Проблем с отваряне на Facebook

tonysto · Август 5, 2012

Здравейте имам проблеми с влизането във Фейсбук! Не мога да вляза нито през интернет експлоръра, нито хрома и мозила. Само през Опера се опитва да ми зареди но страницата е много разпокъсана и странно изглеждаща, при другите си остава празна!

Night_Raven · Август 5, 2012

mst, лично ти ли си спряла UAC или не?

Стартирай отново OTL. В празното поле "Custom Scans/Fixes" (в долната част на програмата) постави следния текст (маркирай го, натисни Ctrl+C и после в полето на OTL натисни Ctrl+V):

:OTL
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-132208950-3660432363-3532671861-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-132208950-3660432363-3532671861-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
[2012.08.03 18:00:00 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2012.07.31 15:49:35 | 000,000,260 | ---- | M] () -- C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog00.sqm
:Commands
[emptytemp]
[reboot]

Копирай текста точно както е в полето. Внимавай да не изтървеш началното двуеточие и всяка команда да е на отделен ред, както е в полето.

Кликни бутон Run Fix. Потвърди с OK на съобщението, че е нужен рестарт на системата.

След рестарта ще се появи текстов дневник/лог. Същият файл се намира в C:\_OTL\MovedFiles. Моля, прикачи го към следващия си коментар.

-----

Сканирай с Malwarebytes Anti-Malware. Ако тепърва инсталираш програмата, в края инсталацията ще има отметка за автоматична актуализация, не я премахвай. В противен случай обнови дефинициите й ръчно. Ако вече имаш програмата, провери дали имаш последната версия и ако нямаш, премахни твоята и инсталирай най-новата, като в края на инсталацията остави отметката за актуализация на дефинициите.

Инструкции за сканиране:

- стартирай програмата;

- избери Perform quick scan (Бързо сканиране) и кликни бутон Scan (Сканиране);

- след като приключи сканирането, ако не са открити заплахи, ще се отвори автоматично текстов файл (който можеш да затвориш) и програмата ще те уведоми, че не е открила нищо, след което можеш да кликнеш бутон OK и да я затвориш;

- ако са открити заплахи, кликни бутон OK и после Show Results (Покажи резултатите);

- кликни бутон Remove Selected (Премахни избраните);

Ако е нужен рестарт, се съгласи и рестартирай веднага. След рестарта стартирай отново програмата, иди на подпорозиорец Logs (Дневници), маркирай последния дневник, кликни бутон Open (Отвори) и му копирай съдържанието тук. Ако не е бил нужен рестарт, трябва да се появи текстов файл - копирай му съдържанието тук.

-----

Здравейте имам проблеми с влизането във Фейсбук! Не мога да вляза нито през интернет експлоръра, нито хрома и мозила. Само през Опера се опитва да ми зареди но страницата е много разпокъсана и странно изглеждаща, при другите си остава празна!

Увери се, че операционната система е с всички актуализации, че всичките ти браузъри са актуални версии, че регионалните настройки са наред (български) и че часовникът е сверен.

tonysto · Август 5, 2012

Това всичко съм го проверила и е както трябва.Изчетох всичко във форума и съм пробвала всичко, което предлагате,но така и не може да се отвори приложението- просто си остава като едно безкрайно търсене.

tonysto · Август 5, 2012

Това е резултата от сканирането с OTL.

Extras-а ми е от по-ранно сканиране през деня, при сегашното просто не ми излезе.

OTL.Txt

Extras.Txt

mst · Август 6, 2012

Не съм спирала UAC.

Сканирах с Malwarebytes Anti-Malware и не откри нищо.

Ето резултата от OTL:

------------------------------

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully.

Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.

Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.

Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.

Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.

Registry key HKEY_USERS\S-1-5-21-132208950-3660432363-3532671861-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.

Registry value HKEY_USERS\S-1-5-21-132208950-3660432363-3532671861-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDrives deleted successfully.

C:\Windows\Tasks\ParetoLogic Registration3.job moved successfully.

C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\wmpnsslog00.sqm moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: LittleJimmy

->Temp folder emptied: 15521113 bytes

->Temporary Internet Files folder emptied: 201059 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 60031446 bytes

->Google Chrome cache emptied: 0 bytes

->Opera cache emptied: 0 bytes

->Flash cache emptied: 726 bytes

User: Public

->Temp folder emptied: 0 bytes

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 96411617 bytes

RecycleBin emptied: 950585 bytes

Total Files Cleaned = 165,00 mb

OTL by OldTimer - Version 3.2.55.0 log created on 08062012_133807

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Night_Raven · Август 6, 2012

mst, поне на този етап, не изглежда проблемът да се дължи на зловреден код. Не пречи да направим още 2 бързи сканирания за всеки случай.

Изтегли TDSSKiller и:

- разархивирай архива на удобно място;

- стартирай TDSSKiller.exe;

- кликни Change paramteres, в долната секция Additional options постави отметки на Verify driver digital signatures и Detect TDLFS file system и потвърди с OK;

- кликни бутон Start scan и изчакай да се извърши сканирането;

- ако не бъдат открити заплахи, просто кликни Close;

- ако бъдат открити подозрителни обекти, кликни Continue и след това Close;

- ако бъдат открити зловредни обекти, се увери, че от падащите менюта е избрана опцята Cure, кликни Continue и след това Reboot computer;

- в дял C: ще се създаде текстов файл дневник от сканирането (името му започва с TDSSKiller), копирай му съдържанието в следващия си коментар.

---

Изтегли HitmanPro и:

- стартирай файла и кликни Напред;

- постави отметка на Приемам всички условия в лицензионното споразумение и кликни Напред;

- избери Не, искам да извършва еднократно сканиране на компютъра и кликни Напред;

- изчакай да приключи сканирането;

- ако бъдат открити заплахи, кликни Напред, в противен случай кликни Затвори;

- кликни Активирай безплатен лиценз, потвърди с OK и кликни Напред;

- изчакай да приключи премахването и кликни Next;

- кликни Изнеси резултатите от сканирането в XML файл и запази файла на удобно място с име по желание;

- ако има нужда от рестартиране, ще има бутон Рестартирай, който го кликни; противен случай кликни Затвори.

След това архивирай запазения XML файл и го прикачи към коментара си.

------

Това е резултата от сканирането с OTL.

Занапред не предоставяй дневници от програми, освен ако не са поискани.

Следвай точно инструкциите...

Изтегли OTL и го запази на работния плот:

- стартирай инструмента;

- постави отметка в горната част на Scan All Users;

- в поле Standard Registry избери All;

- от падащо меню File Age избери 90 Days;

- постави отметки още на: Skip Microsoft Files, LOP Check и Purity Check;

- в поле Custom Scans/Fixes (в долната част на програмата) постави следния текст (маркирай го, натисни Ctrl+C и после в полето на OTL натисни Ctrl+V):

