Page 3 of 13 FirstFirst 1234567 ... LastLast
Results 21 to 30 of 130

Thread: New advertising malware?

  1. #21
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    I just ran ComboFix... log file appears below.

    I'll monitor this for a couple of days to see if it comes back and keep you posted.


    ComboFix 15-02-16.01 - Henry 02/25/2015 9:00.1.8 - x64
    Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.16289.12882 [GMT -5:00]
    Running from: c:\users\Henry\Desktop\ComboFix.exe
    AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\PCDr\6584\AddOnDownloaded\0124e21d-018c-4ce0-92a3-b9e205a76bc0.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\01729c78-925e-4e01-a2dd-3c0f0989e6d1.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\073fb38f-0e69-479d-bca1-4f81ec9dcbf6.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\095557b2-2408-4eaf-b39b-d55c8606482c.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\0d06f79c-d0e6-4610-9a2b-d8f1a48f4252.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\0d461521-7dbf-4cec-a29e-936c88cdf8c9.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\100c3865-0c76-461b-b2fd-042d6d5fa7f6.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\10494c60-ec8b-4856-b24a-b6d076c4499f.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\173c4dd2-e93c-4725-b006-db1d8f465192.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\1b0b3c38-2b97-4f8d-954b-06296209b73d.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\1e0aaf9a-9947-4a7b-b1ae-8a89919438ed.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\263d6ac9-4f87-466c-947c-bd9af71d7035.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\2a6b5d0b-a2fc-4bdd-b3fe-6bbefb85b7e4.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\2b7a7ebb-6083-4253-a1e6-149883b6eb45.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\2eccd5d6-e118-4f76-97b6-ba56fb6c597a.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\3410f47b-5e8c-47c6-bf2c-234af4121d4c.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\378deb7f-049e-4a5e-83b2-5381dcd9e928.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\3972fea3-214c-4935-a7d1-96bf66115683.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\3b1c7acd-5e3e-4459-ab98-5109117e2341.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\4546f2bc-b9d9-4667-abe7-b0bacc90279e.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\4804ced5-915b-48a3-a465-b8a5e02714bf.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\4818e109-9489-4cd8-9044-44defd8ec187.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\481fbe3e-ec08-4d5a-94ea-95c753609e7c.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\48476a77-44f9-40a8-a623-f3402f22b01b.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\50441041-9037-4c34-842c-4a8523e700da.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\51fdf16e-ecb9-4fa4-8469-76fc9a22293b.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\57d7325c-8462-4866-a9ca-3f9228775fed.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\5c57a158-1254-45f6-b629-b2debbf1fd29.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\5dc7cfd3-e8ce-4478-9404-0ae32511b353.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\62d1f0b0-bc9a-4f6c-bad7-93b19a91276a.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\649574c7-1acb-458c-a846-1bc04bfcdb93.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\67c3d4fe-b638-467a-9fe2-c5813ade3330.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\6820b110-e483-4f1e-9b48-438f7916f078.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\6b5978fa-48d7-4309-a523-7e157768c0d8.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\6f4fb483-ce30-493a-8cb4-3e530ab1be5b.dll
    c:\programdata\PCDr\6584\AddOnDownloaded\6f9e83ca-5216-40db-863d-61ffff2a1563.dll
    c:\programdata\Roaming
    c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini
    c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA7FFFFB744BA0000000010\11.0.0\eula.ini2
    .
    .
    ((((((((((((((((((((((((( Files Created from 2015-01-25 to 2015-02-25 )))))))))))))))))))))))))))))))
    .
    .
    2015-02-25 14:10 . 2015-02-25 14:10 -------- d-----w- c:\users\Default\AppData\Local\temp
    2015-02-22 19:17 . 2015-02-22 19:17 -------- d-----w- c:\users\Henry\AppData\Roaming\PCDr
    2015-02-22 19:17 . 2015-02-22 19:17 -------- d-----w- c:\programdata\PCDr
    2015-02-22 16:43 . 2015-02-22 17:14 -------- d-----w- C:\AdwCleaner
    2015-02-16 21:26 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
    2015-02-16 21:26 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
    2015-02-16 21:26 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
    2015-02-16 21:26 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
    2015-02-15 19:01 . 2015-02-15 19:01 -------- d-----w- c:\program files (x86)\YouTube-Downloader
    2015-02-13 02:42 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
    2015-02-13 02:42 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
    2015-02-13 02:42 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
    2015-02-13 02:42 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
    2015-02-11 16:04 . 2015-02-11 16:04 -------- d-----w- c:\programdata\PC-Doctor for Windows
    2015-02-11 16:04 . 2015-02-11 16:04 -------- d-----w- c:\program files\Dell Support Center
    2015-02-10 21:41 . 2015-01-13 03:10 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
    2015-02-10 21:40 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
    2015-02-07 14:20 . 2015-02-07 14:20 -------- d-----w- c:\users\Henry\AppData\Local\GARMIN_Corp
    2015-02-04 03:09 . 2015-02-23 21:39 -------- d-----w- C:\FRST
    2015-02-04 03:07 . 2015-02-04 03:07 -------- d-----w- C:\RegBackup
    2015-01-27 22:02 . 2015-01-27 22:02 -------- d-----w- c:\program files (x86)\AVIGenerator
    2015-01-27 22:01 . 2015-01-27 22:04 -------- d-----w- c:\users\Henry\VideoPlayer Picture
    2015-01-27 22:01 . 2015-01-27 22:01 -------- d-----w- c:\users\Henry\AppData\Roaming\VideoPlayer
    2015-01-27 22:01 . 2015-01-27 22:01 -------- d-----w- c:\program files (x86)\Lorex
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2015-02-21 01:56 . 2015-01-03 14:26 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2015-02-12 21:41 . 2014-11-01 16:00 116773704 ----a-w- c:\windows\system32\MRT.exe
    2015-02-05 17:28 . 2014-10-26 21:38 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2015-02-05 17:28 . 2014-10-26 21:38 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2015-01-08 14:55 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe
    2014-12-23 15:41 . 2014-12-23 15:41 150440 ----a-w- c:\windows\SysWow64\drivers\AnyDVD.sys
    2014-12-23 15:41 . 2014-12-23 15:41 150440 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
    2014-12-20 22:31 . 2014-12-20 22:31 40344 ----a-w- c:\windows\system32\drivers\ElbyCDIO.sys
    2014-12-19 03:06 . 2015-01-13 22:53 210432 ----a-w- c:\windows\system32\profsvc.dll
    2014-12-19 01:46 . 2015-01-13 22:53 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
    2014-12-18 22:31 . 2014-12-18 22:31 97176 ----a-w- c:\windows\SysWow64\ElbyCDIO.dll
    2014-12-15 09:13 . 2015-01-21 00:28 11870360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{562FEE9C-CBF4-419A-AF96-3B7E1C49643C}\mpengine.dll
    2014-12-11 23:12 . 2014-12-11 23:12 1120752 ----a-w- c:\windows\boinc.scr
    2014-12-11 17:47 . 2015-01-13 22:53 87040 ----a-w- c:\windows\system32\TSWbPrxy.exe
    2014-12-09 02:24 . 2014-12-09 02:24 260888 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
    2014-12-06 04:17 . 2015-01-13 22:53 303616 ----a-w- c:\windows\system32\nlasvc.dll
    2014-12-06 03:50 . 2015-01-13 22:53 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
    2014-12-06 03:50 . 2015-01-13 22:53 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1C52FA7C-51B7-4621-9D5A-11101BA13134}]
    2015-02-12 23:18 973000 ----a-w- c:\program files (x86)\Invincea\Enterprise\InvRedirHostIE.dll
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2014-04-02 389120]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
    "ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
    "AnyDVD"="c:\program files (x86)\SlySoft\AnyDVD\AnyDVD.exe" [2015-02-19 109480]
    "GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2015-01-28 688984]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-04-10 292848]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-04-02 767200]
    "Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2014-12-03 3498728]
    "WD Quick View"="c:\program files (x86)\Western Digital\WD Quick View\WDDMStatus.exe" [2014-07-22 5562736]
    "NetSetMan"="c:\program files (x86)\NetSetMan\netsetman.exe" [2014-06-03 5414056]
    "PaperPort PTD"="c:\program files (x86)\Nuance\PaperPort\pptd40nt.exe" [2013-04-19 36168]
    "IndexSearch"="c:\program files (x86)\Nuance\PaperPort\IndexSearch.exe" [2013-04-19 18248]
    "PDF7 Registry Controller"="c:\program files (x86)\Nuance\PDF Professional 7\RegistryController.exe" [2012-02-17 141160]
    "PDFProHook"="c:\program files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe" [2012-02-17 641384]
    "OmniPage Preload"="c:\program files (x86)\Nuance\OmniPage18\OmniPage18.exe" [2012-02-24 1893224]
    "AVG_UI"="c:\program files (x86)\AVG\AVG2015\avgui.exe" [2014-12-18 3667472]
    "P-215II CaptureOnTouch"="c:\program files (x86)\Canon Electronics\P215II\TouchDR.exe" [2014-03-30 2251056]
    "PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2010-01-07 140520]
    .
    c:\users\Henry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OpenOffice 4.1.1.lnk - c:\program files (x86)\OpenOffice 4\program\quickstart.exe [2014-7-29 117248]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Network Server.lnk - c:\program files (x86)\WIBUKEY\Server\WkSvMgr.exe [2014-11-7 3768320]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Notification Packages REG_MULTI_SZ DPPassFilter scecli
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"
    .
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R3 cpuz134;cpuz134;c:\users\Henry\AppData\Local\Temp\cpuz134\cpuz134_x64.sys;c:\users\Henry\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [x]
    R3 Dell.CommandPowerManager.Service;Dell.CommandPowerManager.Service;c:\windows\SysWOW64\dllhost.exe;c:\windows\SysWOW64\dllhost.exe [x]
    R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
    R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
    R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
    R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
    R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
    R3 iumsvc;Intel(R) Update Manager;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [x]
    R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
    R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys;c:\windows\SYSNATIVE\DRIVERS\netvsc60.sys [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys;c:\windows\SYSNATIVE\DRIVERS\VMBusVideoM.sys [x]
    R3 TGBVPNVirtM;TheGreenBow Virtual Miniport;c:\windows\system32\DRIVERS\TGBVPNVirtM.sys;c:\windows\SYSNATIVE\DRIVERS\TGBVPNVirtM.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
    R3 Wibukey2_64;Wibukey2_64;c:\windows\system32\drivers\wibukey2_64.sys;c:\windows\SYSNATIVE\drivers\wibukey2_64.sys [x]
    R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
    R4 DellDataVault;Dell Data Vault;c:\program files\Dell\DellDataVault\DellDataVault.exe ;c:\program files\Dell\DellDataVault\DellDataVault.exe [x]
    R4 DellDataVaultWiz;Dell Data Vault Wizard;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe;c:\program files\Dell\DellDataVault\DellDataVaultWiz.exe [x]
    S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
    S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
    S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
    S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
    S0 CredFltL;Dell SED PBA Filter;c:\windows\system32\DRIVERS\CredFltL.sys;c:\windows\SYSNATIVE\DRIVERS\CredFltL.sys [x]
    S0 DLACDBHE;DLACDBHE;c:\windows\System32\Drivers\DLACDBHE.SYS;c:\windows\SYSNATIVE\Drivers\DLACDBHE.SYS [x]
    S0 DRVECDB;DRVECDB;c:\windows\System32\Drivers\DRVECDB.SYS;c:\windows\SYSNATIVE\Drivers\DRVECDB.SYS [x]
    S0 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
    S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
    S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
    S0 SEDFilter;Dell SED PBA Enhancement;c:\windows\system32\DRIVERS\SEDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\SEDFilter.sys [x]
    S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys;c:\windows\SYSNATIVE\DRIVERS\stdcfltn.sys [x]
    S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
    S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
    S1 DLARTL_E;DLARTL_E;c:\windows\system32\Drivers\DLARTL_E.SYS;c:\windows\SYSNATIVE\Drivers\DLARTL_E.SYS [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
    S2 ApHidMonitorService;Alps HID Monitor Service;c:\program files\DellTPad\HidMonitorSvc.exe;c:\program files\DellTPad\HidMonitorSvc.exe [x]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]
    S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
    S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
    S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
    S2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [x]
    S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [x]
    S2 Dell Foundation Services;Dell Foundation Services;c:\program files\Dell\Dell Foundation Services\DFSSvc.exe;c:\program files\Dell\Dell Foundation Services\DFSSvc.exe [x]
    S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
    S2 DellMgmtAgent;Dell Management Agent Service;c:\program files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe;c:\program files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe [x]
    S2 DellMgmtLoader;Dell Security Framework Loader;c:\program files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe;c:\program files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe [x]
    S2 DellMgmtServer;DELL Security Framework Local Server;c:\program files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe;c:\program files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe [x]
    S2 DLABMFSE;DLABMFSE;c:\windows\system32\Drivers\DLABMFSE.SYS;c:\windows\SYSNATIVE\Drivers\DLABMFSE.SYS [x]
    S2 DLABOIOE;DLABOIOE;c:\windows\system32\Drivers\DLABOIOE.SYS;c:\windows\SYSNATIVE\Drivers\DLABOIOE.SYS [x]
    S2 DLADResE;DLADResE;c:\windows\system32\Drivers\DLADResE.SYS;c:\windows\SYSNATIVE\Drivers\DLADResE.SYS [x]
    S2 DLAIFS_E;DLAIFS_E;c:\windows\system32\Drivers\DLAIFS_E.SYS;c:\windows\SYSNATIVE\Drivers\DLAIFS_E.SYS [x]
    S2 DLAOPIOE;DLAOPIOE;c:\windows\system32\Drivers\DLAOPIOE.SYS;c:\windows\SYSNATIVE\Drivers\DLAOPIOE.SYS [x]
    S2 DLAPoolE;DLAPoolE;c:\windows\system32\Drivers\DLAPoolE.SYS;c:\windows\SYSNATIVE\Drivers\DLAPoolE.SYS [x]
    S2 DLAUDF_E;DLAUDF_E;c:\windows\system32\Drivers\DLAUDF_E.SYS;c:\windows\SYSNATIVE\Drivers\DLAUDF_E.SYS [x]
    S2 DLAUDFAE;DLAUDFAE;c:\windows\system32\Drivers\DLAUDFAE.SYS;c:\windows\SYSNATIVE\Drivers\DLAUDFAE.SYS [x]
    S2 DRVEDDM;DRVEDDM;c:\windows\system32\Drivers\DRVEDDM.SYS;c:\windows\SYSNATIVE\Drivers\DRVEDDM.SYS [x]
    S2 Emc.Captiva.WebCaptureService;EMC Captiva Cloud Service;c:\program files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe;c:\program files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe [x]
    S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
    S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
    S2 iBtSiva;Intel Bluetooth Service;c:\program files (x86)\Intel\Bluetooth\ibtsiva.exe;c:\program files (x86)\Intel\Bluetooth\ibtsiva.exe [x]
    S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
    S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
    S2 InvProtectSvc;Invincea Enterprise Service;c:\program files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe;c:\program files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe [x]
    S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
    S2 nsmService;NSM Service;c:\program files (x86)\NetSetMan\nsmservice.exe;c:\program files (x86)\NetSetMan\nsmservice.exe [x]
    S2 PDFProFiltSrv;PDFProFiltSrv;c:\program files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe;c:\program files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe [x]
    S2 PDFProFiltSrvPP;PDFProFiltSrvPP;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe;c:\program files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [x]
    S2 poaService;Dell PPO Service;c:\program files\Dell\PPO\poaService.exe;c:\program files\Dell\PPO\poaService.exe [x]
    S2 PoaSMSrv;Dell PPO System Maintenance Service;c:\program files\Dell\PPO\poaSmSrv.exe;c:\program files\Dell\PPO\poaSmSrv.exe [x]
    S2 poaTaServ;Dell PPO Track & Analyze Service;c:\program files\Dell\PPO\poaTaServ.exe;c:\program files\Dell\PPO\poaTaServ.exe [x]
    S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
    S2 RWAR3HV_0002_0;RWAR3HV_0002_0;c:\program files\Visioneer\RWAR3\RWAR3HV_0002_0.EXE;c:\program files\Visioneer\RWAR3\RWAR3HV_0002_0.EXE [x]
    S2 RWAR3Monitor;RWAR3Monitor;c:\program files\Visioneer\RWAR3\RWAR3Monitor.exe;c:\program files\Visioneer\RWAR3\RWAR3Monitor.exe [x]
    S2 SboxSvc;SboxSvc;c:\program files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe;c:\program files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe [x]
    S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell Backup and Recovery\SftService.exe;c:\program files (x86)\Dell Backup and Recovery\SftService.exe [x]
    S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
    S2 TgbIke Starter;TgbIke Starter;c:\windows\SysWOW64\TgbStarter.exe;c:\windows\SysWOW64\TgbStarter.exe [x]
    S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [x]
    S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [x]
    S2 WindowsVNT_R3;Windows Virtual Network (WVN3);c:\program files (x86)\Windows Network Accelerater\v3\winvxm.exe;c:\program files (x86)\Windows Network Accelerater\v3\winvxm.exe [x]
    S2 YouTubeDownload_A3;YouTube Downloader Services (A3);c:\program files (x86)\YouTube-Downloader\A3\youtubeserv.exe;c:\program files (x86)\YouTube-Downloader\A3\youtubeserv.exe [x]
    S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
    S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
    S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
    S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys;c:\windows\SYSNATIVE\Drivers\cvusbdrv.sys [x]
    S3 DDDriver;DDDriver;c:\windows\system32\drivers\DDDriver64Dcsa.sys;c:\windows\SYSNATIVE\drivers\DDDriver64Dcsa.sys [x]
    S3 DellProf;DellProf;c:\windows\system32\drivers\DellProf.sys;c:\windows\SYSNATIVE\drivers\DellProf.sys [x]
    S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
    S3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
    S3 InvProtectDrv;InvProtectDrv;c:\program files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys;c:\program files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys [x]
    S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
    S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
    S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
    S3 O2FJ2RDR;O2FJ2RDR;c:\windows\system32\DRIVERS\O2FJ2w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\O2FJ2w7x64.sys [x]
    S3 POADrvr;POADrvr;c:\windows\system32\drivers\POADrvr.sys;c:\windows\SYSNATIVE\drivers\POADrvr.sys [x]
    S3 SboxDrv;SboxDrv;c:\program files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys;c:\program files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys [x]
    S3 ST_ACCEL;STMicroelectronics Accelerometer Service;c:\windows\system32\DRIVERS\ST_Accel.sys;c:\windows\SYSNATIVE\DRIVERS\ST_Accel.sys [x]
    S3 TGBMPEnum;TheGreenBow VPN Miniport Enumerator;c:\windows\system32\DRIVERS\TGBMPEnum.sys;c:\windows\SYSNATIVE\DRIVERS\TGBMPEnum.sys [x]
    S3 usb3Hub;UoIP Hub;c:\windows\system32\DRIVERS\usb3Hub.sys;c:\windows\SYSNATIVE\DRIVERS\usb3Hub.sys [x]
    S3 wbfcvusbdrv;WBF Control Vault;c:\windows\system32\Drivers\wbfcvusbdrv.sys;c:\windows\SYSNATIVE\Drivers\wbfcvusbdrv.sys [x]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *NewlyCreated* - NAL
    *Deregistered* - NAL
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2015-02-25 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-26 17:28]
    .
    2015-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15 18:03]
    .
    2015-02-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-15 18:03]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1C52FA7C-51B7-4621-9D5A-11101BA13134}]
    2015-02-12 23:19 1179336 ----a-w- c:\program files (x86)\Invincea\Enterprise\X64\InvRedirHostIE64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DBARFileBackuped]
    @="{831cebdd-6baf-4432-be76-9e0989c14aef}"
    [HKEY_CLASSES_ROOT\CLSID\{831cebdd-6baf-4432-be76-9e0989c14aef}]
    2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DBARFileNotBackuped]
    @="{275e4fd7-21ef-45cf-a836-832e5d2cc1b3}"
    [HKEY_CLASSES_ROOT\CLSID\{275e4fd7-21ef-45cf-a836-832e5d2cc1b3}]
    2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Apoint"="c:\program files\DellTPad\Apoint.exe" [2014-03-13 727896]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-01-18 7510232]
    "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2014-01-14 1374936]
    "WavesSvc"="c:\program files\Realtek\Audio\HDA\WavesSvc64.exe" [2013-12-31 285272]
    "RtHDVBg_PushButton"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2014-01-14 1374936]
    "DellPoaEvents"="c:\program files\Dell\PPO\DellPoaEvents.exe" [2014-08-15 396496]
    "BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2014-03-26 7825720]
    "IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2014-05-28 36352]
    "IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2014-05-30 4876528]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-28 558496]
    "CSFTrayApp"="c:\program files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe" [2014-09-11 232288]
    "InvProtect"="c:\program files (x86)\Invincea\Enterprise\X64\InvProtect64.exe" [2015-02-12 6779592]
    "CANON P-215II SVC"="P215IISvc.dll" [2014-01-29 132608]
    "boinctray"="c:\program files\BOINC\boinctray.exe" [2014-12-11 67056]
    "boincmgr"="c:\program files\BOINC\boincmgr.exe" [2014-12-11 9639920]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = www.excite.com
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: Open with Nuance PDF Converter 7 - c:\program files (x86)\Nuance\PDF Professional 7\cnvres_eng.dll /100
    Trusted Zone: dell.com
    Trusted Zone: samsungsetup.com\www
    TCP: DhcpNameServer = 208.67.222.222 208.67.222.220 192.168.0.1
    FF - ProfilePath - c:\users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\zle9j8xn.default-1419567438668\
    FF - prefs.js: browser.startup.homepage - www.excite.com
    FF - prefs.js: network.proxy.type - 0
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-Locked - (no file)
    Wow6432Node-HKCU-Run-DellSystemDetect - c:\users\Henry\AppData\Local\Apps\2.0\NAYH0GJE.AQP\Z389LM6C.22Q\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    Toolbar-Locked - (no file)
    .
    .
    .
    Completion time: 2015-02-25 09:12:45
    ComboFix-quarantined-files.txt 2015-02-25 14:12
    .
    Pre-Run: 662,444,105,728 bytes free
    Post-Run: 667,668,533,248 bytes free
    .
    - - End Of File - - C1B5AAC5F518523202D0D45AE314A997
    5C616939100B85E558DA92B899A0FC36

