• Registrarse
  • Iniciar sesión


  • Resultados 1 al 9 de 9

    Virus winlogon

    Hola a todos: El problema que tengo es el siguiente: estaba en internet y de repente se fue la conexion y aparecía unas ventanas que daban un error. En una de estas ventanas apareció el ...

    1. #1
      Usuario Avatar de jabuba
      Registrado
      feb 2012
      Ubicación
      ponteveda
      Mensajes
      13

      Wink Virus winlogon

      Hola a todos:

      El problema que tengo es el siguiente: estaba en internet y de repente se fue la conexion y aparecía unas ventanas que daban un error. En una de estas ventanas apareció el nombre de "winlogon.exe" asi que busqué por aqui y parece ser un virus común. En modo normal puedo hacer la mayoría e las cosas menos acceder a internet, no detecta redes. Entré en el modo seguro con opciones de red pero tampoco puedo acceder a internet. Si pudiesen ayudarme se lo agradecería mucho. Muchas gracias. Un saludo

    2. #2
      Moderador
      Avatar de @DavidG_EB
      Registrado
      jul 2009
      Ubicación
      Mexico
      Mensajes
      10.633

      Re: Virus winlogon

      Hola jabuba
      Y bienvenid al foro

      Temas de interes:
      Winlogon no es necesariamente un virus. Winlogon es un programa que forma parte del sistema operativo, algunas infecciones pueden usar ese nombre para confundir antivirus y/o a los usarios

      Realiza lo siguiente porfavor:
      Descarga Lo siguiente pero no lo ejecutes aun:
      Descomprime Inirem y restaura el archivo hosts, despues presiona donde pone Renovar IP&DNS y reinicia.

      Descomprime y ejecuta winsockfix segun su manual y considerando tu sistema operativo, de usar window 7 o vista ejecuta el programa como administrador.
      Nos comentas si despues de eso tienes internet.

      Saludos
      ErdrickBass
      No importa lo fuerte que sea tu oponente. Lo importante es que estés de pie ante él

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de jabuba
      Registrado
      feb 2012
      Ubicación
      ponteveda
      Mensajes
      13

      Re: Virus winlogon

      Hola:

      Acabo de realizar los 3 pasos y sigo sin tener conexión a internet... Qué puede ser?

    4. #4
      Moderador
      Avatar de @DavidG_EB
      Registrado
      jul 2009
      Ubicación
      Mexico
      Mensajes
      10.633

      Re: Virus winlogon

      Buenas

      Vamos a tratar de usar herramientas que no usen internet para desinfectar tu equipo, y despues probar restaurar la conexion nuevamente:
      Descarga y/o actualiza los siguientes programas pero no los ejecutes aun:
      Instala, y ejecuta glary utilities, despues ejecuta un mantenimiento one-click. Cualquier cosa te dejo su manual.

      Ejecuta TDSSKiller segun su manual y siguiendo estas especificaciones:
      Desconecta tu ordenador de Internet (Desconecta el cable).
      • Descomprime el archivo tdsskiller.zip y ejecutalo
      • Presiona clic sobre
      • Marca también las casillas:

      • Presiona clic sobre el botón

        .
      • TDSSKiller comenzara a analizar el equipo. Cuando termine procede como indica el manual sin olvidar omitir los archivos que marque como sospechosos y curar o eliminar los que marque como infeccion.


      Ejecuta Drweb según su manual y con estas especificaciones:
      • Cuando inicie el programa ejecutalo en su modo de proteccion mejorada preferentemente.
      • Al iniciarlo siguiendo el manual, comenzara un Escaneo rápido por defecto, lo detienes si es posible como se muestra en la imagen de abajo, si no espera a que termine:



      • Eliges la opción Escaneo completo y pulsas el botón de Play para iniciar.
      • Curas, Mueves y Eliminas, lo que encuentre según te de la opción y con ese orden de preferencia.
      • Si te detecta el archivo Hosts modificado pulsa en Si para restaurarlo.
      • Guarda un reporte al finalizar como lo indica la imagen
      Nos traerias el reporte de DrWeb ( de no poder guardarlo como se indica, un reporte se genera sobre %userprofile%\DoctorWeb\CureIt.log, del cual deberas traer solo la seccion del final de estadisticas) y de TDSSKiller (C:\TDSSKiller.x.xx.x_xx.xx.xxxx_xx.xx.xx_log.txt donde "x.xx.x_xx.xx.xxxx_xx.xx.xx" son versión, fecha y hora)comentandonos como sigue el problema.

      Saludos
      ErdrickBass
      No importa lo fuerte que sea tu oponente. Lo importante es que estés de pie ante él

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de jabuba
      Registrado
      feb 2012
      Ubicación
      ponteveda
      Mensajes
      13

      Re: Virus winlogon

      Hola otra vez

      Realicé todos los pasos marcados y nada...todo sigue igual. Aqui os dejo el reporte de TDSSKiller:

