• Registrarse
  • Iniciar sesión


  • Resultados 1 al 5 de 5

    Como Desinstalar restros de antivirus y virus sex.exe (ya intente de todo)

    Hola muy buen dia, recurro a ustedes para ver pueden auxiliarme por favor Tengo una Pc con Windows 7 , alguna tenia instalado el nod32 y despues el Avast, pero ahora no tengo ningun antivirus, ...

    1. #1
      Usuario Avatar de bart_jor
      Registrado
      sep 2008
      Ubicación
      mexico
      Mensajes
      3

      Como Desinstalar restros de antivirus y virus sex.exe (ya intente de todo)

      Hola muy buen dia, recurro a ustedes para ver pueden auxiliarme por favor
      Tengo una Pc con Windows 7 , alguna tenia instalado el nod32 y despues el Avast, pero ahora no tengo ningun antivirus, intente instalarle antivirus pero no me deja, dice que tengo antivirus, ya use muchas aplicaciones, para desinstalar Norton, Avg, Avast, etc.. pero ninguno funciona, he limpiado los archivos de registro, etc.. ya lei varios temas de este foro y ninguno me funciona, Pudieran aconserjarme como solucionar esto ?
      Ademas ya tengo varios virus los cuales no puedo quitar, uno de ellos es el sex.exe pasword.exe,use el usbfix , pero no me lo elimina por completo.

      Auxilio

      Gracias

    2. #2
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Como Desinstalar restros de antivirus y virus sex.exe (ya intente de todo)

      Buenas


      Es importante que leas con atención el siguiente procedimiento:


      Descarga la herramienta ComboFix.exe y guárdala en el escritorio.

      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas y programas
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones. Si pide actualizar "Update" aceptas.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación, de no ser así lo reinicias manualmente.
        • Al finalizar el trabajo Comobofix generara un registro en C:\ComboFix.txt.



      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.


      En tu Próxima respuesta necesitamos la siguiente Información



      • El reporte de Combofix que se encuentra en C:\ComboFix.txt lo pegas en este mismo tema.
      • Comentar como esta funcionado tu sistema en relacion al problema inicial.


      Saludos.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de bart_jor
      Registrado
      sep 2008
      Ubicación
      mexico
      Mensajes
      3

      Re: Como Desinstalar restros de antivirus y virus sex.exe (ya intente de todo)

      Gracias por la pronta respuesta


      Pongo aqui el contenido del reporte de Combofix.tx
      despues de insto Instale el Kasperky 2013
      Aunque me blockea la navegacion en el Mozilla

      Gracias









      ComboFix 13-01-23.01 - admin 23/01/2013 23:08:45.1.6 - x64
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.34.3082.18.8190.6449 [GMT -6:00]
      Running from: c:\users\admin\Downloads\ComboFix.exe
      AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
      FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
      SP: Norton Internet Security *Enabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
      SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files (x86)\LP
      c:\programdata\common.data
      c:\programdata\ntuser.dat
      c:\programdata\Services
      c:\users\admin\AppData\Local\a3382b68\U
      c:\users\admin\AppData\Local\a3382b68\U\000000cb.@
      c:\users\admin\AppData\Roaming\desktop.ini
      c:\users\admin\AppData\Roaming\Microsoft\C0EF\049.exe
      c:\users\admin\AppData\Roaming\ntuser.dat
      c:\users\admin\AppData\Roaming\WMPRWISE.EXE
      c:\users\admin\pjqoag.exe
      c:\windows\assembly\GAC_32\Desktop.ini
      c:\windows\assembly\GAC_64\Desktop.ini
      c:\windows\assembly\tmp\U
      c:\windows\assembly\tmp\U\00000001.@
      c:\windows\assembly\tmp\U\000000cb.@
      c:\windows\assembly\tmp\U\000000cf.@
      c:\windows\assembly\tmp\U\80000000.@
      c:\windows\assembly\tmp\U\800000c0.@
      c:\windows\assembly\tmp\U\800000cb.@
      c:\windows\assembly\tmp\U\800000cf.@
      c:\windows\system32\consrv.dll
      c:\windows\SysWow64\URTTemp
      c:\windows\SysWow64\URTTemp\regtlib.exe
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      -------\Legacy_BKAVAUTO
      -------\Legacy_SYSLIB
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-12-24 to 2013-01-24 )))))))))))))))))))))))))))))))
      .
      .
      2013-01-24 05:13 . 2013-01-24 05:13 -------- d-----w- c:\users\Default\AppData\Local\temp
      2013-01-23 09:12 . 2013-01-23 09:12 -------- d-----w- c:\program files (x86)\6218A
      2013-01-23 06:29 . 2013-01-23 18:05 -------- d-----w- C:\UsbFix
      2013-01-23 06:20 . 2013-01-23 06:22 -------- d-----w- c:\programdata\MFAData
      2013-01-23 06:20 . 2013-01-23 06:20 -------- d--h--w- c:\programdata\Common Files
      2013-01-23 06:20 . 2013-01-23 06:20 -------- d-----w- c:\users\admin\AppData\Local\MFAData
      2013-01-23 06:20 . 2013-01-23 06:20 -------- d-----w- c:\users\admin\AppData\Local\Avg2013
      2013-01-22 22:51 . 2013-01-22 22:51 15739912 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
      2013-01-06 19:53 . 2013-01-06 19:53 -------- d-----w- c:\users\admin\AppData\Roaming\Eltima Software
      2013-01-06 19:53 . 2013-01-06 19:53 -------- d-----w- c:\program files (x86)\Eltima Software
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-01-24 05:14 . 2011-01-18 08:42 25640 ----a-w- c:\windows\gdrv.sys
      2013-01-23 07:31 . 2013-01-23 06:38 33525541 ----a-w- C:\UsbFix_Upload_Me_JORGE.zip
      2013-01-23 04:10 . 2012-08-21 19:26 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2013-01-23 04:10 . 2011-12-07 16:01 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-12-22 05:42 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
      2012-12-22 05:42 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
      2012-12-08 00:48 . 2012-12-08 00:48 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2012-12-08 00:48 . 2012-12-08 00:48 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2012-12-08 00:48 . 2011-12-06 19:42 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2012-11-24 21:32 . 2012-11-24 21:32 57344 ----a-r- c:\users\admin\AppData\Roaming\Microsoft\Installer\{87441A59-5E64-4096-A170-14EFE67200C3}\ARPPRODUCTICON.exe
      2012-11-24 21:32 . 2003-03-19 00:05 106496 ----a-w- c:\windows\SysWow64\ATL71.DLL
      2012-11-23 01:51 . 2012-11-23 01:51 49152 ----a-r- c:\users\admin\AppData\Roaming\Microsoft\Installer\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}\ARPPRODUCTICON.exe
      2012-11-23 01:51 . 2012-11-23 01:51 335872 ----a-r- c:\users\admin\AppData\Roaming\Microsoft\Installer\{237CD223-1B9D-47E8-A76C-E478B83CCEA2}\ARPPRODUCTICON.exe
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-19 39408]
      "AdobeBridge"="c:\program files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" [2010-03-09 11989960]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2009-10-15 375000]
      "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-01-19 43632]
      "NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
      "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
      "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
      "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
      "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2007-08-24 240112]
      "DMXLauncher"="c:\program files (x86)\Roxio\CinePlayer\DMXLauncher.exe" [2007-08-14 113136]
      "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
      "ArchVision Content Manager User Interface"="c:\program files (x86)\ArchVision\ArchVision Content Manager\rpcACMgui.exe" [2008-12-12 988664]
      "Nikon Transfer Monitor"="c:\program files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe" [2009-05-29 479232]
      "Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2010-05-26 619008]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
      "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
      "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-11-29 151952]
      "AirPort Base Station Agent"="c:\program files (x86)\AirPort\APAgent.exe" [2009-11-11 771360]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
      "HideSCAHealth"= 1 (0x1)
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
      "mixer4"=wdmaud.drv
      .
      R1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20110114.001\BHDrvx64.sys [2011-01-14 953904]
      R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [2010-04-29 150064]
      R2 ArchVision Content Manager Service;ArchVision Content Manager Service;c:\program files (x86)\ArchVision\ArchVision Content Manager\rpcACMapp.exe [2008-12-12 988664]
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2007-08-24 362992]
      R2 RoxLiveShare10;LiveShare P2P Server 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2007-08-24 309744]
      R2 SessionLauncher;SessionLauncher;c:\users\admin\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
      R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-08-14 1431888]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
      R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2007-08-24 72176]
      R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
      R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
      R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
      R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
      S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
      S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [2009-08-30 433200]
      S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [2011-08-22 221304]
      S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [2011-08-04 593544]
      S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20110117.001\IDSvia64.sys [2010-12-01 476792]
      S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [2011-08-22 451704]
      S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2012-02-16 43112]
      S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
      S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [2009-10-15 223464]
      S2 ES lite Service;ES lite Service for program management.;c:\program files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
      S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe [2010-01-19 72304]
      S2 mi-raysat_3dsmax2011_64;mental ray 3.8 Satellite for Autodesk 3ds Max 2011 64-bit 64-bit;c:\program files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe [2010-03-10 86016]
      S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe [x]
      S2 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2007-08-24 166384]
      S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
      S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-07-09 248936]
      S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-20 75776]
      S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-20 177152]
      S3 RoxMediaDB10;RoxMediaDB10;c:\program files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2007-08-24 1083888]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-22 347680]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
      2007-12-05 18:27 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2013-01-22 22:27 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.56\Installer\chrmstp.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-01-24 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-21 04:10]
      .
      2013-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 16:56]
      .
      2013-01-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-19 16:56]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-06 10144288]
      "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyServer = http=127.0.0.1:54545
      uInternet Settings,ProxyOverride = *.local
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
      IE: SWF Capture tool - c:\program files (x86)\Eltima Software\Flash Decompiler\iebt.html
      TCP: DhcpNameServer = 192.168.1.254
      FF - ProfilePath - c:\users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\cqkvy76g.default\
      FF - prefs.js: browser.search.selectedEngine - Google
      FF - prefs.js: browser.startup.homepage - hxxps://www.google.com.mx/
      FF - prefs.js: network.proxy.http - 127.0.0.1
      FF - prefs.js: network.proxy.http_port - 54545
      FF - prefs.js: network.proxy.type - 1
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Wow6432Node-HKCU-Run-049.exe - c:\users\admin\AppData\Roaming\Microsoft\C0EF\049.exe
      Wow6432Node-HKCU-Run-pjqoag - c:\users\admin\pjqoag.exe
      Wow6432Node-HKCU-Run-Microsoft Firewall 2.9 - c:\users\admin\AppData\Roaming\WMPRWISE.EXE
      Wow6432Node-HKLM-Run-049.exe - c:\program files (x86)\LP\C0EF\049.exe
      .
      .
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
      c:\windows\SysWOW64\nlssrv32.exe
      .
      **************************************************************************
      .
      Completion time: 2013-01-23 23:18:22 - machine was rebooted
      ComboFix-quarantined-files.txt 2013-01-24 05:18
      .
      Pre-Run: 190,633,795,584 bytes libres
      Post-Run: 190,027,350,016 bytes libres
      .
      - - End Of File - - 191511C15A25264C2B5BE0D02A81F87B
      Última edición por bart_jor fecha: 24/01/13 a las 02:13:06 Razón: Nuevo proceso