  2. #22
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Good deal.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #23
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    I ran ComboFix, but the problem remains. Now I have two invisible Internet Explorer applications running instead of just one, and they are both pointing to the same web page. What was happening before, was that the single application would change web pages about once every second or so.
    Attached Images Attached Images

  4. #24
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Not sure why but it makes me think it's coming from FlashPlayer?

    Delete cache and other browser data in Chrome
    • Select Tools.
    • Select Clear browsing data.
    • In the dialogue that appears, select the highlighted check-boxes for the types of information that you want to remove.
    • Clear browsing history
    • Clear download history
    • Empty the cache
    • Delete cookies and other site and plug-in data
    • Clear saved passwords
    • Clear saved Auto-fill form data
    • Clear data from hosted apps
    • De-authorize content licenses
    • Use the menu at the top to select the amount of data that you want to delete. Select beginning of time to delete everything.
    • Click Clear browsing data.

    =========================

    ~~~

    Flush the FireFox Cache
    (these directions are specific to Firefox 19, if you have a different version the exact steps might be slightly different)
    • In Firefox, Options
    • Select Options
    • Select Privacy tab
    • Find the section that reads: You might want to clear your recent history or remove individual cookies
    • Select clear your recent history
    • Click the Details drop-down arrow
    • Make sure a check mark is placed in the following boxes:
    • Cookies
    • Cache
    • Next select the Time Range to Clear drop-down menu
    • Select Everything (this will only delete all the cookies and cache, and will save the other items not selected)
    • Click Clear Now

    =========================


    Clear Browser Cache in IE11
    • Close all Internet Explorer and Windows Explorer windows that are currently open.
    • Open Internet Explorer.
    • Click the Tools button , and then select theGeneral tab, then select Browsing history select the Delete button.
    • Select the check box next to each of the following categories.
    • Temporary Internet files and website files
    • Cookies and website data
    • History
    • Click Delete


    Please Download Flash Cookie Killer by Bobbie Flekman and save it to your Desktop

    ==========

    Warning

    Steps (1-3) will delete all existing highscores and game settings for flash games. Steps (4-8) might prevent the ability to save highscores in some games all together.

    ==========

    1. Double click


      from your desktop
    2. Check "Everything but Adobe Site Settings"
    3. Mouse click "Make it so!"


    4. Now go to the Adobe Flash Player Settings Manager
    5. In the "Website Storage Settings" choose the "Delete All Sites" tab then "Confirm"


    6. Next in the "Global Storage Settings" uncheck "Allow third-party Flash content to store on your computer"


    7. Finally in the "Global Privacy Settings" choose "Always Deny" then "Confirm"

    8. You have now successfully deleted cookies stored and changed the Flash Players default settings to prevent access in the future.


    ~~~~~~~~~~~~~~~~~~~~`

    Download OTM by OldTimer Here & save it to your desktop.
    • Double click on OTM.exe to run it
    • Copy & paste the contents inside the Code box below beginning with :Files into --->> Paste Instructions for Items to be Moved

    Note: Do not type it out to minimize the risk of typo error
    Code:
    :Commands
    [emptytemp]
    [EMPTYFLASH]
    [Reboot]
    • Click on MoveIt!
    • When done, click on Exit

    Note: If a file or folder can't be moved immediately, you may be asked to restart your computer. Choose Yes.
    A log will be produced at C:\_OTM\MovedFiles\date_time.log, where date_time are numbers. Post this log in your next reply.

    ~~~~~~~~~~~
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  5. #25
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    I was checking on this problem other places, and found some interesting information. Other people with this particular problem have made the observation that the rogue Iexplore processes only happen when connected to the internet via wireless (WiFi only, not when hard-wired). I checked this on my computer, and verified that yes, that is the case.

    On a BleepingComputer forum, the problem has been identified. Here's the URL that I found, and the message from the thread:


    http://www.bleepingcomputer.com/foru...exe-processes/


    Posted 10 June 2014 - 06:18 PM
    Hi Machiavelli,
    I was not expecting a response so soon. But thank you very much.

    Before reading your reply, and expecting a 5 day wait, I started investigating other cases that seemed similar to mine. This is contrary to what your response asked me to do, so I apologize for that. However, I believe that things have turned out fairly well.

    After reading about rootkits and how they pose a special difficulty for malware removal, I noticed that I had not checked off "rootkit protection" when I ran the malwarebytes anti-malware program using the default settings. I don't seem to have a good copy of the malwarebytes log file but its report mentioned two instances of "forged physical sector" occurring on Drive 0, sector 1 and 211.

    As I mentioned previously, the infected computer only displayed symptoms (multiple high-impact iexplorer.exe tasks) when connected to the internet. I ran this scan with the computer off the network and stayed off while I ran the Kaspersky TDSSKILLER program, again looking for rootkits.

    In addition to three unsigned file messages that were listed as PUP, TDSSKiller reported the detection of Rootkit.Boot.Cidox which it later "cured". Here is the excerpt:

    09:55:15.0059 0x17a4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB,

    63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows

    \system32\services.exe
    09:55:15.0069 0x17a4 [ Global ] - ok
    09:55:15.0069 0x17a4 ================ Scan MBR ==================================
    09:55:15.0079 0x17a4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    09:55:15.0639 0x17a4 \Device\Harddisk0\DR0 - ok
    09:55:15.0639 0x17a4 ================ Scan VBR ==================================
    09:55:15.0649 0x17a4 [ AC3F64BF335A44CC7222D4C2A19002D0 ] \Device\Harddisk0\DR0\Partition1
    09:55:15.0649 0x17a4 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
    09:55:15.0649 0x17a4 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
    09:55:15.0659 0x17a4 [ 043101663774E869C1BCB9508EDD43F1 ] \Device\Harddisk0\DR0\Partition2
    09:55:15.0669 0x17a4 \Device\Harddisk0\DR0\Partition2 - ok
    09:55:15.0669 0x17a4 [ 1D1077A86F92C7F9AA9635B3BBE17D3A ] \Device\Harddisk0\DR0\Partition3
    09:55:15.0679 0x17a4 \Device\Harddisk0\DR0\Partition3 - ok
    09:55:15.0709 0x17a4 [ EE5049425E0028B6FBA80D41E309EDC0 ] \Device\Harddisk0\DR0\Partition4
    09:55:15.0709 0x17a4 \Device\Harddisk0\DR0\Partition4 - ok


    After TDSSKILLER finished, I rebooted the system. Only then did I dare try connecting to the network to see if the symptoms (iexplorer.exe processes) would return. 10 hours later, they still have not, so I am feeling fairly confident of having stumbled into a fix.

    Based on this, I will withdraw my request for help and ask that this case be closed. Thank you very much, though, for the help. It was only after learning that there was a 5 day backlog that I started reading up on rootkits and I chose to try TDSSKILLER after reading about a case similar to mine where it had worked.


    I am not the person who normally uses this laptop and it is not clear how this situation arose in the first place. However, I believe they received a flurry of frightening messages that may have caused them to click "OK" a few times when they should not have.

    Regards and thanks for this great collection of information.

    mwamateur

  6. #26
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    I was checking on this problem other places, and found some interesting information. Other people with this particular problem have made the observation that the rogue Iexplore processes only happen when connected to the internet via wireless (WiFi only, not when hard-wired). I checked this on my computer, and verified that yes, that is the case.
    OK, let me see if I understand.

    You have no extra IE processes if your not connected to WiFi?
    I was checking for background services that might use IE to do what they call "call home"

    ~~~~
    We can have you run TDSSKiller too.

    Download the latest version of TDSSKiller from here and save it to your Desktop.

    • Doubleclick on TDSSKiller.exe to run the application

    • Then click on Change parameters.


    • Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system and Use KSN to scan objects , then click OK.
    • Click the Start Scan button.

    • If a suspicious object is detected, the default action will be Skip, click on Continue.


    • If malicious objects are found, they will show in the Scan results and offer three (3) options.
    • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    • Get the report by selecting Reports


    • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


    Please copy and paste its contents on your next reply.



    A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  7. #27
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    Quote Originally Posted by Juliet View Post
    OK, let me see if I understand.

    You have no extra IE processes if your not connected to WiFi?

    Well.... that's what it acted like, until I just got it with WiFi shut off and on a hard line connection. I thought I had located a good clue as to the source of the problem, but it's not acting that way now. Maybe a variant of what the other person had???

    Do you still want me to run TDSSKiller, or should I hold on that?