      11:57:03.0778 4668 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
      11:57:03.0793 4668 ============================================================
      11:57:03.0793 4668 Current date / time: 2012/10/31 11:57:03.0793
      11:57:03.0793 4668 SystemInfo:
      11:57:03.0793 4668
      11:57:03.0793 4668 OS Version: 6.1.7600 ServicePack: 0.0
      11:57:03.0793 4668 Product type: Workstation
      11:57:03.0793 4668 ComputerName: USUARIO-PC
      11:57:03.0793 4668 UserName: Usuario
      11:57:03.0793 4668 Windows directory: C:\Windows
      11:57:03.0793 4668 System windows directory: C:\Windows
      11:57:03.0793 4668 Running under WOW64
      11:57:03.0793 4668 Processor architecture: Intel x64
      11:57:03.0793 4668 Number of processors: 4
      11:57:03.0793 4668 Page size: 0x1000
      11:57:03.0793 4668 Boot type: Normal boot
      11:57:03.0793 4668 ============================================================
      11:57:04.0324 4668 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
      11:57:04.0339 4668 Drive \Device\Harddisk1\DR1 - Size: 0x3D800000 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
      11:57:04.0339 4668 ============================================================
      11:57:04.0339 4668 \Device\Harddisk0\DR0:
      11:57:04.0339 4668 MBR partitions:
      11:57:04.0339 4668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2711676, BlocksNum 0x12A14A08
      11:57:04.0339 4668 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15127000, BlocksNum 0x35730800
      11:57:04.0339 4668 \Device\Harddisk1\DR1:
      11:57:04.0339 4668 MBR partitions:
      11:57:04.0339 4668 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xE, StartLBA 0x20, BlocksNum 0x1EBFE0
      11:57:04.0339 4668 ============================================================
      11:57:04.0386 4668 C: <-> \Device\Harddisk0\DR0\Partition1
      11:57:04.0417 4668 D: <-> \Device\Harddisk0\DR0\Partition2
      11:57:04.0417 4668 ============================================================
      11:57:04.0417 4668 Initialize success
      11:57:04.0417 4668 ============================================================
      12:00:30.0041 4300 ============================================================
      12:00:30.0041 4300 Scan started
      12:00:30.0041 4300 Mode: Manual; SigCheck; TDLFS;
      12:00:30.0041 4300 ============================================================
      12:00:30.0338 4300 ================ Scan system memory ========================
      12:00:30.0338 4300 System memory - ok
      12:00:30.0338 4300 ================ Scan services =============================
      12:00:30.0478 4300 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
      12:00:30.0556 4300 1394ohci - ok
      12:00:30.0587 4300 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
      12:00:30.0603 4300 ACPI - ok
      12:00:30.0634 4300 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
      12:00:30.0681 4300 AcpiPmi - ok
      12:00:30.0728 4300 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
      12:00:30.0743 4300 adp94xx - ok
      12:00:30.0821 4300 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
      12:00:30.0837 4300 adpahci - ok
      12:00:30.0852 4300 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
      12:00:30.0868 4300 adpu320 - ok
      12:00:30.0946 4300 [ C0BF554D2277F7A4C735D475ADE2E3B2 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
      12:00:30.0977 4300 ADSMService ( UnsignedFile.Multi.Generic ) - warning
      12:00:30.0977 4300 ADSMService - detected UnsignedFile.Multi.Generic (1)
      12:00:31.0008 4300 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      12:00:31.0071 4300 AeLookupSvc - ok
      12:00:31.0118 4300 [ 734D1BA96BE6AD8D04E6AFEAD569EA8A ] AFBAgent C:\Windows\system32\FBAgent.exe
      12:00:31.0149 4300 AFBAgent - ok
      12:00:31.0211 4300 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
      12:00:31.0258 4300 AFD - ok
      12:00:31.0305 4300 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
      12:00:31.0320 4300 agp440 - ok
      12:00:31.0352 4300 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
      12:00:31.0398 4300 ALG - ok
      12:00:31.0430 4300 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
      12:00:31.0445 4300 aliide - ok
      12:00:31.0476 4300 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
      12:00:31.0476 4300 amdide - ok
      12:00:31.0508 4300 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
      12:00:31.0539 4300 AmdK8 - ok
      12:00:31.0554 4300 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
      12:00:31.0586 4300 AmdPPM - ok
      12:00:31.0617 4300 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
      12:00:31.0632 4300 amdsata - ok
      12:00:31.0664 4300 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
      12:00:31.0695 4300 amdsbs - ok
      12:00:31.0710 4300 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
      12:00:31.0710 4300 amdxata - ok
      12:00:31.0866 4300 [ E769EAAF73737190CBB5F39E239046C6 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
      12:00:31.0882 4300 AntiVirSchedulerService - ok
      12:00:31.0929 4300 [ 3F21F1C910BDBD84EF355C22B9A618F9 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
      12:00:31.0944 4300 AntiVirService - ok
      12:00:31.0976 4300 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
      12:00:32.0022 4300 AppID - ok
      12:00:32.0038 4300 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
      12:00:32.0100 4300 AppIDSvc - ok
      12:00:32.0147 4300 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
      12:00:32.0178 4300 Appinfo - ok
      12:00:32.0210 4300 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
      12:00:32.0225 4300 arc - ok
      12:00:32.0256 4300 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
      12:00:32.0272 4300 arcsas - ok
      12:00:32.0288 4300 [ 88FBC8BEBFD38566235EAA5E4DBC4E05 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
      12:00:32.0303 4300 AsDsm - ok
      12:00:32.0381 4300 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
      12:00:32.0397 4300 ASLDRService - ok
      12:00:32.0428 4300 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
      12:00:32.0428 4300 ASMMAP64 - ok
      12:00:32.0444 4300 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      12:00:32.0506 4300 AsyncMac - ok
      12:00:32.0537 4300 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
      12:00:32.0553 4300 atapi - ok
      12:00:32.0600 4300 [ F8633CDD09647A64EE8DB550630427FF ] athr C:\Windows\system32\DRIVERS\athrx.sys
      12:00:32.0662 4300 athr - ok
      12:00:32.0678 4300 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
      12:00:32.0678 4300 ATKGFNEXSrv - ok
      12:00:32.0724 4300 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      12:00:32.0818 4300 AudioEndpointBuilder - ok
      12:00:32.0834 4300 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
      12:00:32.0865 4300 AudioSrv - ok
      12:00:32.0927 4300 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
      12:00:32.0958 4300 avgntflt - ok
      12:00:33.0021 4300 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
      12:00:33.0036 4300 avipbb - ok
      12:00:33.0068 4300 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
      12:00:33.0083 4300 avkmgr - ok
      12:00:33.0146 4300 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
      12:00:33.0192 4300 AxInstSV - ok
      12:00:33.0239 4300 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
      12:00:33.0286 4300 b06bdrv - ok
      12:00:33.0302 4300 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
      12:00:33.0348 4300 b57nd60a - ok
      12:00:33.0364 4300 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
      12:00:33.0411 4300 BDESVC - ok
      12:00:33.0411 4300 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
      12:00:33.0473 4300 Beep - ok
      12:00:33.0520 4300 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
      12:00:33.0598 4300 BFE - ok
      12:00:33.0645 4300 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
      12:00:33.0723 4300 BITS - ok
      12:00:33.0738 4300 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
      12:00:33.0785 4300 blbdrive - ok
      12:00:33.0816 4300 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      12:00:33.0863 4300 bowser - ok
      12:00:33.0894 4300 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
      12:00:33.0910 4300 BrFiltLo - ok
      12:00:33.0926 4300 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
      12:00:33.0941 4300 BrFiltUp - ok
      12:00:33.0957 4300 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
      12:00:33.0988 4300 Browser - ok
      12:00:34.0004 4300 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
      12:00:34.0035 4300 Brserid - ok
      12:00:34.0035 4300 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
      12:00:34.0066 4300 BrSerWdm - ok
      12:00:34.0066 4300 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
      12:00:34.0113 4300 BrUsbMdm - ok
      12:00:34.0113 4300 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
      12:00:34.0160 4300 BrUsbSer - ok
      12:00:34.0206 4300 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
      12:00:34.0269 4300 BthEnum - ok
      12:00:34.0300 4300 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
      12:00:34.0347 4300 BTHMODEM - ok
      12:00:34.0378 4300 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
      12:00:34.0425 4300 BthPan - ok
      12:00:34.0456 4300 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
      12:00:34.0518 4300 BTHPORT - ok
      12:00:34.0550 4300 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
      12:00:34.0596 4300 bthserv - ok
      12:00:34.0628 4300 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