    4. #4
      Moderador.
      Avatar de @Tincho
      Registrado
      may 2008
      Ubicación
      Argentina
      Mensajes
      14.701

      Re: Como Desinstalar restros de antivirus y virus sex.exe (ya intente de todo)

      Realiza lo siguiente:


      • Descarga TDSSKiller.zip y extrae el contenido en tu escritorio

      • Desconecte el equipo físicamente de Internet - Quite el cable/apague el módem

      • Doble clic sobre TDSSKiller.exe
      • Clic sobre Change parameters > marque Detect TDLFS File System

      • Haga clic en OK > Start Scan, terminando el análisis:


        • Se mostraran los resultados NO modifique las acciones predeterminadas, únicamente:
        • Si se encuentra "TDLFS File System/TDSS File system" la opción a seguir es Delete


      • Haga clic en Continue > Reboot computer para terminar el proceso.



      Abrir el archivo de texto en C:\TDSSKiller_***_***_.txt copiar todo su contenido y pegarlo en su siguiente respuesta.
      Tyny's
      If on your journey, you should encounter God, God will be cut!

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de bart_jor
      Registrado
      sep 2008
      Ubicación
      mexico
      Mensajes
      3

      Re: Como Desinstalar restros de antivirus y virus sex.exe (ya intente de todo)

      Ya hice el procedimiento, y no detecto nada
      Pongo aqui el reporte
      Gracias



