Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: The Intel Microcode Boot Loader Protects Older CPUs From Spectre

Featured Deal: Get Over 90% off a Windscribe Pro VPN Lifetime Subscription Deal

Firefox homepage hijacked by searchlf

Started by Bill 0 , Feb 07 2016 11:44 PM

Please log in to reply

7 replies to this topic

#1 Bill 0

Members
52 posts
OFFLINE

Gender:Male
Location:Virginia, USA
Local time:10:58 PM

Posted 07 February 2016 - 11:44 PM

About a week ago, firefox started defaulting to a search page called "searchlf" and repeatedly kept resetting here. I did several malware searches.

Eset removed a file it identified as infected by iBrite.AF

Malwarebytes identified 3 potentially unwanted programs it classified as PUP.Optional.Goozbo

After these were cleaned, Firefox stopped resetting to the searchlf page, but now keeps resetting itself to an undefined page:

http://undefined?uid=undefined&uc=undefined&ap=undefined&source=undefined&page=homepage&implementation_id=email_0.0.12

Any help in getting firefox back to normal would be appreciated.

Thanks.

Bill

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 TazzyOpz

Members
92 posts
OFFLINE

Gender:Male
Local time:10:58 PM

Posted 08 February 2016 - 12:25 AM

Hi Bill, it sounds like you are having some adware/malware issues. Please run the following and report back :thumbup2:

[-Running AdwCleaner-]

Download AdwCleaner from here and save it to your Desktop.

• Close all open programs and internet browsers.

• Double click on adwcleaner.exe to run the tool.

• Click on Scan button.

• When the scan has finished click on Clean button.

• Your computer will be rebooted automatically. A text file will open after the restart.

• Please post the contents of that logfile

[-Running JunkWare Removal Tool-]

Download JunkWare Removal Tool from here and save it to your Desktop.

• Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.

• Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.

• On completion, a log is saved to your desktop and will automatically open.

• Please post the JRT log here.

[-Running NoBot-]

Download NoBot from here and save it to your Desktop.

• Double-click NoBot.exe

Go to File -> Settings and make sure the following are checked

• Detect Suspicious File Paths

• Scan Registry

• Detect Dropped Files

Spoiler

• Then Click the Scan button.

• Once the scan is finished You can view the Scan log by going to File -> Scan Logs. Then copy and paste the scan log here.

It is recommend to post the scan log here before removing any files detected unless you know for sure the file found is infected.

Edited by TazzyOpz, 08 February 2016 - 12:29 AM.

#3 Bill 0

Topic Starter

Members
52 posts
OFFLINE

Gender:Male
Location:Virginia, USA
Local time:10:58 PM

Posted 08 February 2016 - 11:26 AM

Ran ADW cleaner. It found several objects. It created 2 logfiles, a scan log and a clear log; both are pasted below.

Ran Junkware removal tool, it found several objects and the log is pasted second.

Ran NoBot. It found nothing. For completeness the log is pasted below the JRT log.

The browser is still trying to redirect even after restarting the browser. I haven't rebooted the computer yet after the JRT and NoBot runs.

--------------------------------------------------------Begin ADW log paste----------------------------------------------------

# AdwCleaner v5.033 - Logfile created 08/02/2016 at 10:12:27
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : root - HUTCHENS
# Running from : C:\Users\Bill\Desktop\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

Folder Found : \Device
Folder Found : C:\Users\Bill\AppData\Roaming\download Manager

***** [ Files ] *****

File Found : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\searchplugins\search.xml
File Found : C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\c4rrb592.default\searchplugins\search.xml
File Found : C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\c4rrb592.default\user.js

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
Key Found : HKCU\Software\Yahoo\Companion
Key Found : HKU\S-1-5-21-2862145238-893531248-1780857412-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKU\S-1-5-21-2862145238-893531248-1780857412-1001\Software\Microsoft\Internet Explorer\SearchScopes\{A2A04CC6-7B2E-4892-BFCF-E45F4F119E00}
Data Found : HKU\S-1-5-21-2862145238-893531248-1780857412-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {A2A04CC6-7B2E-4892-BFCF-E45F4F119E00}

***** [ Web browsers ] *****

[C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._1gMembers_.hp.enabled", false);
[C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._1gMembers_.options.defaultSearch", false);
[C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._1gMembers_.options.homePageEnabled", false);
[C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._1gMembers_.options.keywordEnabled", false);
[C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._1gMembers_.options.tabEnabled", false);
[C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark._1gMembers_.toolbar.ownSearch", false);
[C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Found : user_pref("extensions.toolbar.mindspark.hp.enabled", false);

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [2900 bytes] ##########

# AdwCleaner v5.033 - Logfile created 08/02/2016 at 10:21:07
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : root - HUTCHENS
# Running from : C:\Users\Bill\Desktop\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : \Device
[-] Folder Deleted : C:\Users\Bill\AppData\Roaming\download Manager

***** [ Files ] *****

[-] File Deleted : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\searchplugins\search.xml
[-] File Deleted : C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\c4rrb592.default\searchplugins\search.xml
[-] File Deleted : C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\c4rrb592.default\user.js

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKU\S-1-5-21-2862145238-893531248-1780857412-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[-] Key Deleted : HKU\S-1-5-21-2862145238-893531248-1780857412-1001\Software\Microsoft\Internet Explorer\SearchScopes\{A2A04CC6-7B2E-4892-BFCF-E45F4F119E00}
[-] Data Restored : HKU\S-1-5-21-2862145238-893531248-1780857412-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Web browsers ] *****

[-] [C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._1gMembers_.hp.enabled", false);
[-] [C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._1gMembers_.options.defaultSearch", false);
[-] [C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._1gMembers_.options.homePageEnabled", false);
[-] [C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._1gMembers_.options.keywordEnabled", false);
[-] [C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._1gMembers_.options.tabEnabled", false);
[-] [C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._1gMembers_.toolbar.ownSearch", false);
[-] [C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\0nitbz99.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - \AdwCleaner\AdwCleaner[C1].txt - [3054 bytes] ##########

------------------------------------------------------End ADW paste; begin JRT paste---------------------------------------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 7 Ultimate x64
Ran by root (Administrator) on Mon 02/08/2016 at 10:43:30.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 22

Successfully deleted: C:\ProgramData\Start Menu\Programs\mp3 rocket (Folder)
Successfully deleted: C:\Users\root\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\root\AppData\Roaming\software informer (Folder)
Successfully deleted: C:\Windows\system32\Tasks\update-S-1-5-21-2862145238-893531248-1780857412-1000 (Task)
Successfully deleted: C:\Windows\system32\Tasks\update-sys (Task)
Successfully deleted: C:\Windows\Tasks\update-S-1-5-21-2862145238-893531248-1780857412-1000.job (Task)
Successfully deleted: C:\Windows\Tasks\update-sys.job (Task)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Program Files (x86)\mp3 rocket (Folder)
Successfully deleted: C:\Program Files (x86)\software informer (Folder)
Successfully deleted: C:\Users\root\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2B765B4X (Folder)
Successfully deleted: C:\Users\root\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VKWVONI (Folder)
Successfully deleted: C:\Users\root\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\66RVDT6D (Folder)
Successfully deleted: C:\Users\root\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6DQLA6FN (Folder)
Successfully deleted: C:\Users\root\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8IUMT0EO (Folder)
Successfully deleted: C:\Users\root\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IA73HXMV (Folder)
Successfully deleted: C:\Users\root\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7L2YNRF (Folder)
Successfully deleted: C:\Users\root\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UGCTKG2L (Folder)
Successfully deleted: C:\Windows\system32\REN4E16.tmp (File)
Successfully deleted: C:\Windows\system32\REN893D.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\REN25AD.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\REN2BD3.tmp (File)

Deleted the following from C:\Users\root\AppData\Roaming\Mozilla\Firefox\Profiles\c4rrb592.default\prefs.js
user_pref(browser.search.defaultenginename, Secure Search);
user_pref(browser.search.defaultenginename.US, Secure Search);
user_pref(browser.search.order.1, Secure Search);
user_pref(browser.search.selectedEngine, Secure Search);

Registry: 7

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Software Informer (Registry Value)
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\75921626 (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8AE7C775-8F9A-4556-BA04-2017E8771D60} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{997EBFB4-2AC6-4B3C-9D2F-F6E70A8662A7} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C606CB2D-B4FC-4DE8-8DB5-BF9C8BA8B0CE} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D137966-2E29-45C5-9B12-29D5427F8F66} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 02/08/2016 at 10:48:57.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-----------------------------------------------------------------------------------------------------------------------------------------------

-----------------------------------------------------------
' Build Version: 1.0.0.9
' Operating System: Microsoft Windows NT 6.1.7601 Service Pack 1
' Scan Started By: root
' Log Created: 2/8/2016 11:03:45 AM
-----------------------------------------------------------

====================-(Scan Summary)-===================

Files Scanned: 87
Files Found: 0
Registry Items Scanned: 73
Registry Items Found: 0

Total Objects Found: 0

====================-(User Options)-==================
*Check Suspicious File Paths*
*Check For Dropped Files*
*Scanned Registry Startup*

====================-(Files Found)-===================

===============-(Registry Items Found)-===============

==================-(Files Scanned)-=================

C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\PGP Corporation\PGP Desktop\RDDService.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\smss.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Windows\system32\csrss.exe
C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\System32\svchost.exe
C:\Windows\system32\services.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\winlogon.exe
C:\Program Files (x86)\Palm\PDK\tcprelay.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
C:\Windows\system32\BtwRSupportService.exe
C:\Windows\system32\atiesrxx.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
C:\Windows\system32\dleecoms.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wininit.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\psxss.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\DRIVERS\o2flash.exe
C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
C:\Windows\system32\csrss.exe
C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Palm\SDK\bin\novacomd\amd64\novacomd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Users\Bill\Desktop\NoBot.exe
C:\Program Files (x86)\Nuance\Power PDF\NPDFIFilterSrv.exe
C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe
c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe
C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

---------------------------------------------------------------------------------------------------end of logs--------------------------------------------------------

#4 TazzyOpz

Members
92 posts
OFFLINE

Gender:Male
Local time:10:58 PM

Posted 08 February 2016 - 11:54 AM

Mmmm. Still being re-directed. Have you tried resetting your FireFox Browser

Let me know if this helps:

Reset Mozilla Firefox

Open Firefox.
Click "Open Menu" on the right-top and click "Options" open "Options" panel.
Click "General" tab.
Delete the homepage link and set a new homepage link. Or click "Restore to Default".
Click "OK".
Choose "Manage Search Engines" in the search list.
Choose the url or "search.searchlf.com" and click "Remove",then click "OK".
Close and restart Firefox.

If you happen to have/use Google Chrome reset that as well

Reset Google Chrome

Open Chrome.
Click "Customize and control Google Chrome" in the right-top of the page and click "Settings".
Click "Show advanced settings..." link on the bottom of the page.
Scroll to the bottom of the screen and click "Reset settings".
Click "Reset", please note, your settings will be restored to their original defaults. This will reset your homepage, new tab page and search engine, disable your extensions, and unpin all tabs. It will also clear other temporary and cached data, such as cookies, content and site data.

If you happen to use Internet Explorer You may want to reset that too. After researching this Hijacker, it seems to infect all browsers.

Reset Internet Explorer

Open Internet Explore.
Click "Tools", "Internet Options", Open "Internet Options" panel.
Click "General" tab.
Delete the "Home page" and set a new home page link, or click "Use default".
Click "Settings" button in the "Search" area,open "Manage Add-ons" panel.
Choose the search url and click "Remove",then close "Manage Add-ons" panel.
Click "Apply" or "OK" on "Internet Opens" panel to save the changes.
Click "Advanced" tab.
Click the "Reset..." button (resets Internet Explorer's settings to their default condition).
Check the 'Delete personal settings" check-box. This will reset home pages, search providers and accelerators to default settings as well as delete cookies, history and web form information.

Edited by TazzyOpz, 08 February 2016 - 11:55 AM.

#5 Bill 0

Topic Starter

Members
52 posts
OFFLINE

Gender:Male
Location:Virginia, USA
Local time:10:58 PM

Posted 08 February 2016 - 01:07 PM

First of all, the easy stuff:

I don't have chrome installed. I rarely use IE except for certain work uses which require that particular browser. IE's default page had been switched to searchlf along with Firefox, but it didn't appear to be hijacked in that resetting the default page stayed reset, and I'm not seeing a problem with IE (except for one thing below).

Now the more difficult stuff

In Firefox options under search, there are no search providers other than the default providers which come with FF. I change the start page to default but it comes back to the undefined setting after restarting FF.

The one afterthought regarding IE, and the more I think about it, the more significant it seems (rootkit activity?):

Prior to posting this thread I had noted that there were a number of extra IE processes when I open task manager. Most of these use a very small amount of memory (~100K). After rebooting the system, I'm seeing some of those processes coming back but they have an unusual appearance in task manager:

-they don't show up opening task manager under the account I usually use (non-admin privileges).

-if I select "show from all users", those processes show up as being owned by the usual account:

-Selecting "show file location" on those mystery processes gets no response

BTW, I don't have IE running at the time I took the screenshots below.

Another thing, prior to starting this post, I had run TDSS killer and MBAR as well; neither of them showed anything.

[tried posting screenshots of taskmanager, but I got a message that those images were not allowed]

Bill

#6 TazzyOpz

Members
92 posts
OFFLINE

Gender:Male
Local time:10:58 PM

Posted 08 February 2016 - 02:56 PM

What Anti-Virus are you running, if any? If you do, have you done any recent scans?