      12:00:34.0659 4300 BTHUSB - ok
      12:00:34.0706 4300 [ A72A9101F9730DB7332714E566614E4D ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
      12:00:34.0737 4300 btwaudio - ok
      12:00:34.0737 4300 [ 5CEEC634B617525F2B6AD29F871033F7 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
      12:00:34.0752 4300 btwavdt - ok
      12:00:34.0846 4300 [ 4E63C48E7328A11ED0E9075C18FCE782 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
      12:00:34.0877 4300 btwdins - ok
      12:00:34.0908 4300 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
      12:00:34.0924 4300 btwl2cap - ok
      12:00:34.0924 4300 [ 2AF5604D28BEF77B7CF4B9D232FE7CD3 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
      12:00:34.0940 4300 btwrchid - ok
      12:00:34.0955 4300 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      12:00:35.0033 4300 cdfs - ok
      12:00:35.0080 4300 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
      12:00:35.0111 4300 cdrom - ok
      12:00:35.0142 4300 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
      12:00:35.0205 4300 CertPropSvc - ok
      12:00:35.0220 4300 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
      12:00:35.0267 4300 circlass - ok
      12:00:35.0283 4300 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
      12:00:35.0314 4300 CLFS - ok
      12:00:35.0376 4300 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      12:00:35.0392 4300 clr_optimization_v2.0.50727_32 - ok
      12:00:35.0439 4300 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
      12:00:35.0470 4300 clr_optimization_v2.0.50727_64 - ok
      12:00:35.0564 4300 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      12:00:35.0626 4300 clr_optimization_v4.0.30319_32 - ok
      12:00:35.0688 4300 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
      12:00:35.0751 4300 clr_optimization_v4.0.30319_64 - ok
      12:00:35.0782 4300 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
      12:00:35.0829 4300 CmBatt - ok
      12:00:35.0844 4300 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
      12:00:35.0860 4300 cmdide - ok
      12:00:35.0891 4300 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
      12:00:35.0922 4300 CNG - ok
      12:00:35.0985 4300 [ 7247A4D0875F5F28919E0787E11B7B57 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
      12:00:36.0016 4300 CnxtHdAudService - ok
      12:00:36.0047 4300 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
      12:00:36.0063 4300 Compbatt - ok
      12:00:36.0078 4300 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
      12:00:36.0125 4300 CompositeBus - ok
      12:00:36.0141 4300 COMSysApp - ok
      12:00:36.0156 4300 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
      12:00:36.0172 4300 crcdisk - ok
      12:00:36.0219 4300 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
      12:00:36.0234 4300 CryptSvc - ok
      12:00:36.0344 4300 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
      12:00:36.0375 4300 cvhsvc - ok
      12:00:36.0422 4300 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
      12:00:36.0468 4300 DcomLaunch - ok
      12:00:36.0484 4300 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
      12:00:36.0562 4300 defragsvc - ok
      12:00:36.0593 4300 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      12:00:36.0640 4300 DfsC - ok
      12:00:36.0671 4300 [ DEF365F0F6E017888C4B869D3BA4B8E0 ] dgderdrv C:\Windows\system32\drivers\dgderdrv.sys
      12:00:36.0687 4300 dgderdrv - ok
      12:00:36.0718 4300 [ 113212D25D0C9BB8901A9833774DA97F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
      12:00:36.0734 4300 dg_ssudbus - ok
      12:00:36.0765 4300 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
      12:00:36.0796 4300 Dhcp - ok
      12:00:36.0827 4300 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
      12:00:36.0874 4300 discache - ok
      12:00:36.0890 4300 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
      12:00:36.0905 4300 Disk - ok
      12:00:36.0936 4300 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
      12:00:36.0968 4300 Dnscache - ok
      12:00:37.0014 4300 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
      12:00:37.0077 4300 dot3svc - ok
      12:00:37.0155 4300 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
      12:00:37.0186 4300 Dot4 - ok
      12:00:37.0217 4300 [ 85135AD27E79B689335C08167D917CDE ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
      12:00:37.0264 4300 Dot4Print - ok
      12:00:37.0280 4300 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
      12:00:37.0311 4300 dot4usb - ok
      12:00:37.0342 4300 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
      12:00:37.0389 4300 DPS - ok
      12:00:37.0436 4300 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      12:00:37.0467 4300 drmkaud - ok
      12:00:37.0498 4300 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      12:00:37.0529 4300 DXGKrnl - ok
      12:00:37.0576 4300 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
      12:00:37.0623 4300 EapHost - ok
      12:00:37.0701 4300 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
      12:00:37.0857 4300 ebdrv - ok
      12:00:37.0888 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
      12:00:37.0919 4300 EFS - ok
      12:00:37.0966 4300 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      12:00:38.0028 4300 ehRecvr - ok
      12:00:38.0044 4300 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
      12:00:38.0075 4300 ehSched - ok
      12:00:38.0138 4300 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
      12:00:38.0169 4300 elxstor - ok
      12:00:38.0169 4300 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
      12:00:38.0184 4300 ErrDev - ok
      12:00:38.0216 4300 [ 0975BF32399A24117E317B5BF1D5D0AA ] ETD C:\Windows\system32\DRIVERS\ETD.sys
      12:00:38.0231 4300 ETD - ok
      12:00:38.0262 4300 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
      12:00:38.0356 4300 EventSystem - ok
      12:00:38.0387 4300 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
      12:00:38.0450 4300 exfat - ok
      12:00:38.0465 4300 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
      12:00:38.0528 4300 fastfat - ok
      12:00:38.0574 4300 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
      12:00:38.0606 4300 Fax - ok
      12:00:38.0652 4300 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
      12:00:38.0668 4300 fdc - ok
      12:00:38.0715 4300 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
      12:00:38.0746 4300 fdPHost - ok
      12:00:38.0762 4300 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
      12:00:38.0808 4300 FDResPub - ok
      12:00:38.0824 4300 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      12:00:38.0840 4300 FileInfo - ok
      12:00:38.0855 4300 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      12:00:38.0902 4300 Filetrace - ok
      12:00:39.0011 4300 [ A4297244D4F817278A6AE45B1899CA9C ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
      12:00:39.0058 4300 FLEXnet Licensing Service 64 - ok
      12:00:39.0089 4300 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
      12:00:39.0105 4300 flpydisk - ok
      12:00:39.0136 4300 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      12:00:39.0152 4300 FltMgr - ok
      12:00:39.0198 4300 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
      12:00:39.0276 4300 FontCache - ok
      12:00:39.0308 4300 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
      12:00:39.0323 4300 FontCache3.0.0.0 - ok
      12:00:39.0339 4300 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
      12:00:39.0354 4300 FsDepends - ok
      12:00:39.0386 4300 [ 2BF3B36B96D015AF666B6AA63AE2E38F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
      12:00:39.0401 4300 fssfltr - ok
      12:00:39.0479 4300 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
      12:00:39.0510 4300 fsssvc - ok
      12:00:39.0526 4300 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      12:00:39.0542 4300 Fs_Rec - ok
      12:00:39.0588 4300 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
      12:00:39.0604 4300 fvevol - ok
      12:00:39.0620 4300 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
      12:00:39.0635 4300 gagp30kx - ok
      12:00:39.0682 4300 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
      12:00:39.0744 4300 gpsvc - ok
      12:00:39.0791 4300 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      12:00:39.0807 4300 gupdate - ok
      12:00:39.0854 4300 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      12:00:39.0869 4300 gupdatem - ok
      12:00:39.0916 4300 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
      12:00:39.0932 4300 gusvc - ok
      12:00:39.0947 4300 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
      12:00:39.0978 4300 hcw85cir - ok
      12:00:39.0994 4300 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
      12:00:40.0056 4300 HdAudAddService - ok
      12:00:40.0072 4300 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
      12:00:40.0119 4300 HDAudBus - ok
      12:00:40.0150 4300 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
      12:00:40.0166 4300 HECIx64 - ok
      12:00:40.0181 4300 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
      12:00:40.0212 4300 HidBatt - ok
      12:00:40.0228 4300 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
      12:00:40.0275 4300 HidBth - ok
      12:00:40.0290 4300 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
      12:00:40.0337 4300 HidIr - ok
      12:00:40.0353 4300 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
      12:00:40.0415 4300 hidserv - ok
      12:00:40.0431 4300 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
      12:00:40.0462 4300 HidUsb - ok
      12:00:40.0493 4300 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