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
%USERPROFILE%\*.*
%USERPROFILE%\AppData\Local\*.*
%USERPROFILE%\AppData\Roaming\*.*
%ProgramData%\*.*
%CommonProgramFiles%\*.*
%CommonProgramFiles%\ComObjects*.*
%PROGRAMFILES%\*.*
%systemroot%\system32\config\systemprofile\AppData\Local\*.*
%systemroot%\system32\config\systemprofile\AppData\Roaming\*.*
%windir%\SysWOW64\config\systemprofile\AppData\Local\*.*
%windir%\SysWOW64\config\systemprofile\AppData\Roaming\*.*
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*
%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.*
%windir%\temp\*.*
%windir%\minidump\*.*
%windir%\*.
%windir%\installer\*.
%windir%\system32\*.
%windir%\sysnative\*.
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\syswow64\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /90
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\syswow64\drivers\*.sys /90
%systemroot%\syswow64\drivers\*.sys /lockedfiles
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /rp /s
%systemroot%\assembly	mp\*.* /S /MD5
%systemroot%\assembly	emp\*.* /S /MD5
%systemroot%\assembly\GAC\*.* /S /MD5
%systemroot%\assembly\GAC_32\*.* /S /MD5
%systemroot%\assembly\GAC_64\*.* /S /MD5
%SystemRoot%\assembly\GAC_MSIL\*.* /S /MD5
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /s
HKEY_CURRENT_USER\Software\MSOLoad /s
c:\system volume information|_REGISTRY_MACHINE_SYSTEM;true;true;true /FP
c:\system volume information|_REGISTRY_MACHINE_SOFTWARE;true;true;true /FP
bcdedit /enum all /v >C:\boot.txt /c
echo list vol > C:\commands.txt | diskpart /s C:\commands.txt > C:\DiskReport.txt /c
restorepoints
/md5start
consrv.dll
services.exe
explorer.exe
lsass.exe
svchost.exe
wininit.exe
winlogon.exe
userinit.exe
atapi.sys
iaStor.sys
serial.sys
volsnap.sys
disk.sys
redbook.sys
i8042prt.sys
afd.sys
netbt.sys
csc.sys
tcpip.sys
dfsc.sys
hlp.dat
str.sys
crexv.ocx
/md5stop

- кликни бутон Run Scan;

Изчакай сканирането да приключи. След края на сканирането автоматично ще се отворят двата новосъздадени на работния плот файла: OTL.txt и Extras.txt.

Моля, прикачи тези два файла (поотделно или в архив) към следващия си коментар.

mst · Август 6, 2012

TDSSKiller :

----------------------

15:26:24.0312 2684 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

15:26:24.0437 2684 ============================================================

15:26:24.0437 2684 Current date / time: 2012/08/06 15:26:24.0437

15:26:24.0437 2684 SystemInfo:

15:26:24.0437 2684

15:26:24.0437 2684 OS Version: 6.1.7601 ServicePack: 1.0

15:26:24.0437 2684 Product type: Workstation

15:26:24.0437 2684 ComputerName: JIMMY

15:26:24.0437 2684 UserName: LittleJimmy

15:26:24.0437 2684 Windows directory: C:\Windows

15:26:24.0437 2684 System windows directory: C:\Windows

15:26:24.0437 2684 Processor architecture: Intel x86

15:26:24.0437 2684 Number of processors: 2

15:26:24.0437 2684 Page size: 0x1000

15:26:24.0437 2684 Boot type: Normal boot

15:26:24.0437 2684 ============================================================

15:26:25.0076 2684 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

15:26:25.0108 2684 ============================================================

15:26:25.0108 2684 \Device\Harddisk0\DR0:

15:26:25.0108 2684 MBR partitions:

15:26:25.0108 2684 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x17B96689

15:26:25.0123 2684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17B96707, BlocksNum 0x32CC07BA

15:26:25.0123 2684 ============================================================

15:26:25.0139 2684 C: <-> \Device\Harddisk0\DR0\Partition0

15:26:25.0154 2684 D: <-> \Device\Harddisk0\DR0\Partition1

15:26:25.0154 2684 ============================================================

15:26:25.0154 2684 Initialize success

15:26:25.0154 2684 ============================================================

15:27:21.0205 3868 ============================================================

15:27:21.0205 3868 Scan started

15:27:21.0205 3868 Mode: Manual; SigCheck; TDLFS;

15:27:21.0205 3868 ============================================================

15:27:22.0563 3868 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys

15:27:22.0703 3868 1394ohci - ok

15:27:22.0734 3868 acnzjhyt - ok

15:27:22.0781 3868 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys

15:27:22.0781 3868 ACPI - ok

15:27:22.0812 3868 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys

15:27:22.0890 3868 AcpiPmi - ok

15:27:22.0968 3868 AdobeFlashPlayerUpdateSvc (f19c98ad81d2c0e1bbfd8153d2c80ee8) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

15:27:22.0984 3868 AdobeFlashPlayerUpdateSvc - ok

15:27:23.0046 3868 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys

15:27:23.0062 3868 adp94xx - ok

15:27:23.0093 3868 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys

15:27:23.0109 3868 adpahci - ok

15:27:23.0140 3868 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys

15:27:23.0140 3868 adpu320 - ok

15:27:23.0171 3868 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll

15:27:23.0265 3868 AeLookupSvc - ok

15:27:23.0327 3868 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys

15:27:23.0405 3868 AFD - ok

15:27:23.0436 3868 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys

15:27:23.0436 3868 agp440 - ok

15:27:23.0467 3868 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys

15:27:23.0483 3868 aic78xx - ok

15:27:23.0499 3868 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe

15:27:23.0561 3868 ALG - ok

15:27:23.0608 3868 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys

15:27:23.0608 3868 aliide - ok

15:27:23.0670 3868 AMD External Events Utility (ec98ca8298f67926fa50876348534b1d) C:\Windows\system32\atiesrxx.exe

15:27:23.0779 3868 AMD External Events Utility - ok

15:27:23.0811 3868 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys

15:27:23.0811 3868 amdagp - ok

15:27:23.0857 3868 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys

15:27:23.0857 3868 amdide - ok

15:27:23.0889 3868 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys

15:27:23.0951 3868 AmdK8 - ok

15:27:24.0294 3868 amdkmdag (65b44179cf184b08e86097bffbf03f24) C:\Windows\system32\DRIVERS\atikmdag.sys

15:27:24.0497 3868 amdkmdag - ok

15:27:24.0637 3868 amdkmdap (5e1c65524ff1713711ce27879d813384) C:\Windows\system32\DRIVERS\atikmpag.sys

15:27:24.0669 3868 amdkmdap - ok

15:27:24.0700 3868 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys

15:27:24.0731 3868 AmdPPM - ok

15:27:24.0762 3868 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys

15:27:24.0778 3868 amdsata - ok

15:27:24.0793 3868 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys

15:27:24.0809 3868 amdsbs - ok

15:27:24.0825 3868 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys

15:27:24.0825 3868 amdxata - ok

15:27:24.0856 3868 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys

15:27:24.0949 3868 AppID - ok

15:27:24.0965 3868 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll

15:27:24.0996 3868 AppIDSvc - ok

15:27:25.0027 3868 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll

15:27:25.0059 3868 Appinfo - ok

15:27:25.0121 3868 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys

15:27:25.0121 3868 arc - ok

15:27:25.0137 3868 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys

15:27:25.0152 3868 arcsas - ok

15:27:25.0246 3868 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

15:27:25.0261 3868 aspnet_state - ok

15:27:25.0277 3868 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys

15:27:25.0339 3868 AsyncMac - ok

15:27:25.0386 3868 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys

15:27:25.0402 3868 atapi - ok

15:27:25.0464 3868 AtiHDAudioService (7725aecceddf81bd8374c77157e450ea) C:\Windows\system32\drivers\AtihdW73.sys

