3228  ws2ifsl - ok
20:41:29.0511 3228  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
20:41:29.0515 3228  wscsvc - ok
20:41:29.0521 3228  WSearch - ok
20:41:29.0587 3228  [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:41:29.0640 3228  wuauserv - ok
20:41:29.0658 3228  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:41:29.0661 3228  WudfPf - ok
20:41:29.0668 3228  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:41:29.0686 3228  wudfsvc - ok
20:41:29.0705 3228  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:41:29.0711 3228  WwanSvc - ok
20:41:29.0763 3228  ================ Scan global ===============================
20:41:29.0790 3228  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:41:29.0804 3228  [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll
20:41:29.0835 3228  [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll
20:41:29.0906 3228  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:41:29.0974 3228  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:41:29.0983 3228  [Global] - ok
20:41:29.0984 3228  ================ Scan MBR ==================================
20:41:29.0998 3228  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:41:30.0366 3228  \Device\Harddisk0\DR0 - ok
20:41:30.0368 3228  ================ Scan VBR ==================================
20:41:30.0374 3228  [ 8618001F3A9AE6684D70292F55EC29DC ] \Device\Harddisk0\DR0\Partition1
20:41:30.0377 3228  \Device\Harddisk0\DR0\Partition1 - ok
20:41:30.0386 3228  [ D8AD85C482C409A3680341054CFA6492 ] \Device\Harddisk0\DR0\Partition2
20:41:30.0389 3228  \Device\Harddisk0\DR0\Partition2 - ok
20:41:30.0392 3228  ============================================================
20:41:30.0393 3228  Scan finished
20:41:30.0393 3228  ============================================================
20:41:30.0408 5316  Detected object count: 0
20:41:30.0408 5316  Actual detected object count: 0
20:42:26.0075 1412  Deinitialize success

Nod scanner dont found any treaths,so i dont have log.

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:56 AM

Posted 08 September 2012 - 10:04 AM

We had better get a deeper look at the system .. Repost with this in a new topic.

Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users