      12:00:40.0540 4300 hkmsvc - ok
      12:00:40.0556 4300 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
      12:00:40.0602 4300 HomeGroupListener - ok
      12:00:40.0618 4300 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
      12:00:40.0665 4300 HomeGroupProvider - ok
      12:00:40.0758 4300 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
      12:00:40.0774 4300 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
      12:00:40.0774 4300 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
      12:00:40.0805 4300 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
      12:00:40.0821 4300 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
      12:00:40.0821 4300 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
      12:00:40.0852 4300 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
      12:00:40.0868 4300 HpSAMD - ok
      12:00:40.0914 4300 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
      12:00:40.0992 4300 HTTP - ok
      12:00:41.0024 4300 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
      12:00:41.0039 4300 hwpolicy - ok
      12:00:41.0070 4300 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
      12:00:41.0086 4300 i8042prt - ok
      12:00:41.0117 4300 [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
      12:00:41.0133 4300 iaStor - ok
      12:00:41.0180 4300 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
      12:00:41.0195 4300 iaStorV - ok
      12:00:41.0258 4300 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
      12:00:41.0304 4300 idsvc - ok
      12:00:41.0507 4300 [ 677AA5991026A65ADA128C4B59CF2BAD ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
      12:00:41.0804 4300 igfx - ok
      12:00:41.0835 4300 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
      12:00:41.0850 4300 iirsp - ok
      12:00:41.0882 4300 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
      12:00:41.0975 4300 IKEEXT - ok
      12:00:42.0006 4300 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
      12:00:42.0038 4300 Impcd - ok
      12:00:42.0084 4300 [ 58CF58DEE26C909BD6F977B61D246295 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
      12:00:42.0116 4300 IntcDAud - ok
      12:00:42.0147 4300 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
      12:00:42.0162 4300 intelide - ok
      12:00:42.0178 4300 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      12:00:42.0225 4300 intelppm - ok
      12:00:42.0256 4300 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      12:00:42.0303 4300 IPBusEnum - ok
      12:00:42.0318 4300 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      12:00:42.0365 4300 IpFilterDriver - ok
      12:00:42.0365 4300 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
      12:00:42.0396 4300 IPMIDRV - ok
      12:00:42.0412 4300 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
      12:00:42.0474 4300 IPNAT - ok
      12:00:42.0490 4300 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
      12:00:42.0521 4300 IRENUM - ok
      12:00:42.0537 4300 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
      12:00:42.0552 4300 isapnp - ok
      12:00:42.0552 4300 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
      12:00:42.0584 4300 iScsiPrt - ok
      12:00:42.0630 4300 [ DB917B998CBC15A153C00DD6EFC34C13 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
      12:00:42.0646 4300 JMCR - ok
      12:00:42.0662 4300 [ DE4B2249D95C7815D06A39EA5FF4EE53 ] JME C:\Windows\system32\DRIVERS\JME.sys
      12:00:42.0677 4300 JME - ok
      12:00:42.0708 4300 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
      12:00:42.0724 4300 kbdclass - ok
      12:00:42.0755 4300 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
      12:00:42.0786 4300 kbdhid - ok
      12:00:42.0818 4300 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
      12:00:42.0833 4300 kbfiltr - ok
      12:00:42.0849 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
      12:00:42.0864 4300 KeyIso - ok
      12:00:42.0911 4300 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      12:00:42.0927 4300 KSecDD - ok
      12:00:42.0942 4300 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
      12:00:42.0958 4300 KSecPkg - ok
      12:00:43.0005 4300 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
      12:00:43.0067 4300 ksthunk - ok
      12:00:43.0098 4300 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
      12:00:43.0161 4300 KtmRm - ok
      12:00:43.0208 4300 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
      12:00:43.0239 4300 LanmanServer - ok
      12:00:43.0270 4300 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      12:00:43.0332 4300 LanmanWorkstation - ok
      12:00:43.0364 4300 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      12:00:43.0410 4300 lltdio - ok
      12:00:43.0442 4300 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
      12:00:43.0520 4300 lltdsvc - ok
      12:00:43.0535 4300 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
      12:00:43.0598 4300 lmhosts - ok
      12:00:43.0676 4300 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      12:00:43.0691 4300 LMS ( UnsignedFile.Multi.Generic ) - warning
      12:00:43.0691 4300 LMS - detected UnsignedFile.Multi.Generic (1)
      12:00:43.0722 4300 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
      12:00:43.0754 4300 LSI_FC - ok
      12:00:43.0769 4300 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
      12:00:43.0785 4300 LSI_SAS - ok
      12:00:43.0800 4300 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
      12:00:43.0832 4300 LSI_SAS2 - ok
      12:00:43.0832 4300 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
      12:00:43.0863 4300 LSI_SCSI - ok
      12:00:43.0894 4300 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
      12:00:43.0941 4300 luafv - ok
      12:00:43.0956 4300 [ 085435AE1A124361304044029B5CC644 ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
      12:00:43.0972 4300 lullaby - ok
      12:00:44.0034 4300 [ 1B4DBCAA0321BBB76255983148051F09 ] massfilter C:\Windows\system32\drivers\massfilter.sys
      12:00:44.0066 4300 massfilter - ok
      12:00:44.0081 4300 [ 7AD627CDB12F5F451F24C8A97CA6E175 ] massfilter_hs C:\Windows\system32\drivers\massfilter_hs.sys
      12:00:44.0097 4300 massfilter_hs - ok
      12:00:44.0128 4300 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      12:00:44.0159 4300 Mcx2Svc - ok
      12:00:44.0190 4300 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
      12:00:44.0206 4300 megasas - ok
      12:00:44.0237 4300 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
      12:00:44.0253 4300 MegaSR - ok
      12:00:44.0268 4300 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
      12:00:44.0331 4300 MMCSS - ok
      12:00:44.0346 4300 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
      12:00:44.0409 4300 Modem - ok
      12:00:44.0424 4300 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      12:00:44.0456 4300 monitor - ok
      12:00:44.0471 4300 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
      12:00:44.0487 4300 mouclass - ok
      12:00:44.0518 4300 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      12:00:44.0549 4300 mouhid - ok
      12:00:44.0565 4300 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
      12:00:44.0580 4300 mountmgr - ok
      12:00:44.0596 4300 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
      12:00:44.0612 4300 mpio - ok
      12:00:44.0627 4300 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      12:00:44.0690 4300 mpsdrv - ok
      12:00:44.0705 4300 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      12:00:44.0736 4300 MRxDAV - ok
      12:00:44.0768 4300 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      12:00:44.0799 4300 mrxsmb - ok
      12:00:44.0830 4300 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      12:00:44.0861 4300 mrxsmb10 - ok
      12:00:44.0877 4300 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      12:00:44.0908 4300 mrxsmb20 - ok
      12:00:44.0939 4300 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
      12:00:44.0955 4300 msahci - ok
      12:00:44.0970 4300 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
      12:00:44.0986 4300 msdsm - ok
      12:00:45.0002 4300 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
      12:00:45.0033 4300 MSDTC - ok
      12:00:45.0048 4300 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
      12:00:45.0111 4300 Msfs - ok
      12:00:45.0126 4300 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
      12:00:45.0173 4300 mshidkmdf - ok
      12:00:45.0189 4300 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
      12:00:45.0204 4300 msisadrv - ok
      12:00:45.0236 4300 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      12:00:45.0298 4300 MSiSCSI - ok
      12:00:45.0298 4300 msiserver - ok
      12:00:45.0345 4300 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      12:00:45.0407 4300 MSKSSRV - ok
      12:00:45.0407 4300 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      12:00:45.0470 4300 MSPCLOCK - ok
      12:00:45.0485 4300 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      12:00:45.0548 4300 MSPQM - ok
      12:00:45.0563 4300 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      12:00:45.0594 4300 MsRPC - ok
      12:00:45.0610 4300 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
      12:00:45.0626 4300 mssmbios - ok
      12:00:45.0641 4300 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      12:00:45.0704 4300 MSTEE - ok
      12:00:45.0704 4300 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
      12:00:45.0735 4300 MTConfig - ok
      12:00:45.0766 4300 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
      12:00:45.0782 4300 MTsensor - ok
      12:00:45.0797 4300 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
      12:00:45.0813 4300 Mup - ok