15:27:25.0464 3868 AtiHDAudioService - ok

15:27:25.0527 3868 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

15:27:25.0558 3868 AudioEndpointBuilder - ok

15:27:25.0558 3868 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll

15:27:25.0589 3868 Audiosrv - ok

15:27:25.0636 3868 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll

15:27:25.0698 3868 AxInstSV - ok

15:27:25.0745 3868 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys

15:27:25.0807 3868 b06bdrv - ok

15:27:25.0839 3868 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys

15:27:25.0870 3868 b57nd60x - ok

15:27:25.0917 3868 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll

15:27:25.0995 3868 BDESVC - ok

15:27:25.0995 3868 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys

15:27:26.0041 3868 Beep - ok

15:27:26.0104 3868 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll

15:27:26.0135 3868 BFE - ok

15:27:26.0244 3868 BingDesktopUpdate (1b63f2b7ca6b5290cc124cdd07520bc9) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe

15:27:26.0244 3868 BingDesktopUpdate - ok

15:27:26.0307 3868 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll

15:27:26.0338 3868 BITS - ok

15:27:26.0385 3868 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys

15:27:26.0400 3868 blbdrive - ok

15:27:26.0463 3868 BlueletAudio (5ff9a3f3476d726ae62da82d5da94c36) C:\Windows\system32\DRIVERS\blueletaudio.sys

15:27:26.0463 3868 BlueletAudio - ok

15:27:26.0494 3868 BlueletSCOAudio (bd91afc523fd59f881e1763c38fb772f) C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys

15:27:26.0494 3868 BlueletSCOAudio - ok

15:27:26.0556 3868 BlueSoleil Hid Service (e460dbc78b9162a569c6ce3b7d31216d) C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

15:27:26.0572 3868 BlueSoleil Hid Service - ok

15:27:26.0603 3868 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys

15:27:26.0650 3868 bowser - ok

15:27:26.0665 3868 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:27:26.0728 3868 BrFiltLo - ok

15:27:26.0743 3868 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:27:26.0775 3868 BrFiltUp - ok

15:27:26.0806 3868 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys

15:27:26.0853 3868 BridgeMP - ok

15:27:26.0899 3868 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll

15:27:26.0946 3868 Browser - ok

15:27:26.0977 3868 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys

15:27:27.0024 3868 Brserid - ok

15:27:27.0040 3868 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys

15:27:27.0055 3868 BrSerWdm - ok

15:27:27.0087 3868 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:27:27.0118 3868 BrUsbMdm - ok

15:27:27.0118 3868 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys

15:27:27.0149 3868 BrUsbSer - ok

15:27:27.0196 3868 BT (c5cce2b26f73f8cf7f3c82159e79aa08) C:\Windows\system32\DRIVERS\btnetdrv.sys

15:27:27.0196 3868 BT - ok

15:27:27.0211 3868 Btcsrusb (fb2abc6d08d9f8d5ed8e02cbd18b39bb) C:\Windows\system32\Drivers\btcusb.sys

15:27:27.0227 3868 Btcsrusb - ok

15:27:27.0227 3868 BTHidEnum (ce643d0918123d76a5caab008fca9663) C:\Windows\system32\Drivers\vbtenum.sys

15:27:27.0243 3868 BTHidEnum - ok

15:27:27.0258 3868 BTHidMgr (dfca4fe4c8aec786b4d0f432eb730f48) C:\Windows\system32\Drivers\BTHidMgr.sys

15:27:27.0258 3868 BTHidMgr - ok

15:27:27.0274 3868 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys

15:27:27.0305 3868 BTHMODEM - ok

15:27:27.0336 3868 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll

15:27:27.0367 3868 bthserv - ok

15:27:27.0461 3868 catchme - ok

15:27:27.0492 3868 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys

15:27:27.0523 3868 cdfs - ok

15:27:27.0570 3868 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys

15:27:27.0601 3868 cdrom - ok

15:27:27.0633 3868 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

15:27:27.0664 3868 CertPropSvc - ok

15:27:27.0695 3868 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys

15:27:27.0695 3868 circlass - ok

15:27:27.0742 3868 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys

15:27:27.0757 3868 CLFS - ok

15:27:27.0820 3868 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:27:27.0835 3868 clr_optimization_v2.0.50727_32 - ok

15:27:27.0898 3868 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

15:27:27.0960 3868 clr_optimization_v4.0.30319_32 - ok

15:27:27.0976 3868 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys

15:27:28.0007 3868 CmBatt - ok

15:27:28.0038 3868 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys

15:27:28.0054 3868 cmdide - ok

15:27:28.0101 3868 CNG (247b4ce2dab1160cd422d532d5241e1f) C:\Windows\system32\Drivers\cng.sys

15:27:28.0132 3868 CNG - ok

15:27:28.0147 3868 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys

15:27:28.0147 3868 Compbatt - ok

15:27:28.0194 3868 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys

15:27:28.0210 3868 CompositeBus - ok

15:27:28.0225 3868 COMSysApp - ok

15:27:28.0272 3868 cpuz135 (3411fdf098aa20193eee5ffa36ba43b2) C:\Windows\system32\drivers\cpuz135_x32.sys

15:27:28.0288 3868 cpuz135 - ok

15:27:28.0303 3868 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys

15:27:28.0303 3868 crcdisk - ok

15:27:28.0366 3868 CryptSvc (06e771aa596b8761107ab57e99f128d7) C:\Windows\system32\cryptsvc.dll

15:27:28.0397 3868 CryptSvc - ok

15:27:28.0459 3868 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll

15:27:28.0506 3868 DcomLaunch - ok

15:27:28.0537 3868 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll

15:27:28.0569 3868 defragsvc - ok

15:27:28.0615 3868 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys

15:27:28.0647 3868 DfsC - ok

15:27:28.0693 3868 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll

15:27:28.0725 3868 Dhcp - ok

15:27:28.0740 3868 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys

15:27:28.0771 3868 discache - ok

15:27:28.0818 3868 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys

15:27:28.0818 3868 Disk - ok

15:27:28.0849 3868 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll

15:27:28.0896 3868 Dnscache - ok

15:27:28.0943 3868 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll

15:27:28.0990 3868 dot3svc - ok

15:27:29.0037 3868 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys

15:27:29.0037 3868 Dot4 - ok

15:27:29.0083 3868 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys

15:27:29.0099 3868 Dot4Print - ok

15:27:29.0099 3868 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys

15:27:29.0130 3868 dot4usb - ok

15:27:29.0177 3868 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll

15:27:29.0208 3868 DPS - ok

15:27:29.0255 3868 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys

15:27:29.0255 3868 drmkaud - ok

15:27:29.0302 3868 dtsoftbus01 (c0c7ceccb6c85994c2bc92d58e52d3f2) C:\Windows\system32\DRIVERS\dtsoftbus01.sys

15:27:29.0317 3868 dtsoftbus01 - ok

15:27:29.0317 3868 dump_wmimmc - ok

15:27:29.0380 3868 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys

15:27:29.0411 3868 DXGKrnl - ok

15:27:29.0427 3868 EagleXNt - ok

15:27:29.0458 3868 eamonm (04238864710460c5682e260207d06192) C:\Windows\system32\DRIVERS\eamonm.sys

15:27:29.0473 3868 eamonm - ok

15:27:29.0489 3868 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll

15:27:29.0536 3868 EapHost - ok

15:27:29.0676 3868 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys

15:27:29.0739 3868 ebdrv - ok

15:27:29.0832 3868 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe

15:27:29.0910 3868 EFS - ok

15:27:29.0957 3868 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\Windows\system32\DRIVERS\ehdrv.sys