  8. #28
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    I Ran TDSSKiller. The only thing it found was a driver for a portable page scanner that I returned (Visioneer Road Warrior 3). Here's the log file:

    21:45:18.0535 0x2ff8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
    21:45:43.0800 0x2ff8 ============================================================
    21:45:43.0800 0x2ff8 Current date / time: 2015/02/25 21:45:43.0800
    21:45:43.0800 0x2ff8 SystemInfo:
    21:45:43.0800 0x2ff8
    21:45:43.0800 0x2ff8 OS Version: 6.1.7601 ServicePack: 1.0
    21:45:43.0800 0x2ff8 Product type: Workstation
    21:45:43.0801 0x2ff8 ComputerName: ELSERVICE13
    21:45:43.0801 0x2ff8 UserName: Henry
    21:45:43.0801 0x2ff8 Windows directory: C:\Windows
    21:45:43.0801 0x2ff8 System windows directory: C:\Windows
    21:45:43.0801 0x2ff8 Running under WOW64
    21:45:43.0801 0x2ff8 Processor architecture: Intel x64
    21:45:43.0801 0x2ff8 Number of processors: 8
    21:45:43.0801 0x2ff8 Page size: 0x1000
    21:45:43.0801 0x2ff8 Boot type: Normal boot
    21:45:43.0801 0x2ff8 ============================================================
    21:45:50.0193 0x2ff8 KLMD registered as C:\Windows\system32\drivers\53617272.sys
    21:45:50.0517 0x2ff8 System UUID: {95FE5133-F7DA-3D54-FF6A-4340E6870587}
    21:45:51.0052 0x2ff8 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    21:45:51.0070 0x2ff8 ============================================================
    21:45:51.0070 0x2ff8 \Device\Harddisk0\DR0:
    21:45:51.0070 0x2ff8 MBR partitions:
    21:45:51.0070 0x2ff8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1777000
    21:45:51.0070 0x2ff8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x178B000, BlocksNum 0x72F7B000
    21:45:51.0070 0x2ff8 ============================================================
    21:45:51.0116 0x2ff8 C: <-> \Device\Harddisk0\DR0\Partition2
    21:45:51.0117 0x2ff8 ============================================================
    21:45:51.0117 0x2ff8 Initialize success
    21:45:51.0117 0x2ff8 ============================================================
    21:46:03.0129 0x2d38 ============================================================
    21:46:03.0129 0x2d38 Scan started
    21:46:03.0129 0x2d38 Mode: Manual; SigCheck; TDLFS;
    21:46:03.0129 0x2d38 ============================================================
    21:46:03.0129 0x2d38 KSN ping started
    21:46:05.0840 0x2d38 KSN ping finished: true
    21:46:07.0843 0x2d38 ================ Scan system memory ========================
    21:46:07.0843 0x2d38 System memory - ok
    21:46:07.0844 0x2d38 ================ Scan services =============================
    21:46:08.0342 0x2d38 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
    21:46:08.0477 0x2d38 1394ohci - ok
    21:46:08.0500 0x2d38 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
    21:46:08.0519 0x2d38 ACPI - ok
    21:46:08.0526 0x2d38 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
    21:46:08.0591 0x2d38 AcpiPmi - ok
    21:46:08.0694 0x2d38 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    21:46:08.0707 0x2d38 AdobeARMservice - ok
    21:46:09.0192 0x2d38 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    21:46:09.0207 0x2d38 AdobeFlashPlayerUpdateSvc - ok
    21:46:09.0268 0x2d38 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
    21:46:09.0290 0x2d38 adp94xx - ok
    21:46:09.0308 0x2d38 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
    21:46:09.0326 0x2d38 adpahci - ok
    21:46:09.0337 0x2d38 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
    21:46:09.0359 0x2d38 adpu320 - ok
    21:46:09.0379 0x2d38 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
    21:46:09.0489 0x2d38 AeLookupSvc - ok
    21:46:09.0545 0x2d38 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
    21:46:09.0586 0x2d38 AFD - ok
    21:46:09.0592 0x2d38 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
    21:46:09.0608 0x2d38 agp440 - ok
    21:46:09.0619 0x2d38 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
    21:46:09.0648 0x2d38 ALG - ok
    21:46:09.0692 0x2d38 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
    21:46:09.0706 0x2d38 aliide - ok
    21:46:09.0735 0x2d38 [ 7FE5CA98F71699F728972AA8BA03EC22, 6C9A122281C66F657887712E0AC2BD8263B46A45ECF972DAFE080B77E24C96C1 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    21:46:09.0791 0x2d38 AMD External Events Utility - ok
    21:46:09.0804 0x2d38 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
    21:46:09.0818 0x2d38 amdide - ok
    21:46:09.0862 0x2d38 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
    21:46:09.0888 0x2d38 AmdK8 - ok
    21:46:10.0476 0x2d38 [ 83508FB41256A868CECEB9A35E767DE8, 6B2254B139643DB8D6BBBCF25E6D9BDDDB68417346D6F7583FF8203182702D3F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
    21:46:10.0985 0x2d38 amdkmdag - ok
    21:46:11.0045 0x2d38 [ B8AE73945B29A4B8ABCADCB20C36EFBA, 65FCE35D6F6081B1AEC41DC38AC215582942F6849DEE3B5EEF517DEAF99BDA32 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
    21:46:11.0076 0x2d38 amdkmdap - ok
    21:46:11.0087 0x2d38 [ EF4680F07516F6D61F6E0BA1D34B3A3A, C367B323B26CF56AA6260E41129AE5F2DC97CFD0A9D984D9D5C051BE61ACD247 ] amdkmpfd C:\Windows\system32\DRIVERS\amdkmpfd.sys
    21:46:11.0101 0x2d38 amdkmpfd - ok
    21:46:11.0105 0x2d38 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
    21:46:11.0119 0x2d38 AmdPPM - ok
    21:46:11.0125 0x2d38 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
    21:46:11.0139 0x2d38 amdsata - ok
    21:46:11.0147 0x2d38 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
    21:46:11.0164 0x2d38 amdsbs - ok
    21:46:11.0179 0x2d38 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
    21:46:11.0191 0x2d38 amdxata - ok
    21:46:11.0239 0x2d38 [ 4D8EBB1749651A5BAF59EB89878B2EE4, EE1DE79F078D60978219EEECB29520D6BC035D69A3D5C86C232BA1B92F55577D ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
    21:46:11.0252 0x2d38 AnyDVD - ok
    21:46:11.0382 0x2d38 [ 02C7FFB7791AC5B0A2A5EBA5E01F18CA, FE07FC0417F7BC7A5F36A14FC717C17EA12236C400D51A0B3165CF604AEFFFBF ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
    21:46:11.0404 0x2d38 ApfiltrService - ok
    21:46:11.0466 0x2d38 [ 39E327BC1E1FB314E1C3960B68A25DF5, 1C508FB786C7CC16A8C90312EC184A137D3C54B1E9AD3D8D072E40D2AFCF1C24 ] ApHidMonitorService C:\Program Files\DellTPad\HidMonitorSvc.exe
    21:46:11.0475 0x2d38 ApHidMonitorService - ok
    21:46:11.0482 0x2d38 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
    21:46:12.0057 0x2d38 AppID - ok
    21:46:12.0074 0x2d38 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
    21:46:12.0119 0x2d38 AppIDSvc - ok
    21:46:12.0159 0x2d38 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
    21:46:12.0184 0x2d38 Appinfo - ok
    21:46:12.0251 0x2d38 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
    21:46:12.0281 0x2d38 AppMgmt - ok
    21:46:12.0293 0x2d38 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
    21:46:12.0309 0x2d38 arc - ok
    21:46:12.0316 0x2d38 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
    21:46:12.0333 0x2d38 arcsas - ok
    21:46:12.0395 0x2d38 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    21:46:12.0414 0x2d38 aspnet_state - ok
    21:46:12.0433 0x2d38 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
    21:46:12.0484 0x2d38 AsyncMac - ok
    21:46:12.0508 0x2d38 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
    21:46:12.0522 0x2d38 atapi - ok
    21:46:12.0582 0x2d38 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    21:46:12.0639 0x2d38 AudioEndpointBuilder - ok
    21:46:12.0666 0x2d38 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
    21:46:12.0704 0x2d38 AudioSrv - ok
    21:46:12.0727 0x2d38 [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
    21:46:12.0744 0x2d38 Avgdiska - ok
    21:46:12.0938 0x2d38 [ 225B28E9303D375314C744AE181DF95F, 6BC8F19F6B4D901661022CD8F4EA90A8F1895B6B3BD1225B3708E2CBDCAB8D50 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
    21:46:13.0080 0x2d38 AVGIDSAgent - ok
    21:46:13.0185 0x2d38 [ A3124AC9C0AF30ABD000A7CB5779C101, 1719EE6986FC29EE4EA383B2DAF4CAF9C1E70A1F547F75F8D51EDA027D3E5236 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
    21:46:13.0211 0x2d38 AVGIDSDriver - ok
    21:46:13.0268 0x2d38 [ 68070AEEE757ACC6EC5BC291B1E8EA1A, 8A4902CE6F4696F33CD6CF98F96FDA7895B99A676916F3137CF34192AF3C25A4 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
    21:46:13.0295 0x2d38 AVGIDSHA - ok
    21:46:13.0330 0x2d38 [ 7C9E8FD2BFCE60BDF9B5944C0BE47C87, 0F51507BAECDEF7B6F553066621A03832FF070EC6837A8E304AABA1227F779BF ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
    21:46:13.0363 0x2d38 Avgldx64 - ok
    21:46:13.0419 0x2d38 [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
    21:46:13.0451 0x2d38 Avgloga - ok
    21:46:13.0504 0x2d38 [ B4D589C734D796B5B76E0A0E5DA50397, CACAB2C0D01583CEB55C62334A4E9BB46A2E399BE9B7EDC988AEC785DF1FCC1C ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
    21:46:13.0524 0x2d38 Avgmfx64 - ok
    21:46:13.0570 0x2d38 [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
    21:46:13.0587 0x2d38 Avgrkx64 - ok
    21:46:13.0611 0x2d38 [ 0BB7ECAC81554D83A66A0B9F961BB9D0, BBCE86FE8980E06F5A92E8636D6D3F2FD7B6EF7DB999BBEB0E68A5FCB220EDC9 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
    21:46:13.0639 0x2d38 Avgtdia - ok
    21:46:13.0660 0x2d38 [ 2B38C7E964FA19A298D04CA177FF8B6F, B233B6AD03217AD72A8F4253FDCF182E6007B5D28178F38BDCACBC16BD69D0CB ] avgwd C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    21:46:13.0690 0x2d38 avgwd - ok
    21:46:13.0782 0x2d38 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
    21:46:13.0832 0x2d38 AxInstSV - ok
    21:46:13.0869 0x2d38 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
    21:46:13.0896 0x2d38 b06bdrv - ok
    21:46:13.0919 0x2d38 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
    21:46:13.0976 0x2d38 b57nd60a - ok
    21:46:14.0020 0x2d38 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
    21:46:14.0050 0x2d38 BDESVC - ok
    21:46:14.0063 0x2d38 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
    21:46:14.0101 0x2d38 Beep - ok
    21:46:14.0145 0x2d38 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
    21:46:14.0187 0x2d38 BFE - ok
    21:46:14.0256 0x2d38 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
    21:46:14.0342 0x2d38 BITS - ok
    21:46:14.0348 0x2d38 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
    21:46:14.0363 0x2d38 blbdrive - ok
    21:46:14.0479 0x2d38 [ FEFF60CA0FBC86A043495FA79581CEA9, E8C4762AB9168C59DE6BABF6CEF5D02918D79F255FA86E7EA4324384C91733D0 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
    21:46:14.0514 0x2d38 Bluetooth Device Monitor - ok
    21:46:14.0648 0x2d38 [ F6234C4C494D411DEE452483C866EFC8, 9F12A93D9DDF2D436900447B64855549866B8E895128B1A9BE9717ED77F722F7 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
    21:46:14.0694 0x2d38 Bluetooth Media Service - ok
    21:46:14.0749 0x2d38 [ 075D93A7094E1BCBDE3A2D8EBA803745, 9E141EB26358D5B526D30A224DBF4EBE00EFAA19A78A22881AAF5E51C20DBED6 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
    21:46:14.0784 0x2d38 Bluetooth OBEX Service - ok
    21:46:14.0828 0x2d38 [ 5AB58C337AC65837FE404462AD6265AB, F7E145F5D8DB1017D5B7B9D5380100F170FE5CC2050B5F7346A521B7B72D2166 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    21:46:14.0851 0x2d38 Bonjour Service - ok
    21:46:14.0867 0x2d38 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
    21:46:14.0897 0x2d38 bowser - ok
    21:46:14.0905 0x2d38 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
    21:46:14.0923 0x2d38 BrFiltLo - ok
    21:46:14.0930 0x2d38 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
    21:46:14.0950 0x2d38 BrFiltUp - ok
    21:46:14.0973 0x2d38 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
    21:46:15.0055 0x2d38 BridgeMP - ok
    21:46:15.0118 0x2d38 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
    21:46:15.0178 0x2d38 Browser - ok
    21:46:15.0214 0x2d38 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
    21:46:15.0243 0x2d38 Brserid - ok
    21:46:15.0260 0x2d38 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
    21:46:15.0281 0x2d38 BrSerWdm - ok
    21:46:15.0300 0x2d38 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
    21:46:15.0337 0x2d38 BrUsbMdm - ok
    21:46:15.0342 0x2d38 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
    21:46:15.0366 0x2d38 BrUsbSer - ok
    21:46:15.0384 0x2d38 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
    21:46:15.0413 0x2d38 BthEnum - ok
    21:46:15.0428 0x2d38 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
    21:46:15.0452 0x2d38 BTHMODEM - ok
    21:46:15.0466 0x2d38 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
    21:46:15.0523 0x2d38 BthPan - ok
    21:46:15.0583 0x2d38 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
    21:46:15.0618 0x2d38 BTHPORT - ok
    21:46:15.0686 0x2d38 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
    21:46:15.0738 0x2d38 bthserv - ok
    21:46:15.0753 0x2d38 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
    21:46:15.0772 0x2d38 BTHUSB - ok
    21:46:15.0797 0x2d38 [ 4E10213D463B3AC9D003980398A16F01, F04CC0693006E5A8336A358F1E31C239EB3CED5D4487CD1F95F75C43A6BAFEC4 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
    21:46:15.0811 0x2d38 btmaux - ok
    21:46:15.0880 0x2d38 [ C446E06887B7064B204E7778C4A4D192, DB3F26C76D0380FAB4F324D9E0E3DF790B294A1FB9B271004130E50E8F7E69F1 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
    21:46:15.0941 0x2d38 btmhsf - ok
    21:46:15.0995 0x2d38 catchme - ok
    21:46:16.0032 0x2d38 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
    21:46:16.0165 0x2d38 cdfs - ok
    21:46:16.0184 0x2d38 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
    21:46:16.0205 0x2d38 cdrom - ok
    21:46:16.0249 0x2d38 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
    21:46:16.0300 0x2d38 CertPropSvc - ok
    21:46:16.0305 0x2d38 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
    21:46:16.0327 0x2d38 circlass - ok
    21:46:16.0353 0x2d38 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
    21:46:16.0379 0x2d38 CLFS - ok
    21:46:16.0464 0x2d38 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    21:46:16.0482 0x2d38 clr_optimization_v2.0.50727_32 - ok
    21:46:16.0520 0x2d38 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    21:46:16.0551 0x2d38 clr_optimization_v2.0.50727_64 - ok
    21:46:16.0765 0x2d38 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    21:46:16.0780 0x2d38 clr_optimization_v4.0.30319_32 - ok
    21:46:16.0814 0x2d38 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    21:46:16.0828 0x2d38 clr_optimization_v4.0.30319_64 - ok
    21:46:16.0885 0x2d38 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
    21:46:16.0899 0x2d38 CmBatt - ok
    21:46:16.0918 0x2d38 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
    21:46:16.0929 0x2d38 cmdide - ok
    21:46:16.0993 0x2d38 [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys
    21:46:17.0020 0x2d38 CNG - ok
    21:46:17.0040 0x2d38 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
    21:46:17.0051 0x2d38 Compbatt - ok
    21:46:17.0058 0x2d38 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
    21:46:17.0089 0x2d38 CompositeBus - ok
    21:46:17.0092 0x2d38 COMSysApp - ok
    21:46:17.0734 0x2d38 [ 9B91E372C494ED0E2CEC9A6478605A5D, 0B806C84B231A5586DA36180AD1D81E1CDC3CA7585954E139E9535F3DCF2F3E0 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
    21:46:17.0777 0x2d38 cphs - ok
    21:46:17.0868 0x2d38 cpuz134 - ok
    21:46:17.0876 0x2d38 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
    21:46:17.0886 0x2d38 crcdisk - ok
    21:46:17.0991 0x2d38 [ 5A0A034F89061A8336CD54111CC381DB, A8AB4528C006131CD366714EBEC190270A04D625C2F733954F253AFC6A3A605A ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
    21:46:18.0037 0x2d38 Credential Vault Host Control Service - ok
    21:46:18.0051 0x2d38 [ 9B578ED25F4F3E91DD71353F24578D57, 46BFAC2383101718D8A51AF4988308599F60F12C02626A1185B991A3EBC3A54E ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
    21:46:18.0062 0x2d38 Credential Vault Host Storage - ok
    21:46:18.0098 0x2d38 [ C82FFA9188ECB7818449643E55DD7C5D, AE79F9A71BF174DD4F7E823B7849DAB6CE90CEABC994DB924B61E4DBA73CB2D2 ] CredFltL C:\Windows\system32\DRIVERS\CredFltL.sys
    21:46:18.0111 0x2d38 CredFltL - ok
    21:46:18.0140 0x2d38 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
    21:46:18.0182 0x2d38 CryptSvc - ok
    21:46:18.0214 0x2d38 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