I believe you have a Firefox Plugin or addon enabled that keeps re-enabling the Browser hijacker.

Click the menu button and choose Add-ons. The Add-ons Manager tab will open.
In the Add-ons Manager tab, select the Extensions panel.
Make sure to remove all extensions you do not know or need. (By default there are no Extensions in FireFox)
Click Disable or Remove button of Undefined.com.
Click Restart now if it pops up.

I do not think you have a rootkit however for piece of mind I will link you some anti-rootkit utilities.

[-Running Kaspersky Virus Removal Tool-]

Download KVRT from here and save it to your Desktop.

• Right click on KVRT.exe and select Run as Administrator.

• Read the EULA, then select Accept.

• Wait for Kaspersky Virus Removal Tool to initialize.

• In the main screen, select Change parameters, place a checkmark in System drive, then click OK.

• Click Start scan.

• Wait for Kaspersky Virus Removal Tool to complete scanning.

• When the scan is finished, select Neutralize all for all detected objects.

• Close Kaspersky Virus Removal Tool when done.

[-Running TDDSSKiller Anti-Root kit Utility-]

Download TDDSSKiller from here and save it to your Desktop.

• Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
• Vista/Windows 7 users right-click and select Run As Administrator.

• Once Open Click on "Change Parameters"

• Under "Additional Options" Select: Verify File Digital Signature And Detect TDLFS File System

• Click the Start Scan button.

• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.

Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

• A log file named "TDSSKiller_version_date_time_log.txt" will be created and saved to the root directory (usually Local Disk C:).

Copy and paste the contents of that file in your next reply.

[-Running MalwareBytes Anti-Rootkit-]

Download Malwarebytes Anti-Rootkit from here and save it to your Desktop.

• Double-click on mbar-1.09.3.1001.exe

• During the install process click the "Update" button. Then Click next

• You will be prompted with the scan screen. Make sure Scan Targets are checked: "Drivers", "Sectors", & "System".

• Click the "Scan" button.

Edited by TazzyOpz, 08 February 2016 - 03:14 PM.

#7 Bill 0

Topic Starter

Members
52 posts
OFFLINE

Gender:Male
Location:Virginia, USA
Local time:10:58 PM

Posted 09 February 2016 - 06:59 PM

I'm using McAfee for AV/firewall. Nothing showed on any routine scans (usually done every Fri.) I've lost some faith in McAfee, so I've usually done some weekly scans with other AVs as well. That's where the eset and MBAM scans I mentioned in the first post came in.

KVRT didn't find anything.

TDSSkiller found 2 unsigned files which it quarantined. Both of those had been detected a long time ago before this problem started and I felt they were false positives in the past, but I quarantined them anyway now.

MBAR didn't find anything.

The FF redirection problem is still present even after rebooting.

TDSSkiller log to follow:

00:25:16.0156 0x2f74 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
00:25:22.0090 0x2f74 ============================================================
00:25:22.0090 0x2f74 Current date / time: 2016/02/09 00:25:22.0090
00:25:22.0091 0x2f74 SystemInfo:
00:25:22.0091 0x2f74
00:25:22.0091 0x2f74 OS Version: 6.1.7601 ServicePack: 1.0
00:25:22.0091 0x2f74 Product type: Workstation
00:25:22.0091 0x2f74 ComputerName: HUTCHENS
00:25:22.0092 0x2f74 UserName: root
00:25:22.0092 0x2f74 Windows directory: C:\Windows
00:25:22.0092 0x2f74 System windows directory: C:\Windows
00:25:22.0092 0x2f74 Running under WOW64
00:25:22.0092 0x2f74 Processor architecture: Intel x64
00:25:22.0092 0x2f74 Number of processors: 8
00:25:22.0092 0x2f74 Page size: 0x1000
00:25:22.0092 0x2f74 Boot type: Normal boot
00:25:22.0092 0x2f74 ============================================================
00:25:26.0682 0x2f74 KLMD registered as C:\Windows\system32\drivers\64939134.sys
00:25:27.0834 0x2f74 System UUID: {C51FB25B-539A-5E60-5098-0AD238BF9DB8}
00:25:30.0369 0x2f74 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:25:30.0379 0x2f74 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:25:30.0417 0x2f74 ============================================================
00:25:30.0417 0x2f74 \Device\Harddisk0\DR0:
00:25:30.0417 0x2f74 MBR partitions:
00:25:30.0418 0x2f74 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
00:25:30.0418 0x2f74 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625830
00:25:30.0418 0x2f74 \Device\Harddisk1\DR1:
00:25:30.0426 0x2f74 MBR partitions:
00:25:30.0426 0x2f74 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
00:25:30.0426 0x2f74 ============================================================
00:25:30.0515 0x2f74 C: <-> \Device\Harddisk0\DR0\Partition2
00:25:30.0549 0x2f74 D: <-> \Device\Harddisk1\DR1\Partition1
00:25:30.0550 0x2f74 ============================================================
00:25:30.0550 0x2f74 Initialize success
00:25:30.0550 0x2f74 ============================================================
00:26:27.0032 0x1914 ============================================================
00:26:27.0032 0x1914 Scan started
00:26:27.0032 0x1914 Mode: Manual; SigCheck; TDLFS;
00:26:27.0032 0x1914 ============================================================
00:26:27.0032 0x1914 KSN ping started
00:26:29.0595 0x1914 KSN ping finished: true
00:27:17.0800 0x1914 ================ Scan system memory ========================
00:27:17.0800 0x1914 System memory - ok
00:27:17.0802 0x1914 ================ Scan services =============================
00:27:18.0263 0x1914 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
00:27:18.0982 0x1914 1394ohci - ok
00:27:19.0129 0x1914 [ C49C56B35BFC6CDA8D1FDCAD2885568F, 60F80C51928C9332AA1DD50197FAD2A818FDCAE9DCCA07EE85FA1C15ACF8CF2A ] Acceler         C:\Windows\system32\DRIVERS\Acceler.sys
00:27:19.0169 0x1914 Acceler - ok
00:27:19.0354 0x1914 [ 769DB4F484957CC98153B3C1B5D1162F, 8F83E208DBF0F51AE635736D72B554BEF10926D8DAAF537981F0F4B92562C68B ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
00:27:19.0572 0x1914 ACDaemon - ok
00:27:19.0763 0x1914 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
00:27:19.0845 0x1914 ACPI - ok
00:27:19.0897 0x1914 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
00:27:20.0238 0x1914 AcpiPmi - ok
00:27:20.0456 0x1914 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:27:20.0502 0x1914 AdobeARMservice - ok
00:27:20.0898 0x1914 [ 295A5BFCE8D225D014DB4E6E69336279, F786F06F0EE3253FA936FA5D73FD9AC704FAB19BE76C60C65AEAD399DC93F9C5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:27:20.0968 0x1914 AdobeFlashPlayerUpdateSvc - ok
00:27:21.0120 0x1914 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
00:27:21.0232 0x1914 adp94xx - ok
00:27:21.0323 0x1914 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
00:27:21.0409 0x1914 adpahci - ok
00:27:22.0140 0x1914 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
00:27:22.0205 0x1914 adpu320 - ok
00:27:22.0301 0x1914 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:27:22.0432 0x1914 AeLookupSvc - ok
00:27:22.0839 0x1914 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
00:27:22.0953 0x1914 AESTFilters - ok
00:27:23.0224 0x1914 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
00:27:23.0337 0x1914 AFD - ok
00:27:23.0404 0x1914 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
00:27:23.0450 0x1914 agp440 - ok
00:27:23.0517 0x1914 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
00:27:23.0578 0x1914 ALG - ok
00:27:23.0663 0x1914 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
00:27:23.0705 0x1914 aliide - ok
00:27:23.0758 0x1914 [ BE778D82B983BA8F8C700C007A04326F, 79D4CFA544E87E70EE5ECDF03ABB43A222B34D6246DE61A6CE019684E7FCE0B0 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:27:23.0933 0x1914 AMD External Events Utility - ok
00:27:24.0022 0x1914 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
00:27:24.0072 0x1914 amdide - ok
00:27:24.0215 0x1914 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
00:27:24.0302 0x1914 AmdK8 - ok
00:27:24.0361 0x1914 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
00:27:24.0414 0x1914 AmdPPM - ok
00:27:24.0495 0x1914 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
00:27:24.0547 0x1914 amdsata - ok
00:27:24.0658 0x1914 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
00:27:24.0757 0x1914 amdsbs - ok
00:27:24.0826 0x1914 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
00:27:24.0870 0x1914 amdxata - ok
00:27:25.0025 0x1914 [ 375640F39F2D613B6FDCF8C2F956205A, C036BF7D125664508E07541EE8F8A5A386E55162C178AF2FC7C20E9E830A6ACF ] Apache2.2       C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe
00:27:25.0048 0x1914 Apache2.2 - detected UnsignedFile.Multi.Generic ( 1 )
00:27:35.0319 0x1914 Apache2.2 ( UnsignedFile.Multi.Generic ) - warning
00:27:35.0320 0x1914 Force sending object to P2P due to detect: Apache2.2
00:27:46.0507 0x1914 Object send P2P result: true
00:27:46.0586 0x1e8c Object required for P2P: [ 295A5BFCE8D225D014DB4E6E69336279 ] AdobeFlashPlayerUpdateSvc
00:27:51.0842 0x1914 [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
00:27:51.0914 0x1914 AppHostSvc - ok
00:27:52.0125 0x1914 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
00:27:52.0237 0x1914 AppID - ok
00:27:52.0306 0x1914 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
00:27:52.0418 0x1914 AppIDSvc - ok
00:27:52.0650 0x1e8c Object send P2P result: true
00:27:52.0751 0x1914 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
00:27:53.0302 0x1914 Appinfo - ok
00:27:54.0047 0x1914 [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:27:54.0093 0x1914 Apple Mobile Device - ok
00:27:55.0018 0x1914 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:27:55.0060 0x1914 Apple Mobile Device Service - ok
00:27:55.0249 0x1914 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
00:27:55.0526 0x1914 AppMgmt - ok
00:27:55.0919 0x1914 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
00:27:56.0142 0x1914 arc - ok
00:27:56.0307 0x1914 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
00:27:56.0360 0x1914 arcsas - ok
00:27:56.0916 0x1914 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:27:57.0029 0x1914 aspnet_state - ok
00:27:57.0139 0x1914 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:27:57.0306 0x1914 AsyncMac - ok
00:27:57.0370 0x1914 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
00:27:57.0411 0x1914 atapi - ok
00:27:57.0553 0x1914 [ 3B9014FB7CE9E20FD726321C7DB7D8B0, 9B910D900478A81D52446C6D71C3DDC4B5FE1345674295E1101922B0F32FBCE1 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
00:27:57.0599 0x1914 AtiHdmiService - ok
00:27:58.0689 0x1914 [ 74813BCD647B441DC9C9C0DB2833781D, 11221316FBC615A7DE269B8702AEDC82E142DD3B10BCE9AC052E15FE4969C683 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
00:27:59.0433 0x1914 atikmdag - ok
00:28:00.0734 0x1914 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:28:00.0902 0x1914 AudioEndpointBuilder - ok
00:28:00.0983 0x1914 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
00:28:01.0084 0x1914 AudioSrv - ok
00:28:01.0491 0x1914 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:28:01.0646 0x1914 AxInstSV - ok
00:28:01.0917 0x1914 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
00:28:02.0160 0x1914 b06bdrv - ok
00:28:02.0359 0x1914 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
00:28:02.0432 0x1914 b57nd60a - ok
00:28:03.0424 0x1914 [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
00:28:03.0486 0x1914 BBSvc - ok
00:28:03.0590 0x1914 [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
00:28:03.0655 0x1914 BBUpdate - ok
00:28:03.0797 0x1914 [ F8FE7E12F8151E0A17C23CF840599F9A, 5D1AA3A5DAC08B521A7BE775F32434AFF1F5F19B69CD16D2D94B0D399E61C371 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
00:28:03.0911 0x1914 bcbtums - ok
00:28:03.0959 0x1914 [ 5C0F919666954885D7760DFFE4B29A25, 04E884E3820ED7D179C282BFB9346F1FBE1AE36F13087A422A7530C5902080AC ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
00:28:03.0995 0x1914 BCM42RLY - ok
00:28:04.0649 0x1914 [ BAB887A2B2786310A966881F074F4A99, ABBB72510BA7B7AA1A0934F3696A5058901932AE55A882B613F56E3C7E7FB0B9 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
00:28:04.0964 0x1914 BCM43XX - ok
00:28:05.0457 0x1914 [ ACB44407FF63C3A5A22AB5782F209604, 86BE221F07EB49D2149710CCCE4F0C24677560FEFD41F093C6D2BA0C962CF5C3 ] BcmBtRSupport   C:\Windows\system32\BtwRSupportService.exe
00:28:05.0767 0x1914 BcmBtRSupport - ok
00:28:06.0225 0x1914 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
00:28:06.0315 0x1914 BDESVC - ok
00:28:06.0475 0x1914 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:28:06.0614 0x1914 Beep - ok
00:28:06.0832 0x1914 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
00:28:07.0000 0x1914 BFE - ok
00:28:07.0141 0x1914 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
00:28:07.0342 0x1914 BITS - ok
00:28:07.0384 0x1914 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
00:28:07.0474 0x1914 blbdrive - ok
00:28:07.0666 0x1914 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:28:07.0748 0x1914 Bonjour Service - ok
00:28:08.0153 0x1914 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:28:08.0427 0x1914 bowser - ok
00:28:08.0715 0x1914 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:28:09.0724 0x1914 BrFiltLo - ok
00:28:09.0997 0x1914 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:28:10.0192 0x1914 BrFiltUp - ok
00:28:10.0664 0x1914 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
00:28:10.0817 0x1914 BridgeMP - ok
00:28:10.0887 0x1914 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
00:28:10.0983 0x1914 Browser - ok
00:28:11.0598 0x1914 [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
00:28:11.0641 0x1914 BrSerIb - ok
00:28:11.0702 0x1914 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\system32\Drivers\Brserid.sys
00:28:11.0989 0x1914 Brserid - ok
00:28:12.0033 0x1914 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
00:28:12.0092 0x1914 BrSerWdm - ok
00:28:12.0241 0x1914 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
00:28:12.0302 0x1914 BrUsbMdm - ok
00:28:12.0341 0x1914 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\Drivers\BrUsbSer.sys
00:28:12.0426 0x1914 BrUsbSer - ok
00:28:12.0626 0x1914 [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
00:28:12.0703 0x1914 BrUsbSIb - ok
00:28:13.0480 0x1914 [ 18C6186E04F25515C1F7DA31B08B5B2D, A46B16942C0CD8204AF760974980A6664C10A38B9FAEDE1FF6A66F6DDF3B4243 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
00:28:13.0627 0x1914 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
00:28:19.0434 0x1914 Detect skipped due to KSN trusted
00:28:19.0435 0x1914 BrYNSvc - ok
00:28:19.0776 0x1914 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
00:28:20.0001 0x1914 BthEnum - ok
00:28:20.0100 0x1914 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
00:28:20.0180 0x1914 BTHMODEM - ok
00:28:20.0263 0x1914 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
00:28:20.0333 0x1914 BthPan - ok
00:28:20.0530 0x1914 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
00:28:20.0787 0x1914 BTHPORT - ok
00:28:21.0274 0x1914 [ FBEBE2A6469EFB281EA143530A553F38, F651F8A3BACEDE42BFE8AEDC25C9C8DE69D3405D963D52109A021907808A3AFE ] BTHprint        C:\Windows\system32\DRIVERS\bthprint.sys
00:28:21.0337 0x1914 BTHprint - ok
00:28:21.0502 0x1914 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
00:28:21.0702 0x1914 bthserv - ok
00:28:21.0822 0x1914 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
00:28:21.0937 0x1914 BTHUSB - ok
00:28:22.0616 0x1914 [ 2641A3FE3D7B0646308F33B67F3B5300, 8D2E37F6524D10197D36AAE41F59028B3DF0692A113EA342BB1AC36DEA13D8F6 ] btusbflt        C:\Windows\system32\drivers\btusbflt.sys
00:28:22.0671 0x1914 btusbflt - ok
00:28:22.0824 0x1914 [ BC279FCEE9FC8CBF991D5DE539771AA9, 5DE007672BFBFA78C44CC08251F495420402AFF4AD01541AA84AD37BD4A58190 ] btwampfl        C:\Windows\system32\DRIVERS\btwampfl.sys
00:28:22.0884 0x1914 btwampfl - ok
00:28:22.0961 0x1914 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B, 2A2039DD524E989EA91B7C91D5F295C663D1E27ABD64777D2F3137EB1C42C258 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
00:28:23.0002 0x1914 btwaudio - ok
00:28:23.0419 0x1914 [ 82DC8B7C626E526681C1BEBED2BC3FF9, 58260E88CDD7388ABA563F9B8F2F3FA17022DB9E4C56EBA0761E99B919A8EAF8 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
00:28:23.0465 0x1914 btwavdt - ok
00:28:24.0157 0x1914 [ 6DDE1E97BE4D50253DFB9090A6A62524, 301E3C7701C976B5366CDC3073260C6741A01CA2D854D86E114C7898BA6FBFDF ] btwdins         c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
00:28:24.0292 0x1914 btwdins - ok
00:28:24.0435 0x1914 [ 6149301DC3F81D6F9667A3FBAC410975, 120E201AFB07054C7F6321461D194843C695012431DBD791E36BBF73FDD41E8A ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
00:28:24.0469 0x1914 btwl2cap - ok
00:28:24.0535 0x1914 [ 28E105AD3B79F440BF94780F507BF66A, EF4E6CCAB16765E2C88666625C13CB3299B668159A94CB201E3B44701A30640A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
00:28:24.0572 0x1914 btwrchid - ok
00:28:24.0631 0x1914 catchme - ok
00:28:24.0683 0x1914 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:28:24.0829 0x1914 cdfs - ok
00:28:24.0923 0x1914 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:28:25.0329 0x1914 cdrom - ok