      12:00:45.0844 4300 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
      12:00:45.0891 4300 napagent - ok
      12:00:45.0938 4300 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      12:00:45.0984 4300 NativeWifiP - ok
      12:00:46.0031 4300 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
      12:00:46.0062 4300 NDIS - ok
      12:00:46.0094 4300 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
      12:00:46.0140 4300 NdisCap - ok
      12:00:46.0172 4300 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      12:00:46.0218 4300 NdisTapi - ok
      12:00:46.0250 4300 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      12:00:46.0312 4300 Ndisuio - ok
      12:00:46.0328 4300 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      12:00:46.0374 4300 NdisWan - ok
      12:00:46.0390 4300 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      12:00:46.0452 4300 NDProxy - ok
      12:00:46.0499 4300 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
      12:00:46.0530 4300 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
      12:00:46.0530 4300 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
      12:00:46.0562 4300 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      12:00:46.0608 4300 NetBIOS - ok
      12:00:46.0640 4300 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
      12:00:46.0686 4300 NetBT - ok
      12:00:46.0733 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
      12:00:46.0733 4300 Netlogon - ok
      12:00:46.0780 4300 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
      12:00:46.0842 4300 Netman - ok
      12:00:46.0858 4300 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
      12:00:46.0920 4300 netprofm - ok
      12:00:46.0952 4300 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
      12:00:46.0952 4300 NetTcpPortSharing - ok
      12:00:46.0983 4300 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
      12:00:46.0998 4300 nfrd960 - ok
      12:00:47.0014 4300 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
      12:00:47.0092 4300 NlaSvc - ok
      12:00:47.0108 4300 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
      12:00:47.0154 4300 Npfs - ok
      12:00:47.0186 4300 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
      12:00:47.0248 4300 nsi - ok
      12:00:47.0279 4300 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      12:00:47.0326 4300 nsiproxy - ok
      12:00:47.0404 4300 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      12:00:47.0466 4300 Ntfs - ok
      12:00:47.0498 4300 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
      12:00:47.0544 4300 Null - ok
      12:00:47.0794 4300 [ B8E7FFB938828A3FD03D2BB0C71AD183 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
      12:00:48.0246 4300 nvlddmkm - ok
      12:00:48.0278 4300 [ 07A111C73EBBE22743449FFEBE91B8F1 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
      12:00:48.0293 4300 nvpciflt - ok
      12:00:48.0309 4300 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
      12:00:48.0340 4300 nvraid - ok
      12:00:48.0371 4300 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
      12:00:48.0387 4300 nvstor - ok
      12:00:48.0418 4300 [ 949DE655B109F487C644ACC70F8DBF3E ] nvsvc C:\Windows\system32\nvvsvc.exe
      12:00:48.0434 4300 nvsvc - ok
      12:00:48.0496 4300 [ 9A2E80361B18CD734D97B20D91C55F27 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
      12:00:48.0558 4300 nvUpdatusService - ok
      12:00:48.0574 4300 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
      12:00:48.0590 4300 nv_agp - ok
      12:00:48.0605 4300 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
      12:00:48.0636 4300 ohci1394 - ok
      12:00:48.0668 4300 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      12:00:48.0683 4300 ose - ok
      12:00:48.0792 4300 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
      12:00:48.0933 4300 osppsvc - ok
      12:00:48.0964 4300 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
      12:00:48.0980 4300 p2pimsvc - ok
      12:00:49.0011 4300 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
      12:00:49.0058 4300 p2psvc - ok
      12:00:49.0089 4300 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
      12:00:49.0104 4300 Parport - ok
      12:00:49.0136 4300 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
      12:00:49.0151 4300 partmgr - ok
      12:00:49.0167 4300 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
      12:00:49.0198 4300 PcaSvc - ok
      12:00:49.0214 4300 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
      12:00:49.0245 4300 pci - ok
      12:00:49.0245 4300 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
      12:00:49.0260 4300 pciide - ok
      12:00:49.0276 4300 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
      12:00:49.0307 4300 pcmcia - ok
      12:00:49.0307 4300 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
      12:00:49.0323 4300 pcw - ok
      12:00:49.0354 4300 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      12:00:49.0416 4300 PEAUTH - ok
      12:00:49.0479 4300 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
      12:00:49.0510 4300 PerfHost - ok
      12:00:49.0557 4300 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
      12:00:49.0650 4300 pla - ok
      12:00:49.0682 4300 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      12:00:49.0713 4300 PlugPlay - ok
      12:00:49.0760 4300 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
      12:00:49.0775 4300 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
      12:00:49.0775 4300 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
      12:00:49.0806 4300 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
      12:00:49.0838 4300 PNRPAutoReg - ok
      12:00:49.0853 4300 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
      12:00:49.0869 4300 PNRPsvc - ok
      12:00:49.0900 4300 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      12:00:49.0978 4300 PolicyAgent - ok
      12:00:50.0025 4300 postgresql-8.4 - ok
      12:00:50.0056 4300 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
      12:00:50.0103 4300 Power - ok
      12:00:50.0134 4300 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      12:00:50.0196 4300 PptpMiniport - ok
      12:00:50.0212 4300 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
      12:00:50.0228 4300 Processor - ok
      12:00:50.0274 4300 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
      12:00:50.0290 4300 ProfSvc - ok
      12:00:50.0306 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
      12:00:50.0321 4300 ProtectedStorage - ok
      12:00:50.0352 4300 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
      12:00:50.0399 4300 Psched - ok
      12:00:50.0446 4300 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
      12:00:50.0524 4300 ql2300 - ok
      12:00:50.0540 4300 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
      12:00:50.0555 4300 ql40xx - ok
      12:00:50.0571 4300 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
      12:00:50.0602 4300 QWAVE - ok
      12:00:50.0618 4300 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      12:00:50.0664 4300 QWAVEdrv - ok
      12:00:50.0664 4300 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      12:00:50.0711 4300 RasAcd - ok
      12:00:50.0774 4300 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
      12:00:50.0820 4300 RasAgileVpn - ok
      12:00:50.0852 4300 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
      12:00:50.0898 4300 RasAuto - ok
      12:00:50.0930 4300 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      12:00:50.0976 4300 Rasl2tp - ok
      12:00:51.0023 4300 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
      12:00:51.0086 4300 RasMan - ok
      12:00:51.0117 4300 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      12:00:51.0164 4300 RasPppoe - ok
      12:00:51.0179 4300 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      12:00:51.0242 4300 RasSstp - ok
      12:00:51.0273 4300 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      12:00:51.0320 4300 rdbss - ok
      12:00:51.0335 4300 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
      12:00:51.0366 4300 rdpbus - ok
      12:00:51.0382 4300 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      12:00:51.0413 4300 RDPCDD - ok
      12:00:51.0429 4300 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      12:00:51.0507 4300 RDPENCDD - ok
      12:00:51.0522 4300 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
      12:00:51.0569 4300 RDPREFMP - ok
      12:00:51.0600 4300 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      12:00:51.0632 4300 RDPWD - ok
      12:00:51.0663 4300 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
      12:00:51.0678 4300 rdyboost - ok
      12:00:51.0710 4300 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
      12:00:51.0756 4300 RemoteAccess - ok
      12:00:51.0772 4300 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
      12:00:51.0834 4300 RemoteRegistry - ok
      12:00:51.0866 4300 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
      12:00:51.0881 4300 RFCOMM - ok
      12:00:51.0928 4300 [ 7B04C9843921AB1F695FB395422C5360 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
      12:00:51.0959 4300 RimUsb - ok
      12:00:51.0975 4300 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
      12:00:52.0022 4300 RpcEptMapper - ok
      12:00:52.0053 4300 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
      12:00:52.0068 4300 RpcLocator - ok
      12:00:52.0100 4300 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
      12:00:52.0131 4300 RpcSs - ok
      12:00:52.0178 4300 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      12:00:52.0240 4300 rspndr - ok
      12:00:52.0240 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