15:27:29.0957 3868 ehdrv - ok

15:27:30.0019 3868 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe

15:27:30.0097 3868 ehRecvr - ok

15:27:30.0129 3868 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe

15:27:30.0175 3868 ehSched - ok

15:27:30.0300 3868 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

15:27:30.0316 3868 ekrn - ok

15:27:30.0394 3868 ElbyCDFL (ce37e3d51912e59c80c6d84337c0b4cd) C:\Windows\system32\Drivers\ElbyCDFL.sys

15:27:30.0409 3868 ElbyCDFL - ok

15:27:30.0441 3868 ElbyCDIO (178cc9403816c082d22a1d47fa1f9c85) C:\Windows\system32\Drivers\ElbyCDIO.sys

15:27:30.0456 3868 ElbyCDIO - ok

15:27:30.0487 3868 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys

15:27:30.0503 3868 elxstor - ok

15:27:30.0534 3868 epfwwfpr (f39c91795ebdb9ecbeb5a388ff2841fe) C:\Windows\system32\DRIVERS\epfwwfpr.sys

15:27:30.0550 3868 epfwwfpr - ok

15:27:30.0565 3868 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys

15:27:30.0597 3868 ErrDev - ok

15:27:30.0643 3868 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll

15:27:30.0690 3868 EventSystem - ok

15:27:30.0721 3868 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys

15:27:30.0737 3868 exfat - ok

15:27:30.0768 3868 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys

15:27:30.0784 3868 fastfat - ok

15:27:30.0846 3868 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe

15:27:30.0909 3868 Fax - ok

15:27:30.0940 3868 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys

15:27:30.0940 3868 fdc - ok

15:27:30.0971 3868 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll

15:27:31.0002 3868 fdPHost - ok

15:27:31.0018 3868 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll

15:27:31.0049 3868 FDResPub - ok

15:27:31.0080 3868 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys

15:27:31.0080 3868 FileInfo - ok

15:27:31.0096 3868 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys

15:27:31.0111 3868 Filetrace - ok

15:27:31.0127 3868 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys

15:27:31.0143 3868 flpydisk - ok

15:27:31.0189 3868 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys

15:27:31.0189 3868 FltMgr - ok

15:27:31.0252 3868 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll

15:27:31.0314 3868 FontCache - ok

15:27:31.0377 3868 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

15:27:31.0377 3868 FontCache3.0.0.0 - ok

15:27:31.0392 3868 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys

15:27:31.0408 3868 FsDepends - ok

15:27:31.0423 3868 Fs_Rec (7dae5ebcc80e45d3253f4923dc424d05) C:\Windows\system32\drivers\Fs_Rec.sys

15:27:31.0439 3868 Fs_Rec - ok

15:27:31.0486 3868 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys

15:27:31.0486 3868 fvevol - ok

15:27:31.0517 3868 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys

15:27:31.0533 3868 gagp30kx - ok

15:27:31.0548 3868 gdrv - ok

15:27:31.0595 3868 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll

15:27:31.0642 3868 gpsvc - ok

15:27:31.0673 3868 hamachi (d30b31375c40309425c21efe75db90bb) C:\Windows\system32\DRIVERS\hamachi.sys

15:27:31.0689 3868 hamachi - ok

15:27:31.0704 3868 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys

15:27:31.0782 3868 hcw85cir - ok

15:27:31.0845 3868 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys

15:27:31.0860 3868 HdAudAddService - ok

15:27:31.0891 3868 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\DRIVERS\HDAudBus.sys

15:27:31.0923 3868 HDAudBus - ok

15:27:31.0938 3868 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys

15:27:31.0969 3868 HidBatt - ok

15:27:31.0985 3868 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys

15:27:32.0016 3868 HidBth - ok

15:27:32.0032 3868 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys

15:27:32.0047 3868 HidIr - ok

15:27:32.0079 3868 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll

15:27:32.0110 3868 hidserv - ok

15:27:32.0157 3868 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys

15:27:32.0172 3868 HidUsb - ok

15:27:32.0203 3868 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll

15:27:32.0219 3868 hkmsvc - ok

15:27:32.0250 3868 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll

15:27:32.0297 3868 HomeGroupListener - ok

15:27:32.0328 3868 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll

15:27:32.0359 3868 HomeGroupProvider - ok

15:27:32.0500 3868 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

15:27:32.0515 3868 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

15:27:32.0515 3868 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

15:27:32.0547 3868 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

15:27:32.0547 3868 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

15:27:32.0547 3868 hpqddsvc - detected UnsignedFile.Multi.Generic (1)

15:27:32.0578 3868 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys

15:27:32.0593 3868 HpSAMD - ok

15:27:32.0687 3868 HPSLPSVC - ok

15:27:32.0734 3868 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys

15:27:32.0765 3868 HTTP - ok

15:27:32.0781 3868 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys

15:27:32.0781 3868 hwpolicy - ok

15:27:32.0827 3868 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys

15:27:32.0843 3868 i8042prt - ok

15:27:32.0905 3868 iaStor (db81f413fa4e3f328cad7b5d59ef3f21) C:\Windows\system32\DRIVERS\iaStor.sys

15:27:32.0921 3868 iaStor - ok

15:27:32.0983 3868 IAStorDataMgrSvc (d41861e56e7552c13674d7f147a02464) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

15:27:32.0983 3868 IAStorDataMgrSvc - ok

15:27:33.0046 3868 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys

15:27:33.0061 3868 iaStorV - ok

15:27:33.0139 3868 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

15:27:33.0155 3868 idsvc - ok

15:27:33.0249 3868 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys

15:27:33.0249 3868 iirsp - ok

15:27:33.0311 3868 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll

15:27:33.0358 3868 IKEEXT - ok

15:27:33.0529 3868 IntcAzAudAddService (509888e289b4765f8d92ad57cf37efa7) C:\Windows\system32\drivers\RTKVHDA.sys

15:27:33.0607 3868 IntcAzAudAddService - ok

15:27:33.0701 3868 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys

15:27:33.0717 3868 intelide - ok

15:27:33.0732 3868 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys

15:27:33.0763 3868 intelppm - ok

15:27:33.0795 3868 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll

15:27:33.0826 3868 IPBusEnum - ok

15:27:33.0841 3868 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:27:33.0873 3868 IpFilterDriver - ok

15:27:33.0935 3868 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll

15:27:33.0982 3868 iphlpsvc - ok

15:27:33.0997 3868 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys

15:27:34.0029 3868 IPMIDRV - ok

15:27:34.0060 3868 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys

15:27:34.0091 3868 IPNAT - ok

15:27:34.0122 3868 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys

15:27:34.0169 3868 IRENUM - ok

15:27:34.0200 3868 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys

15:27:34.0216 3868 isapnp - ok

15:27:34.0231 3868 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys

15:27:34.0247 3868 iScsiPrt - ok

15:27:34.0263 3868 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys

15:27:34.0263 3868 kbdclass - ok

15:27:34.0309 3868 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys

15:27:34.0325 3868 kbdhid - ok

15:27:34.0356 3868 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

15:27:34.0372 3868 KeyIso - ok

15:27:34.0387 3868 KSecDD (b7895b4182c0d16f6efadeb8081e8d36) C:\Windows\system32\Drivers\ksecdd.sys

15:27:34.0403 3868 KSecDD - ok

15:27:34.0434 3868 KSecPkg (d30159ac9237519fbc62c6ec247d2d46) C:\Windows\system32\Drivers\ksecpkg.sys