00:28:25.0738 0x1914 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
00:28:25.0952 0x1914 CertPropSvc - ok
00:28:26.0129 0x1914 [ D7BB4B5C3339D23901BD6265171918D5, 77F8BD68ED0DC6F5B248A98B424D2F22CDA7EDF515F3B1F6BA02B4FC8BE84DF6 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
00:28:26.0180 0x1914 cfwids - ok
00:28:26.0285 0x1914 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
00:28:26.0372 0x1914 circlass - ok
00:28:26.0468 0x1914 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
00:28:26.0552 0x1914 CLFS - ok
00:28:26.0959 0x1914 [ DE48552360FA8BDF569D83F07CB1B566, 2929DD6B2FB17108D2D0DAB851EB97BAC9C4D5DFB1ACCFBE1041132881F0DD8E ] CLKMSVC10_1628BCEA C:\Program Files (x86)\CyberLink\PowerDVD DX\Kernel\BD\NavFilter\kmsvc.exe
00:28:27.0079 0x1914 CLKMSVC10_1628BCEA - ok
00:28:27.0233 0x1914 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:28:27.0283 0x1914 clr_optimization_v2.0.50727_32 - ok
00:28:28.0144 0x1914 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:28:28.0209 0x1914 clr_optimization_v2.0.50727_64 - ok
00:28:28.0360 0x1914 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:28:28.0447 0x1914 clr_optimization_v4.0.30319_32 - ok
00:28:28.0548 0x1914 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:28:28.0611 0x1914 clr_optimization_v4.0.30319_64 - ok
00:28:28.0682 0x1914 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
00:28:28.0790 0x1914 CmBatt - ok
00:28:28.0856 0x1914 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:28:28.0901 0x1914 cmdide - ok
00:28:29.0006 0x1914 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
00:28:29.0115 0x1914 CNG - ok
00:28:29.0237 0x1914 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
00:28:29.0283 0x1914 Compbatt - ok
00:28:29.0366 0x1914 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
00:28:29.0425 0x1914 CompositeBus - ok
00:28:29.0462 0x1914 COMSysApp - ok
00:28:29.0522 0x1914 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
00:28:29.0566 0x1914 crcdisk - ok
00:28:29.0656 0x1914 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:28:29.0811 0x1914 CryptSvc - ok
00:28:29.0895 0x1914 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
00:28:30.0012 0x1914 CSC - ok
00:28:30.0180 0x1914 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
00:28:30.0392 0x1914 CscService - ok
00:28:30.0499 0x1914 [ 916F311A84B4D528694FD4D44B5EAB1B, F84B186626BA3F35BACB33071214ED24119A44B3A5199C8A6EF845CE835A9832 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
00:28:30.0592 0x1914 CtClsFlt - ok
00:28:30.0695 0x1914 [ EB7439918F3E04B51CD8822FD8C8E018, 3B79A87B867F769D9E67B34143E90E6A55F493C2BA7ADD4C3FD08AAC85C07C74 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
00:28:30.0739 0x1914 ctxusbm - ok
00:28:31.0116 0x1914 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:28:31.0362 0x1914 DcomLaunch - ok
00:28:31.0542 0x1914 [ B56714DED87E29377F1EE930691DADA2, B3C3BC4F546A786A93823C1471D560BF678A9C95237065E3B99B2B80E6C28131 ] DDDriver        C:\Windows\system32\drivers\DDDriver64Dcsa.sys
00:28:31.0582 0x1914 DDDriver - ok
00:28:31.0664 0x1914 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
00:28:31.0820 0x1914 defragsvc - ok
00:28:31.0900 0x1914 [ 66C87079CFCB61B650086802693114E0, B1EE411DF69BB98D5D9FA2D88C4C9FE1E4877FD8BBF572C3F444C90576ED0724 ] DellProf        C:\Windows\system32\drivers\DellProf.sys
00:28:31.0939 0x1914 DellProf - ok
00:28:32.0010 0x1914 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:28:32.0169 0x1914 DfsC - ok
00:28:32.0282 0x1914 [ 2D589A2C024B2FB238535DB9F7B3597D, 1EB47F73BC890D67A50C72E30BFE139AA1747C88E2FA8029A7382B203C37B512 ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
00:28:32.0322 0x1914 DgiVecp - ok
00:28:32.0439 0x1914 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:28:32.0558 0x1914 Dhcp - ok
00:28:32.0625 0x1914 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
00:28:32.0784 0x1914 discache - ok
00:28:32.0844 0x1914 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
00:28:32.0893 0x1914 Disk - ok
00:28:33.0050 0x1914 [ 6955872BED7981571D4BCBE31CA4E3F8, BD7F5012A5E57972D53EE2F8A09AF1549B09C77BD0F84410251ADF327EF965D3 ] dleeCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\dleeserv.exe
00:28:34.0728 0x1914 dleeCATSCustConnectService - ok
00:28:34.0796 0x1914 dlee_device - ok
00:28:34.0859 0x1914 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:28:34.0964 0x1914 Dnscache - ok
00:28:35.0166 0x1914 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:28:35.0359 0x1914 dot3svc - ok
00:28:35.0495 0x1914 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
00:28:35.0655 0x1914 DPS - ok
00:28:35.0791 0x1914 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:28:35.0863 0x1914 drmkaud - ok
00:28:37.0460 0x1914 [ 0BB913F9F02677BD4AE96D4967CACFEE, 2AC46B01BF1E238F72701DC42F27666FFE9A3F82A401358DF43013D7B2EDAB35 ] dsl-db          C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe
00:28:38.0082 0x1914 dsl-db - detected UnsignedFile.Multi.Generic ( 1 )
00:28:40.0533 0x1914 Detect skipped due to KSN trusted
00:28:40.0535 0x1914 dsl-db - ok
00:28:40.0769 0x1914 [ 5D0A71316D6BFEA3C88C30AD81FDB606, 77770A77E4C54DE5DF2FDF18C8211EF937795706CCD7108AA16CE5A7A470E348 ] dsl-fs-sync     C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
00:28:40.0820 0x1914 dsl-fs-sync - ok
00:28:41.0034 0x1914 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:28:41.0208 0x1914 DXGKrnl - ok
00:28:41.0297 0x1914 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
00:28:41.0420 0x1914 EapHost - ok
00:28:42.0554 0x1914 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
00:28:42.0931 0x1914 ebdrv - ok
00:28:43.0011 0x1914 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] EFS             C:\Windows\System32\lsass.exe
00:28:43.0100 0x1914 EFS - ok
00:28:43.0525 0x1914 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:28:43.0743 0x1914 ehRecvr - ok
00:28:43.0806 0x1914 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
00:28:43.0897 0x1914 ehSched - ok
00:28:44.0026 0x1914 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
00:28:44.0137 0x1914 elxstor - ok
00:28:44.0167 0x1914 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
00:28:44.0232 0x1914 ErrDev - ok
00:28:44.0463 0x1914 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
00:28:44.0635 0x1914 EventSystem - ok
00:28:45.0010 0x1914 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
00:28:45.0170 0x1914 exfat - ok
00:28:45.0254 0x1914 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:28:45.0384 0x1914 fastfat - ok
00:28:45.0637 0x1914 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
00:28:45.0762 0x1914 Fax - ok
00:28:45.0831 0x1914 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
00:28:45.0884 0x1914 fdc - ok
00:28:46.0007 0x1914 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
00:28:46.0123 0x1914 fdPHost - ok
00:28:46.0158 0x1914 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:28:46.0338 0x1914 FDResPub - ok
00:28:46.0396 0x1914 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:28:46.0442 0x1914 FileInfo - ok
00:28:46.0509 0x1914 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:28:46.0625 0x1914 Filetrace - ok
00:28:47.0014 0x1914 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:28:47.0123 0x1914 FLEXnet Licensing Service - ok
00:28:47.0222 0x1914 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
00:28:47.0274 0x1914 flpydisk - ok
00:28:47.0375 0x1914 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:28:47.0441 0x1914 FltMgr - ok
00:28:47.0797 0x1914 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
00:28:47.0974 0x1914 FontCache - ok
00:28:48.0179 0x1914 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:28:48.0222 0x1914 FontCache3.0.0.0 - ok
00:28:48.0412 0x1914 [ 9513B437B7ADB1E6065B7F0D83D11ECF, 3CC583C10D177635AD7BBB308AD90232651244EC66D8E93258316C35956C3D50 ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
00:28:48.0458 0x1914 FreeAgentGoNext Service - ok
00:28:48.0560 0x1914 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:28:48.0608 0x1914 FsDepends - ok
00:28:48.0638 0x1914 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:28:48.0683 0x1914 Fs_Rec - ok
00:28:48.0835 0x1914 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:28:48.0902 0x1914 fvevol - ok
00:28:48.0959 0x1914 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
00:28:49.0010 0x1914 gagp30kx - ok
00:28:49.0693 0x1914 [ C1BBCE4B30B45410178EE674C818D10C, 3FD449C20493057592A21CA812CA39803BC32136B84A060B2BF9621776D94E54 ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
00:28:49.0793 0x1914 GameConsoleService - ok
00:28:49.0849 0x1914 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
00:28:49.0883 0x1914 GEARAspiWDM - ok
00:28:50.0108 0x1914 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
00:28:50.0513 0x1914 gpsvc - ok
00:28:50.0725 0x1914 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:28:50.0769 0x1914 gupdate - ok
00:28:50.0832 0x1914 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:28:50.0876 0x1914 gupdatem - ok
00:28:50.0909 0x1914 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
00:28:51.0003 0x1914 hcw85cir - ok
00:28:51.0087 0x1914 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
00:28:51.0166 0x1914 HDAudBus - ok
00:28:51.0200 0x1914 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
00:28:51.0249 0x1914 HidBatt - ok
00:28:51.0295 0x1914 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
00:28:51.0366 0x1914 HidBth - ok
00:28:51.0439 0x1914 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
00:28:51.0825 0x1914 HidIr - ok
00:28:51.0880 0x1914 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
00:28:52.0011 0x1914 hidserv - ok
00:28:52.0102 0x1914 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
00:28:52.0180 0x1914 HidUsb - ok
00:28:52.0323 0x1914 [ E7AF59F1E0352F5EBEC4ECD32103D405, 0E02E031799F407A1BCE926D46471E7EFB8820359CBDE73759219B86C1882EB8 ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
00:28:52.0382 0x1914 HipShieldK - ok
00:28:52.0469 0x1914 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:28:52.0607 0x1914 hkmsvc - ok
00:28:52.0893 0x1914 [ 583431A6989FD8B901D1883C0299C471, 84ABB70C3A54FF036F888BF82B18D773051204BFF193C9C33ED09C47D1D0979C ] hnmsvc          c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
00:28:52.0998 0x1914 hnmsvc - ok
00:28:53.0067 0x1914 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:28:53.0170 0x1914 HomeGroupListener - ok
00:28:53.0323 0x1914 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:28:53.0437 0x1914 HomeGroupProvider - ok
00:28:53.0714 0x1914 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
00:28:53.0815 0x1914 HomeNetSvc - ok
00:28:53.0886 0x1914 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
00:28:53.0932 0x1914 HpSAMD - ok
00:28:54.0069 0x1914 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:28:54.0256 0x1914 HTTP - ok
00:28:54.0303 0x1914 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:28:54.0348 0x1914 hwpolicy - ok
00:28:54.0400 0x1914 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
00:28:54.0469 0x1914 i8042prt - ok
00:28:54.0547 0x1914 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:28:54.0642 0x1914 iaStorV - ok
00:28:54.0799 0x1914 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:28:54.0998 0x1914 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
00:28:59.0728 0x1914 Detect skipped due to KSN trusted
00:28:59.0729 0x1914 IDriverT - ok
00:28:59.0893 0x1914 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:29:00.0019 0x1914 idsvc - ok
00:29:00.0079 0x1914 IEEtwCollectorService - ok
00:29:00.0114 0x1914 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
00:29:00.0159 0x1914 iirsp - ok
00:29:00.0283 0x1914 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
00:29:00.0403 0x1914 IKEEXT - ok
00:29:00.0468 0x1914 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
00:29:00.0509 0x1914 intelide - ok
00:29:00.0566 0x1914 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:29:00.0628 0x1914 intelppm - ok
00:29:00.0690 0x1914 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:29:00.0849 0x1914 IPBusEnum - ok
00:29:00.0932 0x1914 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:29:01.0111 0x1914 IpFilterDriver - ok
00:29:01.0205 0x1914 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:29:01.0331 0x1914 iphlpsvc - ok
00:29:01.0366 0x1914 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
00:29:01.0434 0x1914 IPMIDRV - ok
00:29:01.0463 0x1914 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:29:01.0638 0x1914 IPNAT - ok
00:29:01.0800 0x1914 [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
00:29:01.0911 0x1914 iPod Service - ok
00:29:01.0988 0x1914 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:29:02.0055 0x1914 IRENUM - ok
00:29:02.0081 0x1914 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:29:02.0131 0x1914 isapnp - ok
00:29:02.0190 0x1914 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
00:29:02.0273 0x1914 iScsiPrt - ok
00:29:02.0325 0x1914 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
00:29:02.0390 0x1914 kbdclass - ok
00:29:02.0417 0x1914 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
00:29:02.0479 0x1914 kbdhid - ok
00:29:02.0508 0x1914 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] KeyIso          C:\Windows\system32\lsass.exe
00:29:02.0573 0x1914 KeyIso - ok
00:29:02.0638 0x1914 [ 0F776895884B8DC430A307D57FD867BB, F9E8C8A04D757CEAD86938BEEFFAD9750589037E16FB1A2B0A90E4484E1A6B65 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:29:02.0702 0x1914 KSecDD - ok
00:29:02.0794 0x1914 [ 28E75F316CCCD79337E4957C53017D4B, 3BABDA50B4CE72F7F9A0FD7A33DDB19463A01F188D46354E0B411FC0389C01BE ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:29:02.0963 0x1914 KSecPkg - ok
00:29:03.0122 0x1914 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
00:29:03.0263 0x1914 ksthunk - ok
00:29:03.0337 0x1914 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:29:03.0514 0x1914 KtmRm - ok
00:29:03.0795 0x1914 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
00:29:03.0942 0x1914 LanmanServer - ok
00:29:04.0022 0x1914 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:29:04.0190 0x1914 LanmanWorkstation - ok
00:29:04.0258 0x1914 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:29:04.0389 0x1914 lltdio - ok
00:29:04.0461 0x1914 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:29:04.0643 0x1914 lltdsvc - ok
00:29:04.0892 0x1914 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:29:05.0047 0x1914 lmhosts - ok
00:29:05.0108 0x1914 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
00:29:05.0194 0x1914 LSI_FC - ok
00:29:05.0264 0x1914 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
00:29:05.0378 0x1914 LSI_SAS - ok
00:29:05.0427 0x1914 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:29:05.0492 0x1914 LSI_SAS2 - ok
00:29:05.0541 0x1914 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:29:05.0602 0x1914 LSI_SCSI - ok
00:29:05.0702 0x1914 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
00:29:05.0840 0x1914 luafv - ok
00:29:05.0929 0x1914 [ 42B3F5C9FBC9B3F0E0BA6B5D7FC8E849, 80E571FEE4373E4AF487176C9265FB89912739E961C47880A60115BD50638AEA ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
00:29:05.0977 0x1914 mbamchameleon - ok
00:29:06.0077 0x1914 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
00:29:06.0114 0x1914 MBAMProtector - ok
00:29:06.0385 0x1914 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
00:29:06.0533 0x1914 MBAMService - ok
00:29:06.0640 0x1914 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
00:29:06.0683 0x1914 MBAMWebAccessControl - ok
00:29:06.0874 0x1914 [ 0E60FE005DC0D858EEFA58D8600B79B1, 8A3D9C9BEAC452D6C144F3BF5CB922350EECD87778979D73061E462B73B85C64 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
00:29:06.0937 0x1914 McAfee SiteAdvisor Service - ok
00:29:07.0109 0x1914 [ 62C2E5AB62EABACCB7CA53A7C24D2638, 99CA9D139C471F445B59D40EE9213A2BE81CE0E317D1EFCCC514EDE1EA768343 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
00:29:07.0230 0x1914 McAPExe - ok
00:29:07.0507 0x1914 [ D02EF4F75F84FF46011AA7C1DC08D1A2, F8568188B45A2C1CF2C4B83373F46AEAF590F576297D3DFBE21127D3AA21A988 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe
00:29:07.0762 0x1914 mccspsvc - ok
00:29:07.0864 0x1914 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
00:29:07.0965 0x1914 McMPFSvc - ok
00:29:08.0026 0x1914 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
00:29:08.0116 0x1914 McNaiAnn - ok
00:29:08.0855 0x1914 [ 1E911C91938467BC94389711BE4CDFF6, 2FD6679D0AB2982B19A4498ACF1F628FBD7638249D03ADB141308955A86FB288 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
00:29:08.0964 0x1914 McODS - ok
00:29:09.0044 0x1914 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
00:29:09.0130 0x1914 mcpltsvc - ok
00:29:09.0257 0x1914 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
00:29:09.0336 0x1914 McProxy - ok
00:29:09.0403 0x1914 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:29:09.0483 0x1914 Mcx2Svc - ok
00:29:09.0526 0x1914 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
00:29:09.0571 0x1914 megasas - ok
00:29:09.0648 0x1914 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
00:29:09.0744 0x1914 MegaSR - ok
00:29:09.0847 0x1914 [ 67CD258ECEA02ADA4D57592AE720F452, D4A1A4CC2749BF2FA798D7A2661D367F45124BE08A31ABBBA58B48BCE83EE62C ] mfeaack         C:\Windows\system32\drivers\mfeaack.sys
00:29:09.0941 0x1914 mfeaack - ok
00:29:09.0990 0x1914 [ 1A0C96A38A888838DF9523C973E3FE87, 9C41EDBFA21DF2684EED81AD56FC440AED002FB5C760DECFF1A454835273637B ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
00:29:10.0055 0x1914 mfeapfk - ok
00:29:10.0132 0x1914 [ E3084E1F0A542DF32312B7D2FE52D6E1, D0988DAB235A8D1F51C2DCB33BCECB047C3F3CED309267691D750BC41F578B36 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
00:29:10.0235 0x1914 mfeavfk - ok
00:29:10.0544 0x1914 [ 0A8120FB835F5FC47609F7C7744343C2, 2748C15997BCF0C47F784C2F037730370B0FCF79FE03CC2ACA8A98B2956D5DC8 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
00:29:10.0606 0x1914 mfefire - ok
00:29:10.0698 0x1914 [ 5203A63B8FDB8E072BDFA036D63589C3, F81601F50DE177D10B804D69321225DCCCD9C61394A43A6EC647F71FCFE4921F ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
00:29:10.0794 0x1914 mfefirek - ok
00:29:10.0941 0x1914 [ 578AE1184B6342A06E7020BE866472D5, 53CB9E37EBDFA1137F56860ABE6EE0F82532733254D654A4982087E0D3FE765E ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
00:29:11.0081 0x1914 mfehidk - ok
00:29:11.0162 0x1914 [ 29CAAED140D5A9E837E1188FA2EF0FD0, 51E806B927B1F0C0E0FB3DEA9F8ED99350F74285276660FF68F4460D2D8D3E1A ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
00:29:11.0244 0x1914 mfemms - ok
00:29:11.0378 0x1914 [ 9DC97E684A0F4AAF726D54B6B252315C, 1420F084ABC20619F9A8D1D5A30ADEA0A21432D0327634C97A58FA62452DC781 ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
00:29:11.0490 0x1914 mfencbdc - ok
00:29:11.0518 0x1914 [ 984C0003040946578022D3A5405652D9, E52E5EB4F2A50573854BB8BC37326B75138278E6F96E32937AFB01AB359307A9 ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
00:29:11.0571 0x1914 mfencrk - ok
00:29:11.0695 0x1914 [ B7D37BC139E87C468FAAF24D17767092, D6497E59027AB96B995091DDE7777FC99F1792691A4CEF005FD9620F1DC2FBB3 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
00:29:11.0734 0x1914 mfesapsn - ok
00:29:11.0809 0x1914 [ C76DEBD4675A90C6A9CECA4E12F9295C, 91AACFC1C1B345D212354C33383A654C6D51BF3F676455C7068B7DD96E8F2476 ] mfevtp          C:\Windows\system32\mfevtps.exe
00:29:11.0914 0x1914 mfevtp - ok
00:29:12.0619 0x1914 [ F0E1B2EF49D967B17256F2334E93005A, 05A34ED584CD4D4E8722638D76F6E24B3EDAC605ABBBAB7812958AFA0CAA3B88 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
00:29:12.0693 0x1914 mfewfpk - ok
00:29:12.0879 0x1914 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
00:29:12.0921 0x1914 Microsoft Office Groove Audit Service - ok
00:29:12.0999 0x1914 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
00:29:13.0149 0x1914 MMCSS - ok
00:29:13.0507 0x1914 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
00:29:13.0736 0x1914 Modem - ok
00:29:14.0165 0x1914 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:29:14.0306 0x1914 monitor - ok
00:29:14.0415 0x1914 motandroidusb - ok
00:29:14.0569 0x1914 [ 2FA536882DDAB801A9440EB208725770, 1CD2B16827141DFF18ED43178B204EF3E922EE394BC50A8C3C9EFFB004AF789C ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
00:29:14.0699 0x1914 Motorola Device Manager - ok
00:29:14.0758 0x1914 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:29:14.0817 0x1914 mouclass - ok
00:29:14.0878 0x1914 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:29:14.0931 0x1914 mouhid - ok
00:29:15.0004 0x1914 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:29:15.0060 0x1914 mountmgr - ok
00:29:15.0167 0x1914 [ 98DA127D0AB8B6CB5773546AF60D9217, BB07F34552342CA40E843F80AA32C928C29EF81789605E53C795EFD564F2DA7F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:29:15.0221 0x1914 MozillaMaintenance - ok
00:29:15.0279 0x1914 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:29:15.0363 0x1914 mpio - ok
00:29:15.0415 0x1914 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:29:15.0535 0x1914 mpsdrv - ok
00:29:15.0679 0x1914 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:29:15.0945 0x1914 MpsSvc - ok
00:29:16.0018 0x1914 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:29:16.0142 0x1914 MRxDAV - ok
00:29:16.0241 0x1914 [ 32B85C4923D895B2FB35821A799BA38D, 7A7E5D08F745DB9B498B4BE946325FF7DAA7FA27589D9423FCA4558D20780026 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:29:16.0324 0x1914 mrxsmb - ok
00:29:16.0401 0x1914 [ A572BEF41F3C55D7DAF24D2340C91FEC, 1E51EEFEABCDCB664CD39437C2275B160860FB433EAA8DC905D5BC742FD03529 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:29:16.0481 0x1914 mrxsmb10 - ok
00:29:16.0510 0x1914 [ C49F1C4CA74FC52AFB2E892D8E50EA39, 9E7A2453627A82AFF4CE3F285AFF105C3F92F423C07E5C43E76BEC523841B8F7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:29:16.0579 0x1914 mrxsmb20 - ok
00:29:16.0636 0x1914 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
00:29:16.0686 0x1914 msahci - ok
00:29:16.0714 0x1914 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:29:16.0777 0x1914 msdsm - ok
00:29:16.0809 0x1914 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
00:29:16.0937 0x1914 MSDTC - ok
00:29:17.0006 0x1914 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:29:17.0117 0x1914 Msfs - ok
00:29:17.0178 0x1914 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:29:17.0327 0x1914 mshidkmdf - ok
00:29:17.0356 0x1914 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:29:17.0399 0x1914 msisadrv - ok
00:29:17.0465 0x1914 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:29:17.0635 0x1914 MSiSCSI - ok
00:29:17.0647 0x1914 msiserver - ok
00:29:17.0730 0x1914 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
00:29:17.0801 0x1914 MSK80Service - ok
00:29:17.0846 0x1914 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:29:17.0978 0x1914 MSKSSRV - ok
00:29:18.0030 0x1914 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:29:18.0164 0x1914 MSPCLOCK - ok
00:29:18.0210 0x1914 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:29:18.0354 0x1914 MSPQM - ok
00:29:18.0477 0x1914 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:29:18.0557 0x1914 MsRPC - ok
00:29:18.0619 0x1914 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
00:29:18.0668 0x1914 mssmbios - ok
00:29:18.0694 0x1914 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:29:18.0819 0x1914 MSTEE - ok
00:29:18.0845 0x1914 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
00:29:18.0899 0x1914 MTConfig - ok
00:29:18.0962 0x1914 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
00:29:19.0087 0x1914 Mup - ok
00:29:19.0552 0x1914 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
00:29:19.0717 0x1914 napagent - ok
00:29:19.0807 0x1914 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:29:19.0962 0x1914 NativeWifiP - ok
00:29:20.0331 0x1914 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:29:20.0468 0x1914 NDIS - ok
00:29:20.0494 0x1914 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:29:20.0634 0x1914 NdisCap - ok
00:29:20.0677 0x1914 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:29:20.0814 0x1914 NdisTapi - ok
00:29:20.0853 0x1914 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:29:20.0990 0x1914 Ndisuio - ok
00:29:21.0037 0x1914 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:29:21.0224 0x1914 NdisWan - ok
00:29:21.0281 0x1914 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:29:21.0433 0x1914 NDProxy - ok
00:29:21.0483 0x1914 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:29:21.0597 0x1914 NetBIOS - ok
00:29:21.0627 0x1914 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:29:21.0788 0x1914 NetBT - ok
00:29:21.0822 0x1914 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] Netlogon        C:\Windows\system32\lsass.exe
00:29:21.0883 0x1914 Netlogon - ok
00:29:21.0966 0x1914 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
00:29:22.0115 0x1914 Netman - ok
00:29:22.0223 0x1914 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:29:22.0334 0x1914 NetMsmqActivator - ok
00:29:22.0365 0x1914 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:29:22.0449 0x1914 NetPipeActivator - ok
00:29:22.0559 0x1914 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
00:29:22.0754 0x1914 netprofm - ok
00:29:22.0802 0x1914 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:29:22.0870 0x1914 NetTcpActivator - ok
00:29:22.0933 0x1914 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:29:22.0989 0x1914 NetTcpPortSharing - ok
00:29:23.0051 0x1914 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
00:29:23.0096 0x1914 nfrd960 - ok
00:29:23.0176 0x1914 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:29:23.0264 0x1914 NlaSvc - ok
00:29:23.0387 0x1914 [ 0EF26451F30BD4E5DA72EA4428D93EE1, A04B99FE0AA7BA84C311EB3970A88B72C3C70CE04083C7C06C02CCCAA4BFBCEA ] NovacomD        C:\Program Files (x86)\Palm\SDK\bin\novacomd\amd64\novacomd.exe
00:29:23.0408 0x1914 NovacomD - detected UnsignedFile.Multi.Generic ( 1 )
00:29:25.0855 0x1914 Detect skipped due to KSN trusted
00:29:25.0855 0x1914 NovacomD - ok
00:29:26.0043 0x1914 [ C803BBBBE7BECBCC647543F1AA1CD04C, EA54C2C4F30CD170720D46EA795630CE6D45C35EC60094586A7C499CED45068A ] NPDFIFilterSrv C:\Program Files (x86)\Nuance\Power PDF\NPDFIFilterSrv.exe
00:29:26.0144 0x1914 NPDFIFilterSrv - ok
00:29:26.0198 0x1914 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:29:26.0313 0x1914 Npfs - ok
00:29:26.0371 0x1914 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
00:29:26.0543 0x1914 nsi - ok
00:29:26.0580 0x1914 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:29:26.0720 0x1914 nsiproxy - ok
00:29:26.0906 0x1914 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:29:27.0107 0x1914 Ntfs - ok
00:29:27.0169 0x1914 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
00:29:27.0302 0x1914 Null - ok
00:29:27.0358 0x1914 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:29:27.0421 0x1914 nvraid - ok
00:29:27.0452 0x1914 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:29:27.0516 0x1914 nvstor - ok
00:29:27.0547 0x1914 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:29:27.0620 0x1914 nv_agp - ok
00:29:27.0695 0x1914 [ D955D5DE998DB2476BF0892BE3A96C26, 3828FC1D4A4F9CD685E6D938B92370A602B84A3ACE2C9A674B3B59E633B0AE07 ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
00:29:27.0780 0x1914 O2FLASH - ok
00:29:27.0797 0x1914 [ 8C2953537CA19DFAA67D612407E0F33E, AD0F7B18F58AF6421948BBB4450BEF83E1ED443F78D17ACCD6A57A236B8AD2B4 ] O2MDGRDR        C:\Windows\system32\DRIVERS\o2mdgx64.sys
00:29:27.0841 0x1914 O2MDGRDR - ok
00:29:28.0149 0x1914 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:29:28.0236 0x1914 odserv - ok
00:29:28.0271 0x1914 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:29:28.0324 0x1914 ohci1394 - ok
00:29:28.0433 0x1914 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:29:28.0490 0x1914 ose - ok
00:29:29.0051 0x1914 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:29:29.0604 0x1914 osppsvc - ok
00:29:29.0955 0x1914 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:29:30.0428 0x1914 p2pimsvc - ok
00:29:30.0657 0x1914 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
00:29:30.0776 0x1914 p2psvc - ok
00:29:30.0841 0x1914 [ 99E6AA0AE2D05389BA7F7DFF6866B569, 85A80CF99B6AE24F80DB4B85259CE79ECAE26D0448EC4D5A2DABA118E16266D2 ] Packet          C:\Windows\system32\DRIVERS\packet.sys
00:29:30.0884 0x1914 Packet - ok
00:29:30.0976 0x1914 [ 2DA1B57183E890F3225C87EEC6E46BE6, C8DBC9A255106AA1D3E54C62209A10AC33F931FB6FA153A698659228D1D998B6 ] Palm_TCP_Relay C:\Program Files (x86)\Palm\PDK\tcprelay.exe
00:29:31.0003 0x1914 Palm_TCP_Relay - detected UnsignedFile.Multi.Generic ( 1 )
00:29:33.0461 0x1914 Detect skipped due to KSN trusted
00:29:33.0461 0x1914 Palm_TCP_Relay - ok
00:29:33.0497 0x1914 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
00:29:33.0573 0x1914 Parport - ok
00:29:33.0721 0x1914 Partizan - ok
00:29:33.0825 0x1914 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:29:33.0872 0x1914 partmgr - ok
00:29:34.0118 0x1914 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:29:34.0237 0x1914 PcaSvc - ok
00:29:35.0519 0x2700 Object required for P2P: [ D02EF4F75F84FF46011AA7C1DC08D1A2 ] mccspsvc
00:29:36.0519 0x1914 PcdrNdisuio - ok
00:29:36.0586 0x1914 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
00:29:36.0666 0x1914 pci - ok
00:29:36.0722 0x1914 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
00:29:36.0770 0x1914 pciide - ok
00:29:36.0847 0x1914 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
00:29:36.0936 0x1914 pcmcia - ok
00:29:36.0966 0x1914 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
00:29:37.0019 0x1914 pcw - ok
00:29:37.0444 0x1914 [ 7CADB4ABAE72390951886CF259791F5F, 9A0F4113F4E09911A44843F31E8C7047EEA39611AB490A4CF16FAE9D95310076 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
00:29:37.0491 0x1914 PDFProFiltSrvPP - ok
00:29:37.0692 0x1914 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:29:37.0856 0x1914 PEAUTH - ok
00:29:38.0037 0x1914 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
00:29:38.0221 0x2700 Object send P2P result: true
00:29:38.0267 0x1914 PeerDistSvc - ok
00:29:38.0363 0x1914 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:29:38.0415 0x1914 PerfHost - ok
00:29:38.0708 0x1914 [ BBA3379049C59F53598E101A0B55E7D5, E4956BD507EE8BC883180BA159B8F5247F9FA9DA8FC0F65EF0AF1D920CF7F4CE ] PGP RDD Service C:\Program Files (x86)\PGP Corporation\PGP Desktop\RDDService.exe
00:29:38.0930 0x1914 PGP RDD Service - ok
00:29:39.0014 0x1914 [ 46ED64F457F1F663F323CF5D1CF8778B, 18D5C96D9CD009029FD888691DD702F395D3471248A8608345E02D7FCA21D5B6 ] PGPdisk         C:\Windows\system32\drivers\PGPdisk.sys
00:29:39.0086 0x1914 PGPdisk - ok
00:29:39.0154 0x1914 [ 46BF42FC51F1739D44CA8280D3EF0223, 4FC27A50BB49071F703E240CCFE1D16F321E9C68F3668F812606D19B61F4455B ] pgpfs           C:\Windows\system32\Drivers\PGPfsfd.sys
00:29:39.0220 0x1914 pgpfs - ok
00:29:39.0274 0x1914 [ B4BDB7DF006A60DCF6C1CF0180891C66, 55C23857880E7D913B2AC6585821E96DC683040FEB347BBFBCF28809811B5818 ] PGPsdkDriver    C:\Windows\system32\Drivers\PGPsdk.sys
00:29:39.0314 0x1914 PGPsdkDriver - ok
00:29:39.0367 0x1914 [ 22DFEE2878ACFAA513FF219631065319, 514EC648D935764A4040806D2B58D94402A7652CBE77CE926406086597043381 ] PGPwded         C:\Windows\system32\drivers\PGPwded.sys
00:29:39.0449 0x1914 PGPwded - ok
00:29:39.0468 0x1914 [ 1D8E8DC3AEEF9627792C57BE4F2B188F, 9FF6816654B877FD382558887A9FD76CA93CEE990108901B31E55043FC487904 ] Pgpwdefs        C:\Windows\system32\DRIVERS\Pgpwdefs.sys
00:29:39.0510 0x1914 Pgpwdefs - ok
00:29:39.0684 0x1914 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
00:29:39.0947 0x1914 pla - ok
00:29:40.0053 0x1914 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:29:40.0133 0x1914 PlugPlay - ok
00:29:40.0164 0x1914 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:29:40.0216 0x1914 PNRPAutoReg - ok
00:29:40.0261 0x1914 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:29:40.0333 0x1914 PNRPsvc - ok
00:29:40.0471 0x1914 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:29:40.0629 0x1914 PolicyAgent - ok
00:29:40.0689 0x1914 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
00:29:40.0888 0x1914 Power - ok
00:29:41.0273 0x1914 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:29:41.0461 0x1914 PptpMiniport - ok
00:29:41.0498 0x1914 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
00:29:41.0550 0x1914 Processor - ok
00:29:41.0619 0x1914 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
00:29:41.0703 0x1914 ProfSvc - ok
00:29:41.0755 0x1914 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] ProtectedStorage C:\Windows\system32\lsass.exe
00:29:41.0803 0x1914 ProtectedStorage - ok
00:29:41.0863 0x1914 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:29:42.0012 0x1914 Psched - ok
00:29:42.0117 0x1914 [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
00:29:42.0139 0x1914 PST Service - detected UnsignedFile.Multi.Generic ( 1 )
00:29:44.0590 0x1914 Detect skipped due to KSN trusted
00:29:44.0591 0x1914 PST Service - ok
00:29:44.0654 0x1914 [ FDA6EFB7014E8C4524CB6B5B885E8A95, C305226285B9319CAFB8EE6B44704AF7EBD4D5574D2FD21F827DB7A250538C0B ] PsxDrv          C:\Windows\system32\drivers\psxdrv.sys
00:29:44.0710 0x1914 PsxDrv - ok
00:29:44.0730 0x1914 [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
00:29:44.0771 0x1914 PxHlpa64 - ok
00:29:44.0938 0x1914 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
00:29:45.0119 0x1914 ql2300 - ok
00:29:45.0154 0x1914 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
00:29:45.0209 0x1914 ql40xx - ok
00:29:45.0288 0x1914 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
00:29:45.0378 0x1914 QWAVE - ok
00:29:45.0403 0x1914 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:29:45.0482 0x1914 QWAVEdrv - ok
00:29:45.0612 0x1914 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
00:29:45.0674 0x1914 RapiMgr - ok
00:29:45.0696 0x1914 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:29:45.0806 0x1914 RasAcd - ok
00:29:46.0173 0x1914 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:29:46.0432 0x1914 RasAgileVpn - ok
00:29:46.0492 0x1914 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
00:29:46.0636 0x1914 RasAuto - ok
00:29:46.0666 0x1914 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:29:46.0796 0x1914 Rasl2tp - ok
00:29:46.0873 0x1914 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
00:29:47.0008 0x1914 RasMan - ok
00:29:47.0048 0x1914 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:29:47.0192 0x1914 RasPppoe - ok
00:29:47.0246 0x1914 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:29:47.0386 0x1914 RasSstp - ok
00:29:47.0453 0x1914 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:29:47.0593 0x1914 rdbss - ok
00:29:47.0615 0x1914 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
00:29:47.0697 0x1914 rdpbus - ok
00:29:47.0727 0x1914 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:29:47.0861 0x1914 RDPCDD - ok
00:29:47.0904 0x1914 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
00:29:48.0017 0x1914 RDPDR - ok
00:29:48.0069 0x1914 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:29:48.0217 0x1914 RDPENCDD - ok
00:29:48.0245 0x1914 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:29:48.0358 0x1914 RDPREFMP - ok
00:29:48.0488 0x1914 [ 065F79543D7999EC28B687F87E96B803, 6B235C422DCA79ABF0D051C066B2866643333F7ADB7AF914F6EEAC448AA59AAF ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:29:48.0577 0x1914 RdpVideoMiniport - ok
00:29:48.0654 0x1914 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:29:48.0745 0x1914 RDPWD - ok
00:29:48.0821 0x1914 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:29:48.0885 0x1914 rdyboost - ok
00:29:49.0010 0x1914 [ 3394FAEF5FE401B076FD5DEC295C7919, 7674E6A36ADE653195BD240D7613C5E711940DF65A947ABA4D2546AF410A07C7 ] RealPlayerUpdateSvc C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
00:29:49.0048 0x1914 RealPlayerUpdateSvc - ok
00:29:49.0256 0x1914 [ 435685429F72AC4D43BF3A2658F13104, DBED552FE555C0E0BFDE046BDE5ED87C194CD84EBBF69A95C5B0E706941946E8 ] RealTimes Desktop Service c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
00:29:49.0391 0x1914 RealTimes Desktop Service - ok
00:29:49.0464 0x1914 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:29:49.0628 0x1914 RemoteAccess - ok
00:29:49.0703 0x1914 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:29:49.0854 0x1914 RemoteRegistry - ok
00:29:49.0919 0x1914 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
00:29:49.0996 0x1914 RFCOMM - ok
00:29:50.0032 0x1914 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:29:50.0160 0x1914 RpcEptMapper - ok
00:29:50.0222 0x1914 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
00:29:50.0293 0x1914 RpcLocator - ok
00:29:50.0386 0x1914 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\System32\rpcss.dll
00:29:50.0539 0x1914 RpcSs - ok
00:29:50.0759 0x1914 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:29:50.0898 0x1914 rspndr - ok
00:29:51.0023 0x1914 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
00:29:51.0116 0x1914 RTL8167 - ok
00:29:51.0176 0x1914 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
00:29:51.0230 0x1914 s3cap - ok
00:29:51.0252 0x1914 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] SamSs           C:\Windows\system32\lsass.exe
00:29:51.0298 0x1914 SamSs - ok
00:29:51.0328 0x1914 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:29:51.0417 0x1914 sbp2port - ok
00:29:51.0787 0x1914 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:29:51.0920 0x1914 SCardSvr - ok
00:29:51.0946 0x1914 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:29:52.0055 0x1914 scfilter - ok
00:29:52.0211 0x1914 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
00:29:52.0349 0x1914 Schedule - ok
00:29:52.0401 0x1914 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:29:52.0516 0x1914 SCPolicySvc - ok
00:29:52.0592 0x1914 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
00:29:52.0662 0x1914 sdbus - ok
00:29:52.0734 0x1914 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:29:52.0803 0x1914 SDRSVC - ok
00:29:53.0008 0x1914 [ 7A4FE83F4EFF8B9D06DBB1EE48DC91C5, C9D42AC5DF55E72BC5D3F9CFA865D943A6EFE064EC147C04912545A219D8344B ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
00:29:53.0047 0x1914 Seagate Dashboard Services - ok
00:29:53.0145 0x1914 [ 118B35309A148E0D23FF32ED52CC5C36, 9C3DF5CF4B714AADC91967DF2BC9E75D51056F5F603CCB833FDDEC1A34DB7EFB ] Seagate MobileBackup Service C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
00:29:53.0216 0x1914 Seagate MobileBackup Service - ok
00:29:53.0296 0x1914 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:29:53.0404 0x1914 secdrv - ok
00:29:53.0434 0x1914 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
00:29:53.0589 0x1914 seclogon - ok
00:29:53.0644 0x1914 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
00:29:53.0771 0x1914 SENS - ok
00:29:53.0845 0x1914 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:29:53.0938 0x1914 SensrSvc - ok
00:29:53.0980 0x1914 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
00:29:54.0027 0x1914 Serenum - ok
00:29:54.0055 0x1914 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
00:29:54.0118 0x1914 Serial - ok
00:29:54.0271 0x1914 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
00:29:54.0374 0x1914 sermouse - ok
00:29:54.0460 0x1914 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
00:29:54.0608 0x1914 SessionEnv - ok
00:29:54.0625 0x1914 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:29:54.0683 0x1914 sffdisk - ok
00:29:54.0703 0x1914 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:29:54.0751 0x1914 sffp_mmc - ok
00:29:54.0773 0x1914 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:29:54.0829 0x1914 sffp_sd - ok
00:29:54.0843 0x1914 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
00:29:54.0893 0x1914 sfloppy - ok
00:29:55.0087 0x1914 [ D85B7C7810D4FDE6DA341EF96DE13702, 6F5A8E1FD81D53AAE8E121CF8A02EA2678C346217740CAC17144F08A5BBBC147 ] SgtSch2Svc      C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedul2.exe
00:29:55.0230 0x1914 SgtSch2Svc - ok
00:29:55.0340 0x1914 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:29:55.0518 0x1914 SharedAccess - ok
00:29:55.0598 0x1914 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:29:55.0760 0x1914 ShellHWDetection - ok
00:29:55.0812 0x1914 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:29:55.0856 0x1914 SiSRaid2 - ok
00:29:55.0880 0x1914 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
00:29:55.0928 0x1914 SiSRaid4 - ok
00:29:55.0981 0x1914 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:29:56.0098 0x1914 Smb - ok
00:29:56.0204 0x1914 [ 32CDE417100C530964E79C53B4E994CA, 4BEAC22E7016031725F885A6C69AAE40F871074F01F334450773CE77C1E75BC8 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
00:29:56.0271 0x1914 snapman - ok
00:29:56.0333 0x1914 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:29:56.0386 0x1914 SNMPTRAP - ok
00:29:57.0028 0x1914 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
00:29:57.0173 0x1914 speedfan - ok
00:29:57.0213 0x1914 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:29:57.0255 0x1914 spldr - ok
00:29:57.0321 0x1914 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
00:29:57.0430 0x1914 Spooler - ok
00:29:57.0782 0x1914 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
00:29:58.0209 0x1914 sppsvc - ok
00:29:58.0254 0x1914 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:29:58.0398 0x1914 sppuinotify - ok
00:29:58.0472 0x1914 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:29:58.0601 0x1914 srv - ok
00:29:58.0657 0x1914 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:29:58.0753 0x1914 srv2 - ok
00:29:58.0795 0x1914 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:29:58.0863 0x1914 srvnet - ok
00:29:58.0901 0x1914 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:29:59.0035 0x1914 SSDPSRV - ok
00:29:59.0105 0x1914 [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
00:29:59.0145 0x1914 SSPORT - ok
00:29:59.0170 0x1914 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:29:59.0316 0x1914 SstpSvc - ok
00:29:59.0718 0x1914 [ DA7702025DFD169B909C4DA3126762CC, 40777941F71D0762C450824A635888D1390307E937EDF13385524569F4602D0A ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
00:29:59.0785 0x1914 STacSV - ok
00:29:59.0804 0x1914 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
00:29:59.0849 0x1914 stexstor - ok
00:29:59.0921 0x1914 [ CAF5A9708671B14B9670260735B22C4E, B31F2B500605379BC9531E21E4ACD17EA281FFF25AA4B4D342E14F8F5952D1EC ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
00:30:00.0061 0x1914 STHDA - ok
00:30:00.0196 0x1914 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
00:30:00.0300 0x1914 StillCam - ok
00:30:00.0402 0x1914 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
00:30:00.0515 0x1914 stisvc - ok
00:30:00.0563 0x1914 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
00:30:00.0608 0x1914 storflt - ok
00:30:00.0631 0x1914 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
00:30:00.0676 0x1914 storvsc - ok
00:30:00.0733 0x1914 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
00:30:00.0775 0x1914 swenum - ok
00:30:00.0874 0x1914 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
00:30:01.0038 0x1914 swprv - ok
00:30:01.0079 0x1914 Synth3dVsc - ok
00:30:01.0134 0x1914 [ 29AD5FF846E8939C10112F34CB2E334A, 62F9D5D4CC8CC97FAE62625EECA74CD187CCFCA83D1938DDDF44DBBE3A675FB4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
00:30:01.0204 0x1914 SynTP - ok
00:30:01.0391 0x1914 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
00:30:01.0616 0x1914 SysMain - ok
00:30:01.0652 0x1914 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:30:01.0734 0x1914 TabletInputService - ok
00:30:01.0777 0x1914 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:30:01.0949 0x1914 TapiSrv - ok
00:30:02.0109 0x1914 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
00:30:02.0274 0x1914 TBS - ok
00:30:02.0626 0x1914 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:30:02.0835 0x1914 Tcpip - ok
00:30:03.0032 0x1914 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:30:03.0228 0x1914 TCPIP6 - ok
00:30:03.0292 0x1914 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:30:03.0342 0x1914 tcpipreg - ok
00:30:03.0398 0x1914 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:30:03.0458 0x1914 TDPIPE - ok
00:30:03.0481 0x1914 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:30:03.0527 0x1914 TDTCP - ok
00:30:03.0592 0x1914 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:30:03.0665 0x1914 tdx - ok
00:30:03.0698 0x1914 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
00:30:03.0746 0x1914 TermDD - ok
00:30:03.0858 0x1914 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
00:30:04.0014 0x1914 TermService - ok
00:30:04.0074 0x1914 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
00:30:04.0147 0x1914 Themes - ok
00:30:04.0210 0x1914 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
00:30:04.0328 0x1914 THREADORDER - ok
00:30:04.0468 0x1914 [ 6ADC063FD51F03EF0CAB3E716A725BD2, 887DD28D95C4EC374333ED3E6CA9EA9E79B237751A0AB1739CBA1B9B5E740D74 ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
00:30:04.0595 0x1914 timounter - ok
00:30:04.0624 0x1914 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
00:30:04.0778 0x1914 TrkWks - ok
00:30:04.0886 0x1914 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:30:05.0017 0x1914 TrustedInstaller - ok
00:30:05.0076 0x1914 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:30:05.0133 0x1914 tssecsrv - ok
00:30:05.0213 0x1914 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
00:30:05.0273 0x1914 TsUsbFlt - ok
00:30:05.0285 0x1914 tsusbhub - ok
00:30:05.0364 0x1914 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:30:05.0505 0x1914 tunnel - ok
00:30:05.0544 0x1914 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
00:30:05.0590 0x1914 uagp35 - ok
00:30:05.0644 0x1914 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:30:05.0803 0x1914 udfs - ok
00:30:05.0858 0x1914 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:30:05.0947 0x1914 UI0Detect - ok
00:30:06.0024 0x1914 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:30:06.0198 0x1914 uliagpkx - ok
00:30:06.0279 0x1914 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
00:30:06.0332 0x1914 umbus - ok
00:30:06.0359 0x1914 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
00:30:06.0410 0x1914 UmPass - ok
00:30:06.0449 0x1914 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
00:30:06.0539 0x1914 UmRdpService - ok
00:30:06.0621 0x1914 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
00:30:06.0771 0x1914 upnphost - ok
00:30:06.0859 0x1914 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
00:30:06.0919 0x1914 USBAAPL64 - ok
00:30:06.0993 0x1914 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
00:30:07.0088 0x1914 usbaudio - ok
00:30:07.0130 0x1914 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:30:07.0212 0x1914 usbccgp - ok
00:30:07.0270 0x1914 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:30:07.0389 0x1914 usbcir - ok
00:30:07.0602 0x1914 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
00:30:07.0688 0x1914 usbehci - ok
00:30:07.0803 0x1914 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
00:30:07.0903 0x1914 usbhub - ok
00:30:07.0953 0x1914 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:30:07.0999 0x1914 usbohci - ok
00:30:08.0048 0x1914 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
00:30:08.0103 0x1914 usbprint - ok
00:30:08.0159 0x1914 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
00:30:08.0208 0x1914 usbscan - ok
00:30:08.0238 0x1914 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:30:08.0310 0x1914 USBSTOR - ok
00:30:08.0369 0x1914 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
00:30:08.0418 0x1914 usbuhci - ok
00:30:08.0483 0x1914 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
00:30:08.0551 0x1914 usbvideo - ok
00:30:08.0620 0x1914 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
00:30:08.0677 0x1914 usb_rndisx - ok
00:30:08.0729 0x1914 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
00:30:08.0872 0x1914 UxSms - ok
00:30:08.0916 0x1914 [ CB0E57424A776C51EF42469064ADBF08, 2E4EFE070560F4CCE6AF6D142C559EEF3672631C846E612968D57BE7F71C1C4F ] VaultSvc        C:\Windows\system32\lsass.exe
00:30:08.0965 0x1914 VaultSvc - ok
00:30:09.0044 0x1914 [ E7E39FC335904E95B4DC831842146623, A1ED881AE9DADCDEEA48D1407421B64137F8D2B21B817398C152A7C394236DDD ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
00:30:09.0105 0x1914 VBoxDrv - ok
00:30:09.0333 0x1914 [ 82A6CB9C68E42C1088318EB8824D6F89, 83C99410058027F64C9DF77434BC93396F41780F397C61C4B91ED36D0A78476B ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
00:30:09.0388 0x1914 VBoxNetAdp - ok
00:30:09.0459 0x1914 [ C928DE0AA5E0E1728D0111A47D472367, 18F890D3B92042B0633FAF143BD918827E87FAD94206D4FAA09258B87ABE7D93 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
00:30:09.0520 0x1914 VBoxNetFlt - ok
00:30:09.0559 0x1914 [ 1257BB5B21C8003AA52389C7788D0E10, EFF8E1EE86A68D0F3CE66B2B139DDA2B8FA666199A7E50534D3F230117E0E299 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
00:30:09.0598 0x1914 VBoxUSBMon - ok
00:30:09.0648 0x1914 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
00:30:09.0692 0x1914 vdrvroot - ok
00:30:09.0752 0x1914 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
00:30:09.0938 0x1914 vds - ok
00:30:09.0971 0x1914 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:30:10.0045 0x1914 vga - ok
00:30:10.0076 0x1914 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:30:10.0212 0x1914 VgaSave - ok
00:30:10.0244 0x1914 VGPU - ok
00:30:10.0296 0x1914 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
00:30:10.0362 0x1914 vhdmp - ok
00:30:10.0410 0x1914 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
00:30:10.0452 0x1914 viaide - ok
00:30:10.0525 0x1914 [ 96A4F56CBBA3DCF5D90CDA1BC218D040, 095F4BC461545028CB3EDBE986A29997B206C812AC6CF8B97097CEC7FE52127D ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
00:30:10.0582 0x1914 vididr - ok
00:30:10.0644 0x1914 [ C69A784BEC737CD7460EBF3C3834D65E, 3D4CEC9E677FD6B08BE43DC19B3E422D403137E26A3B72443A513CD4AE5F41A2 ] vidsflt53       C:\Windows\system32\DRIVERS\vsflt53.sys
00:30:10.0698 0x1914 vidsflt53 - ok
00:30:10.0732 0x1914 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
00:30:10.0797 0x1914 vmbus - ok
00:30:10.0818 0x1914 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
00:30:10.0887 0x1914 VMBusHID - ok
00:30:10.0927 0x1914 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:30:10.0974 0x1914 volmgr - ok
00:30:11.0108 0x1914 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:30:11.0196 0x1914 volmgrx - ok
00:30:11.0248 0x1914 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:30:11.0322 0x1914 volsnap - ok
00:30:11.0401 0x1914 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
00:30:11.0465 0x1914 vpcbus - ok
00:30:11.0515 0x1914 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
00:30:11.0569 0x1914 vpcnfltr - ok
00:30:11.0608 0x1914 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
00:30:11.0659 0x1914 vpcusb - ok
00:30:11.0716 0x1914 [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
00:30:11.0795 0x1914 vpcvmm - ok
00:30:11.0995 0x1914 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
00:30:12.0060 0x1914 vsmraid - ok
00:30:12.0238 0x1914 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
00:30:12.0514 0x1914 VSS - ok
00:30:12.0558 0x1914 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
00:30:12.0650 0x1914 vwifibus - ok
00:30:12.0768 0x1914 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
00:30:13.0001 0x1914 vwififlt - ok
00:30:13.0079 0x1914 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
00:30:13.0206 0x1914 vwifimp - ok
00:30:13.0285 0x1914 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
00:30:13.0437 0x1914 W32Time - ok
00:30:13.0595 0x1914 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll
00:30:13.0691 0x1914 W3SVC - ok
00:30:13.0764 0x1914 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
00:30:13.0814 0x1914 WacomPen - ok
00:30:13.0872 0x1914 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:30:13.0992 0x1914 WANARP - ok
00:30:14.0027 0x1914 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:30:14.0139 0x1914 Wanarpv6 - ok
00:30:14.0228 0x1914 [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
00:30:14.0308 0x1914 WAS - ok
00:30:14.0498 0x1914 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
00:30:14.0659 0x1914 WatAdminSvc - ok
00:30:14.0820 0x1914 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
00:30:15.0048 0x1914 wbengine - ok
00:30:15.0090 0x1914 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:30:15.0181 0x1914 WbioSrvc - ok
00:30:15.0300 0x1914 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
00:30:15.0380 0x1914 WcesComm - ok
00:30:15.0428 0x1914 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:30:15.0549 0x1914 wcncsvc - ok
00:30:15.0591 0x1914 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:30:15.0694 0x1914 WcsPlugInService - ok
00:30:15.0719 0x1914 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
00:30:15.0762 0x1914 Wd - ok
00:30:15.0780 0x1914 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
00:30:15.0864 0x1914 WDC_SAM - ok
00:30:15.0981 0x1914 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:30:16.0104 0x1914 Wdf01000 - ok
00:30:16.0164 0x1914 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:30:16.0296 0x1914 WdiServiceHost - ok
00:30:16.0328 0x1914 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:30:16.0398 0x1914 WdiSystemHost - ok
00:30:16.0471 0x1914 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
00:30:16.0562 0x1914 WebClient - ok
00:30:16.0600 0x1914 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:30:16.0754 0x1914 Wecsvc - ok
00:30:16.0794 0x1914 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:30:16.0935 0x1914 wercplsupport - ok
00:30:16.0987 0x1914 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:30:17.0143 0x1914 WerSvc - ok
00:30:17.0202 0x1914 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:30:17.0314 0x1914 WfpLwf - ok
00:30:17.0375 0x1914 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
00:30:17.0437 0x1914 WimFltr - ok
00:30:17.0462 0x1914 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:30:17.0507 0x1914 WIMMount - ok
00:30:17.0587 0x1914 WinDefend - ok
00:30:17.0630 0x1914 WinHttpAutoProxySvc - ok
00:30:17.0746 0x1914 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:30:17.0906 0x1914 Winmgmt - ok
00:30:18.0572 0x1914 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
00:30:18.0821 0x1914 WinRM - ok
00:30:18.0934 0x1914 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUsb.sys
00:30:18.0991 0x1914 WinUSB - ok
00:30:19.0121 0x1914 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:30:19.0272 0x1914 Wlansvc - ok
00:30:19.0329 0x1914 wltrysvc - ok
00:30:19.0390 0x1914 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
00:30:19.0438 0x1914 WmiAcpi - ok
00:30:19.0516 0x1914 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:30:19.0610 0x1914 wmiApSrv - ok
00:30:19.0647 0x1914 WMPNetworkSvc - ok
00:30:19.0700 0x1914 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:30:19.0760 0x1914 WPCSvc - ok
00:30:19.0791 0x1914 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:30:19.0897 0x1914 WPDBusEnum - ok
00:30:19.0964 0x1914 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:30:20.0077 0x1914 ws2ifsl - ok
00:30:20.0130 0x1914 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
00:30:20.0210 0x1914 wscsvc - ok
00:30:20.0223 0x1914 WSearch - ok
00:30:20.0483 0x1914 [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:30:20.0779 0x1914 wuauserv - ok
00:30:20.0843 0x1914 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:30:20.0946 0x1914 WudfPf - ok
00:30:20.0981 0x1914 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:30:21.0051 0x1914 WUDFRd - ok
00:30:21.0116 0x1914 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:30:21.0203 0x1914 wudfsvc - ok
00:30:21.0280 0x1914 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:30:21.0436 0x1914 WwanSvc - ok
00:30:21.0850 0x1914 [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl
00:30:22.0019 0x1914 {1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7} - ok
00:30:22.0061 0x1914 ================ Scan global ===============================
00:30:22.0101 0x1914 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
00:30:22.0178 0x1914 [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
00:30:22.0241 0x1914 [ CE14A4BBF890A7D4C898CF886D145EC9, AD4BE7CBB0C624EC00E8496AF33AC5AB8C5689C75C66C4C99F2FB7149E912D18 ] C:\Windows\system32\winsrv.dll
00:30:22.0315 0x1914 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:30:22.0391 0x1914 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
00:30:22.0429 0x1914 [ Global ] - ok
00:30:22.0431 0x1914 ================ Scan MBR ==================================
00:30:22.0480 0x1914 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:30:23.0050 0x1914 \Device\Harddisk0\DR0 - ok
00:30:23.0164 0x1914 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
00:30:23.0294 0x1914 \Device\Harddisk1\DR1 - ok
00:30:23.0296 0x1914 ================ Scan VBR ==================================
00:30:23.0373 0x1914 [ 13EF9A99AF25C09F44A8212DA3076CBE ] \Device\Harddisk0\DR0\Partition1
00:30:23.0377 0x1914 \Device\Harddisk0\DR0\Partition1 - ok
00:30:23.0441 0x1914 [ 2FEDA4D9D6FB431AD1F1F8199D26EDDE ] \Device\Harddisk0\DR0\Partition2
00:30:23.0789 0x1914 \Device\Harddisk0\DR0\Partition2 - ok
00:30:23.0834 0x1914 [ 041F749E48F713F69EFBE4D22994AC2B ] \Device\Harddisk1\DR1\Partition1
00:30:23.0945 0x1914 \Device\Harddisk1\DR1\Partition1 - ok
00:30:23.0947 0x1914 ================ Scan generic autorun ======================
00:30:23.0948 0x1914 SynTPEnh - ok
00:30:24.0047 0x1914 [ 023C55185495F1066F4C7F893658C4ED, 12DB663D56DEE1F54029F02BA68DE52BB6A18E5022DC4AA4435D773125D09A22 ] C:\Program Files\IDT\WDM\sttray64.exe
00:30:24.0138 0x1914 SysTrayApp - ok
00:30:24.0142 0x1914 Broadcom Wireless Manager UI - ok
00:30:24.0247 0x1914 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
00:30:24.0347 0x1914 Windows Mobile Device Center - ok
00:30:24.0405 0x1914 [ A9B1C0D67A6C1D23F9E2FFE9B2C24BA9, E58434A01475C6A3CF816DB35D19B38540B5B100384CEC526DAAB228323E3E57 ] C:\Windows\system32\jureg.exe
00:30:24.0427 0x1914 SunJavaUpdateReg - detected UnsignedFile.Multi.Generic ( 1 )
00:30:26.0876 0x1914 Detect skipped due to KSN trusted
00:30:26.0877 0x1914 SunJavaUpdateReg - ok
00:30:27.0169 0x1914 [ FEF79578661ACC96610CBB2B127EADA1, F18FE40BD3BA37C73DBE116E6085C20A2368245757C7DE90418049EE3EDBD83C ] C:\Program Files (x86)\Dell V715w\dleemon.exe
00:30:27.0335 0x1914 dleemon.exe - ok
00:30:27.0388 0x1914 [ 399250EBDAF67BD989D3434D2402F1AC, 2565C04A2A72C05439A62580C1E2DB69FCFDC174105656EF108768ADE1D0C857 ] C:\Program Files (x86)\Dell V715w\ezprint.exe
00:30:27.0439 0x1914 EzPrint - ok
00:30:27.0538 0x1914 [ 2B3B27E821E7FDB268AE468239F1A614, 18AE808383FAEC68AD0FA276C4B1AFD6C5C29D1D7417A8AF8A88014B1BBD0B8C ] C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe
00:30:27.0610 0x1914 Seagate Scheduler2 Service - ok
00:30:27.0905 0x1914 [ A708065955C25C728A93E33163C79BF8, 28E56D14EA2ED9CD0064828B4B6D7867620CDE6E23907966BAED36C19DA71F38 ] C:\Program Files\Dell\QuickSet\QuickSet.exe
00:30:28.0291 0x1914 QuickSet - detected UnsignedFile.Multi.Generic ( 1 )
00:30:29.0552 0x2afc Object required for P2P: [ 435685429F72AC4D43BF3A2658F13104 ] RealTimes Desktop Service
00:30:30.0745 0x1914 Detect skipped due to KSN trusted
00:30:30.0745 0x1914 QuickSet - ok
00:30:30.0837 0x1914 [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe
00:30:30.0893 0x1914 iTunesHelper - ok
00:30:30.0970 0x1914 [ 494D1D57779360D2632328C3646DE5DB, 18799E855161EDA063F5677089993225513F2284E039BFE658F388315B239434 ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
00:30:31.0009 0x1914 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
00:30:32.0248 0x2afc Object send P2P result: true
00:30:33.0449 0x1914 Detect skipped due to KSN trusted
00:30:33.0449 0x1914 StartCCC - ok
00:30:33.0615 0x1914 [ 32CB8AE7EA0A353E2060C96F401566B3, 34FBA3658791D824F67F0D331E572ECA64A0EF686C95FE6F61EE72497116FF4B ] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
00:30:33.0664 0x1914 PDVDDXSrv - ok
00:30:33.0777 0x1914 [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] C:\Program Files (x86)\Dell\Dell TouchCam\MUITransfer\MUIStartMenu.exe
00:30:33.0835 0x1914 UCam_Menu - ok
00:30:34.0219 0x1914 [ EEE7EC6330D6A2EC6B7701CB8DD50766, 14630E16DBA73873E63BD961E6AF6F74BDE992652A055842560DD2CA883D8A29 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
00:30:34.0276 0x1914 ArcSoft Connection Service - ok
00:30:34.0479 0x1914 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\YouPaint\MUITransfer\MUIStartMenu.exe
00:30:34.0540 0x1914 UpdateYouPaintShortCut - ok
00:30:34.0615 0x1914 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
00:30:34.0654 0x1914 GrooveMonitor - ok
00:30:34.0757 0x1914 [ 0CE025436A9B94D28EEA7EC45BDD67B6, F3BD6D212018B1335F79ADCD15DF30A9ADD84461828FD0099B4D449514792480 ] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
00:30:34.0840 0x1914 Desktop Disc Tool - ok
00:30:34.0887 0x1914 [ 03A71D911DDAD3AECBD1C78338AF545F, EDA66C5D2D94D2FEC8DD82254EE35D550FA5E170D370B6CF6ACA1BB1446870EA ] C:\Program Files (x86)\Dell V715w\fm3032.exe
00:30:34.0951 0x1914 Dell V715w - ok
00:30:35.0066 0x1914 [ 27EC2B877B292061B4367F3667F5F0A0, 3D9E35DDF0D4D06B926E37DE81BAAA1B8D75B568915F68CAE0763F62A5BAE24F ] C:\Program Files\McAfee.com\Agent\mcagent.exe
00:30:35.0176 0x1914 mcui_exe - ok
00:30:35.0254 0x1914 [ 7AA219D7AEAA8BADCAC7853AE6AE3BD5, 018F85DCD9EB33DC775CCCB58B999A640B6F8FEF37898EA45600B433E77CF9AE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
00:30:35.0292 0x1914 APSDaemon - ok
00:30:35.0403 0x1914 [ C319B4F7C2941229814A73F32E3CF71D, E8912BCC42DE5B55C6444DC455F004CC4CFB829CDF8012A9908B066916771219 ] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
00:30:35.0466 0x1914 Dell Webcam Central - detected UnsignedFile.Multi.Generic ( 1 )
00:30:37.0909 0x1914 Detect skipped due to KSN trusted
00:30:37.0909 0x1914 Dell Webcam Central - ok
00:30:37.0995 0x1914 [ 7605271997CAB7E91549F343A83E622D, 9CA1933FBBC9CC9D2656AA69C933413DDBAAF43220B5C1E69F4C9F65296C5B42 ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
00:30:38.0098 0x1914 ConnectionCenter - ok
00:30:38.0429 0x1914 [ 4664EE03CA8776CBA0C5D768281E1F4B, 25FC97416FCDF9C58F225928593004037451DEE71C9A510A1C13AD7763FDCF1D ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
00:30:38.0770 0x1914 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
00:30:41.0298 0x1914 Detect skipped due to KSN trusted
00:30:41.0299 0x1914 BrStsMon00 - ok
00:30:41.0600 0x1914 [ 473E323057CF9893D7E8C1E2D0CCED23, 30181735805B6F61DE0BD004DB53235F560FC21C7BEE7913B6AA56D2AA2ECBB6 ] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
00:30:41.0653 0x1914 MaxMenuMgr - ok
00:30:41.0916 0x1914 [ CBC171FC1A858EF20E2F86DB1660E585, A189A6B867CC66280DC1A43C769C7E784F836F12E843E730B22A93DEECFDB75A ] C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe
00:30:42.0179 0x1914 DiscWizardMonitor.exe - ok
00:30:42.0483 0x1914 [ 542C2B58BCCA8A3B2CCE4EA754F1640F, F4272F1C1B4C730B57DFFB441B43911FBEE7B0A8D044438F483375E45993934F ] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe
00:30:42.0705 0x1914 ISUSPM - ok
00:30:42.0830 0x1914 [ 61C6D0EF1A1DCAE669CB56ADCC432300, 77E00AD629A5780F74D17E1BF989C61481E14B31C83AFEBC65922862B58D2AFB ] C:\Program Files (x86)\Nuance\Power PDF\RegistryController.exe
00:30:42.0889 0x1914 PowerPDF Registry Controller - ok
00:30:43.0045 0x1914 [ 130924FEDB988C2E01A33E8B2C9CD588, BA0634A5A590A027D1562F5EA6B0B977C9E39CDA601B50790A8EE6098D5E82E6 ] C:\Program Files (x86)\Nuance\Power PDF\Ereg\Ereg.exe
00:30:43.0126 0x1914 Nuance Power PDF Advanced-reminder - ok
00:30:43.0154 0x1914 [ A7C9A647617CE2C79F2582499ED05020, 9ED16B292A2AB3C8972AC1423322C4C137589C32953279A366FA3DCB7B815B1F ] C:\Program Files (x86)\Nuance\Power PDF\InboxMonitor.exe
00:30:43.0201 0x1914 PowerPDFInboxMonitor - ok
00:30:43.0467 0x1914 [ 2577C3AFAA9FCE28CA3565EC3EDACF36, C870D4E6CA426C5064F49F369791A1EFAD5761C4C0C592EE0ADDC39E8807CFD6 ] C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe
00:30:43.0763 0x1914 NuanPowerPdf1NPDFLM - ok
00:30:43.0811 0x1914 [ 32AC3889C598A7314954CF515E716BDE, DE843C6B523C60776401F799C01948DDC383442B2CEAC2002A867DC860949AFE ] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe
00:30:43.0846 0x1914 IndexSearch - ok
00:30:43.0867 0x1914 [ 7D46CE32283158EB7F1D0C8E02D8DDD1, DF68039E55E90EFAB90E5FC8DE79E66CEDECB99EB353C4F349375732AAEF1BE1 ] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
00:30:43.0900 0x1914 PaperPort PTD - ok
00:30:44.0029 0x1914 [ 9F0ACAA725CF5A391AF7E2067AE45746, CA7F3C2C9D4DCB135ECBFFEB3448D272552B5DB720E0A526B4AC07B1F5E8BC9E ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
00:30:44.0124 0x1914 PDFHook - ok
00:30:44.0154 0x1914 [ 154420A93E4F676AA33A055A116255D9, DF76577C22EBB439DF2B72D1B6B7A465F067CCEC886FC7A7FB337865DA1DB914 ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
00:30:44.0189 0x1914 PDF5 Registry Controller - ok
00:30:44.0281 0x1914 [ 25550E7DB114579EB50BC98A8DFD8B9F, 11F81387B6EE44FBE4DCF251A0D4AFF3E84C550BACCA39B71B41B452D512628B ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
00:30:44.0319 0x1914 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
00:30:46.0766 0x1914 Detect skipped due to KSN trusted
00:30:46.0766 0x1914 ControlCenter4 - ok
00:30:47.0019 0x1914 [ 12B61CF7A975D4987E363C1D938EF6B1, 632445CEA7FD6032933ED1910F06A703EE4ED102ED8B864A4AE74AF64F8928AD ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
00:30:47.0192 0x1914 DBAgent - ok
00:30:47.0341 0x1914 [ AA4B7C499673D6465F6F14186B4711BF, F6FC00403BA3B40FBB2255CF06F0CA7BA35C9CC45426EE53F908233F82CF1913 ] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
00:30:47.0443 0x1914 RealDownloader - ok
00:30:47.0541 0x1914 [ 4D7A3EEDA99036A273A7A81634FEE960, 278BA73E75482956C31BF1B2EFDAED21BC9D43F3240E14396DB44A7495103454 ] c:\program files (x86)\real\realplayer\Update\realsched.exe
00:30:47.0609 0x1914 TkBellExe - ok
00:30:47.0696 0x1914 [ 248FB4D46C7F4A39D601EA870EE55AC4, C9A3DA95F76AC9A6A032EE6DC18F9CA940B3A4A906B9DF983E5A8A6F1B8130A6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
00:30:47.0793 0x1914 SunJavaUpdateSched - ok
00:30:47.0988 0x1914 [ 4EAF6F8F0B3BE33A0E3877EB7FFD48D4, CD89A31004E3E5A3253554CABF70B89D4F2FCBC40161FFA9E633CD85261A2769 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
00:30:48.0134 0x1914 Adobe ARM - ok
00:30:48.0315 0x1914 [ B4A7BAB6D6E08ECF0CB15CAA4A44A6B3, AD698B0AFCD6DF59BE5E913DA402F74C2AF4FC443DA43CD0BBBE3D8EAAEC37A7 ] C:\Users\root\AppData\Local\Skillbrains\lightshot\Lightshot.exe
00:30:48.0378 0x1914 LightShot - ok
00:30:48.0564 0x1914 [ 542C2B58BCCA8A3B2CCE4EA754F1640F, F4272F1C1B4C730B57DFFB441B43911FBEE7B0A8D044438F483375E45993934F ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
00:30:48.0759 0x1914 ISUSPM - ok
00:30:48.0822 0x1914 [ 8214193359CEE333F1330A3F99FA1AEB, 79ADE8D2A0A666E1965D9FD67385D26C858127C002784351EFFAC46A69E107A3 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
00:30:48.0878 0x1914 Uploader - ok
00:30:49.0045 0x1914 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
00:30:49.0278 0x1914 Sidebar - ok
00:30:49.0417 0x1914 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
00:30:49.0586 0x1914 Sidebar - ok
00:30:49.0754 0x1914 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
00:30:49.0892 0x1914 RESTART_STICKY_NOTES - ok
00:30:49.0928 0x1914 [ 8214193359CEE333F1330A3F99FA1AEB, 79ADE8D2A0A666E1965D9FD67385D26C858127C002784351EFFAC46A69E107A3 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
00:30:49.0973 0x1914 Uploader - ok
00:30:49.0976 0x1914 Web Companion - ok
00:30:50.0512 0x1914 [ 175CE6C35FF720F0140E3E59A93166CA, 8A75C4BE62FBC8E907AF2DB9E3FF13C11525A2F86A7D62DA63698C2A04F7678B ] C:\Users\Farnoosh\AppData\Local\Apps\2.0\Data\YQKLWYQG.1AG\LBXGBW6Z.Q27\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms
00:30:50.0656 0x1914 ZedgeToneSync - detected UnsignedFile.Multi.Generic ( 1 )
00:30:53.0102 0x1914 ZedgeToneSync ( UnsignedFile.Multi.Generic ) - warning
00:30:55.0482 0x130c Object required for P2P: [ AA4B7C499673D6465F6F14186B4711BF ] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
00:30:56.0008 0x1914 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:30:56.0168 0x1914 Sidebar - ok
00:30:56.0212 0x1914 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:30:56.0301 0x1914 mctadmin - ok
00:30:56.0420 0x1914 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:30:56.0560 0x1914 Sidebar - ok
00:30:56.0599 0x1914 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:30:56.0666 0x1914 mctadmin - ok
00:30:56.0669 0x1914 Waiting for KSN requests completion. In queue: 14
00:30:57.0669 0x1914 Waiting for KSN requests completion. In queue: 14
00:30:58.0172 0x130c Object send P2P result: true
00:30:58.0173 0x130c Object required for P2P: [ 4D7A3EEDA99036A273A7A81634FEE960 ] c:\program files (x86)\real\realplayer\Update\realsched.exe
00:30:58.0669 0x1914 Waiting for KSN requests completion. In queue: 13
00:30:59.0669 0x1914 Waiting for KSN requests completion. In queue: 9
00:31:00.0670 0x1914 Waiting for KSN requests completion. In queue: 9
00:31:00.0861 0x130c Object send P2P result: true
00:31:00.0861 0x130c Object required for P2P: [ 4EAF6F8F0B3BE33A0E3877EB7FFD48D4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
00:31:01.0670 0x1914 Waiting for KSN requests completion. In queue: 7
00:31:02.0670 0x1914 Waiting for KSN requests completion. In queue: 7
00:31:03.0563 0x130c Object send P2P result: true
00:31:03.0781 0x1914 AV detected via SS2: McAfee Anti-Virus and Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
00:31:03.0787 0x1914 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
00:31:06.0395 0x1914 ============================================================
00:31:06.0395 0x1914 Scan finished
00:31:06.0395 0x1914 ============================================================
00:31:06.0422 0x14f4 Detected object count: 2
00:31:06.0423 0x14f4 Actual detected object count: 2
00:31:51.0562 0x14f4 C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe - copied to quarantine
00:31:51.0563 0x14f4 Apache2.2 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
00:31:51.0591 0x14f4 C:\Users\Farnoosh\AppData\Local\Apps\2.0\Data\YQKLWYQG.1AG\LBXGBW6Z.Q27\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms - copied to quarantine
00:31:51.0592 0x14f4 ZedgeToneSync ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
00:34:39.0193 0x0bb4 Deinitialize success

#8 Bill 0

Topic Starter

Members
52 posts
OFFLINE

Gender:Male
Location:Virginia, USA
Local time:10:58 PM

Posted 09 February 2016 - 08:33 PM

I missed the part of your last post regarding checking the extensions in FF. I did find an extension which didn't belong, disabled it, and the problem seems to be solved. It looks like the extension worked together with the malware that eset or MBAM caught.

Right now, I'm keeping an eye out to see if any of those IE mystery processes start popping up again as well.

Bill

Back to Am I infected? What do I do?