      12:00:52.0256 4300 SamSs - ok
      12:00:52.0287 4300 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
      12:00:52.0302 4300 sbp2port - ok
      12:00:52.0334 4300 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
      12:00:52.0396 4300 SCardSvr - ok
      12:00:52.0412 4300 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
      12:00:52.0490 4300 scfilter - ok
      12:00:52.0536 4300 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
      12:00:52.0599 4300 Schedule - ok
      12:00:52.0614 4300 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
      12:00:52.0646 4300 SCPolicySvc - ok
      12:00:52.0677 4300 [ 2C8D162EFAF73ABD36D8BCBB6340CAE7 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
      12:00:52.0692 4300 sdbus - ok
      12:00:52.0724 4300 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      12:00:52.0739 4300 SDRSVC - ok
      12:00:52.0755 4300 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
      12:00:52.0817 4300 seclogon - ok
      12:00:52.0833 4300 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
      12:00:52.0880 4300 SENS - ok
      12:00:52.0911 4300 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
      12:00:52.0942 4300 SensrSvc - ok
      12:00:52.0973 4300 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
      12:00:52.0989 4300 Serenum - ok
      12:00:53.0020 4300 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
      12:00:53.0051 4300 Serial - ok
      12:00:53.0067 4300 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
      12:00:53.0098 4300 sermouse - ok
      12:00:53.0129 4300 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
      12:00:53.0192 4300 SessionEnv - ok
      12:00:53.0223 4300 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
      12:00:53.0238 4300 sffdisk - ok
      12:00:53.0238 4300 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
      12:00:53.0270 4300 sffp_mmc - ok
      12:00:53.0270 4300 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
      12:00:53.0285 4300 sffp_sd - ok
      12:00:53.0301 4300 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
      12:00:53.0332 4300 sfloppy - ok
      12:00:53.0379 4300 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
      12:00:53.0410 4300 Sftfs - ok
      12:00:53.0472 4300 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
      12:00:53.0504 4300 sftlist - ok
      12:00:53.0535 4300 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
      12:00:53.0550 4300 Sftplay - ok
      12:00:53.0566 4300 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
      12:00:53.0582 4300 Sftredir - ok
      12:00:53.0597 4300 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
      12:00:53.0597 4300 Sftvol - ok
      12:00:53.0628 4300 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
      12:00:53.0628 4300 sftvsa - ok
      12:00:53.0660 4300 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
      12:00:53.0738 4300 SharedAccess - ok
      12:00:53.0769 4300 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      12:00:53.0800 4300 ShellHWDetection - ok
      12:00:53.0831 4300 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
      12:00:53.0862 4300 SiSGbeLH - ok
      12:00:53.0878 4300 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
      12:00:53.0894 4300 SiSRaid2 - ok
      12:00:53.0894 4300 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
      12:00:53.0909 4300 SiSRaid4 - ok
      12:00:53.0940 4300 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
      12:00:53.0987 4300 Smb - ok
      12:00:54.0034 4300 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      12:00:54.0065 4300 SNMPTRAP - ok
      12:00:54.0128 4300 [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
      12:00:54.0174 4300 SNP2UVC - ok
      12:00:54.0206 4300 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
      12:00:54.0206 4300 spldr - ok
      12:00:54.0237 4300 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
      12:00:54.0268 4300 Spooler - ok
      12:00:54.0346 4300 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
      12:00:54.0440 4300 sppsvc - ok
      12:00:54.0471 4300 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
      12:00:54.0533 4300 sppuinotify - ok
      12:00:54.0564 4300 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
      12:00:54.0611 4300 srv - ok
      12:00:54.0627 4300 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      12:00:54.0674 4300 srv2 - ok
      12:00:54.0705 4300 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      12:00:54.0736 4300 srvnet - ok
      12:00:54.0767 4300 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      12:00:54.0814 4300 SSDPSRV - ok
      12:00:54.0830 4300 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
      12:00:54.0892 4300 SstpSvc - ok
      12:00:54.0939 4300 [ 78CD64791F8634CF7B582FD085E57C4B ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
      12:00:54.0954 4300 ssudmdm - ok
      12:00:54.0986 4300 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
      12:00:55.0001 4300 stexstor - ok
      12:00:55.0048 4300 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
      12:00:55.0095 4300 stisvc - ok
      12:00:55.0110 4300 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
      12:00:55.0126 4300 swenum - ok
      12:00:55.0157 4300 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
      12:00:55.0204 4300 swprv - ok
      12:00:55.0251 4300 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
      12:00:55.0344 4300 SysMain - ok
      12:00:55.0344 4300 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
      12:00:55.0391 4300 TabletInputService - ok
      12:00:55.0407 4300 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
      12:00:55.0500 4300 TapiSrv - ok
      12:00:55.0516 4300 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
      12:00:55.0563 4300 TBS - ok
      12:00:55.0625 4300 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      12:00:55.0766 4300 Tcpip - ok
      12:00:55.0812 4300 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
      12:00:55.0859 4300 TCPIP6 - ok
      12:00:55.0890 4300 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      12:00:55.0937 4300 tcpipreg - ok
      12:00:55.0953 4300 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      12:00:55.0984 4300 TDPIPE - ok
      12:00:56.0000 4300 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      12:00:56.0015 4300 TDTCP - ok
      12:00:56.0046 4300 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      12:00:56.0093 4300 tdx - ok
      12:00:56.0109 4300 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
      12:00:56.0124 4300 TermDD - ok
      12:00:56.0156 4300 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
      12:00:56.0249 4300 TermService - ok
      12:00:56.0296 4300 [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
      12:00:56.0312 4300 TFsExDisk - ok
      12:00:56.0327 4300 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
      12:00:56.0358 4300 Themes - ok
      12:00:56.0374 4300 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
      12:00:56.0421 4300 THREADORDER - ok
      12:00:56.0436 4300 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
      12:00:56.0483 4300 TrkWks - ok
      12:00:56.0530 4300 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      12:00:56.0577 4300 TrustedInstaller - ok
      12:00:56.0592 4300 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      12:00:56.0639 4300 tssecsrv - ok
      12:00:56.0686 4300 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      12:00:56.0733 4300 tunnel - ok
      12:00:56.0764 4300 [ C45A3E051C65106A28982CAED125F855 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
      12:00:56.0764 4300 TurboB - ok
      12:00:56.0795 4300 [ BAEF86EBEAECE76573FA822DEA256F6C ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
      12:00:56.0811 4300 TurboBoost - ok
      12:00:56.0826 4300 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
      12:00:56.0842 4300 uagp35 - ok
      12:00:56.0873 4300 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      12:00:56.0936 4300 udfs - ok
      12:00:56.0967 4300 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      12:00:56.0982 4300 UI0Detect - ok
      12:00:56.0982 4300 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
      12:00:56.0998 4300 uliagpkx - ok
      12:00:57.0014 4300 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
      12:00:57.0045 4300 umbus - ok
      12:00:57.0060 4300 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
      12:00:57.0092 4300 UmPass - ok
      12:00:57.0154 4300 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      12:00:57.0216 4300 UNS ( UnsignedFile.Multi.Generic ) - warning
      12:00:57.0216 4300 UNS - detected UnsignedFile.Multi.Generic (1)
      12:00:57.0248 4300 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
      12:00:57.0326 4300 upnphost - ok
      12:00:57.0341 4300 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
      12:00:57.0372 4300 usbccgp - ok
      12:00:57.0419 4300 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
      12:00:57.0466 4300 usbcir - ok
      12:00:57.0482 4300 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\drivers\usbehci.sys
      12:00:57.0513 4300 usbehci - ok
      12:00:57.0544 4300 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
      12:00:57.0575 4300 usbhub - ok
      12:00:57.0622 4300 [ F1BB1E55F1E7A65C5839CCC7B36D773E ] usbohci C:\Windows\system32\drivers\usbohci.sys
      12:00:57.0638 4300 usbohci - ok
      12:00:57.0684 4300 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      12:00:57.0716 4300 usbprint - ok
      12:00:57.0747 4300 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
      12:00:57.0778 4300 usbscan - ok
      12:00:57.0794 4300 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