    21:46:18.0261 0x2d38 CSC - ok
    21:46:18.0305 0x2d38 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
    21:46:18.0351 0x2d38 CscService - ok
    21:46:18.0358 0x2d38 [ F85BC7EDA17B871BC0898438319787AF, B982063BD4097765953DF277B81E04F7775F27F95DE3DFB5D7D9498594CBD08C ] cvusbdrv C:\Windows\system32\Drivers\cvusbdrv.sys
    21:46:18.0371 0x2d38 cvusbdrv - ok
    21:46:18.0394 0x2d38 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
    21:46:18.0476 0x2d38 DcomLaunch - ok
    21:46:18.0518 0x2d38 [ B56714DED87E29377F1EE930691DADA2, B3C3BC4F546A786A93823C1471D560BF678A9C95237065E3B99B2B80E6C28131 ] DDDriver C:\Windows\system32\drivers\DDDriver64Dcsa.sys
    21:46:18.0530 0x2d38 DDDriver - ok
    21:46:18.0575 0x2d38 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
    21:46:18.0636 0x2d38 defragsvc - ok
    21:46:18.0697 0x2d38 [ AB33E055B5941276B78C754B8A3A7CFA, EEA4AC0964086919207CC3AE7D80F4381BA22CA8E5F3FF460256D77D2086C48E ] Dell Foundation Services C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
    21:46:18.0722 0x2d38 Dell Foundation Services - ok
    21:46:18.0726 0x2d38 Dell.CommandPowerManager.Service - ok
    21:46:18.0852 0x2d38 [ 08A2D0B5E1F4CB9E449DB2FA5A253A66, C40F5EFA617C3EDFEC363F2ABB154093DF565E2F7B52D749D42C29D108C1AC88 ] DellDataVault C:\Program Files\Dell\DellDataVault\DellDataVault.exe
    21:46:19.0003 0x2d38 DellDataVault - ok
    21:46:19.0033 0x2d38 [ ECBC33C3106FDA2B4B2DBFBAC2EA87B7, 9CE15F4899B415556D96239B86D97AF77DB22EFD1CF5F441B7178C2CA85D34D9 ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
    21:46:19.0052 0x2d38 DellDataVaultWiz - ok
    21:46:19.0064 0x2d38 [ EA26A4A4EFF6F5677C8745D274E23913, 32B9CB58B34E23126E18CFB5AA75AEC2EF1D5A8A7ACBCBEF4B3ACCB20FD1B8C4 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    21:46:19.0081 0x2d38 DellDigitalDelivery - ok
    21:46:19.0158 0x2d38 [ 5461CF7CDE4EB6D912721FA73B1B98B1, 43FCDF3D92AACC050B8400867D291191DDC7FA391F30C313FDF918AEAAE2E6B2 ] DellMgmtAgent C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.exe
    21:46:19.0178 0x2d38 DellMgmtAgent - ok
    21:46:19.0183 0x2d38 [ 7E9271E255162E725DB929F1487F5EE7, AB781AF9435EE98D5141E7D57B659465E2CD614ED5EFAAC06CC61FA366D062EC ] DellMgmtLoader C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.Loader.exe
    21:46:19.0194 0x2d38 DellMgmtLoader - ok
    21:46:19.0204 0x2d38 [ 95CFA0A0A4DA659A4B172C0DC8978539, 59FB9997117C534D4645923DBFD06B8FD77A2342921127667893752D5C24ED9F ] DellMgmtServer C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.MgmtServer.exe
    21:46:19.0215 0x2d38 DellMgmtServer - ok
    21:46:19.0226 0x2d38 [ 66C87079CFCB61B650086802693114E0, B1EE411DF69BB98D5D9FA2D88C4C9FE1E4877FD8BBF572C3F444C90576ED0724 ] DellProf C:\Windows\system32\drivers\DellProf.sys
    21:46:19.0239 0x2d38 DellProf - ok
    21:46:19.0259 0x2d38 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
    21:46:19.0324 0x2d38 DfsC - ok
    21:46:19.0378 0x2d38 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
    21:46:19.0416 0x2d38 Dhcp - ok
    21:46:19.0435 0x2d38 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
    21:46:19.0486 0x2d38 discache - ok
    21:46:19.0532 0x2d38 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
    21:46:19.0585 0x2d38 Disk - ok
    21:46:19.0606 0x2d38 [ EA30E307C7597CD63FD80789381AA7EE, 0E9A9A3ECD1263BB70295BE2A2D1D215B22740EC4EECB2EBA0B03B70AED3AB9C ] DLABMFSE C:\Windows\system32\Drivers\DLABMFSE.SYS
    21:46:19.0615 0x2d38 DLABMFSE - ok
    21:46:19.0631 0x2d38 [ 1D393BA0B3E3CD9C104CB38FF72FBE95, EDAD19EBD00511E0CDFE70FCC981A7A6FABFFE167897DEC1444E1EFF6119029A ] DLABOIOE C:\Windows\system32\Drivers\DLABOIOE.SYS
    21:46:19.0640 0x2d38 DLABOIOE - ok
    21:46:19.0657 0x2d38 [ 2575C3CA7C51B9D14A3ABFC622C9E6C7, 1731C33FDAB7424A35F934B98B451427054A0FA779EB1B9160A0E812AEED3F0A ] DLACDBHE C:\Windows\system32\Drivers\DLACDBHE.SYS
    21:46:19.0667 0x2d38 DLACDBHE - ok
    21:46:19.0680 0x2d38 [ 5DDF633063FF1FEE3DC0237080067E4A, D3DAE4931B4EAD2D778D6DBAA30571134DADC185280EF20825C21D53AC13D37C ] DLADResE C:\Windows\system32\Drivers\DLADResE.SYS
    21:46:19.0689 0x2d38 DLADResE - ok
    21:46:19.0702 0x2d38 [ 431F127D564ABADE3AC737B4575C6B9C, 182C7D80A6FC07EABACA7FC0AFC62A64C136D2D7DB11958CAE675BA442B58F91 ] DLAIFS_E C:\Windows\system32\Drivers\DLAIFS_E.SYS
    21:46:19.0713 0x2d38 DLAIFS_E - ok
    21:46:19.0738 0x2d38 [ EC379D9C31DD6597CFDF97DB44C3B370, 7F5A9704FBEB712A5E9A086E20343DA9ED14C1746D79C388CFF84CBA7B6D7754 ] DLAOPIOE C:\Windows\system32\Drivers\DLAOPIOE.SYS
    21:46:19.0748 0x2d38 DLAOPIOE - ok
    21:46:19.0759 0x2d38 [ 4F64A963E4213FC83943B8D6E6C4C5C6, FBCC1B7FAEA93D92477FBED10154A014B3526742ECE2205D524747B2F2E7A4A3 ] DLAPoolE C:\Windows\system32\Drivers\DLAPoolE.SYS
    21:46:19.0767 0x2d38 DLAPoolE - ok
    21:46:19.0775 0x2d38 [ 6D818721DD4A5E86683CC4BC5FD447FB, F65983642986D29700627843E9820DD673045B95044CE7FFE123AAC24D7A17B1 ] DLARTL_E C:\Windows\system32\Drivers\DLARTL_E.SYS
    21:46:19.0784 0x2d38 DLARTL_E - ok
    21:46:19.0791 0x2d38 [ 3ADEF2CF78438F74035F5D1248204124, 69F5B9B1A395407472D717B9729A37C2C7E99AAF75BB2F02501E88718BEE408C ] DLAUDFAE C:\Windows\system32\Drivers\DLAUDFAE.SYS
    21:46:19.0803 0x2d38 DLAUDFAE - ok
    21:46:19.0860 0x2d38 [ ADF79D03473E320788EC0F2CFF3091D4, 09078CB9F5A0450584DF4920F72E19EFEF303C48673168BF34BD19687CD752D3 ] DLAUDF_E C:\Windows\system32\Drivers\DLAUDF_E.SYS
    21:46:19.0872 0x2d38 DLAUDF_E - ok
    21:46:19.0901 0x2d38 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
    21:46:19.0932 0x2d38 dmvsc - ok
    21:46:19.0954 0x2d38 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
    21:46:19.0987 0x2d38 Dnscache - ok
    21:46:20.0018 0x2d38 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
    21:46:20.0071 0x2d38 dot3svc - ok
    21:46:20.0135 0x2d38 [ 4B235DC5019D66670E5A53284CA6CCBC, 3573FD68128E298E78B01F50DD33B93C46D05C84AC2654E6F8496C6A73774EE3 ] DpHost C:\Program Files\Dell\Dell Data Protection\Security Tools\Authentication\Bin\DpHostW.exe
    21:46:20.0154 0x2d38 DpHost - ok
    21:46:20.0176 0x2d38 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
    21:46:20.0222 0x2d38 DPS - ok
    21:46:20.0240 0x2d38 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
    21:46:20.0292 0x2d38 drmkaud - ok
    21:46:20.0309 0x2d38 [ 0E0C5B8768CFB27A513FE8528A291EF9, 6FE26740D63C1289E90A1593A0337DBDF1E2F96F851BDCBA11425CE2E9026B61 ] DRVECDB C:\Windows\system32\Drivers\DRVECDB.SYS
    21:46:20.0321 0x2d38 DRVECDB - ok
    21:46:20.0337 0x2d38 [ FBF2605C90BD04C3B625A67961EEABB6, E42363221D3124AC46B5CB9971DEB614F0651EB0A534816F6DBBD94D8AE74F4E ] DRVEDDM C:\Windows\system32\Drivers\DRVEDDM.SYS
    21:46:20.0346 0x2d38 DRVEDDM - ok
    21:46:20.0459 0x2d38 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
    21:46:20.0491 0x2d38 DXGKrnl - ok
    21:46:20.0553 0x2d38 [ C47C212490AE1C2AB4A34A40C39485B4, 1B739D8F5BA344F14C78B547ABE281EEE13916D976A7E97B39A9E779D198B9E3 ] e1dexpress C:\Windows\system32\DRIVERS\e1d62x64.sys
    21:46:20.0576 0x2d38 e1dexpress - ok
    21:46:20.0600 0x2d38 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
    21:46:20.0637 0x2d38 EapHost - ok
    21:46:20.0758 0x2d38 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
    21:46:20.0923 0x2d38 ebdrv - ok
    21:46:20.0938 0x2d38 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe
    21:46:20.0970 0x2d38 EFS - ok
    21:46:21.0052 0x2d38 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
    21:46:21.0116 0x2d38 ehRecvr - ok
    21:46:21.0124 0x2d38 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
    21:46:21.0145 0x2d38 ehSched - ok
    21:46:21.0170 0x2d38 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
    21:46:21.0183 0x2d38 ElbyCDIO - ok
    21:46:21.0218 0x2d38 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
    21:46:21.0251 0x2d38 elxstor - ok
    21:46:21.0284 0x2d38 [ 8470CEC3C8BB1418687AD3ADED13845D, 107F8F36AB7D3BF8E15EF6EC1BC6A95FE33827B3F281C3B481A5AE8A962EADAC ] Emc.Captiva.WebCaptureService C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe
    21:46:21.0296 0x2d38 Emc.Captiva.WebCaptureService - ok
    21:46:21.0306 0x2d38 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
    21:46:21.0341 0x2d38 ErrDev - ok
    21:46:21.0372 0x2d38 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
    21:46:21.0448 0x2d38 EventSystem - ok
    21:46:21.0498 0x2d38 [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    21:46:21.0532 0x2d38 EvtEng - ok
    21:46:21.0543 0x2d38 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
    21:46:21.0602 0x2d38 exfat - ok
    21:46:21.0628 0x2d38 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
    21:46:21.0684 0x2d38 fastfat - ok
    21:46:21.0732 0x2d38 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
    21:46:21.0778 0x2d38 Fax - ok
    21:46:21.0792 0x2d38 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
    21:46:21.0824 0x2d38 fdc - ok
    21:46:21.0828 0x2d38 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
    21:46:21.0888 0x2d38 fdPHost - ok
    21:46:21.0894 0x2d38 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
    21:46:21.0944 0x2d38 FDResPub - ok
    21:46:21.0950 0x2d38 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
    21:46:21.0965 0x2d38 FileInfo - ok
    21:46:21.0979 0x2d38 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
    21:46:22.0029 0x2d38 Filetrace - ok
    21:46:22.0044 0x2d38 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
    21:46:22.0062 0x2d38 flpydisk - ok
    21:46:22.0085 0x2d38 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
    21:46:22.0107 0x2d38 FltMgr - ok
    21:46:22.0164 0x2d38 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
    21:46:22.0235 0x2d38 FontCache - ok
    21:46:22.0257 0x2d38 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    21:46:22.0271 0x2d38 FontCache3.0.0.0 - ok
    21:46:22.0279 0x2d38 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
    21:46:22.0295 0x2d38 FsDepends - ok
    21:46:22.0309 0x2d38 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
    21:46:22.0323 0x2d38 Fs_Rec - ok
    21:46:22.0363 0x2d38 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
    21:46:22.0387 0x2d38 fvevol - ok
    21:46:22.0411 0x2d38 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
    21:46:22.0423 0x2d38 gagp30kx - ok
    21:46:22.0513 0x2d38 [ 12CD74D8F037AE10E03C2415EFF59EF5, EDE7187DC57010119A46730B63EAF1548E3BDC170D375568880478AB36340726 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
    21:46:22.0533 0x2d38 Garmin Core Update Service - ok
    21:46:22.0627 0x2d38 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
    21:46:22.0678 0x2d38 gpsvc - ok
    21:46:22.0733 0x2d38 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    21:46:22.0759 0x2d38 gupdate - ok
    21:46:22.0767 0x2d38 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    21:46:22.0778 0x2d38 gupdatem - ok
    21:46:22.0783 0x2d38 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
    21:46:22.0798 0x2d38 hcw85cir - ok
    21:46:22.0857 0x2d38 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    21:46:22.0882 0x2d38 HdAudAddService - ok
    21:46:22.0937 0x2d38 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
    21:46:22.0953 0x2d38 HDAudBus - ok
    21:46:22.0965 0x2d38 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
    21:46:22.0991 0x2d38 HidBatt - ok
    21:46:23.0008 0x2d38 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
    21:46:23.0024 0x2d38 HidBth - ok
    21:46:23.0042 0x2d38 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
    21:46:23.0057 0x2d38 HidIr - ok
    21:46:23.0107 0x2d38 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
    21:46:23.0141 0x2d38 hidserv - ok
    21:46:23.0178 0x2d38 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
    21:46:23.0219 0x2d38 HidUsb - ok
    21:46:23.0244 0x2d38 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
    21:46:23.0307 0x2d38 hkmsvc - ok
    21:46:23.0339 0x2d38 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    21:46:23.0384 0x2d38 HomeGroupListener - ok
    21:46:23.0412 0x2d38 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    21:46:23.0436 0x2d38 HomeGroupProvider - ok
    21:46:23.0442 0x2d38 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
    21:46:23.0454 0x2d38 HpSAMD - ok
    21:46:23.0485 0x2d38 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
    21:46:23.0545 0x2d38 HTTP - ok
    21:46:23.0560 0x2d38 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
    21:46:23.0569 0x2d38 hwpolicy - ok
    21:46:23.0608 0x2d38 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
    21:46:23.0647 0x2d38 i8042prt - ok
    21:46:23.0690 0x2d38 [ 9EBE1AE8B3DA91D06BE1971EB37F7DA0, 55B0E66139C966AF0D4955B44363123198C559968C864DA85F6610CF1C844E8D ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
    21:46:23.0727 0x2d38 iaStorA - ok
    21:46:23.0746 0x2d38 [ D524B034148F14C60F1CA66D267EE56A, 18045270C5CA718501285EE05EDED8B0EF998A881ACF19D9602F91A2A30E40AB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    21:46:23.0758 0x2d38 IAStorDataMgrSvc - ok
    21:46:23.0776 0x2d38 [ C018747131B4E90E9267BA5B31EB43A7, 0FA045B63500D6AA98CADD72BA8052BD2631387FD1270A9FD5A77EB7A7A14536 ] iaStorF C:\Windows\system32\drivers\iaStorF.sys
    21:46:23.0789 0x2d38 iaStorF - ok
    21:46:23.0818 0x2d38 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
    21:46:23.0846 0x2d38 iaStorV - ok
    21:46:23.0891 0x2d38 [ C42FA2C2CB77604E94530E0A8560FA99, BA84B88C1D3951E4D10D9A783090B72261FD9825F8003DDD01716D4E0A8EED09 ] iBtSiva C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
    21:46:23.0907 0x2d38 iBtSiva - ok
    21:46:23.0918 0x2d38 [ 0316165998C74A0C109D5943F0027925, 91093906A100DD3FDC635AF8274910DB4BCEA10D6A003702786246D208CC4BBB ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys
    21:46:23.0937 0x2d38 ibtusb - ok
    21:46:24.0028 0x2d38 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    21:46:24.0091 0x2d38 idsvc - ok
    21:46:24.0096 0x2d38 IEEtwCollectorService - ok
    21:46:24.0316 0x2d38 [ 623DB9620F552B480690AD882AFACED1, F44039122CF6001CB40A4032D3C108D9A83F06FC700A5B47D83EF605F83C9D2F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
    21:46:24.0720 0x2d38 igfx - ok
    21:46:24.0764 0x2d38 [ 8283E1A55FF84ECAA4371890C6B83778, 2F932E554691877AEEA269A527ED451A205DBEDC1BB344A1AA3AE03F2D22FC70 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
    21:46:24.0788 0x2d38 igfxCUIService1.0.0.0 - ok
    21:46:24.0826 0x2d38 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
    21:46:24.0841 0x2d38 iirsp - ok
    21:46:24.0904 0x2d38 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
    21:46:24.0963 0x2d38 IKEEXT - ok
    21:46:24.0997 0x2d38 [ 314285071F7117263BD246E35C17FD82, 12E135DAB9D717D697026800C97FB58A64C0C37ACE715C2805A411A5384CB55A ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
    21:46:25.0030 0x2d38 intaud_WaveExtensible - ok
    21:46:25.0126 0x2d38 [ D2B9E3E977B57E783D48A6593A5BD000, C159BAAB4A54AD8F7719719A66458B2BA3F96635B71486475077F82C4549C544 ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHD64.sys
    21:46:25.0224 0x2d38 IntcAzAudAddService - ok
    21:46:25.0292 0x2d38 [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
    21:46:25.0311 0x2d38 IntcDAud - ok
    21:46:25.0432 0x2d38 [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    21:46:25.0491 0x2d38 Intel(R) Capability Licensing Service TCP IP Interface - ok
    21:46:25.0524 0x2d38 [ 98D8094CC724D751E8EC3B2B3446FAA3, DC88496C0D92B4BCCD71467DE3C5D346DF9B5A27BAE703FF53168A284D2F64A5 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
    21:46:25.0576 0x2d38 Intel(R) PROSet Monitoring Service - ok
    21:46:25.0627 0x2d38 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
    21:46:25.0638 0x2d38 intelide - ok
    21:46:25.0682 0x2d38 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
    21:46:25.0702 0x2d38 intelppm - ok
    21:46:25.0745 0x2d38 [ 2D680A69BBBAA7D7F0469D7B0CD7EE91, 653740ECFE873EE6FB11AE944A9C20B37A53EDC1B03F78F552CF430B68086827 ] InvProtectDrv C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectDrv64.sys
    21:46:25.0755 0x2d38 InvProtectDrv - ok
    21:46:25.0831 0x2d38 [ 9CD310FBD9B81D1CF15E51BB6DE4A549, 59002A12AB346B89CCA8A87C7CAF0ACFE29DCB56AE7733C3928AA054E68B5408 ] InvProtectSvc C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe
    21:46:25.0921 0x2d38 InvProtectSvc - ok
    21:46:25.0948 0x2d38 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
    21:46:26.0001 0x2d38 IPBusEnum - ok
    21:46:26.0011 0x2d38 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
    21:46:26.0063 0x2d38 IpFilterDriver - ok
    21:46:26.0087 0x2d38 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