      11:15:35.0030 4792 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
      11:15:35.0039 4792 ============================================================
      11:15:35.0039 4792 Current date / time: 2013/01/24 11:15:35.0039
      11:15:35.0039 4792 SystemInfo:
      11:15:35.0039 4792
      11:15:35.0039 4792 OS Version: 6.1.7601 ServicePack: 1.0
      11:15:35.0039 4792 Product type: Workstation
      11:15:35.0040 4792 ComputerName: JORGE
      11:15:35.0040 4792 UserName: admin
      11:15:35.0040 4792 Windows directory: C:\Windows
      11:15:35.0040 4792 System windows directory: C:\Windows
      11:15:35.0040 4792 Running under WOW64
      11:15:35.0040 4792 Processor architecture: Intel x64
      11:15:35.0040 4792 Number of processors: 6
      11:15:35.0040 4792 Page size: 0x1000
      11:15:35.0040 4792 Boot type: Normal boot
      11:15:35.0040 4792 ============================================================
      11:15:36.0214 4792 Drive \Device\Harddisk0\DR0 - Size: 0x45DD826000 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
      11:15:36.0233 4792 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
      11:15:36.0237 4792 ============================================================
      11:15:36.0237 4792 \Device\Harddisk0\DR0:
      11:15:36.0237 4792 MBR partitions:
      11:15:36.0237 4792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x22EEAD02
      11:15:36.0237 4792 \Device\Harddisk1\DR1:
      11:15:36.0237 4792 MBR partitions:
      11:15:36.0237 4792 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
      11:15:36.0237 4792 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3D05D800
      11:15:36.0237 4792 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x3D090000, BlocksNum 0x37676000
      11:15:36.0237 4792 ============================================================
      11:15:36.0258 4792 C: <-> \Device\Harddisk1\DR1\Partition2
      11:15:36.0297 4792 D: <-> \Device\Harddisk1\DR1\Partition3
      11:15:36.0327 4792 E: <-> \Device\Harddisk0\DR0\Partition1
      11:15:36.0327 4792 ============================================================
      11:15:36.0327 4792 Initialize success
      11:15:36.0327 4792 ============================================================
      11:15:41.0925 5900 ============================================================
      11:15:41.0925 5900 Scan started
      11:15:41.0925 5900 Mode: Manual; TDLFS;
      11:15:41.0925 5900 ============================================================
      11:15:42.0976 5900 ================ Scan system memory ========================
      11:15:42.0976 5900 System memory - ok
      11:15:42.0977 5900 ================ Scan services =============================
      11:15:43.0175 5900 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
      11:15:43.0178 5900 1394ohci - ok
      11:15:43.0211 5900 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
      11:15:43.0213 5900 ACPI - ok
      11:15:43.0248 5900 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
      11:15:43.0249 5900 AcpiPmi - ok
      11:15:43.0359 5900 [ D9881575C4166AE3A92118ECC217B079 ] ADExchange C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
      11:15:43.0360 5900 ADExchange - ok
      11:15:43.0422 5900 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      11:15:43.0424 5900 AdobeARMservice - ok
      11:15:43.0534 5900 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
      11:15:43.0536 5900 AdobeFlashPlayerUpdateSvc - ok
      11:15:43.0590 5900 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
      11:15:43.0598 5900 adp94xx - ok
      11:15:43.0615 5900 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
      11:15:43.0618 5900 adpahci - ok
      11:15:43.0632 5900 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
      11:15:43.0634 5900 adpu320 - ok
      11:15:43.0655 5900 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
      11:15:43.0656 5900 AeLookupSvc - ok
      11:15:43.0721 5900 [ D31DC7A16DEA4A9BAF179F3D6FBDB38C ] AFD C:\Windows\system32\drivers\afd.sys
      11:15:43.0725 5900 AFD - ok
      11:15:43.0771 5900 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
      11:15:43.0772 5900 agp440 - ok
      11:15:43.0813 5900 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
      11:15:43.0815 5900 ALG - ok
      11:15:43.0831 5900 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
      11:15:43.0832 5900 aliide - ok
      11:15:43.0870 5900 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
      11:15:43.0871 5900 amdide - ok
      11:15:43.0885 5900 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
      11:15:43.0887 5900 AmdK8 - ok
      11:15:43.0910 5900 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
      11:15:43.0912 5900 AmdPPM - ok
      11:15:43.0948 5900 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
      11:15:43.0950 5900 amdsata - ok
      11:15:43.0973 5900 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
      11:15:43.0976 5900 amdsbs - ok
      11:15:43.0994 5900 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
      11:15:43.0995 5900 amdxata - ok
      11:15:44.0020 5900 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
      11:15:44.0022 5900 AppID - ok
      11:15:44.0057 5900 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
      11:15:44.0059 5900 AppIDSvc - ok
      11:15:44.0076 5900 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
      11:15:44.0078 5900 Appinfo - ok
      11:15:44.0162 5900 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
      11:15:44.0165 5900 Apple Mobile Device - ok
      11:15:44.0199 5900 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
      11:15:44.0203 5900 AppMgmt - ok
      11:15:44.0232 5900 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
      11:15:44.0234 5900 arc - ok
      11:15:44.0299 5900 ArchVision Content Manager Service - ok
      11:15:44.0316 5900 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
      11:15:44.0318 5900 arcsas - ok
      11:15:44.0465 5900 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
      11:15:44.0467 5900 aspnet_state - ok
      11:15:44.0495 5900 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
      11:15:44.0496 5900 AsyncMac - ok
      11:15:44.0527 5900 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
      11:15:44.0528 5900 atapi - ok
      11:15:44.0589 5900 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
      11:15:44.0600 5900 AudioEndpointBuilder - ok
      11:15:44.0619 5900 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
      11:15:44.0627 5900 AudioSrv - ok
      11:15:44.0709 5900 [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
      11:15:44.0712 5900 Autodesk Content Service - ok
      11:15:44.0896 5900 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
      11:15:44.0902 5900 AVP - ok
      11:15:44.0963 5900 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
      11:15:44.0966 5900 AxInstSV - ok
      11:15:45.0014 5900 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
      11:15:45.0021 5900 b06bdrv - ok
      11:15:45.0043 5900 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
      11:15:45.0047 5900 b57nd60a - ok
      11:15:45.0109 5900 [ 382B151DAFFE4A9CE9DA9F564B66761E ] BCUService C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
      11:15:45.0113 5900 BCUService - ok
      11:15:45.0140 5900 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
      11:15:45.0142 5900 BDESVC - ok
      11:15:45.0177 5900 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
      11:15:45.0178 5900 Beep - ok
      11:15:45.0213 5900 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
      11:15:45.0224 5900 BFE - ok
      11:15:45.0266 5900 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
      11:15:45.0282 5900 BITS - ok
      11:15:45.0310 5900 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
      11:15:45.0310 5900 blbdrive - ok
      11:15:45.0424 5900 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
      11:15:45.0432 5900 Bonjour Service - ok
      11:15:45.0448 5900 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
      11:15:45.0449 5900 bowser - ok
      11:15:45.0466 5900 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
      11:15:45.0466 5900 BrFiltLo - ok
      11:15:45.0478 5900 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
      11:15:45.0478 5900 BrFiltUp - ok
      11:15:45.0492 5900 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
      11:15:45.0493 5900 BridgeMP - ok
      11:15:45.0537 5900 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
      11:15:45.0540 5900 Browser - ok
      11:15:45.0562 5900 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
      11:15:45.0567 5900 Brserid - ok
      11:15:45.0584 5900 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
      11:15:45.0585 5900 BrSerWdm - ok
      11:15:45.0589 5900 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
      11:15:45.0590 5900 BrUsbMdm - ok
      11:15:45.0595 5900 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
      11:15:45.0595 5900 BrUsbSer - ok
      11:15:45.0618 5900 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
      11:15:45.0618 5900 BthEnum - ok
      11:15:45.0632 5900 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
      11:15:45.0633 5900 BTHMODEM - ok
      11:15:45.0659 5900 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
      11:15:45.0660 5900 BthPan - ok
      11:15:45.0702 5900 [ 0D25B6D300BA26A5F2C3B2A8E96B158B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
      11:15:45.0706 5900 BTHPORT - ok