      12:00:57.0825 4300 USBSTOR - ok
      12:00:57.0840 4300 [ BC3070350A491D84B518D7CCA9ABD36F ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
      12:00:57.0856 4300 usbuhci - ok
      12:00:57.0887 4300 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
      12:00:57.0918 4300 usbvideo - ok
      12:00:57.0965 4300 [ 1AF8708C7A7B87C4F68C489FC7B6EC32 ] USBZTECCID C:\Windows\system32\DRIVERS\ZTEusbccid.sys
      12:00:57.0981 4300 USBZTECCID - ok
      12:00:58.0012 4300 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
      12:00:58.0059 4300 UxSms - ok
      12:00:58.0074 4300 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
      12:00:58.0090 4300 VaultSvc - ok
      12:00:58.0121 4300 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
      12:00:58.0137 4300 vdrvroot - ok
      12:00:58.0152 4300 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
      12:00:58.0199 4300 vds - ok
      12:00:58.0215 4300 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      12:00:58.0246 4300 vga - ok
      12:00:58.0262 4300 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
      12:00:58.0308 4300 VgaSave - ok
      12:00:58.0324 4300 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
      12:00:58.0340 4300 vhdmp - ok
      12:00:58.0340 4300 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
      12:00:58.0355 4300 viaide - ok
      12:00:58.0371 4300 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
      12:00:58.0386 4300 volmgr - ok
      12:00:58.0402 4300 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      12:00:58.0433 4300 volmgrx - ok
      12:00:58.0449 4300 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
      12:00:58.0480 4300 volsnap - ok
      12:00:58.0480 4300 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
      12:00:58.0511 4300 vsmraid - ok
      12:00:58.0558 4300 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
      12:00:58.0620 4300 VSS - ok
      12:00:58.0636 4300 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
      12:00:58.0667 4300 vwifibus - ok
      12:00:58.0683 4300 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
      12:00:58.0730 4300 vwififlt - ok
      12:00:58.0745 4300 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
      12:00:58.0776 4300 vwifimp - ok
      12:00:58.0792 4300 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
      12:00:58.0870 4300 W32Time - ok
      12:00:58.0886 4300 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
      12:00:58.0917 4300 WacomPen - ok
      12:00:58.0948 4300 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
      12:00:59.0010 4300 WANARP - ok
      12:00:59.0026 4300 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      12:00:59.0073 4300 Wanarpv6 - ok
      12:00:59.0135 4300 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
      12:00:59.0182 4300 WatAdminSvc - ok
      12:00:59.0229 4300 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
      12:00:59.0291 4300 wbengine - ok
      12:00:59.0307 4300 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
      12:00:59.0354 4300 WbioSrvc - ok
      12:00:59.0385 4300 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
      12:00:59.0432 4300 wcncsvc - ok
      12:00:59.0463 4300 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      12:00:59.0494 4300 WcsPlugInService - ok
      12:00:59.0525 4300 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
      12:00:59.0525 4300 Wd - ok
      12:00:59.0556 4300 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      12:00:59.0603 4300 Wdf01000 - ok
      12:00:59.0619 4300 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
      12:00:59.0650 4300 WdiServiceHost - ok
      12:00:59.0650 4300 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
      12:00:59.0681 4300 WdiSystemHost - ok
      12:00:59.0712 4300 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
      12:00:59.0744 4300 WebClient - ok
      12:00:59.0759 4300 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
      12:00:59.0822 4300 Wecsvc - ok
      12:00:59.0853 4300 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
      12:00:59.0900 4300 wercplsupport - ok
      12:00:59.0915 4300 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
      12:00:59.0978 4300 WerSvc - ok
      12:01:00.0009 4300 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
      12:01:00.0056 4300 WfpLwf - ok
      12:01:00.0071 4300 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
      12:01:00.0102 4300 WimFltr - ok
      12:01:00.0118 4300 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
      12:01:00.0134 4300 WIMMount - ok
      12:01:00.0180 4300 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      12:01:00.0243 4300 Winmgmt - ok
      12:01:00.0305 4300 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
      12:01:00.0399 4300 WinRM - ok
      12:01:00.0446 4300 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
      12:01:00.0477 4300 WinUsb - ok
      12:01:00.0508 4300 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
      12:01:00.0555 4300 Wlansvc - ok
      12:01:00.0602 4300 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
      12:01:00.0617 4300 WmiAcpi - ok
      12:01:00.0648 4300 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      12:01:00.0680 4300 wmiApSrv - ok
      12:01:00.0695 4300 WMPNetworkSvc - ok
      12:01:00.0726 4300 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
      12:01:00.0742 4300 WPCSvc - ok
      12:01:00.0742 4300 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      12:01:00.0773 4300 WPDBusEnum - ok
      12:01:00.0789 4300 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      12:01:00.0867 4300 ws2ifsl - ok
      12:01:00.0867 4300 WSearch - ok
      12:01:00.0945 4300 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
      12:01:01.0023 4300 wuauserv - ok
      12:01:01.0054 4300 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
      12:01:01.0101 4300 WudfPf - ok
      12:01:01.0132 4300 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
      12:01:01.0210 4300 WUDFRd - ok
      12:01:01.0241 4300 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      12:01:01.0304 4300 wudfsvc - ok
      12:01:01.0319 4300 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
      12:01:01.0366 4300 WwanSvc - ok
      12:01:01.0413 4300 [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbMB C:\Windows\system32\DRIVERS\ZTEusbnmeaext2.sys
      12:01:01.0444 4300 ZTEusbMB - ok
      12:01:01.0475 4300 [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
      12:01:01.0491 4300 ZTEusbmdm6k - ok
      12:01:01.0506 4300 [ 9DBD4D527D4775D7D848A5876E7B053A ] ZTEusbnet C:\Windows\system32\DRIVERS\ZTEusbnet.sys
      12:01:01.0538 4300 ZTEusbnet - ok
      12:01:01.0553 4300 [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
      12:01:01.0569 4300 ZTEusbnmea - ok
      12:01:01.0584 4300 [ AD6558FBC66691959BA4AC55A57C3921 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
      12:01:01.0600 4300 ZTEusbser6k - ok
      12:01:01.0631 4300 ================ Scan global ===============================
      12:01:01.0647 4300 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
      12:01:01.0678 4300 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
      12:01:01.0678 4300 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
      12:01:01.0709 4300 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
      12:01:01.0725 4300 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
      12:01:01.0740 4300 [Global] - ok
      12:01:01.0740 4300 ================ Scan MBR ==================================
      12:01:01.0756 4300 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
      12:01:02.0115 4300 \Device\Harddisk0\DR0 - ok
      12:01:02.0130 4300 [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR1
      12:01:03.0051 4300 \Device\Harddisk1\DR1 - ok
      12:01:03.0051 4300 ================ Scan VBR ==================================
      12:01:03.0051 4300 [ E9AB440007CD26E38A153F7C086283CF ] \Device\Harddisk0\DR0\Partition1
      12:01:03.0066 4300 \Device\Harddisk0\DR0\Partition1 - ok
      12:01:03.0129 4300 [ 8AF9E4CC66A5DA559AF657C13983EC2D ] \Device\Harddisk0\DR0\Partition2
      12:01:03.0129 4300 \Device\Harddisk0\DR0\Partition2 - ok
      12:01:03.0129 4300 [ 91BC6B897B69B8693A7D9F241E2074A5 ] \Device\Harddisk1\DR1\Partition1
      12:01:03.0129 4300 \Device\Harddisk1\DR1\Partition1 - ok
      12:01:03.0129 4300 ============================================================
      12:01:03.0129 4300 Scan finished
      12:01:03.0129 4300 ============================================================
      12:01:03.0144 4696 Detected object count: 7
      12:01:03.0144 4696 Actual detected object count: 7
      12:02:36.0916 4696 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
      12:02:36.0916 4696 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:02:36.0916 4696 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
      12:02:36.0916 4696 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:02:36.0916 4696 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
      12:02:36.0916 4696 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:02:36.0916 4696 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
      12:02:36.0916 4696 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:02:36.0916 4696 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
      12:02:36.0916 4696 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:02:36.0916 4696 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
      12:02:36.0916 4696 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:02:36.0916 4696 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
      12:02:36.0916 4696 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
      12:04:19.0908 4704 Deinitialize success