    21:46:26.0146 0x2d38 iphlpsvc - ok
    21:46:26.0162 0x2d38 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
    21:46:26.0176 0x2d38 IPMIDRV - ok
    21:46:26.0182 0x2d38 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
    21:46:26.0220 0x2d38 IPNAT - ok
    21:46:26.0234 0x2d38 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
    21:46:26.0256 0x2d38 IRENUM - ok
    21:46:26.0260 0x2d38 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
    21:46:26.0269 0x2d38 isapnp - ok
    21:46:26.0298 0x2d38 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
    21:46:26.0314 0x2d38 iScsiPrt - ok
    21:46:26.0351 0x2d38 [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
    21:46:26.0364 0x2d38 iumsvc - ok
    21:46:26.0375 0x2d38 [ 83E5C169258459BC8D069C08106E6779, 1D5441EA2779CFC5A93A1372A7C34CD968A75D58A71107858468A1640721F47E ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
    21:46:26.0384 0x2d38 iusb3hcs - ok
    21:46:26.0440 0x2d38 [ A858FEA618433EA053858F4C63A411EA, A194E8C07332847ABC09CC55ABB3D4AA9FEC29F053A3025FCAC7841AFE5F21F2 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
    21:46:26.0465 0x2d38 iusb3hub - ok
    21:46:26.0553 0x2d38 [ C77F6D488C5F4A7AB4357895BD6EC1FF, EED9B5A71E2C58E15482F36218815E9D9C091F9CEC43D1FD9E90BCAD6A8DB216 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
    21:46:26.0591 0x2d38 iusb3xhc - ok
    21:46:26.0609 0x2d38 [ 4487AD9C070D3973FE28AB4406555FC6, 77D8DE3036613618D44D7E5E47C9C754B8F0FF294D9DD778C92A7AFDA8F778FC ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
    21:46:26.0622 0x2d38 iwdbus - ok
    21:46:26.0672 0x2d38 [ 0B93A01F786F37A4B1EDE84E639FFF10, 8747109A2FA2B80C8C5F5B6D2372C1B0DA4F4BF9DC1D551195ADF0715C260223 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    21:46:26.0689 0x2d38 jhi_service - ok
    21:46:26.0708 0x2d38 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
    21:46:26.0724 0x2d38 kbdclass - ok
    21:46:26.0747 0x2d38 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
    21:46:26.0766 0x2d38 kbdhid - ok
    21:46:26.0774 0x2d38 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe
    21:46:26.0790 0x2d38 KeyIso - ok
    21:46:26.0801 0x2d38 [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
    21:46:26.0818 0x2d38 KSecDD - ok
    21:46:26.0862 0x2d38 [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
    21:46:26.0880 0x2d38 KSecPkg - ok
    21:46:26.0903 0x2d38 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
    21:46:26.0952 0x2d38 ksthunk - ok
    21:46:27.0036 0x2d38 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
    21:46:27.0100 0x2d38 KtmRm - ok
    21:46:27.0130 0x2d38 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
    21:46:27.0188 0x2d38 LanmanServer - ok
    21:46:27.0211 0x2d38 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    21:46:27.0273 0x2d38 LanmanWorkstation - ok
    21:46:27.0294 0x2d38 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
    21:46:27.0358 0x2d38 lltdio - ok
    21:46:27.0385 0x2d38 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
    21:46:27.0453 0x2d38 lltdsvc - ok
    21:46:27.0464 0x2d38 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
    21:46:27.0521 0x2d38 lmhosts - ok
    21:46:27.0578 0x2d38 [ C31139E0907170E2A3FA8D19DCC23D35, C504E93D2018E9E487A428483C646C67B4ECE122560CF0FA49A1626E1509EEAE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    21:46:27.0605 0x2d38 LMS - ok
    21:46:27.0621 0x2d38 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
    21:46:27.0638 0x2d38 LSI_FC - ok
    21:46:27.0672 0x2d38 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
    21:46:27.0703 0x2d38 LSI_SAS - ok
    21:46:27.0714 0x2d38 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
    21:46:27.0730 0x2d38 LSI_SAS2 - ok
    21:46:27.0749 0x2d38 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
    21:46:27.0780 0x2d38 LSI_SCSI - ok
    21:46:27.0799 0x2d38 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
    21:46:27.0864 0x2d38 luafv - ok
    21:46:27.0899 0x2d38 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
    21:46:27.0934 0x2d38 Mcx2Svc - ok
    21:46:27.0962 0x2d38 [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    21:46:27.0981 0x2d38 MDM - detected UnsignedFile.Multi.Generic ( 1 )
    21:46:30.0685 0x2d38 Detect skipped due to KSN trusted
    21:46:30.0685 0x2d38 MDM - ok
    21:46:30.0722 0x2d38 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
    21:46:30.0755 0x2d38 megasas - ok
    21:46:30.0775 0x2d38 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
    21:46:30.0799 0x2d38 MegaSR - ok
    21:46:30.0830 0x2d38 [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
    21:46:30.0848 0x2d38 MEIx64 - ok
    21:46:30.0867 0x2d38 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
    21:46:30.0926 0x2d38 MMCSS - ok
    21:46:30.0942 0x2d38 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
    21:46:31.0006 0x2d38 Modem - ok
    21:46:31.0025 0x2d38 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
    21:46:31.0041 0x2d38 monitor - ok
    21:46:31.0056 0x2d38 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
    21:46:31.0067 0x2d38 mouclass - ok
    21:46:31.0095 0x2d38 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
    21:46:31.0122 0x2d38 mouhid - ok
    21:46:31.0154 0x2d38 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
    21:46:31.0167 0x2d38 mountmgr - ok
    21:46:31.0231 0x2d38 [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    21:46:31.0245 0x2d38 MozillaMaintenance - ok
    21:46:31.0267 0x2d38 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
    21:46:31.0282 0x2d38 mpio - ok
    21:46:31.0291 0x2d38 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
    21:46:31.0333 0x2d38 mpsdrv - ok
    21:46:31.0364 0x2d38 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
    21:46:31.0422 0x2d38 MpsSvc - ok
    21:46:31.0487 0x2d38 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
    21:46:31.0541 0x2d38 MRxDAV - ok
    21:46:31.0549 0x2d38 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
    21:46:31.0581 0x2d38 mrxsmb - ok
    21:46:31.0613 0x2d38 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
    21:46:31.0650 0x2d38 mrxsmb10 - ok
    21:46:31.0689 0x2d38 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
    21:46:31.0704 0x2d38 mrxsmb20 - ok
    21:46:31.0745 0x2d38 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
    21:46:31.0756 0x2d38 msahci - ok
    21:46:31.0798 0x2d38 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
    21:46:31.0861 0x2d38 msdsm - ok
    21:46:31.0887 0x2d38 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
    21:46:31.0903 0x2d38 MSDTC - ok
    21:46:31.0942 0x2d38 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
    21:46:31.0976 0x2d38 Msfs - ok
    21:46:31.0989 0x2d38 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
    21:46:32.0025 0x2d38 mshidkmdf - ok
    21:46:32.0040 0x2d38 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
    21:46:32.0049 0x2d38 msisadrv - ok
    21:46:32.0067 0x2d38 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
    21:46:32.0105 0x2d38 MSiSCSI - ok
    21:46:32.0109 0x2d38 msiserver - ok
    21:46:32.0139 0x2d38 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
    21:46:32.0198 0x2d38 MSKSSRV - ok
    21:46:32.0220 0x2d38 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
    21:46:32.0297 0x2d38 MSPCLOCK - ok
    21:46:32.0314 0x2d38 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
    21:46:32.0364 0x2d38 MSPQM - ok
    21:46:32.0398 0x2d38 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
    21:46:32.0425 0x2d38 MsRPC - ok
    21:46:32.0442 0x2d38 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
    21:46:32.0456 0x2d38 mssmbios - ok
    21:46:32.0483 0x2d38 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
    21:46:32.0532 0x2d38 MSTEE - ok
    21:46:32.0540 0x2d38 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
    21:46:32.0559 0x2d38 MTConfig - ok
    21:46:32.0573 0x2d38 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
    21:46:32.0587 0x2d38 Mup - ok
    21:46:32.0627 0x2d38 [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    21:46:32.0649 0x2d38 MyWiFiDHCPDNS - ok
    21:46:32.0754 0x2d38 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
    21:46:32.0837 0x2d38 napagent - ok
    21:46:32.0854 0x2d38 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
    21:46:32.0892 0x2d38 NativeWifiP - ok
    21:46:32.0986 0x2d38 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
    21:46:33.0034 0x2d38 NDIS - ok
    21:46:33.0072 0x2d38 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
    21:46:33.0122 0x2d38 NdisCap - ok
    21:46:33.0127 0x2d38 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
    21:46:33.0179 0x2d38 NdisTapi - ok
    21:46:33.0189 0x2d38 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
    21:46:33.0238 0x2d38 Ndisuio - ok
    21:46:33.0261 0x2d38 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
    21:46:33.0314 0x2d38 NdisWan - ok
    21:46:33.0327 0x2d38 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
    21:46:33.0376 0x2d38 NDProxy - ok
    21:46:33.0392 0x2d38 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
    21:46:33.0442 0x2d38 NetBIOS - ok
    21:46:33.0467 0x2d38 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
    21:46:33.0533 0x2d38 NetBT - ok
    21:46:33.0541 0x2d38 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe
    21:46:33.0558 0x2d38 Netlogon - ok
    21:46:33.0581 0x2d38 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
    21:46:33.0644 0x2d38 Netman - ok
    21:46:33.0707 0x2d38 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    21:46:33.0728 0x2d38 NetMsmqActivator - ok
    21:46:33.0736 0x2d38 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    21:46:33.0756 0x2d38 NetPipeActivator - ok
    21:46:33.0788 0x2d38 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
    21:46:33.0855 0x2d38 netprofm - ok
    21:46:33.0887 0x2d38 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    21:46:33.0901 0x2d38 NetTcpActivator - ok
    21:46:33.0907 0x2d38 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    21:46:33.0922 0x2d38 NetTcpPortSharing - ok
    21:46:33.0961 0x2d38 [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
    21:46:33.0976 0x2d38 netvsc - ok
    21:46:34.0098 0x2d38 [ C9D91D5E057D7A2C483DC838A7639C08, 405593E8195B61A05E83EDE85457D9BEFBBE332CC63C902B8548044429ED96D1 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw02.sys
    21:46:34.0197 0x2d38 NETwNs64 - ok
    21:46:34.0238 0x2d38 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
    21:46:34.0264 0x2d38 nfrd960 - ok
    21:46:34.0290 0x2d38 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
    21:46:34.0319 0x2d38 NlaSvc - ok
    21:46:34.0333 0x2d38 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
    21:46:34.0369 0x2d38 Npfs - ok
    21:46:34.0397 0x2d38 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
    21:46:34.0431 0x2d38 nsi - ok
    21:46:34.0450 0x2d38 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
    21:46:34.0519 0x2d38 nsiproxy - ok
    21:46:34.0636 0x2d38 [ CC1BA0DDFC9628671DD769F368CCD92A, 72918A56C386599511A0024504118F5B369774E56E5E229B7EA341DFCC86FA50 ] nsmService C:\Program Files (x86)\NetSetMan\nsmservice.exe
    21:46:34.0707 0x2d38 nsmService - ok
    21:46:34.0821 0x2d38 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
    21:46:34.0887 0x2d38 Ntfs - ok
    21:46:34.0917 0x2d38 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
    21:46:34.0953 0x2d38 Null - ok
    21:46:34.0981 0x2d38 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
    21:46:35.0039 0x2d38 nvraid - ok
    21:46:35.0155 0x2d38 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
    21:46:35.0224 0x2d38 nvstor - ok
    21:46:35.0255 0x2d38 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
    21:46:35.0288 0x2d38 nv_agp - ok
    21:46:35.0298 0x2d38 [ 59E028ED21D8C9F26DC9A5A110A90A9B, 8C2E825C372E962564A15922C259B9B83F3D3D720AD7489A2B0DEFF577AF3C2E ] O2FJ2RDR C:\Windows\system32\DRIVERS\O2FJ2w7x64.sys
    21:46:35.0318 0x2d38 O2FJ2RDR - ok
    21:46:35.0337 0x2d38 [ BBD0246FB5DCFF52C0AACC27212DDC55, AE148A89F1EF88735635C395BB8FCDEF1E3F4039F4C4CEFB8ED6AC056EB06C8B ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
    21:46:35.0366 0x2d38 O2FLASH - ok
    21:46:35.0375 0x2d38 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
    21:46:35.0395 0x2d38 ohci1394 - ok
    21:46:35.0430 0x2d38 [ 317B6041D94352D2AD4A6381AEBF91B5, 7251AC5A0827DFC6E60D76EF7C0FE9429E530B715FC32DC01BC4FFC5E36B7819 ] OneTouch 4.0 Monitor C:\Program Files (x86)\Visioneer\OneTouch 4.0\OtService.exe
    21:46:35.0444 0x2d38 OneTouch 4.0 Monitor - detected UnsignedFile.Multi.Generic ( 1 )
    21:46:38.0108 0x2d38 Detect skipped due to KSN trusted
    21:46:38.0108 0x2d38 OneTouch 4.0 Monitor - ok
    21:46:38.0145 0x2d38 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
    21:46:38.0188 0x2d38 p2pimsvc - ok
    21:46:38.0232 0x2d38 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
    21:46:38.0265 0x2d38 p2psvc - ok
    21:46:38.0284 0x2d38 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
    21:46:38.0327 0x2d38 Parport - ok
    21:46:38.0340 0x2d38 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
    21:46:38.0355 0x2d38 partmgr - ok
    21:46:38.0377 0x2d38 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
    21:46:38.0408 0x2d38 PcaSvc - ok
    21:46:38.0441 0x2d38 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
    21:46:38.0460 0x2d38 pci - ok
    21:46:38.0474 0x2d38 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
    21:46:38.0488 0x2d38 pciide - ok
    21:46:38.0509 0x2d38 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
    21:46:38.0531 0x2d38 pcmcia - ok
    21:46:38.0547 0x2d38 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
    21:46:38.0562 0x2d38 pcw - ok
    21:46:38.0632 0x2d38 [ D95602C43F2E13C052F431934EAB886E, F73389E308FEEFC6B427E6EFAC25BAADF812EC8FE2F077B861A3B2EB7ACABAC2 ] PDFProFiltSrv C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe
    21:46:38.0652 0x2d38 PDFProFiltSrv - ok
    21:46:38.0710 0x2d38 [ 9DCBBB8A684834FDACE769F3A63E6C3C, 2C8E3A1A558F87F04FB1B1ABDEA49D02904AE854429EE734D0143DA3333693B0 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    21:46:38.0741 0x2d38 PDFProFiltSrvPP - ok
    21:46:38.0780 0x2d38 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
    21:46:38.0864 0x2d38 PEAUTH - ok
    21:46:39.0008 0x2d38 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
    21:46:39.0119 0x2d38 PeerDistSvc - ok
    21:46:39.0487 0x2d38 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
    21:46:39.0506 0x2d38 PerfHost - ok
    21:46:39.0579 0x2d38 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
    21:46:39.0670 0x2d38 pla - ok
    21:46:39.0713 0x2d38 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
    21:46:39.0750 0x2d38 PlugPlay - ok
    21:46:39.0774 0x2d38 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
    21:46:39.0787 0x2d38 PNRPAutoReg - ok
    21:46:39.0830 0x2d38 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
    21:46:39.0849 0x2d38 PNRPsvc - ok
    21:46:39.0854 0x2d38 [ 37F907F88745FEFBC8985E926A72A92E, 41923E3D5FC3E5312A83673A72D58D6C9D40BD86AAC89F369B3D0CC7DEFA328D ] POADrvr C:\Windows\system32\drivers\POADrvr.sys
    21:46:39.0863 0x2d38 POADrvr - ok
    21:46:39.0928 0x2d38 [ 13A51556FCBA718D6E37679021F7036C, 0716044E47D37D251398F50B6ADD4F9F5E94CECCE9ED94733C1E8BF8CEE10E59 ] poaService C:\Program Files\Dell\PPO\poaService.exe
    21:46:39.0958 0x2d38 poaService - ok
    21:46:39.0968 0x2d38 [ 73D82EEC1C64E35C1C8B571A259C2C2E, 04F739665C941295F77EEB935F0C1CA4274BAE98B327800530964E546CE2647F ] PoaSMSrv C:\Program Files\Dell\PPO\poaSmSrv.exe
    21:46:39.0985 0x2d38 PoaSMSrv - ok
    21:46:40.0005 0x2d38 [ 307CA87D5D021478C4B9BF9DDEF8501E, 9A9C25CB06F32F5B5E78B989BC8DCE74BB5D577ADBED19B9CC330CC9CB5D8227 ] poaTaServ C:\Program Files\Dell\PPO\poaTaServ.exe
    21:46:40.0031 0x2d38 poaTaServ - ok
    21:46:40.0133 0x2d38 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
    21:46:40.0190 0x2d38 PolicyAgent - ok
    21:46:40.0210 0x2d38 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
    21:46:40.0379 0x2d38 Power - ok
    21:46:40.0402 0x2d38 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
    21:46:40.0452 0x2d38 PptpMiniport - ok
    21:46:40.0478 0x2d38 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
    21:46:40.0510 0x2d38 Processor - ok
    21:46:40.0539 0x2d38 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
    21:46:40.0568 0x2d38 ProfSvc - ok