      11:15:45.0733 5900 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
      11:15:45.0734 5900 bthserv - ok
      11:15:45.0752 5900 [ 1F9912F8EC5BFA53432E71E150636A8A ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
      11:15:45.0753 5900 BTHUSB - ok
      11:15:45.0784 5900 catchme - ok
      11:15:45.0805 5900 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
      11:15:45.0806 5900 cdfs - ok
      11:15:45.0847 5900 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
      11:15:45.0850 5900 cdrom - ok
      11:15:45.0891 5900 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
      11:15:45.0893 5900 CertPropSvc - ok
      11:15:45.0902 5900 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
      11:15:45.0903 5900 circlass - ok
      11:15:45.0938 5900 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
      11:15:45.0941 5900 CLFS - ok
      11:15:45.0991 5900 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
      11:15:45.0994 5900 clr_optimization_v2.0.50727_32 - ok
      11:15:46.0034 5900 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
      11:15:46.0037 5900 clr_optimization_v2.0.50727_64 - ok
      11:15:46.0289 5900 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
      11:15:46.0292 5900 clr_optimization_v4.0.30319_32 - ok
      11:15:46.0309 5900 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
      11:15:46.0312 5900 clr_optimization_v4.0.30319_64 - ok
      11:15:46.0334 5900 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
      11:15:46.0335 5900 CmBatt - ok
      11:15:46.0351 5900 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
      11:15:46.0352 5900 cmdide - ok
      11:15:46.0378 5900 [ D5FEA92400F12412B3922087C09DA6A5 ] CNG C:\Windows\system32\Drivers\cng.sys
      11:15:46.0382 5900 CNG - ok
      11:15:46.0394 5900 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
      11:15:46.0395 5900 Compbatt - ok
      11:15:46.0442 5900 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
      11:15:46.0443 5900 CompositeBus - ok
      11:15:46.0460 5900 COMSysApp - ok
      11:15:46.0486 5900 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
      11:15:46.0488 5900 crcdisk - ok
      11:15:46.0528 5900 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
      11:15:46.0532 5900 CryptSvc - ok
      11:15:46.0564 5900 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
      11:15:46.0572 5900 CSC - ok
      11:15:46.0614 5900 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
      11:15:46.0626 5900 CscService - ok
      11:15:46.0674 5900 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
      11:15:46.0686 5900 DcomLaunch - ok
      11:15:46.0733 5900 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
      11:15:46.0739 5900 defragsvc - ok
      11:15:46.0785 5900 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
      11:15:46.0787 5900 DfsC - ok
      11:15:46.0839 5900 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
      11:15:46.0845 5900 Dhcp - ok
      11:15:46.0862 5900 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
      11:15:46.0863 5900 discache - ok
      11:15:46.0917 5900 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
      11:15:46.0919 5900 Disk - ok
      11:15:46.0957 5900 [ CD55F5355D8F55D44C9F4ED875705BD6 ] Dnscache C:\Windows\System32\dnsrslvr.dll
      11:15:46.0962 5900 Dnscache - ok
      11:15:47.0021 5900 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
      11:15:47.0026 5900 dot3svc - ok
      11:15:47.0060 5900 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
      11:15:47.0064 5900 DPS - ok
      11:15:47.0108 5900 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
      11:15:47.0108 5900 drmkaud - ok
      11:15:47.0172 5900 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
      11:15:47.0181 5900 DXGKrnl - ok
      11:15:47.0219 5900 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
      11:15:47.0221 5900 EapHost - ok
      11:15:47.0327 5900 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
      11:15:47.0345 5900 ebdrv - ok
      11:15:47.0357 5900 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
      11:15:47.0358 5900 EFS - ok
      11:15:47.0405 5900 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
      11:15:47.0415 5900 ehRecvr - ok
      11:15:47.0440 5900 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
      11:15:47.0442 5900 ehSched - ok
      11:15:47.0463 5900 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
      11:15:47.0467 5900 elxstor - ok
      11:15:47.0483 5900 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
      11:15:47.0483 5900 ErrDev - ok
      11:15:47.0503 5900 [ B8FA96995726D1FA58476E352C02AD82 ] ES lite Service C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
      11:15:47.0504 5900 ES lite Service - ok
      11:15:47.0527 5900 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
      11:15:47.0531 5900 EventSystem - ok
      11:15:47.0550 5900 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
      11:15:47.0552 5900 exfat - ok
      11:15:47.0573 5900 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
      11:15:47.0575 5900 fastfat - ok
      11:15:47.0642 5900 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
      11:15:47.0654 5900 Fax - ok
      11:15:47.0670 5900 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
      11:15:47.0671 5900 fdc - ok
      11:15:47.0686 5900 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
      11:15:47.0688 5900 fdPHost - ok
      11:15:47.0699 5900 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
      11:15:47.0700 5900 FDResPub - ok
      11:15:47.0712 5900 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
      11:15:47.0713 5900 FileInfo - ok
      11:15:47.0717 5900 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
      11:15:47.0718 5900 Filetrace - ok
      11:15:47.0799 5900 [ 5CEE6CD43AE5844C49300EA0B1E557EE ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
      11:15:47.0809 5900 FLEXnet Licensing Service 64 - ok
      11:15:47.0819 5900 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
      11:15:47.0820 5900 flpydisk - ok
      11:15:47.0850 5900 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
      11:15:47.0852 5900 FltMgr - ok
      11:15:47.0896 5900 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
      11:15:47.0903 5900 FontCache - ok
      11:15:47.0945 5900 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
      11:15:47.0945 5900 FontCache3.0.0.0 - ok
      11:15:47.0964 5900 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
      11:15:47.0965 5900 FsDepends - ok
      11:15:47.0975 5900 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
      11:15:47.0975 5900 Fs_Rec - ok
      11:15:47.0990 5900 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
      11:15:47.0991 5900 fvevol - ok
      11:15:48.0017 5900 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
      11:15:48.0019 5900 gagp30kx - ok
      11:15:48.0098 5900 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
      11:15:48.0099 5900 gdrv - ok
      11:15:48.0148 5900 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
      11:15:48.0150 5900 GEARAspiWDM - ok
      11:15:48.0194 5900 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
      11:15:48.0201 5900 gpsvc - ok
      11:15:48.0258 5900 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      11:15:48.0261 5900 gupdate - ok
      11:15:48.0293 5900 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
      11:15:48.0296 5900 gupdatem - ok
      11:15:48.0323 5900 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
      11:15:48.0327 5900 gusvc - ok
      11:15:48.0345 5900 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
      11:15:48.0346 5900 hcw85cir - ok
      11:15:48.0383 5900 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
      11:15:48.0389 5900 HdAudAddService - ok
      11:15:48.0416 5900 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
      11:15:48.0419 5900 HDAudBus - ok
      11:15:48.0427 5900 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
      11:15:48.0429 5900 HidBatt - ok
      11:15:48.0447 5900 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
      11:15:48.0448 5900 HidBth - ok
      11:15:48.0464 5900 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
      11:15:48.0465 5900 HidIr - ok
      11:15:48.0479 5900 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
      11:15:48.0481 5900 hidserv - ok
      11:15:48.0514 5900 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
      11:15:48.0515 5900 HidUsb - ok
      11:15:48.0540 5900 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
      11:15:48.0543 5900 hkmsvc - ok
      11:15:48.0576 5900 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
      11:15:48.0579 5900 HomeGroupListener - ok
      11:15:48.0608 5900 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
      11:15:48.0612 5900 HomeGroupProvider - ok
      11:15:48.0629 5900 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
      11:15:48.0630 5900 HpSAMD - ok
      11:15:48.0686 5900 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
      11:15:48.0698 5900 HTTP - ok
      11:15:48.0729 5900 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
      11:15:48.0729 5900 hwpolicy - ok
      11:15:48.0772 5900 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
      11:15:48.0774 5900 i8042prt - ok
      11:15:48.0795 5900 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
      11:15:48.0798 5900 iaStorV - ok
      11:15:48.0871 5900 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      11:15:48.0873 5900 IDriverT - ok
      11:15:48.0930 5900 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
      11:15:48.0943 5900 idsvc - ok
      11:15:48.0987 5900 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
      11:15:48.0988 5900 iirsp - ok
      11:15:49.0040 5900 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
      11:15:49.0054 5900 IKEEXT - ok
      11:15:49.0159 5900 [ 0ADF714079AE174A39D69036143E4C50 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
      11:15:49.0177 5900 IntcAzAudAddService - ok
      11:15:49.0218 5900 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
      11:15:49.0219 5900 intelide - ok
      11:15:49.0255 5900 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
      11:15:49.0257 5900 intelppm - ok
      11:15:49.0283 5900 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
      11:15:49.0288 5900 IPBusEnum - ok
      11:15:49.0306 5900 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
      11:15:49.0308 5900 IpFilterDriver - ok
      11:15:49.0348 5900 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
      11:15:49.0358 5900 iphlpsvc - ok
      11:15:49.0376 5900 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
      11:15:49.0378 5900 IPMIDRV - ok
      11:15:49.0383 5900 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
      11:15:49.0385 5900 IPNAT - ok
      11:15:49.0448 5900 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
      11:15:49.0456 5900 iPod Service - ok
      11:15:49.0492 5900 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
      11:15:49.0493 5900 IRENUM - ok
      11:15:49.0505 5900 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
      11:15:49.0506 5900 isapnp - ok
      11:15:49.0525 5900 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
      11:15:49.0527 5900 iScsiPrt - ok
      11:15:49.0611 5900 [ F3A41EC4C6506E76E07A219B3A1DF8D2 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
      11:15:49.0616 5900 JMB36X - ok
      11:15:49.0635 5900 [ 1C368C1A2733DCC5B8E15420AA2B0F6D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
      11:15:49.0638 5900 JRAID - ok
      11:15:49.0660 5900 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
      11:15:49.0662 5900 kbdclass - ok
      11:15:49.0702 5900 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
      11:15:49.0703 5900 kbdhid - ok
      11:15:49.0713 5900 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
      11:15:49.0715 5900 KeyIso - ok
      11:15:49.0784 5900 [ 8B5219318DF5895ABD230C373F2DF18A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
      11:15:49.0788 5900 kl1 - ok
      11:15:49.0841 5900 [ 65F3B81FA285EAB641F5E6EF7AEB984D ] KLIF C:\Windows\system32\DRIVERS\klif.sys
      11:15:49.0845 5900 KLIF - ok
      11:15:49.0867 5900 [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
      11:15:49.0868 5900 KLIM6 - ok
      11:15:49.0882 5900 [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
      11:15:49.0882 5900 klkbdflt - ok
      11:15:49.0900 5900 [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
      11:15:49.0900 5900 klmouflt - ok
      11:15:49.0913 5900 [ A8081ED8D48FA611D11DB97F49A5343D ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
      11:15:49.0914 5900 kltdi - ok
      11:15:49.0943 5900 [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
      11:15:49.0944 5900 kneps - ok
      11:15:49.0965 5900 [ CCD53B5BD33CE0C889E830D839C8B66E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
      11:15:49.0966 5900 KSecDD - ok
      11:15:50.0001 5900 [ 9FF918A261752C12639E8AD4208D2C2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
      11:15:50.0004 5900 KSecPkg - ok
      11:15:50.0027 5900 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
      11:15:50.0029 5900 ksthunk - ok
      11:15:50.0086 5900 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
      11:15:50.0095 5900 KtmRm - ok
      11:15:50.0132 5900 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
      11:15:50.0141 5900 LanmanServer - ok
      11:15:50.0180 5900 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
      11:15:50.0187 5900 LanmanWorkstation - ok
      11:15:50.0267 5900 [ CCAD2AAE36E24346488B0F54A049DE78 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
      11:15:50.0269 5900 LightScribeService - ok
      11:15:50.0284 5900 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
      11:15:50.0286 5900 lltdio - ok
      11:15:50.0309 5900 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
      11:15:50.0312 5900 lltdsvc - ok
      11:15:50.0330 5900 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
      11:15:50.0332 5900 lmhosts - ok
      11:15:50.0364 5900 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
      11:15:50.0365 5900 LSI_FC - ok
      11:15:50.0377 5900 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
      11:15:50.0378 5900 LSI_SAS - ok
      11:15:50.0389 5900 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
      11:15:50.0390 5900 LSI_SAS2 - ok
      11:15:50.0401 5900 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
      11:15:50.0403 5900 LSI_SCSI - ok
      11:15:50.0440 5900 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
      11:15:50.0441 5900 luafv - ok
      11:15:50.0460 5900 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
      11:15:50.0465 5900 Mcx2Svc - ok
      11:15:50.0491 5900 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
      11:15:50.0492 5900 megasas - ok
      11:15:50.0519 5900 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
      11:15:50.0524 5900 MegaSR - ok
      11:15:50.0603 5900 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2011_64 C:\Program Files\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe
      11:15:50.0606 5900 mi-raysat_3dsmax2011_64 - ok
      11:15:50.0618 5900 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
      11:15:50.0622 5900 MMCSS - ok
      11:15:50.0635 5900 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
      11:15:50.0636 5900 Modem - ok
      11:15:50.0646 5900 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
      11:15:50.0647 5900 monitor - ok
      11:15:50.0666 5900 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
      11:15:50.0667 5900 mouclass - ok
      11:15:50.0696 5900 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
      11:15:50.0697 5900 mouhid - ok
      11:15:50.0721 5900 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
      11:15:50.0723 5900 mountmgr - ok
      11:15:50.0805 5900 [ C8619D099F8149149045772B60DB09AC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
      11:15:50.0808 5900 MozillaMaintenance - ok
      11:15:50.0830 5900 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
      11:15:50.0834 5900 mpio - ok
      11:15:50.0846 5900 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
      11:15:50.0847 5900 mpsdrv - ok
      11:15:50.0920 5900 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
      11:15:50.0929 5900 MpsSvc - ok
      11:15:50.0966 5900 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
      11:15:50.0968 5900 MRxDAV - ok
      11:15:50.0994 5900 [ FAF015B07E3A2874A790A39B7D2C579F ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
      11:15:50.0997 5900 mrxsmb - ok
      11:15:51.0034 5900 [ 08E2345DF129082BCDFFDC1440F9C00D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
      11:15:51.0039 5900 mrxsmb10 - ok
      11:15:51.0073 5900 [ 108D87409C5812EF47D81E22843E8C9D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
      11:15:51.0076 5900 mrxsmb20 - ok
      11:15:51.0105 5900 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
      11:15:51.0106 5900 msahci - ok
      11:15:51.0130 5900 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
      11:15:51.0133 5900 msdsm - ok
      11:15:51.0150 5900 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
      11:15:51.0155 5900 MSDTC - ok
      11:15:51.0175 5900 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
      11:15:51.0176 5900 Msfs - ok
      11:15:51.0202 5900 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
      11:15:51.0202 5900 mshidkmdf - ok
      11:15:51.0214 5900 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
      11:15:51.0215 5900 msisadrv - ok
      11:15:51.0241 5900 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
      11:15:51.0244 5900 MSiSCSI - ok
      11:15:51.0248 5900 msiserver - ok
      11:15:51.0308 5900 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
      11:15:51.0310 5900 MSKSSRV - ok
      11:15:51.0324 5900 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
      11:15:51.0326 5900 MSPCLOCK - ok
      11:15:51.0342 5900 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
      11:15:51.0344 5900 MSPQM - ok
      11:15:51.0372 5900 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
      11:15:51.0375 5900 MsRPC - ok
      11:15:51.0390 5900 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
      11:15:51.0391 5900 mssmbios - ok
      11:15:51.0409 5900 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
      11:15:51.0409 5900 MSTEE - ok
      11:15:51.0426 5900 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
      11:15:51.0427 5900 MTConfig - ok
      11:15:51.0463 5900 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
      11:15:51.0465 5900 Mup - ok
      11:15:51.0535 5900 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
      11:15:51.0545 5900 napagent - ok
      11:15:51.0587 5900 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
      11:15:51.0593 5900 NativeWifiP - ok