    6. #6
      Usuario Avatar de jabuba
      Registrado
      feb 2012
      Ubicación
      ponteveda
      Mensajes
      13

      Re: Virus winlogon

      Y aqui os dejo el reporte de DrWeb:

      1f4d06ec.qua\a/Test.class;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\1f4d06ec.qua;Exploit.CVE2012-0507.9;;
      1f4d06ec.qua;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED;Contenedor con objetos infectados;Movido.;
      4a420b50.qua\a/Test.class;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\4a420b50.qua;Exploit.CVE2012-0507.9;;
      4a420b50.qua;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED;Contenedor con objetos infectados;Movido.;
      4d395c04.qua;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED;probablemente Trojan.Packed.2591;Incurable.Eliminado.;
      52d51c83.qua\a/Test.class;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\52d51c83.qua;Exploit.CVE2012-0507.9;;
      52d51c83.qua;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED;Contenedor con objetos infectados;Movido.;
      54440f81.qua;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED;Trojan.DownLoader6.2101;Eliminado.;
      54a576e1.qua\apps/MyApplet.class;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\54a576e1.qua;Exploit.CVE2011-3544.40;;
      54a576e1.qua\apps/MyLoader.class;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\54a576e1.qua;Exploit.CVE2011-3544.40;;
      54a576e1.qua;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED;Contenedor con objetos infectados;Movido.;
      55a87c6e.qua\a/Test.class;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\55a87c6e.qua;Exploit.CVE2012-0507.9;;
      55a87c6e.qua\a/Help.class;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED\55a87c6e.qua;Java.Downloader.548;;
      55a87c6e.qua;C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\INFECTED;Contenedor con objetos infectados;Movido.;
      4d395c04.qua;C:\Documents and Settings\All Users\Avira\AntiVir Desktop\INFECTED;probablemente Trojan.Packed.2591;Ruta no válida al archivo ;
      2e002d9c-13ec4243\com/bitcoinplus/applet/MiningApplet.class;C:\Documents and Settings\Usuario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\2e002d9c-13ec4243;Java.BitCoinMiner.1;;
      2e002d9c-13ec4243;C:\Documents and Settings\Usuario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28;Contenedor con objetos infectados;Movido.;
      4e90b363-76e979f7;C:\Documents and Settings\Usuario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35;Trojan.DownLoader6.2101;Eliminado.;
      5b48824-529fa86f;C:\Documents and Settings\Usuario\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36;Trojan.DownLoader5.54629;Incurable.Movido.;
      1f4d06ec.qua\a/Test.class;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine\1f4d06ec.qua;Exploit.CVE2012-0507.9;;
      1f4d06ec.qua;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine;Contenedor con objetos infectados;Movido.;
      2e002d9c-13ec4243\com/bitcoinplus/applet/MiningApplet.class;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine\2e002d9c-13ec4243;Java.BitCoinMiner.1;;
      2e002d9c-13ec4243;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine;Contenedor con objetos infectados;Movido.;
      4a420b50.qua\a/Test.class;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine\4a420b50.qua;Exploit.CVE2012-0507.9;;
      4a420b50.qua;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine;Contenedor con objetos infectados;Movido.;
      52d51c83.qua\a/Test.class;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine\52d51c83.qua;Exploit.CVE2012-0507.9;;
      52d51c83.qua;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine;Contenedor con objetos infectados;Movido.;
      54a576e1.qua\apps/MyApplet.class;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine\54a576e1.qua;Exploit.CVE2011-3544.40;;
      54a576e1.qua\apps/MyLoader.class;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine\54a576e1.qua;Exploit.CVE2011-3544.40;;
      54a576e1.qua;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine;Contenedor con objetos infectados;Movido.;
      55a87c6e.qua\a/Test.class;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine\55a87c6e.qua;Exploit.CVE2012-0507.9;;
      55a87c6e.qua\a/Help.class;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine\55a87c6e.qua;Java.Downloader.548;;
      55a87c6e.qua;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine;Contenedor con objetos infectados;Movido.;
      5b48824-529fa86f;C:\Documents and Settings\Usuario\DoctorWeb\Quarantine;Trojan.DownLoader5.54629;Incurable.Movido.;
      SoftonicDownloader_para_google-sketchup.exe;C:\Documents and Settings\Usuario\Downloads;Adware.Downware.498;Incurable.Eliminado.;
      Desktop_.ini;C:\eSupport\eDriver\Software\ASUS\MultiFrame\XP32_Vista32_Vista64_Win7_32_Win7_64_1.0.0021;Win32.HLLW.Gavir.ini;Eliminado.;
      4d395c04.qua;C:\ProgramData\Avira\AntiVir Desktop\INFECTED;probablemente Trojan.Packed.2591;Ruta no válida al archivo ;
      4d395c04.qua;C:\Users\All Users\Avira\AntiVir Desktop\INFECTED;probablemente Trojan.Packed.2591;Ruta no válida al archivo ;
      SoftonicDownloader_para_google-sketchup.exe;C:\Users\Usuario\Downloads;Adware.Downware.498;Ruta no válida al archivo ;

      A ver si podeis ayudarme. Muchas gracias. Un saludo

    7. #7
      Moderador
      Avatar de @DavidG_EB
      Registrado
      jul 2009
      Ubicación
      Mexico
      Mensajes
      10.633

      Re: Virus winlogon

      Buenas

      Realiza lo que muestra este enlace:
      El comprobador/explorador antivirus ha detectado un virus. ¿Está relacionado con Java?
      ¿Cómo puedo vaciar la memoria caché de Java?

      Actualiza Java de la siguiente forma:
      1. Descarga e instala Java de su pagina oficial: Descarga gratuita de software de Java( instalador que no usa internet>Descargar Java para Windows - Instalación fuera de línea)
      2. Ejecuta JavaRa (Manual de JavaRa) y si descargas la version 2 procede de la siguiente forma:
        1. Ejecuta JavaRa como administrador, y presiona donde dice Update JavaRa Definitions,
        2. Ve a Remove JRE y elimina todos los que te aparescan anteriores a la actual ya sea presionando Run Uninstaller(ejecutar el desisntalador del programa) o Next(JavaRa lo eliminara manualmente).
        3. Despues ve a Aditional Task y marca donde dice Remove Outdated Firefox Extensions y presiona Run.
      3. Desinstala cualquier version de Java anterior a la actual, en este caso 7 update 9

      Nota: cuando quieras verificar tu version de Java puedes ir a este enlace: Verificar la versión de Java
      Nos comentas.

      Saludos
      Última edición por @DavidG_EB fecha: 02/11/12 a las 16:37:08
      ErdrickBass
      No importa lo fuerte que sea tu oponente. Lo importante es que estés de pie ante él

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #8
      Usuario Avatar de jabuba
      Registrado
      feb 2012
      Ubicación
      ponteveda
      Mensajes
      13

      Re: Virus winlogon

      Hola

      Acabo de realizar todos los pasos menos update javara definitions ya que creo que hace falta tener conexión a internet. Pero todo sigue igual, sigo sin poder conectarme a internet... Alguna solución? Gracias y perdón por las molestias

    9. #9
      Moderador
      Avatar de @DavidG_EB
      Registrado
      jul 2009
      Ubicación
      Mexico
      Mensajes
      10.633

      Re: Virus winlogon

      Buenas

      ¿Has probado restaurar el sistema?
      ¿Que conexion usas con cable o inalambrica?

      Saludos
      ErdrickBass
      No importa lo fuerte que sea tu oponente. Lo importante es que estés de pie ante él

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.