    21:46:40.0576 0x2d38 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
    21:46:40.0592 0x2d38 ProtectedStorage - ok
    21:46:40.0611 0x2d38 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
    21:46:40.0647 0x2d38 Psched - ok
    21:46:40.0656 0x2d38 [ 05F46042208E515B9C240AAFC54E7AA2, 267526D72F76F79CCAA3FD63366C8AEB2346465BBA9BB43006FDC13CABB5352D ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
    21:46:40.0665 0x2d38 PxHlpa64 - ok
    21:46:40.0718 0x2d38 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
    21:46:40.0788 0x2d38 ql2300 - ok
    21:46:40.0810 0x2d38 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
    21:46:40.0841 0x2d38 ql40xx - ok
    21:46:40.0868 0x2d38 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
    21:46:40.0903 0x2d38 QWAVE - ok
    21:46:40.0917 0x2d38 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
    21:46:40.0947 0x2d38 QWAVEdrv - ok
    21:46:40.0961 0x2d38 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
    21:46:41.0016 0x2d38 RasAcd - ok
    21:46:41.0043 0x2d38 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
    21:46:41.0122 0x2d38 RasAgileVpn - ok
    21:46:41.0147 0x2d38 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
    21:46:41.0201 0x2d38 RasAuto - ok
    21:46:41.0230 0x2d38 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
    21:46:41.0295 0x2d38 Rasl2tp - ok
    21:46:41.0331 0x2d38 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
    21:46:41.0393 0x2d38 RasMan - ok
    21:46:41.0404 0x2d38 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
    21:46:41.0463 0x2d38 RasPppoe - ok
    21:46:41.0477 0x2d38 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
    21:46:41.0556 0x2d38 RasSstp - ok
    21:46:41.0581 0x2d38 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
    21:46:41.0645 0x2d38 rdbss - ok
    21:46:41.0658 0x2d38 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
    21:46:41.0679 0x2d38 rdpbus - ok
    21:46:41.0699 0x2d38 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
    21:46:41.0749 0x2d38 RDPCDD - ok
    21:46:41.0783 0x2d38 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
    21:46:41.0806 0x2d38 RDPDR - ok
    21:46:41.0811 0x2d38 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
    21:46:41.0859 0x2d38 RDPENCDD - ok
    21:46:41.0866 0x2d38 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
    21:46:41.0914 0x2d38 RDPREFMP - ok
    21:46:42.0039 0x2d38 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    21:46:42.0084 0x2d38 RdpVideoMiniport - ok
    21:46:42.0117 0x2d38 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
    21:46:42.0142 0x2d38 RDPWD - ok
    21:46:42.0171 0x2d38 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
    21:46:42.0192 0x2d38 rdyboost - ok
    21:46:42.0228 0x2d38 [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    21:46:42.0244 0x2d38 RegSrvc - ok
    21:46:42.0272 0x2d38 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
    21:46:42.0325 0x2d38 RemoteAccess - ok
    21:46:42.0351 0x2d38 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
    21:46:42.0409 0x2d38 RemoteRegistry - ok
    21:46:42.0450 0x2d38 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
    21:46:42.0488 0x2d38 RFCOMM - ok
    21:46:42.0505 0x2d38 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
    21:46:42.0540 0x2d38 RpcEptMapper - ok
    21:46:42.0554 0x2d38 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
    21:46:42.0566 0x2d38 RpcLocator - ok
    21:46:42.0585 0x2d38 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
    21:46:42.0628 0x2d38 RpcSs - ok
    21:46:42.0634 0x2d38 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
    21:46:42.0672 0x2d38 rspndr - ok
    21:46:42.0702 0x2d38 [ 6158659D8A14CE144CF2634B881399D6, 39A8C92DD1103E8CAE0EB39D58308FBE8CE1EC3B7455A2F1A783BF519D086830 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    21:46:42.0717 0x2d38 RtkAudioService - ok
    21:46:42.0732 0x2d38 [ 751D4D5E2218E5046B0873FBA4933B2D, FC074263156581BA733AA6DC7B3ABF6614A592DB6D842D5E91D089FCAF89B0DD ] RWAR3HV_0002_0 C:\Program Files\Visioneer\RWAR3\RWAR3HV_0002_0.EXE
    21:46:42.0757 0x2d38 RWAR3HV_0002_0 - ok
    21:46:42.0811 0x2d38 [ 8A83A9B9572CAF7D2308FBD2B8534C92, 595E432C465DCAE0EF3ED9DFB3F9FB02670CAC94DF6DDA704C8DCC9C914CC95B ] RWAR3Monitor C:\Program Files\Visioneer\RWAR3\RWAR3Monitor.exe
    21:46:42.0823 0x2d38 RWAR3Monitor - detected UnsignedFile.Multi.Generic ( 1 )
    21:46:47.0195 0x2d38 RWAR3Monitor ( UnsignedFile.Multi.Generic ) - warning
    21:46:49.0733 0x2d38 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
    21:46:49.0759 0x2d38 s3cap - ok
    21:46:49.0773 0x2d38 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe
    21:46:49.0790 0x2d38 SamSs - ok
    21:46:49.0830 0x2d38 [ FD0501CF895DB359B79C5FFB577A39CA, 8171D09618ABEF23A7B1B73063F7568946EA31139A088095E33BD1D2DEBA37D2 ] SboxDrv C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxDrv.sys
    21:46:49.0847 0x2d38 SboxDrv - ok
    21:46:49.0857 0x2d38 [ 3B4A593ACF267986E17CE46B4BB23B63, F63294E12B3BF6DAD33180FD9858AA85039B8E45C3A47B780B8659BBA1DC8432 ] SboxSvc C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe
    21:46:49.0873 0x2d38 SboxSvc - ok
    21:46:49.0896 0x2d38 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
    21:46:49.0928 0x2d38 sbp2port - ok
    21:46:49.0951 0x2d38 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
    21:46:50.0015 0x2d38 SCardSvr - ok
    21:46:50.0028 0x2d38 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
    21:46:50.0076 0x2d38 scfilter - ok
    21:46:50.0133 0x2d38 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
    21:46:50.0220 0x2d38 Schedule - ok
    21:46:50.0244 0x2d38 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
    21:46:50.0294 0x2d38 SCPolicySvc - ok
    21:46:50.0348 0x2d38 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
    21:46:50.0399 0x2d38 sdbus - ok
    21:46:50.0435 0x2d38 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
    21:46:50.0472 0x2d38 SDRSVC - ok
    21:46:50.0482 0x2d38 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
    21:46:50.0531 0x2d38 secdrv - ok
    21:46:50.0537 0x2d38 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
    21:46:50.0590 0x2d38 seclogon - ok
    21:46:50.0646 0x2d38 [ D11FD9191B3DB268AA985143A7AD43FB, 31A62F21D5714D648D35028CD3056DB7017BD809E042C1BBA9F7E297E0058253 ] SEDFilter C:\Windows\system32\DRIVERS\SEDFilter.sys
    21:46:50.0660 0x2d38 SEDFilter - ok
    21:46:50.0669 0x2d38 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
    21:46:50.0731 0x2d38 SENS - ok
    21:46:50.0760 0x2d38 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
    21:46:50.0785 0x2d38 SensrSvc - ok
    21:46:50.0816 0x2d38 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
    21:46:50.0833 0x2d38 Serenum - ok
    21:46:50.0859 0x2d38 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
    21:46:50.0906 0x2d38 Serial - ok
    21:46:50.0939 0x2d38 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
    21:46:51.0038 0x2d38 sermouse - ok
    21:46:51.0062 0x2d38 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
    21:46:51.0098 0x2d38 SessionEnv - ok
    21:46:51.0127 0x2d38 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
    21:46:51.0161 0x2d38 sffdisk - ok
    21:46:51.0177 0x2d38 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
    21:46:51.0200 0x2d38 sffp_mmc - ok
    21:46:51.0214 0x2d38 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
    21:46:51.0248 0x2d38 sffp_sd - ok
    21:46:51.0258 0x2d38 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
    21:46:51.0289 0x2d38 sfloppy - ok
    21:46:51.0436 0x2d38 [ B9C662D8A5DEC62F37EFC0ADD4A1E14C, EAC25DCFC8ED24AA4B8C90DAAF9BF517C4728AD4B1D849EC4F96C33AE1283C30 ] SftService C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
    21:46:51.0521 0x2d38 SftService - ok
    21:46:51.0549 0x2d38 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
    21:46:51.0604 0x2d38 SharedAccess - ok
    21:46:51.0697 0x2d38 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    21:46:51.0766 0x2d38 ShellHWDetection - ok
    21:46:51.0816 0x2d38 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
    21:46:51.0845 0x2d38 SiSRaid2 - ok
    21:46:51.0888 0x2d38 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
    21:46:51.0899 0x2d38 SiSRaid4 - ok
    21:46:51.0919 0x2d38 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
    21:46:51.0974 0x2d38 Smb - ok
    21:46:51.0997 0x2d38 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
    21:46:52.0018 0x2d38 SNMPTRAP - ok
    21:46:52.0034 0x2d38 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
    21:46:52.0043 0x2d38 spldr - ok
    21:46:52.0073 0x2d38 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
    21:46:52.0101 0x2d38 Spooler - ok
    21:46:52.0300 0x2d38 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
    21:46:52.0669 0x2d38 sppsvc - ok
    21:46:52.0699 0x2d38 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
    21:46:52.0764 0x2d38 sppuinotify - ok
    21:46:52.0784 0x2d38 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
    21:46:52.0828 0x2d38 srv - ok
    21:46:52.0847 0x2d38 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
    21:46:52.0877 0x2d38 srv2 - ok
    21:46:52.0900 0x2d38 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
    21:46:52.0921 0x2d38 srvnet - ok
    21:46:52.0936 0x2d38 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
    21:46:52.0988 0x2d38 SSDPSRV - ok
    21:46:52.0993 0x2d38 [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
    21:46:53.0009 0x2d38 SSPORT - ok
    21:46:53.0022 0x2d38 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
    21:46:53.0076 0x2d38 SstpSvc - ok
    21:46:53.0109 0x2d38 [ E4EA2412FB1B8AEE33667A9CC6D456A4, E553D07BBD98CB026033D7D10D859795682D1BFCB9D33D494177B2E747EA5064 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
    21:46:53.0124 0x2d38 stdcfltn - ok
    21:46:53.0144 0x2d38 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
    21:46:53.0160 0x2d38 stexstor - ok
    21:46:53.0179 0x2d38 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
    21:46:53.0209 0x2d38 StillCam - ok
    21:46:53.0250 0x2d38 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
    21:46:53.0297 0x2d38 stisvc - ok
    21:46:53.0317 0x2d38 [ DE3E7A2345EBAA3CE8E6957DFB55FB15, DEFA772F7B08ADE3FCC4FDEDE14FD388E32E7395F44E67E3DAB2CD26E417D5C9 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    21:46:53.0353 0x2d38 stllssvr - detected UnsignedFile.Multi.Generic ( 1 )
    21:46:56.0076 0x2d38 Detect skipped due to KSN trusted
    21:46:56.0076 0x2d38 stllssvr - ok
    21:46:56.0103 0x2d38 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
    21:46:56.0135 0x2d38 StorSvc - ok
    21:46:56.0150 0x2d38 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
    21:46:56.0164 0x2d38 storvsc - ok
    21:46:56.0176 0x2d38 [ AB1C3402A04C4594D9A778574E87C4B2, 46D20F5432B9A8ED5FAEDC75838AD86548585C1BA86E160AB9C5F893FB11815C ] ST_ACCEL C:\Windows\system32\DRIVERS\ST_Accel.sys
    21:46:56.0190 0x2d38 ST_ACCEL - ok
    21:46:56.0208 0x2d38 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
    21:46:56.0221 0x2d38 swenum - ok
    21:46:56.0306 0x2d38 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
    21:46:56.0379 0x2d38 swprv - ok
    21:46:56.0410 0x2d38 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
    21:46:56.0425 0x2d38 SynthVid - ok
    21:46:56.0506 0x2d38 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
    21:46:56.0597 0x2d38 SysMain - ok
    21:46:56.0611 0x2d38 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
    21:46:56.0661 0x2d38 TabletInputService - ok
    21:46:56.0681 0x2d38 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
    21:46:56.0727 0x2d38 TapiSrv - ok
    21:46:56.0758 0x2d38 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
    21:46:56.0794 0x2d38 TBS - ok
    21:46:57.0064 0x2d38 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
    21:46:57.0159 0x2d38 Tcpip - ok
    21:46:57.0328 0x2d38 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
    21:46:57.0382 0x2d38 TCPIP6 - ok
    21:46:57.0390 0x2d38 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
    21:46:57.0402 0x2d38 tcpipreg - ok
    21:46:57.0476 0x2d38 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
    21:46:57.0488 0x2d38 TDPIPE - ok
    21:46:57.0509 0x2d38 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
    21:46:57.0538 0x2d38 TDTCP - ok
    21:46:57.0562 0x2d38 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
    21:46:57.0591 0x2d38 tdx - ok
    21:46:57.0620 0x2d38 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
    21:46:57.0631 0x2d38 TermDD - ok
    21:46:57.0706 0x2d38 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
    21:46:57.0739 0x2d38 TermService - ok
    21:46:57.0790 0x2d38 [ E7E9574AA220D0DB4F6A0CD82B9FB48A, 6130D5D85B8B58FBA25BBCA3EC7B78F8F93DFA5DD89D09268E5BEB57F0240C53 ] TgbIke Starter C:\Windows\SysWOW64\TgbStarter.exe
    21:46:57.0807 0x2d38 TgbIke Starter - ok
    21:46:57.0817 0x2d38 [ C8FBA733B218B3BB60F0E7775154C2A4, 89964A09FB66A648A90E1B69263D2D182FA948FA0C6AB45B73235B4ADF81ACC0 ] TGBMPEnum C:\Windows\system32\DRIVERS\TGBMPEnum.sys
    21:46:57.0828 0x2d38 TGBMPEnum - ok
    21:46:57.0869 0x2d38 [ 54B6948D19DB5CD870E9B4B2B145DA9A, 344D7D4843D71D97734F901E8A4E7056DA11D7C9E690242A4105BB5B6404CC8E ] TGBVPNVirtM C:\Windows\system32\DRIVERS\TGBVPNVirtM.sys
    21:46:57.0900 0x2d38 TGBVPNVirtM - ok
    21:46:57.0919 0x2d38 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
    21:46:57.0954 0x2d38 Themes - ok
    21:46:57.0995 0x2d38 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
    21:46:58.0047 0x2d38 THREADORDER - ok
    21:46:58.0062 0x2d38 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
    21:46:58.0132 0x2d38 TrkWks - ok
    21:46:58.0180 0x2d38 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    21:46:58.0235 0x2d38 TrustedInstaller - ok
    21:46:58.0257 0x2d38 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
    21:46:58.0284 0x2d38 tssecsrv - ok
    21:46:58.0346 0x2d38 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
    21:46:58.0397 0x2d38 TsUsbFlt - ok
    21:46:58.0416 0x2d38 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
    21:46:58.0432 0x2d38 TsUsbGD - ok
    21:46:58.0465 0x2d38 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
    21:46:58.0538 0x2d38 tunnel - ok
    21:46:58.0560 0x2d38 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
    21:46:58.0575 0x2d38 uagp35 - ok
    21:46:58.0606 0x2d38 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
    21:46:58.0669 0x2d38 udfs - ok
    21:46:58.0684 0x2d38 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
    21:46:58.0704 0x2d38 UI0Detect - ok
    21:46:58.0718 0x2d38 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
    21:46:58.0734 0x2d38 uliagpkx - ok
    21:46:58.0740 0x2d38 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
    21:46:58.0757 0x2d38 umbus - ok
    21:46:58.0769 0x2d38 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
    21:46:58.0785 0x2d38 UmPass - ok
    21:46:58.0812 0x2d38 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
    21:46:58.0836 0x2d38 UmRdpService - ok
    21:46:58.0863 0x2d38 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
    21:46:58.0927 0x2d38 upnphost - ok
    21:46:58.0965 0x2d38 [ 73E350C9099837826A08792D3E96E189, D4C07C70E8140FFCB5F98EF377B7851D8CA01E1C2FAE9852FF3286E8C8337180 ] usb3Hub C:\Windows\system32\DRIVERS\usb3Hub.sys
    21:46:58.0984 0x2d38 usb3Hub - ok
    21:46:59.0004 0x2d38 [ 724DABDE1A9C48C6E5FE0F9F7E583940, 6B5FB81D0D6096CB827AC32DD5EE7C92F1E2EEFD54EC9E047EC6AF50610B4885 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
    21:46:59.0049 0x2d38 usbccgp - ok
    21:46:59.0070 0x2d38 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
    21:46:59.0097 0x2d38 usbcir - ok
    21:46:59.0107 0x2d38 [ CA11C28D69925E356CC27749CC41C3E1, E0AEB9EA23E7EFB982C1548508583B16A89A5568750EA23A313C8AC40CCB84C5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
    21:46:59.0125 0x2d38 usbehci - ok
    21:46:59.0151 0x2d38 [ 8FA7BAF75209D59E7302BCF0308C52A7, 00F5F7442BBD25E7455ECDE5AE5D40C60E878BAF53A7D535DB59EE2C3F027245 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
    21:46:59.0195 0x2d38 usbhub - ok
    21:46:59.0221 0x2d38 [ BB33E6D8006EDD67CAB91E9417417710, 16CC4A00FB1793C7B723F6A99A39725C87A71C2958CFA0916A55BB084973C96F ] usbohci C:\Windows\system32\drivers\usbohci.sys
    21:46:59.0236 0x2d38 usbohci - ok
    21:46:59.0291 0x2d38 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
    21:46:59.0312 0x2d38 usbprint - ok