      11:15:51.0701 5900 [ 5836B9E91863A00EC1B8E785EFD86ECB ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
      11:15:51.0713 5900 NBService - ok
      11:15:51.0776 5900 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
      11:15:51.0790 5900 NDIS - ok
      11:15:51.0808 5900 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
      11:15:51.0809 5900 NdisCap - ok
      11:15:51.0837 5900 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
      11:15:51.0839 5900 NdisTapi - ok
      11:15:51.0856 5900 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
      11:15:51.0859 5900 Ndisuio - ok
      11:15:51.0878 5900 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
      11:15:51.0881 5900 NdisWan - ok
      11:15:51.0907 5900 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
      11:15:51.0908 5900 NDProxy - ok
      11:15:51.0928 5900 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
      11:15:51.0929 5900 NetBIOS - ok
      11:15:51.0959 5900 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
      11:15:51.0961 5900 NetBT - ok
      11:15:51.0978 5900 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
      11:15:51.0980 5900 Netlogon - ok
      11:15:52.0030 5900 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
      11:15:52.0035 5900 Netman - ok
      11:15:52.0109 5900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      11:15:52.0113 5900 NetMsmqActivator - ok
      11:15:52.0121 5900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      11:15:52.0124 5900 NetPipeActivator - ok
      11:15:52.0143 5900 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
      11:15:52.0148 5900 netprofm - ok
      11:15:52.0153 5900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      11:15:52.0155 5900 NetTcpActivator - ok
      11:15:52.0160 5900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
      11:15:52.0161 5900 NetTcpPortSharing - ok
      11:15:52.0201 5900 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
      11:15:52.0202 5900 nfrd960 - ok
      11:15:52.0229 5900 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
      11:15:52.0233 5900 NlaSvc - ok
      11:15:52.0256 5900 nlsX86cc - ok
      11:15:52.0321 5900 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
      11:15:52.0326 5900 NMIndexingService - ok
      11:15:52.0341 5900 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
      11:15:52.0342 5900 Npfs - ok
      11:15:52.0348 5900 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
      11:15:52.0351 5900 nsi - ok
      11:15:52.0362 5900 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
      11:15:52.0363 5900 nsiproxy - ok
      11:15:52.0407 5900 [ 05D78AA5CB5F3F5C31160BDB955D0B7C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
      11:15:52.0420 5900 Ntfs - ok
      11:15:52.0435 5900 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
      11:15:52.0436 5900 Null - ok
      11:15:52.0477 5900 [ 785298579B5F9B4032152DFBB992FDB6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
      11:15:52.0478 5900 nusb3hub - ok
      11:15:52.0490 5900 [ DF2750481B4964814467C974F2B0EEF1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
      11:15:52.0494 5900 nusb3xhc - ok
      11:15:52.0555 5900 [ E20ABD5B229760158F753CA90B97E090 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
      11:15:52.0558 5900 NVHDA - ok
      11:15:52.0777 5900 [ E55CAB397F77D5208DB18A78B1B7C0D5 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
      11:15:52.0830 5900 nvlddmkm - ok
      11:15:52.0870 5900 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
      11:15:52.0871 5900 nvraid - ok
      11:15:52.0896 5900 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
      11:15:52.0899 5900 nvstor - ok
      11:15:52.0920 5900 [ 43BC8151893AE6AFE42E149D663C2221 ] nvsvc C:\Windows\system32\nvvsvc.exe
      11:15:52.0923 5900 nvsvc - ok
      11:15:52.0954 5900 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
      11:15:52.0955 5900 nv_agp - ok
      11:15:53.0012 5900 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
      11:15:53.0020 5900 odserv - ok
      11:15:53.0051 5900 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
      11:15:53.0054 5900 ohci1394 - ok
      11:15:53.0070 5900 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
      11:15:53.0072 5900 ose - ok
      11:15:53.0132 5900 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
      11:15:53.0140 5900 p2pimsvc - ok
      11:15:53.0174 5900 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
      11:15:53.0183 5900 p2psvc - ok
      11:15:53.0208 5900 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
      11:15:53.0210 5900 Parport - ok
      11:15:53.0244 5900 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
      11:15:53.0246 5900 partmgr - ok
      11:15:53.0266 5900 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
      11:15:53.0272 5900 PcaSvc - ok
      11:15:53.0288 5900 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
      11:15:53.0291 5900 pci - ok
      11:15:53.0304 5900 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
      11:15:53.0305 5900 pciide - ok
      11:15:53.0324 5900 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
      11:15:53.0326 5900 pcmcia - ok
      11:15:53.0337 5900 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
      11:15:53.0338 5900 pcw - ok
      11:15:53.0363 5900 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
      11:15:53.0368 5900 PEAUTH - ok
      11:15:53.0416 5900 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
      11:15:53.0428 5900 PeerDistSvc - ok
      11:15:53.0477 5900 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
      11:15:53.0481 5900 PerfHost - ok
      11:15:53.0548 5900 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
      11:15:53.0557 5900 pla - ok
      11:15:53.0599 5900 [ B806E50427511BCF4AD8E8239C3E25FA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
      11:15:53.0610 5900 PlugPlay - ok
      11:15:53.0634 5900 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
      11:15:53.0636 5900 PNRPAutoReg - ok
      11:15:53.0654 5900 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
      11:15:53.0658 5900 PNRPsvc - ok
      11:15:53.0694 5900 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
      11:15:53.0699 5900 PolicyAgent - ok
      11:15:53.0734 5900 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
      11:15:53.0738 5900 Power - ok
      11:15:53.0772 5900 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
      11:15:53.0774 5900 PptpMiniport - ok
      11:15:53.0793 5900 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
      11:15:53.0794 5900 Processor - ok
      11:15:53.0829 5900 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
      11:15:53.0832 5900 ProfSvc - ok
      11:15:53.0842 5900 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
      11:15:53.0844 5900 ProtectedStorage - ok
      11:15:53.0870 5900 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
      11:15:53.0871 5900 Psched - ok
      11:15:53.0930 5900 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
      11:15:53.0932 5900 PxHlpa64 - ok
      11:15:53.0987 5900 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
      11:15:53.0999 5900 ql2300 - ok
      11:15:54.0016 5900 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
      11:15:54.0017 5900 ql40xx - ok
      11:15:54.0030 5900 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
      11:15:54.0033 5900 QWAVE - ok
      11:15:54.0047 5900 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
      11:15:54.0047 5900 QWAVEdrv - ok
      11:15:54.0056 5900 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
      11:15:54.0056 5900 RasAcd - ok
      11:15:54.0073 5900 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
      11:15:54.0074 5900 RasAgileVpn - ok
      11:15:54.0084 5900 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
      11:15:54.0086 5900 RasAuto - ok
      11:15:54.0108 5900 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
      11:15:54.0110 5900 Rasl2tp - ok
      11:15:54.0126 5900 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
      11:15:54.0130 5900 RasMan - ok
      11:15:54.0142 5900 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
      11:15:54.0143 5900 RasPppoe - ok
      11:15:54.0152 5900 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
      11:15:54.0153 5900 RasSstp - ok
      11:15:54.0166 5900 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
      11:15:54.0168 5900 rdbss - ok
      11:15:54.0183 5900 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
      11:15:54.0184 5900 rdpbus - ok
      11:15:54.0201 5900 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
      11:15:54.0201 5900 RDPCDD - ok
      11:15:54.0223 5900 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
      11:15:54.0225 5900 RDPDR - ok
      11:15:54.0244 5900 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
      11:15:54.0245 5900 RDPENCDD - ok
      11:15:54.0251 5900 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
      11:15:54.0252 5900 RDPREFMP - ok
      11:15:54.0280 5900 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
      11:15:54.0280 5900 RdpVideoMiniport - ok
      11:15:54.0302 5900 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
      11:15:54.0304 5900 RDPWD - ok
      11:15:54.0328 5900 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
      11:15:54.0332 5900 rdyboost - ok
      11:15:54.0372 5900 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
      11:15:54.0375 5900 RemoteAccess - ok
      11:15:54.0395 5900 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
      11:15:54.0399 5900 RemoteRegistry - ok
      11:15:54.0433 5900 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
      11:15:54.0436 5900 RFCOMM - ok
      11:15:54.0519 5900 [ 85B5159D86AC06AD744EE9D3C288AEEE ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
      11:15:54.0521 5900 Roxio UPnP Renderer 10 - ok
      11:15:54.0543 5900 [ 0DB43CAF2D77B809A86E9D7E1BCC6D76 ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
      11:15:54.0549 5900 Roxio Upnp Server 10 - ok
      11:15:54.0601 5900 [ 7958AFFC64E4F284068EB6575CC64DCF ] RoxLiveShare10 C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
      11:15:54.0607 5900 RoxLiveShare10 - ok
      11:15:54.0644 5900 [ ED69CD4AB4BE607ABF768A60E4AC79DA ] RoxMediaDB10 C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
      11:15:54.0660 5900 RoxMediaDB10 - ok
      11:15:54.0697 5900 [ 0DA14EE2C0E274FEA5A6545181851C16 ] RoxWatch10 C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
      11:15:54.0699 5900 RoxWatch10 - ok
      11:15:54.0708 5900 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
      11:15:54.0711 5900 RpcEptMapper - ok
      11:15:54.0734 5900 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
      11:15:54.0736 5900 RpcLocator - ok
      11:15:54.0754 5900 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
      11:15:54.0761 5900 RpcSs - ok
      11:15:54.0777 5900 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
      11:15:54.0778 5900 rspndr - ok
      11:15:54.0810 5900 [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
      11:15:54.0813 5900 RTL8167 - ok
      11:15:54.0837 5900 RxFilter - ok
      11:15:54.0873 5900 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
      11:15:54.0875 5900 s3cap - ok
      11:15:54.0891 5900 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
      11:15:54.0893 5900 SamSs - ok
      11:15:54.0911 5900 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
      11:15:54.0913 5900 sbp2port - ok
      11:15:54.0930 5900 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
      11:15:54.0933 5900 SCardSvr - ok
      11:15:54.0962 5900 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
      11:15:54.0963 5900 scfilter - ok
      11:15:55.0014 5900 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
      11:15:55.0034 5900 Schedule - ok
      11:15:55.0065 5900 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
      11:15:55.0067 5900 SCPolicySvc - ok
      11:15:55.0105 5900 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
      11:15:55.0112 5900 SDRSVC - ok
      11:15:55.0134 5900 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
      11:15:55.0135 5900 secdrv - ok
      11:15:55.0155 5900 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
      11:15:55.0160 5900 seclogon - ok
      11:15:55.0180 5900 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
      11:15:55.0185 5900 SENS - ok
      11:15:55.0198 5900 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
      11:15:55.0201 5900 SensrSvc - ok
      11:15:55.0237 5900 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
      11:15:55.0238 5900 Serenum - ok
      11:15:55.0273 5900 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
      11:15:55.0274 5900 Serial - ok
      11:15:55.0293 5900 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
      11:15:55.0294 5900 sermouse - ok
      11:15:55.0333 5900 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
      11:15:55.0338 5900 SessionEnv - ok
      11:15:55.0412 5900 SessionLauncher - ok
      11:15:55.0438 5900 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
      11:15:55.0439 5900 sffdisk - ok
      11:15:55.0444 5900 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
      11:15:55.0445 5900 sffp_mmc - ok
      11:15:55.0451 5900 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
      11:15:55.0451 5900 sffp_sd - ok
      11:15:55.0467 5900 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
      11:15:55.0468 5900 sfloppy - ok
      11:15:55.0560 5900 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
      11:15:55.0568 5900 SharedAccess - ok
      11:15:55.0608 5900 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
      11:15:55.0618 5900 ShellHWDetection - ok
      11:15:55.0655 5900 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
      11:15:55.0657 5900 SiSRaid2 - ok
      11:15:55.0691 5900 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
      11:15:55.0693 5900 SiSRaid4 - ok
      11:15:55.0820 5900 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
      11:15:55.0843 5900 Skype C2C Service - ok
      11:15:55.0871 5900 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
      11:15:55.0872 5900 SkypeUpdate - ok
      11:15:55.0894 5900 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
      11:15:55.0894 5900 Smb - ok
      11:15:55.0922 5900 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
      11:15:55.0923 5900 SNMPTRAP - ok
      11:15:55.0954 5900 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
      11:15:55.0955 5900 spldr - ok
      11:15:56.0018 5900 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
      11:15:56.0031 5900 Spooler - ok
      11:15:56.0126 5900 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
      11:15:56.0150 5900 sppsvc - ok
      11:15:56.0163 5900 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
      11:15:56.0165 5900 sppuinotify - ok
      11:15:56.0196 5900 [ 2098B8556D1CEC2ACA9A29CD479E3692 ] srv C:\Windows\system32\DRIVERS\srv.sys
      11:15:56.0199 5900 srv - ok
      11:15:56.0230 5900 [ D0F73A42040F21F92FD314B42AC5C9E7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
      11:15:56.0232 5900 srv2 - ok
      11:15:56.0264 5900 [ 2BA8F3250828CCDB4204ECF2C6F40B6A ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
      11:15:56.0267 5900 srvnet - ok
      11:15:56.0358 5900 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
      11:15:56.0366 5900 SSDPSRV - ok
      11:15:56.0434 5900 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
      11:15:56.0440 5900 SstpSvc - ok
      11:15:56.0516 5900 [ 29662881A46DB66730C62A4F1BFA3DC2 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
      11:15:56.0520 5900 Stereo Service - ok
      11:15:56.0595 5900 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
      11:15:56.0597 5900 stexstor - ok
      11:15:56.0683 5900 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
      11:15:56.0697 5900 stisvc - ok
      11:15:56.0737 5900 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
      11:15:56.0738 5900 storflt - ok
      11:15:56.0757 5900 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
      11:15:56.0759 5900 storvsc - ok
      11:15:56.0771 5900 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
      11:15:56.0772 5900 swenum - ok
      11:15:56.0882 5900 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      11:15:56.0891 5900 SwitchBoard - ok
      11:15:56.0940 5900 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
      11:15:56.0952 5900 swprv - ok
      11:15:56.0957 5900 Synth3dVsc - ok
      11:15:57.0011 5900 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
      11:15:57.0026 5900 SysMain - ok
      11:15:57.0050 5900 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
      11:15:57.0054 5900 TabletInputService - ok
      11:15:57.0090 5900 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
      11:15:57.0095 5900 TapiSrv - ok
      11:15:57.0114 5900 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
      11:15:57.0117 5900 TBS - ok
      11:15:57.0183 5900 [ 509383E505C973ED7534A06B3D19688D ] Tcpip C:\Windows\system32\drivers\tcpip.sys
      11:15:57.0200 5900 Tcpip - ok
      11:15:57.0284 5900 [ 509383E505C973ED7534A06B3D19688D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
      11:15:57.0299 5900 TCPIP6 - ok
      11:15:57.0336 5900 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
      11:15:57.0337 5900 tcpipreg - ok
      11:15:57.0346 5900 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
      11:15:57.0347 5900 TDPIPE - ok
      11:15:57.0361 5900 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
      11:15:57.0363 5900 TDTCP - ok
      11:15:57.0383 5900 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
      11:15:57.0384 5900 tdx - ok
      11:15:57.0415 5900 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
      11:15:57.0417 5900 TermDD - ok
      11:15:57.0455 5900 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
      11:15:57.0470 5900 TermService - ok
      11:15:57.0501 5900 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
      11:15:57.0504 5900 Themes - ok
      11:15:57.0527 5900 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
      11:15:57.0529 5900 THREADORDER - ok
      11:15:57.0544 5900 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
      11:15:57.0548 5900 TrkWks - ok
      11:15:57.0564 5900 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
      11:15:57.0566 5900 TrustedInstaller - ok
      11:15:57.0585 5900 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
      11:15:57.0586 5900 tssecsrv - ok
      11:15:57.0637 5900 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
      11:15:57.0638 5900 TsUsbFlt - ok
      11:15:57.0642 5900 tsusbhub - ok
      11:15:57.0694 5900 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
      11:15:57.0697 5900 tunnel - ok
      11:15:57.0719 5900 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
      11:15:57.0721 5900 uagp35 - ok
      11:15:57.0745 5900 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
      11:15:57.0748 5900 udfs - ok
      11:15:57.0768 5900 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
      11:15:57.0771 5900 UI0Detect - ok
      11:15:57.0790 5900 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
      11:15:57.0791 5900 uliagpkx - ok
      11:15:57.0834 5900 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
      11:15:57.0835 5900 umbus - ok
      11:15:57.0852 5900 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
      11:15:57.0854 5900 UmPass - ok
      11:15:57.0892 5900 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
      11:15:57.0900 5900 UmRdpService - ok
      11:15:57.0929 5900 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
      11:15:57.0934 5900 upnphost - ok
      11:15:57.0980 5900 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
      11:15:57.0980 5900 USBAAPL64 - ok
      11:15:57.0993 5900 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
      11:15:57.0993 5900 usbccgp - ok
      11:15:58.0004 5900 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
      11:15:58.0004 5900 usbcir - ok
      11:15:58.0018 5900 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
      11:15:58.0018 5900 usbehci - ok
      11:15:58.0039 5900 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys
      11:15:58.0041 5900 usbhub - ok
      11:15:58.0053 5900 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
      11:15:58.0053 5900 usbohci - ok
      11:15:58.0082 5900 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
      11:15:58.0082 5900 usbprint - ok
      11:15:58.0105 5900 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
      11:15:58.0106 5900 USBSTOR - ok
      11:15:58.0117 5900 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
      11:15:58.0117 5900 usbuhci - ok
      11:15:58.0130 5900 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
      11:15:58.0132 5900 UxSms - ok
      11:15:58.0139 5900 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
      11:15:58.0140 5900 VaultSvc - ok
      11:15:58.0150 5900 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
      11:15:58.0150 5900 vdrvroot - ok
      11:15:58.0179 5900 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
      11:15:58.0183 5900 vds - ok
      11:15:58.0198 5900 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
      11:15:58.0198 5900 vga - ok
      11:15:58.0211 5900 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
      11:15:58.0212 5900 VgaSave - ok
      11:15:58.0214 5900 VGPU - ok
      11:15:58.0232 5900 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
      11:15:58.0233 5900 vhdmp - ok
      11:15:58.0250 5900 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
      11:15:58.0250 5900 viaide - ok
      11:15:58.0266 5900 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
      11:15:58.0267 5900 vmbus - ok
      11:15:58.0279 5900 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
      11:15:58.0279 5900 VMBusHID - ok
      11:15:58.0325 5900 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
      11:15:58.0327 5900 volmgr - ok
      11:15:58.0343 5900 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
      11:15:58.0345 5900 volmgrx - ok
      11:15:58.0361 5900 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
      11:15:58.0362 5900 volsnap - ok
      11:15:58.0379 5900 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
      11:15:58.0379 5900 vsmraid - ok
      11:15:58.0443 5900 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
      11:15:58.0461 5900 VSS - ok
      11:15:58.0472 5900 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
      11:15:58.0473 5900 vwifibus - ok
      11:15:58.0496 5900 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
      11:15:58.0499 5900 W32Time - ok
      11:15:58.0504 5900 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
      11:15:58.0504 5900 WacomPen - ok
      11:15:58.0552 5900 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
      11:15:58.0553 5900 WANARP - ok
      11:15:58.0556 5900 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
      11:15:58.0557 5900 Wanarpv6 - ok
      11:15:58.0621 5900 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
      11:15:58.0639 5900 wbengine - ok
      11:15:58.0672 5900 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
      11:15:58.0674 5900 WbioSrvc - ok
      11:15:58.0703 5900 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
      11:15:58.0707 5900 wcncsvc - ok
      11:15:58.0724 5900 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
      11:15:58.0726 5900 WcsPlugInService - ok
      11:15:58.0756 5900 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
      11:15:58.0758 5900 Wd - ok
      11:15:58.0786 5900 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
      11:15:58.0791 5900 Wdf01000 - ok
      11:15:58.0801 5900 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
      11:15:58.0805 5900 WdiServiceHost - ok
      11:15:58.0809 5900 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
      11:15:58.0813 5900 WdiSystemHost - ok
      11:15:58.0831 5900 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
      11:15:58.0834 5900 WebClient - ok
      11:15:58.0839 5900 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
      11:15:58.0842 5900 Wecsvc - ok
      11:15:58.0861 5900 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
      11:15:58.0863 5900 wercplsupport - ok
      11:15:58.0882 5900 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
      11:15:58.0888 5900 WerSvc - ok
      11:15:58.0902 5900 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
      11:15:58.0903 5900 WfpLwf - ok
      11:15:58.0912 5900 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
      11:15:58.0913 5900 WIMMount - ok
      11:15:58.0962 5900 WinDefend - ok
      11:15:58.0970 5900 WinHttpAutoProxySvc - ok
      11:15:59.0032 5900 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
      11:15:59.0037 5900 Winmgmt - ok
      11:15:59.0140 5900 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
      11:15:59.0156 5900 WinRM - ok
      11:15:59.0214 5900 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
      11:15:59.0216 5900 WinUsb - ok
      11:15:59.0258 5900 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
      11:15:59.0276 5900 Wlansvc - ok
      11:15:59.0296 5900 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
      11:15:59.0296 5900 WmiAcpi - ok
      11:15:59.0319 5900 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
      11:15:59.0321 5900 wmiApSrv - ok
      11:15:59.0337 5900 WMPNetworkSvc - ok
      11:15:59.0351 5900 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
      11:15:59.0354 5900 WPCSvc - ok
      11:15:59.0388 5900 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
      11:15:59.0395 5900 WPDBusEnum - ok
      11:15:59.0430 5900 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
      11:15:59.0432 5900 ws2ifsl - ok
      11:15:59.0455 5900 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
      11:15:59.0459 5900 wscsvc - ok
      11:15:59.0463 5900 WSearch - ok
      11:15:59.0532 5900 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
      11:15:59.0548 5900 wuauserv - ok
      11:15:59.0580 5900 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
      11:15:59.0581 5900 WudfPf - ok
      11:15:59.0601 5900 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
      11:15:59.0607 5900 wudfsvc - ok
      11:15:59.0635 5900 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
      11:15:59.0644 5900 WwanSvc - ok
      11:15:59.0668 5900 ================ Scan global ===============================
      11:15:59.0692 5900 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
      11:15:59.0723 5900 [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll
      11:15:59.0732 5900 [ E0406AEF04B088D1C49FC78D0546F689 ] C:\Windows\system32\winsrv.dll
      11:15:59.0754 5900 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
      11:15:59.0770 5900 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
      11:15:59.0775 5900 [Global] - ok
      11:15:59.0775 5900 ================ Scan MBR ==================================
      11:15:59.0778 5900 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
      11:15:59.0841 5900 \Device\Harddisk0\DR0 - ok
      11:15:59.0861 5900 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
      11:16:00.0111 5900 \Device\Harddisk1\DR1 - ok
      11:16:00.0112 5900 ================ Scan VBR ==================================
      11:16:00.0117 5900 [ 5C2D04AED1E6023C263B1D3DAD638904 ] \Device\Harddisk0\DR0\Partition1
      11:16:00.0120 5900 \Device\Harddisk0\DR0\Partition1 - ok
      11:16:00.0151 5900 [ 94BCAE4827A57A91DB34E4BDEC80856A ] \Device\Harddisk1\DR1\Partition1
      11:16:00.0153 5900 \Device\Harddisk1\DR1\Partition1 - ok
      11:16:00.0160 5900 [ E6C1881596D887E79D5376815F839A2B ] \Device\Harddisk1\DR1\Partition2
      11:16:00.0162 5900 \Device\Harddisk1\DR1\Partition2 - ok
      11:16:00.0189 5900 [ 3685F0491AADE80DE2E5B82943CE2EBF ] \Device\Harddisk1\DR1\Partition3
      11:16:00.0191 5900 \Device\Harddisk1\DR1\Partition3 - ok
      11:16:00.0191 5900 ============================================================
      11:16:00.0191 5900 Scan finished
      11:16:00.0191 5900 ============================================================
      11:16:00.0201 5672 Detected object count: 0
      11:16:00.0201 5672 Actual detected object count: 0
      11:16:05.0089 4100 Deinitialize success