15:27:34.0450 3868 KSecPkg - ok

15:27:34.0481 3868 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll

15:27:34.0512 3868 KtmRm - ok

15:27:34.0575 3868 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll

15:27:34.0606 3868 LanmanServer - ok

15:27:34.0637 3868 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll

15:27:34.0668 3868 LanmanWorkstation - ok

15:27:34.0699 3868 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll

15:27:34.0731 3868 lltdsvc - ok

15:27:34.0762 3868 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll

15:27:34.0793 3868 lmhosts - ok

15:27:34.0887 3868 LMS (0803906d607a9b83184447b75b60ecc2) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

15:27:34.0902 3868 LMS - ok

15:27:34.0949 3868 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys

15:27:34.0965 3868 LSI_FC - ok

15:27:34.0980 3868 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys

15:27:34.0980 3868 LSI_SAS - ok

15:27:34.0996 3868 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:27:34.0996 3868 LSI_SAS2 - ok

15:27:35.0011 3868 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:27:35.0011 3868 LSI_SCSI - ok

15:27:35.0043 3868 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys

15:27:35.0074 3868 luafv - ok

15:27:35.0105 3868 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll

15:27:35.0121 3868 Mcx2Svc - ok

15:27:35.0152 3868 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys

15:27:35.0152 3868 megasas - ok

15:27:35.0183 3868 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys

15:27:35.0199 3868 MegaSR - ok

15:27:35.0230 3868 MEI (d86ac00883b9c98b570e7643aaf8e554) C:\Windows\system32\DRIVERS\HECI.sys

15:27:35.0277 3868 MEI - ok

15:27:35.0292 3868 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

15:27:35.0339 3868 MMCSS - ok

15:27:35.0355 3868 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys

15:27:35.0386 3868 Modem - ok

15:27:35.0401 3868 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys

15:27:35.0417 3868 monitor - ok

15:27:35.0464 3868 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys

15:27:35.0479 3868 mouclass - ok

15:27:35.0495 3868 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys

15:27:35.0526 3868 mouhid - ok

15:27:35.0573 3868 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys

15:27:35.0573 3868 mountmgr - ok

15:27:35.0651 3868 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

15:27:35.0651 3868 MozillaMaintenance - ok

15:27:35.0682 3868 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys

15:27:35.0698 3868 mpio - ok

15:27:35.0713 3868 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys

15:27:35.0729 3868 mpsdrv - ok

15:27:35.0776 3868 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll

15:27:35.0823 3868 MpsSvc - ok

15:27:35.0854 3868 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys

15:27:35.0885 3868 MRxDAV - ok

15:27:35.0932 3868 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:27:35.0994 3868 mrxsmb - ok

15:27:36.0025 3868 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:27:36.0041 3868 mrxsmb10 - ok

15:27:36.0057 3868 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:27:36.0072 3868 mrxsmb20 - ok

15:27:36.0103 3868 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\DRIVERS\msahci.sys

15:27:36.0119 3868 msahci - ok

15:27:36.0135 3868 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys

15:27:36.0150 3868 msdsm - ok

15:27:36.0181 3868 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe

15:27:36.0213 3868 MSDTC - ok

15:27:36.0244 3868 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys

15:27:36.0259 3868 Msfs - ok

15:27:36.0259 3868 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys

15:27:36.0291 3868 mshidkmdf - ok

15:27:36.0322 3868 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys

15:27:36.0322 3868 msisadrv - ok

15:27:36.0353 3868 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll

15:27:36.0384 3868 MSiSCSI - ok

15:27:36.0384 3868 msiserver - ok

15:27:36.0415 3868 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys

15:27:36.0462 3868 MSKSSRV - ok

15:27:36.0478 3868 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys

15:27:36.0509 3868 MSPCLOCK - ok

15:27:36.0525 3868 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys

15:27:36.0556 3868 MSPQM - ok

15:27:36.0571 3868 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys

15:27:36.0587 3868 MsRPC - ok

15:27:36.0618 3868 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys

15:27:36.0618 3868 mssmbios - ok

15:27:36.0649 3868 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys

15:27:36.0665 3868 MSTEE - ok

15:27:36.0696 3868 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys

15:27:36.0696 3868 MTConfig - ok

15:27:36.0712 3868 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys

15:27:36.0727 3868 Mup - ok

15:27:36.0759 3868 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll

15:27:36.0790 3868 napagent - ok

15:27:36.0837 3868 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys

15:27:36.0837 3868 NativeWifiP - ok

15:27:36.0883 3868 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys

15:27:36.0899 3868 NDIS - ok

15:27:36.0915 3868 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys

15:27:36.0946 3868 NdisCap - ok

15:27:36.0977 3868 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys

15:27:37.0008 3868 NdisTapi - ok

15:27:37.0039 3868 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys

15:27:37.0071 3868 Ndisuio - ok

15:27:37.0102 3868 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys

15:27:37.0133 3868 NdisWan - ok

15:27:37.0164 3868 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys

15:27:37.0180 3868 NDProxy - ok

15:27:37.0242 3868 Net Driver HPZ12 (510c138564486ff926a3f773205c63d1) C:\Windows\system32\HPZinw12.dll

15:27:37.0258 3868 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

15:27:37.0258 3868 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

15:27:37.0289 3868 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys

15:27:37.0336 3868 NetBIOS - ok

15:27:37.0367 3868 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys

15:27:37.0398 3868 NetBT - ok

15:27:37.0414 3868 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

15:27:37.0429 3868 Netlogon - ok

15:27:37.0476 3868 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll

15:27:37.0523 3868 Netman - ok

15:27:37.0601 3868 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

15:27:37.0632 3868 NetMsmqActivator - ok

15:27:37.0632 3868 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

15:27:37.0648 3868 NetPipeActivator - ok

15:27:37.0679 3868 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll

15:27:37.0726 3868 netprofm - ok

15:27:37.0726 3868 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

15:27:37.0741 3868 NetTcpActivator - ok

15:27:37.0741 3868 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

15:27:37.0741 3868 NetTcpPortSharing - ok

15:27:37.0788 3868 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys

15:27:37.0788 3868 nfrd960 - ok

15:27:37.0835 3868 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll

15:27:37.0866 3868 NlaSvc - ok

15:27:37.0882 3868 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys

15:27:37.0913 3868 Npfs - ok

15:27:37.0944 3868 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\Windows\system32\npptNT2.sys

15:27:37.0975 3868 NPPTNT2 ( UnsignedFile.Multi.Generic ) - warning

15:27:37.0975 3868 NPPTNT2 - detected UnsignedFile.Multi.Generic (1)

15:27:37.0991 3868 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll

15:27:38.0007 3868 nsi - ok

15:27:38.0022 3868 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys

15:27:38.0053 3868 nsiproxy - ok

15:27:38.0131 3868 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys

15:27:38.0163 3868 Ntfs - ok

15:27:38.0241 3868 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys

15:27:38.0272 3868 Null - ok

15:27:38.0709 3868 nvlddmkm (3056b19c3fd6d92e02b26f0e4fc9f572) C:\Windows\system32\DRIVERS\nvlddmkm.sys

15:27:38.0989 3868 nvlddmkm - ok

15:27:39.0099 3868 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys

15:27:39.0114 3868 nvraid - ok

15:27:39.0130 3868 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys

15:27:39.0145 3868 nvstor - ok

15:27:39.0161 3868 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys

15:27:39.0161 3868 nv_agp - ok

15:27:39.0192 3868 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys

15:27:39.0223 3868 ohci1394 - ok

15:27:39.0270 3868 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

15:27:39.0333 3868 p2pimsvc - ok

15:27:39.0364 3868 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll

15:27:39.0395 3868 p2psvc - ok

15:27:39.0426 3868 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys

15:27:39.0426 3868 Parport - ok

15:27:39.0457 3868 partmgr (3f34a1b4c5f6475f320c275e63afce9b) C:\Windows\system32\drivers\partmgr.sys

15:27:39.0473 3868 partmgr - ok

15:27:39.0473 3868 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys

15:27:39.0489 3868 Parvdm - ok

15:27:39.0504 3868 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll

15:27:39.0520 3868 PcaSvc - ok

15:27:39.0567 3868 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys

15:27:39.0582 3868 pci - ok

15:27:39.0598 3868 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys

15:27:39.0598 3868 pciide - ok

15:27:39.0629 3868 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys

15:27:39.0645 3868 pcmcia - ok

15:27:39.0660 3868 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys

15:27:39.0676 3868 pcw - ok

15:27:39.0707 3868 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys

15:27:39.0754 3868 PEAUTH - ok

15:27:39.0832 3868 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll

15:27:39.0879 3868 pla - ok

15:27:40.0003 3868 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll

15:27:40.0050 3868 PlugPlay - ok

15:27:40.0113 3868 Pml Driver HPZ12 (37e5e8ffbad35605daeec3224ea0e465) C:\Windows\system32\HPZipm12.dll

15:27:40.0128 3868 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

15:27:40.0128 3868 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

15:27:40.0159 3868 PnkBstrA (205e1b699fd3f2f9b036eea2ec30c620) C:\Windows\system32\PnkBstrA.exe

15:27:40.0175 3868 PnkBstrA - ok

15:27:40.0191 3868 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll

15:27:40.0222 3868 PNRPAutoReg - ok

15:27:40.0253 3868 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll

15:27:40.0269 3868 PNRPsvc - ok

15:27:40.0315 3868 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll

15:27:40.0362 3868 PolicyAgent - ok

15:27:40.0378 3868 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll

15:27:40.0425 3868 Power - ok

15:27:40.0487 3868 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys

15:27:40.0518 3868 PptpMiniport - ok

15:27:40.0549 3868 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys

15:27:40.0565 3868 Processor - ok

15:27:40.0596 3868 ProfSvc (cadefac453040e370a1bdff3973be00d) C:\Windows\system32\profsvc.dll

15:27:40.0659 3868 ProfSvc - ok

15:27:40.0690 3868 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

15:27:40.0690 3868 ProtectedStorage - ok

15:27:40.0737 3868 PStrip (bcf8d075fad718fea8ef6e281331a56e) C:\Windows\system32\drivers\pstrip.sys

15:27:40.0752 3868 PStrip - ok

15:27:40.0799 3868 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys

15:27:40.0830 3868 ql2300 - ok

15:27:40.0924 3868 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys

15:27:40.0939 3868 ql40xx - ok

15:27:40.0971 3868 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll

15:27:40.0986 3868 QWAVE - ok

15:27:41.0002 3868 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys

15:27:41.0002 3868 QWAVEdrv - ok

15:27:41.0017 3868 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys

15:27:41.0049 3868 RasAcd - ok

15:27:41.0080 3868 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:27:41.0111 3868 RasAgileVpn - ok

15:27:41.0127 3868 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll

15:27:41.0158 3868 RasAuto - ok

15:27:41.0189 3868 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:27:41.0220 3868 Rasl2tp - ok

15:27:41.0267 3868 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll

15:27:41.0283 3868 RasMan - ok

15:27:41.0314 3868 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys

15:27:41.0329 3868 RasPppoe - ok

15:27:41.0345 3868 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys

15:27:41.0376 3868 RasSstp - ok

15:27:41.0423 3868 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys

15:27:41.0454 3868 rdbss - ok

15:27:41.0485 3868 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys

15:27:41.0501 3868 rdpbus - ok

15:27:41.0517 3868 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:27:41.0548 3868 RDPCDD - ok

15:27:41.0579 3868 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys

15:27:41.0610 3868 RDPENCDD - ok

15:27:41.0626 3868 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys

15:27:41.0657 3868 RDPREFMP - ok

15:27:41.0688 3868 RDPWD (f031683e6d1fea157abb2ff260b51e61) C:\Windows\system32\drivers\RDPWD.sys

15:27:41.0751 3868 RDPWD - ok

15:27:41.0782 3868 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys

15:27:41.0797 3868 rdyboost - ok

15:27:41.0813 3868 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll

15:27:41.0844 3868 RemoteAccess - ok

15:27:41.0875 3868 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll

15:27:41.0907 3868 RemoteRegistry - ok

15:27:41.0922 3868 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys

15:27:41.0969 3868 ROOTMODEM - ok

15:27:41.0985 3868 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll

15:27:42.0016 3868 RpcEptMapper - ok

15:27:42.0047 3868 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe

15:27:42.0063 3868 RpcLocator - ok

15:27:42.0109 3868 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\System32\rpcss.dll

15:27:42.0141 3868 RpcSs - ok

15:27:42.0187 3868 RTL8167 (558684c0bef37c5be04940ee4e607b68) C:\Windows\system32\DRIVERS\Rt86win7.sys

15:27:42.0203 3868 RTL8167 - ok

15:27:42.0234 3868 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

15:27:42.0234 3868 SamSs - ok

15:27:42.0312 3868 SANDRA (230fd3749904ca045ea5ec0aa14006e9) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x86\Sandra.sys

15:27:42.0328 3868 SANDRA - ok

15:27:42.0328 3868 SandraAgentSrv (96f6f3e594d780b7e20fdc94504d4d89) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe

15:27:42.0359 3868 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning

15:27:42.0359 3868 SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)

15:27:42.0406 3868 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys

15:27:42.0406 3868 sbp2port - ok

15:27:42.0437 3868 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll

15:27:42.0453 3868 SCardSvr - ok

15:27:42.0484 3868 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys

15:27:42.0531 3868 scfilter - ok

15:27:42.0577 3868 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll

15:27:42.0624 3868 Schedule - ok

15:27:42.0655 3868 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll

15:27:42.0671 3868 SCPolicySvc - ok

15:27:42.0687 3868 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll

15:27:42.0749 3868 SDRSVC - ok

15:27:42.0765 3868 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

15:27:42.0780 3868 secdrv - ok

15:27:42.0796 3868 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll

15:27:42.0843 3868 seclogon - ok

15:27:42.0858 3868 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll

15:27:42.0874 3868 SENS - ok

15:27:42.0905 3868 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll

15:27:42.0967 3868 SensrSvc - ok

15:27:42.0983 3868 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys

15:27:43.0014 3868 Serenum - ok

15:27:43.0045 3868 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys

15:27:43.0061 3868 Serial - ok

15:27:43.0108 3868 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys

15:27:43.0108 3868 sermouse - ok

15:27:43.0155 3868 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll

15:27:43.0186 3868 SessionEnv - ok

15:27:43.0217 3868 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys

15:27:43.0248 3868 sffdisk - ok

15:27:43.0264 3868 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys

15:27:43.0295 3868 sffp_mmc - ok

15:27:43.0311 3868 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys

15:27:43.0326 3868 sffp_sd - ok

15:27:43.0342 3868 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys

15:27:43.0357 3868 sfloppy - ok

15:27:43.0420 3868 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll

15:27:43.0451 3868 SharedAccess - ok

15:27:43.0498 3868 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll

15:27:43.0529 3868 ShellHWDetection - ok

15:27:43.0591 3868 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys

15:27:43.0591 3868 sisagp - ok

15:27:43.0623 3868 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:27:43.0638 3868 SiSRaid2 - ok

15:27:43.0638 3868 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys

15:27:43.0654 3868 SiSRaid4 - ok

15:27:43.0669 3868 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys

15:27:43.0685 3868 Smb - ok

15:27:43.0716 3868 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe

15:27:43.0732 3868 SNMPTRAP - ok

15:27:43.0732 3868 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys

15:27:43.0747 3868 spldr - ok

15:27:43.0794 3868 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe

15:27:43.0841 3868 Spooler - ok

15:27:43.0966 3868 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe

15:27:44.0044 3868 sppsvc - ok

15:27:44.0153 3868 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll

15:27:44.0184 3868 sppuinotify - ok

15:27:44.0262 3868 sptd (8ea0fd60a5b047e0c734d51aace531c9) C:\Windows\System32\Drivers\sptd.sys

15:27:44.0262 3868 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: 8ea0fd60a5b047e0c734d51aace531c9

15:27:44.0262 3868 sptd ( LockedFile.Multi.Generic ) - warning

15:27:44.0262 3868 sptd - detected LockedFile.Multi.Generic (1)

15:27:44.0293 3868 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys

15:27:44.0356 3868 srv - ok

15:27:44.0387 3868 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys

15:27:44.0403 3868 srv2 - ok

15:27:44.0434 3868 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys

15:27:44.0449 3868 srvnet - ok

15:27:44.0481 3868 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll

15:27:44.0512 3868 SSDPSRV - ok

15:27:44.0512 3868 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll

15:27:44.0559 3868 SstpSvc - ok

15:27:44.0637 3868 Start BT in service (9d1a8732718438dc8c472d4d7762de5f) C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe

15:27:44.0652 3868 Start BT in service - ok

15:27:44.0683 3868 Steam Client Service - ok

15:27:44.0761 3868 Stereo Service (8d51ca9e6d36bf3be88abe4f4fead8ec) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

15:27:44.0777 3868 Stereo Service - ok

15:27:44.0777 3868 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys

15:27:44.0793 3868 stexstor - ok

15:27:44.0839 3868 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll

15:27:44.0886 3868 StiSvc - ok

15:27:44.0902 3868 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys

15:27:44.0917 3868 swenum - ok

15:27:44.0949 3868 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll

15:27:44.0980 3868 swprv - ok

15:27:45.0058 3868 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll

15:27:45.0089 3868 SysMain - ok

15:27:45.0105 3868 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll

15:27:45.0120 3868 TabletInputService - ok

15:27:45.0167 3868 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll

15:27:45.0198 3868 TapiSrv - ok

15:27:45.0229 3868 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll

15:27:45.0276 3868 TBS - ok

15:27:45.0370 3868 Tcpip (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\drivers\tcpip.sys

15:27:45.0417 3868 Tcpip - ok

15:27:45.0526 3868 TCPIP6 (7fa2e0f8b072bd04b77b421480b6cc22) C:\Windows\system32\DRIVERS\tcpip.sys

15:27:45.0541 3868 TCPIP6 - ok

15:27:45.0588 3868 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys

15:27:45.0635 3868 tcpipreg - ok

15:27:45.0651 3868 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys

15:27:45.0729 3868 TDPIPE - ok

15:27:45.0744 3868 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys

15:27:45.0775 3868 TDTCP - ok

15:27:45.0807 3868 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys

15:27:45.0838 3868 tdx - ok

15:27:45.0869 3868 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys

15:27:45.0869 3868 TermDD - ok

15:27:45.0916 3868 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll

15:27:45.0947 3868 TermService - ok

15:27:45.0978 3868 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll

15:27:46.0009 3868 Themes - ok

15:27:46.0025 3868 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll

15:27:46.0056 3868 THREADORDER - ok

15:27:46.0072 3868 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll

15:27:46.0103 3868 TrkWks - ok

15:27:46.0165 3868 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe

15:27:46.0181 3868 TrustedInstaller - ok

15:27:46.0197 3868 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:27:46.0212 3868 tssecsrv - ok

15:27:46.0243 3868 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys

15:27:46.0306 3868 TsUsbFlt - ok

15:27:46.0353 3868 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys

15:27:46.0384 3868 tunnel - ok

15:27:46.0399 3868 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys

15:27:46.0415 3868 uagp35 - ok

15:27:46.0446 3868 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys

15:27:46.0477 3868 udfs - ok

15:27:46.0509 3868 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe

15:27:46.0540 3868 UI0Detect - ok

15:27:46.0587 3868 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys

15:27:46.0587 3868 uliagpkx - ok

15:27:46.0602 3868 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys

15:27:46.0618 3868 umbus - ok

15:27:46.0633 3868 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys

15:27:46.0665 3868 UmPass - ok

15:27:46.0711 3868 unisofthid (52acec2902036b5f7031961824e34910) C:\Windows\system32\DRIVERS\unisofthid.sys

15:27:46.0758 3868 unisofthid ( UnsignedFile.Multi.Generic ) - warning

15:27:46.0758 3868 unisofthid - detected UnsignedFile.Multi.Generic (1)

15:27:46.0930 3868 UNS (eb79c6c91a99930015ef29ae7fa802d1) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

15:27:46.0977 3868 UNS - ok

15:27:47.0070 3868 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll

15:27:47.0101 3868 upnphost - ok

15:27:47.0133 3868 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys

15:27:47.0179 3868 usbccgp - ok

15:27:47.0211 3868 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys

15:27:47.0226 3868 usbcir - ok

15:27:47.0242 3868 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys

15:27:47.0242 3868 usbehci - ok

15:27:47.0273 3868 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys

15:27:47.0304 3868 usbhub - ok

15:27:47.0320 3868 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys

15:27:47.0351 3868 usbohci - ok

15:27:47.0382 3868 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys

15:27:47.0382 3868 usbprint - ok

15:27:47.0398 3868 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys

15:27:47.0429 3868 usbscan - ok

15:27:47.0460 3868 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:27:47.0538 3868 USBSTOR - ok

15:27:47.0569 3868 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys

15:27:47.0569 3868 usbuhci - ok

15:27:47.0601 3868 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll

15:27:47.0616 3868 UxSms - ok

15:27:47.0647 3868 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe

15:27:47.0647 3868 VaultSvc - ok

15:27:47.0679 3868 VComm (51750b0539986186c6931fc40d171521) C:\Windows\system32\DRIVERS\VComm.sys

15:27:47.0679 3868 VComm - ok

15:27:47.0694 3868 VcommMgr (6d9c891c0a761afed1f3609c2e56f2b9) C:\Windows\system32\Drivers\VcommMgr.sys

15:27:47.0710 3868 VcommMgr - ok

15:27:47.0757 3868 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys

15:27:47.0772 3868 vdrvroot - ok

15:27:47.0819 3868 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe

15:27:47.0850 3868 vds - ok

15:27:47.0881 3868 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys

15:27:47.0897 3868 vga - ok

15:27:47.0913 3868 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys

15:27:47.0944 3868 VgaSave - ok

15:27:47.0959 3868 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys

15:27:47.0975 3868 vhdmp - ok

15:27:48.0006 3868 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys

15:27:48.0006 3868 viaagp - ok

15:27:48.0022 3868 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys

15:27:48.0037 3868 ViaC7 - ok

15:27:48.0069 3868 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys

15:27:48.0069 3868 viaide - ok

15:27:48.0084 3868 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys

15:27:48.0100 3868 volmgr - ok

15:27:48.0131 3868 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys

15:27:48.0147 3868 volmgrx - ok

15:27:48.0178 3868 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys

15:27:48.0193 3868 volsnap - ok

15:27:48.0225 3868 vproiah (42f5fc978f64faab5ac7160eb178f29b) C:\Windows\system32\DRIVERS\vproiah.sys

15:27:48.0240 3868 vproiah ( UnsignedFile.Multi.Generic ) - warning

15:27:48.0240 3868 vproiah - detected UnsignedFile.Multi.Generic (1)

15:27:48.0240 3868 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys

15:27:48.0256 3868 vsmraid - ok

15:27:48.0334 3868 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe

15:27:48.0381 3868 VSS - ok

15:27:48.0396 3868 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys

15:27:48.0427 3868 vwifibus - ok

15:27:48.0474 3868 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll

15:27:48.0505 3868 W32Time - ok

15:27:48.0521 3868 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys

15:27:48.0552 3868 WacomPen - ok

15:27:48.0599 3868 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

15:27:48.0630 3868 WANARP - ok

15:27:48.0630 3868 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys

15:27:48.0661 3868 Wanarpv6 - ok

15:27:48.0739 3868 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe

15:27:48.0786 3868 WatAdminSvc - ok

15:27:48.0942 3868 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe

15:27:48.0989 3868 wbengine - ok

15:27:49.0020 3868 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll

15:27:49.0051 3868 WbioSrvc - ok

15:27:49.0083 3868 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll

15:27:49.0098 3868 wcncsvc - ok

15:27:49.0114 3868 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll

15:27:49.0161 3868 WcsPlugInService - ok

15:27:49.0192 3868 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys

15:27:49.0207 3868 Wd - ok

15:27:49.0239 3868 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

15:27:49.0254 3868 Wdf01000 - ok

15:27:49.0270 3868 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

15:27:49.0332 3868 WdiServiceHost - ok

15:27:49.0332 3868 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll

15:27:49.0332 3868 WdiSystemHost - ok

15:27:49.0379 3868 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll

15:27:49.0410 3868 WebClient - ok

15:27:49.0457 3868 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll

15:27:49.0473 3868 Wecsvc - ok

15:27:49.0535 3868 WeGameClientService (a8e0e75f8411ee0fce92f2ce65bdeeec) C:\Program Files\WeGame\WGClientService.exe

15:27:49.0551 3868 WeGameClientService - ok

15:27:49.0551 3868 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll

15:27:49.0582 3868 wercplsupport - ok

15:27:49.0597 3868 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll

15:27:49.0629 3868 WerSvc - ok

15:27:49.0660 3868 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys

15:27:49.0691 3868 WfpLwf - ok

15:27:49.0722 3868 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys

15:27:49.0722 3868 WIMMount - ok

15:27:49.0785 3868 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll

15:27:49.0816 3868 WinDefend - ok

15:27:49.0816 3868 WinHttpAutoProxySvc - ok

15:27:49.0894 3868 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll

15:27:49.0909 3868 Winmgmt - ok

15:27:49.0987 3868 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll

15:27:50.0019 3868 WinRM - ok

15:27:50.0081 3868 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys

15:27:50.0097 3868 WinUsb - ok

15:27:50.0159 3868 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll

15:27:50.0175 3868 Wlansvc - ok

15:27:50.0315 3868 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

15:27:50.0346 3868 wlidsvc - ok

15:27:50.0440 3868 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys

15:27:50.0455 3868 WmiAcpi - ok

15:27:50.0518 3868 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe

15:27:50.0533 3868 wmiApSrv - ok

15:27:50.0643 3868 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe

15:27:50.0689 3868 WMPNetworkSvc - ok

15:27:50.0783 3868 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll

15:27:50.0830 3868 WPCSvc - ok

15:27:50.0861 3868 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll

15:27:50.0908 3868 WPDBusEnum - ok

15:27:50.0939 3868 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys

15:27:50.0986 3868 ws2ifsl - ok

15:27:51.0001 3868 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll

15:27:51.0017 3868 wscsvc - ok

15:27:51.0017 3868 WSearch - ok

15:27:51.0111 3868 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll

15:27:51.0157 3868 wuauserv - ok

15:27:51.0267 3868 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys

15:27:51.0313 3868 WudfPf - ok

15:27:51.0360 3868 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:27:51.0391 3868 WUDFRd - ok

15:27:51.0423 3868 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll

15:27:51.0469 3868 wudfsvc - ok

15:27:51.0501 3868 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll

15:27:51.0516 3868 WwanSvc - ok

15:27:51.0563 3868 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

15:27:51.0610 3868 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected

15:27:51.0610 3868 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b (0)

15:27:51.0610 3868 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

15:27:51.0610 3868 \Device\Harddisk0\DR0 - detected TDSS File System (1)

15:27:51.0610 3868 Boot (0x1200) (70896d25c8d8fb92420b712e32369125) \Device\Harddisk0\DR0\Partition0

15:27:51.0610 3868 \Device\Harddisk0\DR0\Partition0 - ok

15:27:51.0641 3868 Boot (0x1200) (216c387358dc145099daa82683ffef24) \Device\Harddisk0\DR0\Partition1

15:27:51.0641 3868 \Device\Harddisk0\DR0\Partition1 - ok

15:27:51.0641 3868 ============================================================

15:27:51.0641 3868 Scan finished

15:27:51.0641 3868 ============================================================

15:27:51.0641 4416 Detected object count: 11

15:27:51.0641 4416 Actual detected object count: 11

15:29:31.0856 4416 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user

15:29:31.0856 4416 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:29:31.0856 4416 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user

15:29:31.0856 4416 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:29:31.0856 4416 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

15:29:31.0856 4416 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:29:31.0856 4416 NPPTNT2 ( UnsignedFile.Multi.Generic ) - skipped by user

15:29:31.0856 4416 NPPTNT2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:29:31.0856 4416 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

15:29:31.0856 4416 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:29:31.0856 4416 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user

15:29:31.0856 4416 SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:29:31.0856 4416 sptd ( LockedFile.Multi.Generic ) - skipped by user

15:29:31.0856 4416 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

15:29:31.0856 4416 unisofthid ( UnsignedFile.Multi.Generic ) - skipped by user

15:29:31.0856 4416 unisofthid ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:29:31.0856 4416 vproiah ( UnsignedFile.Multi.Generic ) - skipped by user

15:29:31.0856 4416 vproiah ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:29:32.0090 4416 \Device\Harddisk0\DR0\# - copied to quarantine

15:29:32.0090 4416 \Device\Harddisk0\DR0 - copied to quarantine

15:29:32.0136 4416 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot

15:29:32.0152 4416 \Device\Harddisk0\DR0 - ok

15:29:32.0152 4416 \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure

15:29:32.0152 4416 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

15:29:32.0152 4416 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

15:29:34.0430 5604 Deinitialize success