    21:46:59.0338 0x2d38 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
    21:46:59.0355 0x2d38 usbscan - ok
    21:46:59.0370 0x2d38 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
    21:46:59.0389 0x2d38 USBSTOR - ok
    21:46:59.0420 0x2d38 [ 8565793CAF1EF768DB669BE0C3C71EDF, 8FD8904C5C0F2BFC66A17EE51E2E50C4BB11B77A18F51F4893D079B2F37F6B21 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
    21:46:59.0436 0x2d38 usbuhci - ok
    21:46:59.0453 0x2d38 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
    21:46:59.0484 0x2d38 usbvideo - ok
    21:46:59.0490 0x2d38 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
    21:46:59.0542 0x2d38 UxSms - ok
    21:46:59.0559 0x2d38 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe
    21:46:59.0573 0x2d38 VaultSvc - ok
    21:46:59.0590 0x2d38 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
    21:46:59.0602 0x2d38 vdrvroot - ok
    21:46:59.0629 0x2d38 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
    21:46:59.0677 0x2d38 vds - ok
    21:46:59.0686 0x2d38 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
    21:46:59.0707 0x2d38 vga - ok
    21:46:59.0711 0x2d38 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
    21:46:59.0749 0x2d38 VgaSave - ok
    21:46:59.0839 0x2d38 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
    21:46:59.0904 0x2d38 vhdmp - ok
    21:46:59.0941 0x2d38 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
    21:46:59.0952 0x2d38 viaide - ok
    21:46:59.0987 0x2d38 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
    21:47:00.0052 0x2d38 VMBusHID - ok
    21:47:00.0094 0x2d38 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
    21:47:00.0126 0x2d38 volmgr - ok
    21:47:00.0160 0x2d38 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
    21:47:00.0178 0x2d38 volmgrx - ok
    21:47:00.0218 0x2d38 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
    21:47:00.0234 0x2d38 volsnap - ok
    21:47:00.0291 0x2d38 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
    21:47:00.0308 0x2d38 vsmraid - ok
    21:47:00.0443 0x2d38 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
    21:47:00.0552 0x2d38 VSS - ok
    21:47:00.0579 0x2d38 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
    21:47:00.0600 0x2d38 vwifibus - ok
    21:47:00.0616 0x2d38 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
    21:47:00.0639 0x2d38 vwififlt - ok
    21:47:00.0646 0x2d38 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
    21:47:00.0666 0x2d38 vwifimp - ok
    21:47:00.0705 0x2d38 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
    21:47:00.0770 0x2d38 W32Time - ok
    21:47:00.0792 0x2d38 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
    21:47:00.0818 0x2d38 WacomPen - ok
    21:47:00.0858 0x2d38 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
    21:47:00.0909 0x2d38 WANARP - ok
    21:47:00.0915 0x2d38 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
    21:47:00.0964 0x2d38 Wanarpv6 - ok
    21:47:01.0034 0x2d38 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
    21:47:01.0095 0x2d38 WatAdminSvc - ok
    21:47:01.0166 0x2d38 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
    21:47:01.0241 0x2d38 wbengine - ok
    21:47:01.0273 0x2d38 [ 4984E484B9184970AE8075FDA19650E8, 8B09FD98D925F85CD61119AA9778150ACAFB3441210436963A095A630F675722 ] wbfcvusbdrv C:\Windows\system32\Drivers\wbfcvusbdrv.sys
    21:47:01.0285 0x2d38 wbfcvusbdrv - ok
    21:47:01.0317 0x2d38 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
    21:47:01.0348 0x2d38 WbioSrvc - ok
    21:47:01.0365 0x2d38 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
    21:47:01.0404 0x2d38 wcncsvc - ok
    21:47:01.0415 0x2d38 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    21:47:01.0449 0x2d38 WcsPlugInService - ok
    21:47:01.0466 0x2d38 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
    21:47:01.0480 0x2d38 Wd - ok
    21:47:01.0545 0x2d38 [ 502FA6BD01D9141D34C2FCA8F8726E3F, 078D88854404F989445725B3693F1B22B8C25F5DCCD9AD5B15AE0E6521FB04D7 ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
    21:47:01.0600 0x2d38 WDBackup - ok
    21:47:01.0697 0x2d38 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
    21:47:01.0715 0x2d38 WDC_SAM - ok
    21:47:01.0769 0x2d38 [ C50B1A397F35908EEA98C964E77A6A97, FBA623EE0C5A72836ED80C0ACA163461E9B1B601B99C35B9EEE36B07B7F0839E ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
    21:47:01.0790 0x2d38 WDDriveService - ok
    21:47:01.0846 0x2d38 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
    21:47:01.0891 0x2d38 Wdf01000 - ok
    21:47:01.0914 0x2d38 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
    21:47:01.0947 0x2d38 WdiServiceHost - ok
    21:47:01.0953 0x2d38 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
    21:47:01.0972 0x2d38 WdiSystemHost - ok
    21:47:01.0999 0x2d38 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
    21:47:02.0059 0x2d38 WebClient - ok
    21:47:02.0092 0x2d38 [ CBA25A299ECDBAE3A2300B68598AABA3, 5AC6F75FBDA58CD9D17922AF2780A37B89067EB4A97EE792A644B238BE94490D ] Wecsvc C:\Windows\system32\wecsvc.dll
    21:47:02.0118 0x2d38 Wecsvc - ok
    21:47:02.0138 0x2d38 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
    21:47:02.0194 0x2d38 wercplsupport - ok
    21:47:02.0214 0x2d38 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
    21:47:02.0278 0x2d38 WerSvc - ok
    21:47:02.0290 0x2d38 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
    21:47:02.0340 0x2d38 WfpLwf - ok
    21:47:02.0363 0x2d38 [ 064E179AFF2E2819ED8C0B39AB42B6D5, AB892B1FAB35157339ACDE5AF60AA60CBE9B83EC5C61B575F2D05750F684741D ] WIBUKEY C:\Windows\system32\DRIVERS\WibuKey64.sys
    21:47:02.0432 0x2d38 WIBUKEY - ok
    21:47:02.0472 0x2d38 [ 9B33BD737B6620E5DCD4909EFF719216, B32CFC5992FB390C1192979A02A03A2E166B4788F6C10AB3052B33B028805A27 ] Wibukey2_64 C:\Windows\system32\drivers\wibukey2_64.sys
    21:47:02.0548 0x2d38 Wibukey2_64 - ok
    21:47:02.0571 0x2d38 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
    21:47:02.0583 0x2d38 WIMMount - ok
    21:47:02.0612 0x2d38 WinDefend - ok
    21:47:02.0822 0x2d38 [ 3853778242E374E49BDA5EAB72DD8E60, 26BC53AE79161297782743C1A2CC71B7D0FE8338C9763B88EB3F298EB8FA1882 ] WindowsVNT_R3 C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe
    21:47:02.0966 0x2d38 WindowsVNT_R3 - detected UnsignedFile.Multi.Generic ( 1 )
    21:47:05.0483 0x2d38 Detect skipped due to KSN trusted
    21:47:05.0483 0x2d38 WindowsVNT_R3 - ok
    21:47:05.0486 0x2d38 WinHttpAutoProxySvc - ok
    21:47:05.0581 0x2d38 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
    21:47:05.0641 0x2d38 Winmgmt - ok
    21:47:05.0779 0x2d38 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
    21:47:05.0887 0x2d38 WinRM - ok
    21:47:05.0918 0x2d38 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
    21:47:05.0932 0x2d38 WinUsb - ok
    21:47:05.0965 0x2d38 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
    21:47:06.0013 0x2d38 Wlansvc - ok
    21:47:06.0059 0x2d38 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
    21:47:06.0097 0x2d38 WmiAcpi - ok
    21:47:06.0130 0x2d38 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
    21:47:06.0148 0x2d38 wmiApSrv - ok
    21:47:06.0152 0x2d38 WMPNetworkSvc - ok
    21:47:06.0157 0x2d38 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
    21:47:06.0170 0x2d38 WPCSvc - ok
    21:47:06.0188 0x2d38 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
    21:47:06.0253 0x2d38 WPDBusEnum - ok
    21:47:06.0279 0x2d38 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
    21:47:06.0321 0x2d38 ws2ifsl - ok
    21:47:06.0340 0x2d38 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
    21:47:06.0367 0x2d38 wscsvc - ok
    21:47:06.0396 0x2d38 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
    21:47:06.0442 0x2d38 WSDPrintDevice - ok
    21:47:06.0454 0x2d38 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
    21:47:06.0489 0x2d38 WSDScan - ok
    21:47:06.0493 0x2d38 WSearch - ok
    21:47:06.0608 0x2d38 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
    21:47:06.0721 0x2d38 wuauserv - ok
    21:47:06.0737 0x2d38 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
    21:47:06.0765 0x2d38 WudfPf - ok
    21:47:06.0777 0x2d38 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
    21:47:06.0799 0x2d38 WUDFRd - ok
    21:47:06.0815 0x2d38 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
    21:47:06.0834 0x2d38 wudfsvc - ok
    21:47:06.0868 0x2d38 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
    21:47:06.0899 0x2d38 WwanSvc - ok
    21:47:07.0067 0x2d38 [ 7F4350B20A49FE6F64F0EEE046972A1A, 2CEC6C2155DE3C02396673DDFE0811A6180A370937B6C764FC296ABC8E85462F ] YouTubeDownload_A3 C:\Program Files (x86)\YouTube-Downloader\A3\youtubeserv.exe
    21:47:07.0231 0x2d38 YouTubeDownload_A3 - ok
    21:47:07.0452 0x2d38 [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
    21:47:07.0637 0x2d38 ZeroConfigService - ok
    21:47:07.0693 0x2d38 ================ Scan global ===============================
    21:47:07.0703 0x2d38 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
    21:47:07.0718 0x2d38 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
    21:47:07.0737 0x2d38 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
    21:47:07.0752 0x2d38 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
    21:47:07.0782 0x2d38 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
    21:47:07.0794 0x2d38 [ Global ] - ok
    21:47:07.0794 0x2d38 ================ Scan MBR ==================================
    21:47:07.0807 0x2d38 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
    21:47:08.0216 0x2d38 \Device\Harddisk0\DR0 - ok
    21:47:08.0217 0x2d38 ================ Scan VBR ==================================
    21:47:08.0226 0x2d38 [ B65B3D19501FD0EE8911BC9E01BF9CE8 ] \Device\Harddisk0\DR0\Partition1
    21:47:08.0280 0x2d38 \Device\Harddisk0\DR0\Partition1 - ok
    21:47:08.0282 0x2d38 [ 99374DBF9D0ADB117381D1B67F5FC2CA ] \Device\Harddisk0\DR0\Partition2
    21:47:08.0303 0x2d38 \Device\Harddisk0\DR0\Partition2 - ok
    21:47:08.0303 0x2d38 ================ Scan generic autorun ======================
    21:47:08.0338 0x2d38 [ FAF64638A42A32B449E7EB474064731A, 40462B51B3CAE21E5650525F90BAB5FCB6C1B44EA4C2DBB8AA0991A0F2EE7837 ] C:\Program Files\DellTPad\Apoint.exe
    21:47:08.0370 0x2d38 Apoint - ok
    21:47:08.0627 0x2d38 [ 7A3C577879C1D092453BFCF688C0B5F7, 8835F572C05FB50A9B59F78F3BBF708D4552C431C5FA9E313335114480E93F7C ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    21:47:08.0877 0x2d38 RtHDVCpl - ok
    21:47:08.0935 0x2d38 [ 1F52D0A814E34E36FBE3EB97A9CD1CD0, 610802343959C8EAFC415F64DF868C533FA010742D1EDC3E5D12F2CA90AC988B ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    21:47:08.0974 0x2d38 RtHDVBg - ok
    21:47:08.0995 0x2d38 [ 15C9F763CCFC9C1B8C269D94B30EF619, 00E2BD04736DBDE84AAD7C239CC30E9427468A33FF6954BE28D361481B09F48B ] C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe
    21:47:09.0009 0x2d38 WavesSvc - ok
    21:47:09.0080 0x2d38 [ 1F52D0A814E34E36FBE3EB97A9CD1CD0, 610802343959C8EAFC415F64DF868C533FA010742D1EDC3E5D12F2CA90AC988B ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    21:47:09.0122 0x2d38 RtHDVBg_PushButton - ok
    21:47:09.0181 0x2d38 [ 9B779DD4C1C4B71599A8A42623C99B4A, 5361EC5F218777351C6B0C57AE5F6D1B0870158EDD04263C09BA15F6A48A2070 ] C:\Program Files\Dell\PPO\DellPoaEvents.exe
    21:47:09.0198 0x2d38 DellPoaEvents - ok
    21:47:09.0200 0x2d38 BTMTrayAgent - ok
    21:47:09.0220 0x2d38 [ F14327BA386AAA2246585BFADD8FE8E8, 2804D7985B116C808942B4501362D4F4BAE4B540E9A6AC9B176B30DD448BA5AC ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
    21:47:09.0230 0x2d38 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
    21:47:11.0705 0x2d38 Detect skipped due to KSN trusted
    21:47:11.0705 0x2d38 IAStorIcon - ok
    21:47:11.0901 0x2d38 [ 86ABD61318AA20217A75F67023C5AAE5, ED188D96319B652E0EA57BBBCDD8FA29621329F0E0EA24F3B31FC27FFA58198E ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    21:47:12.0078 0x2d38 IntelPROSet - ok
    21:47:12.0140 0x2d38 [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
    21:47:12.0193 0x2d38 AdobeAAMUpdater-1.0 - ok
    21:47:12.0233 0x2d38 [ 835D7CF56DA941D24F791AC25A31FED7, EE5C8C5D3BB5DCD8AA820D5A7696DF316FB73856B09680E72A5CE375BA5982A3 ] C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityManager.SystrayApp.exe
    21:47:12.0251 0x2d38 CSFTrayApp - ok
    21:47:12.0592 0x2d38 [ 77E19B0303F2E2D2E1B8809C7602BACE, 767AFA45192F302F165AEBCA15677E51ACAE9244CE721C205A3DAE869E67C1B2 ] C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtect64.exe
    21:47:12.0884 0x2d38 InvProtect - ok
    21:47:12.0893 0x2d38 CANON P-215II SVC - ok
    21:47:12.0909 0x2d38 [ 8643344BA3BC0FEA6095ED111F45C63D, 1DE57C380BB5EC767DB1905B43AD5E5278D798D23974C396A0CE76C9472E8927 ] C:\Program Files\BOINC\boinctray.exe
    21:47:12.0938 0x2d38 boinctray - detected UnsignedFile.Multi.Generic ( 1 )
    21:47:16.0174 0x2d38 Detect skipped due to KSN trusted
    21:47:16.0174 0x2d38 boinctray - ok
    21:47:16.0565 0x2d38 [ 5B4BBF7D0DC9C4D3C69B4C3D43EE9A9C, FB3AF6F73C29F524069378D40D5763CA83CE2486BC11B2F545B31B7561E4761B ] C:\Program Files\BOINC\boincmgr.exe
    21:47:16.0886 0x2d38 boincmgr - detected UnsignedFile.Multi.Generic ( 1 )
    21:47:19.0428 0x2d38 Detect skipped due to KSN trusted
    21:47:19.0428 0x2d38 boincmgr - ok
    21:47:19.0480 0x2d38 [ 5956CEBC6E2DF8BB255DE08901533985, 3F9362485F64FC50429297CA339ED5964FF0889B855307E2A944A08818434CE3 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
    21:47:19.0502 0x2d38 USB3MON - ok
    21:47:19.0838 0x2d38 [ 208000B15AE976369C2EF0A6626096D7, 4EE5DFB3C334365AC88DCC2F0513DDAE81BFA7520BAA77599B0B0B7F21454458 ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
    21:47:19.0886 0x2d38 StartCCC - ok
    21:47:20.0076 0x2d38 [ 4281BF9B8FD5F888E0671EF389DC1C8F, 756FFE7584D00A52410E78AACAFE9FCEF6EA8278FB78E828A9A9350543932EC3 ] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe
    21:47:20.0176 0x2d38 Acrobat Assistant 8.0 - ok
    21:47:20.0488 0x2d38 [ E84F189BE4353A47EBF063D8EA3C4B63, C9AD8FA3E0DE9860D3100E17F90F91C7CAD01730A98E8E12E5936B47EF23E546 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
    21:47:20.0714 0x2d38 WD Quick View - ok
    21:47:20.0969 0x2d38 [ 7D1414B4F90831CB09F3EABECD3B2390, 486A341EE7B604F012EA4EDE0B70FC4A1A8BA720A6A3E6747EA0819FD4CA1658 ] C:\Program Files (x86)\NetSetMan\netsetman.exe
    21:47:21.0166 0x2d38 NetSetMan - ok
    21:47:21.0213 0x2d38 [ FFA3D681B293C476675EAA78BE2B75FF, 4F1012215B593349367B80FB13B052532857CFCE841362FC1B585EDB4FBDDB83 ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
    21:47:21.0243 0x2d38 HydraVisionDesktopManager - detected UnsignedFile.Multi.Generic ( 1 )
    21:47:24.0055 0x2d38 Detect skipped due to KSN trusted
    21:47:24.0055 0x2d38 HydraVisionDesktopManager - ok
    21:47:24.0136 0x2d38 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
    21:47:24.0294 0x2d38 Sidebar - ok
    21:47:24.0455 0x2d38 [ 43D083268A0919F3527A2837390BAF63, 58B62697B01B8C9396271A64424178691FA85D4625DAF2AC8DE7F06A64F64C2A ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
    21:47:24.0498 0x2d38 ISUSPM - ok
    21:47:24.0522 0x2d38 [ 49D80CFEA86E49CE0C405FC2CBEEB0B2, 48D224DACD0860D87786F1D744830E6BC62B11B3DE81169332A8CCA2DCA605E7 ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe
    21:47:24.0538 0x2d38 AnyDVD - ok
    21:47:24.0592 0x2d38 [ EEA6332ADF062AC5B24535C098DF1F3C, 91969C7BEBEDA1CA5B49324A1A63CD309DBAD2CB9970B041665F98B0ADC779E6 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
    21:47:24.0625 0x2d38 GarminExpressTrayApp - ok
    21:47:24.0627 0x2d38 Waiting for KSN requests completion. In queue: 9
    21:47:25.0627 0x2d38 Waiting for KSN requests completion. In queue: 9
    21:47:26.0627 0x2d38 Waiting for KSN requests completion. In queue: 9
    21:47:27.0627 0x2d38 Waiting for KSN requests completion. In queue: 9
    21:47:28.0627 0x2d38 Waiting for KSN requests completion. In queue: 9
    21:47:29.0657 0x2d38 AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5645 ), 0x41000 ( enabled : updated )
    21:47:29.0675 0x2d38 Win FW state via NFP2: enabled
    21:47:32.0172 0x2d38 ============================================================
    21:47:32.0172 0x2d38 Scan finished
    21:47:32.0172 0x2d38 ============================================================
    21:47:32.0181 0x0914 Detected object count: 1
    21:47:32.0181 0x0914 Actual detected object count: 1
    21:47:45.0049 0x0914 RWAR3Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
    21:47:45.0050 0x0914 RWAR3Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip

  9. #29
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    By chance, did you run the instructions posted in post #24?


    Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.
    Click Yes to the disclaimer.
    Ensure the Addition.txt box is checked.
    Click the Scan button and let the programme run.
    Upon completion, click OK, then OK on the Addition.txt pop up screen.
    Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

    ~~~~~

    Malwarebytes Anti-Rootkit
    • Download Malwarebytes Anti-Rootkit
    • Once the file has been downloaded, right click on the downloaded file and select the Extract all menu option.
    • Follow the instructions to extract the ZIP file to a folder called mbar-versionnumber on your desktop.
    • Once the ZIP file has been extracted, open the folder and when that folder opens, double-click on the mbar folder.
    • Double-click on the mbar.exe file to launch Malwarebytes Anti-Rootkit.
    • After you double-click on the mbar.exe file, you may receive a User Account Control (UAC) message if you are sure you wish to allow the program to run. Please allow to start Malwarebytes Anti-Rootkit correctly.
    • Malwarebytes Anti-Rootkit will now install necessary drivers that are required for the program to operate correctly.
    • If you receive a DDA driver message like could not load DDA driver, click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer and will start automatically.



    • Please click by the introduction screen on the Next button to continue.




    • Next you will see the Update Database screen.
    • Click on the Update button so Malwarebytes Anti-Rootkit can download the latest definition updates.




    • When the update has finished, click on the Next button.



    • Next you can select some basic scanning options. Make sure the Drivers, Sectors, and System scan targets are selected before you click on the Scan button.
    • Malwarebytes Anti-Rootkit will now start scanning your computer for rootkits. This scan can take some time, so please be patient.




    • When the scan with Malwarebytes Anti-Rootkit is finished, the program will display a screen with the results from the scan.
    • Make sure everything is selected and that the option to create a restore point is checked.
    • Next click on the Cleanup button. Malwarebytes Anti-Rootkit will then prompt you to reboot your computer.
    • Click on Yes button to restart your computer.

    • There will now be two log files created in the mbar folder called system-log.txt and one that starts with mbar-log.
    • The mbar-log file will always start with mbar-log, but the rest will be named using a timestamp indicating the time it was run.
      • For example, mbar-log-2012-11-12 (19-13-32).txt corresponds to mbar-log-year-month-day (hour-minute-second).txt.

    • The system-log.txt contains information about each time you have run MBAR and contains diagnostic information from the program.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  10. #30
    Member
    Join Date
    Feb 2015
    Posts
    73

    Default

    Quote Originally Posted by Juliet View Post
    By chance, did you run the instructions posted in post #24?

    No, somehow I missed that post... oops... I'll do that now.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •