Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

dllhost.exe COM surrogate problem

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: dllhost.exe COM surrogate problem

Unread postby pgmigg » November 1st, 2014, 3:19 pm

Hello lynda,

RogueKiller Scan
Please download RogueKiller by Tigzy and save it to your desktop.
  1. Allow the download if prompted by your security software and please close all your programs.
  2. Right click on RogueKiller.exe and select "Run as administrator..." to run it.
  3. If it does not run, please try a few times.
  4. Wait for PreScan to finish, then click on Scan.
  5. Once completed, a log called RKreport[1].txt will be created on the desktop. It can also be accessed via the Report button.
  6. Please copy and paste the contents of that log in your next reply.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the RKreport[1].txt log file
  3. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00
Advertisement
Register to Remove

Re: dllhost.exe COM surrogate problem

Unread postby lynda » November 1st, 2014, 3:34 pm

A: no problems executing these:
B. Results of RKreport

RogueKiller V10.0.4.0 [Oct 29 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Dworaks [Administrator]
Mode : Scan -- Date : 11/01/2014 14:32:09

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 13 ¤¤¤
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1962258163-3716458331-2083168627-1001\Software\Microsoft\Internet Explorer\Main | Search Page : -> Found
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1962258163-3716458331-2083168627-1001\Software\Microsoft\Internet Explorer\Main | Search Page : -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 8.8.8.8 97.64.168.12 97.64.183.165 [(Unknown Country?) (XX)] -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 8.8.8.8 97.64.168.12 97.64.183.165 [(Unknown Country?) (XX)] -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 8.8.8.8 97.64.168.12 97.64.183.165 [(Unknown Country?) (XX)] -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{34CB43D5-985D-4A3A-AC1B-62EF2E9CF302} | DhcpNameServer : 8.8.8.8 97.64.168.12 97.64.183.165 [(Unknown Country?) (XX)] -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{34CB43D5-985D-4A3A-AC1B-62EF2E9CF302} | DhcpNameServer : 8.8.8.8 97.64.168.12 97.64.183.165 [(Unknown Country?) (XX)] -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{34CB43D5-985D-4A3A-AC1B-62EF2E9CF302} | DhcpNameServer : 8.8.8.8 97.64.168.12 97.64.183.165 [(Unknown Country?) (XX)] -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Found
[Tr.Poweliks] (X64) HKEY_USERS\S-1-5-21-1962258163-3716458331-2083168627-1001\Software\classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\LocalServer32 -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] 7ac879c55aa2b63083bd6dc37ba3854d
[BSP] 549f37e9c10eede61e359960044d0b33 : HP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 81920 | Size: 750 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1617920 | Size: 953078 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive2: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive3: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
lynda
Regular Member
 
Posts: 47
Joined: October 29th, 2014, 6:21 pm

Re: dllhost.exe COM surrogate problem

Unread postby pgmigg » November 1st, 2014, 7:59 pm

Hello lynda,

Download/run Rkill:
Please download Rkill from one of the following links and save to your Desktop:
rkill.exe
iExplore.exe
eXplorer.exe
uSeRiNiT.exe
Note: There are different versions with different names. If one of them won't run, then download and try to run one of the other ones.
  1. Right-click on Rkill And select "Run as administrator..." to run it.
  2. A command window will open then disappear upon completion, this is normal.
  3. When finished, Notepad will open with a log called, "rkill.log".
  4. Please copy and paste the contents of the rkill.log in your next reply.
  5. The file is automatically saved... located at C:\rkill.log.
  6. Please leave Rkill on the Desktop until otherwise advised.

Note: If your security software warns about Rkill, please ignore and allow the download to continue.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the rkill.log log file
  3. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: dllhost.exe COM surrogate problem

Unread postby lynda » November 1st, 2014, 8:07 pm

A: no problems executing these.
B: Results from Rkill below:
C: no changes to behavior.

Rkill.log

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/01/2014 07:04:03 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 11/01/2014 07:05:46 PM
Execution time: 0 hours(s), 1 minute(s), and 42 seconds(s)
lynda
Regular Member
 
Posts: 47
Joined: October 29th, 2014, 6:21 pm

Re: dllhost.exe COM surrogate problem

Unread postby lynda » November 1st, 2014, 8:19 pm

My Microsoft Security Essentials has a popup stating:
"You should run a full scan to check for any remains of this threat. Until you run a full scan, your PC might be at risk. Click Scan now to run a full scan."

Advise please.

I'll hold till further instructions.
lynda
Regular Member
 
Posts: 47
Joined: October 29th, 2014, 6:21 pm

Re: dllhost.exe COM surrogate problem

Unread postby lynda » November 1st, 2014, 8:20 pm

I also see a number of "Ovmrnwdtx.exe - Google Chrome" processes running now. I do not have Chrome on this PC.
lynda
Regular Member
 
Posts: 47
Joined: October 29th, 2014, 6:21 pm

Re: dllhost.exe COM surrogate problem

Unread postby pgmigg » November 1st, 2014, 11:54 pm

Hello lynda,

My Microsoft Security Essentials has a popup stating:
"You should run a full scan to check for any remains of this threat. Until you run a full scan, your PC might be at risk. Click Scan now to run a full scan."
Advise please.
Yes, you can run it but please be sure that you check the Microsoft Security Essentials for the latest updates.

In the meantime, let continue:

TDSSKiller - Rootkit Removal Tool Image
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  1. Right-click on TDSSKiller.exe and select "Run As Administrator...".
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. Click Change parameters
  4. Under Additional Options CHECK Verify file digital signatures
  5. IMPORTANT: Ensure Detect TDLFS file system remains UNCHECKED.
  6. Click OK if changes were made.
  7. Click Start scan and allow it to scan for Malicious objects.

    • If Malicious objects are detected, the default action will be Cure, ensure SKIP is selected... then click Continue
    • If suspicious objects are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    • If Unsigned files are detected, the default action will be Skip, ensure Skip is selected... then click Continue
    DO NOT change the default actions, other than CURE to SKIP.
  8. You may be asked to reboot the computer to complete the process. Click on Reboot Now and allow the computer to reboot.
  9. A log will be created on your root drive (usually C:) drive. The log will have a name like Name.Version_Date_Time_log.txt.
    for example, C:\TDSSKiller.2.4.1.2_20.04.2010_15.31.43_log.txt.
  10. If no reboot is required, click on Report. A log file should appear.
  11. Please post the contents of the log file in your next reply

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  3. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: dllhost.exe COM surrogate problem

Unread postby lynda » November 2nd, 2014, 9:57 am

A: No problems with commands:
C: No changes in behavior
B: No threats found: results from TDSSKiller:

Part 1 of 3:
07:49:37.0306 0x2030 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
07:49:47.0876 0x2030 ============================================================
07:49:47.0876 0x2030 Current date / time: 2014/11/02 07:49:47.0876
07:49:47.0876 0x2030 SystemInfo:
07:49:47.0876 0x2030
07:49:47.0876 0x2030 OS Version: 6.1.7601 ServicePack: 1.0
07:49:47.0876 0x2030 Product type: Workstation
07:49:47.0877 0x2030 ComputerName: DWORAKS-PC
07:49:47.0877 0x2030 UserName: Dworaks
07:49:47.0877 0x2030 Windows directory: C:\Windows
07:49:47.0877 0x2030 System windows directory: C:\Windows
07:49:47.0877 0x2030 Running under WOW64
07:49:47.0877 0x2030 Processor architecture: Intel x64
07:49:47.0877 0x2030 Number of processors: 4
07:49:47.0877 0x2030 Page size: 0x1000
07:49:47.0877 0x2030 Boot type: Normal boot
07:49:47.0877 0x2030 ============================================================
07:49:48.0150 0x2030 KLMD registered as C:\Windows\system32\drivers\85830343.sys
07:49:51.0814 0x2030 System UUID: {81F1D96C-0375-2AA9-C7CE-28BB070894C2}
07:49:53.0852 0x2030 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:49:53.0918 0x2030 ============================================================
07:49:53.0918 0x2030 \Device\Harddisk0\DR0:
07:49:53.0918 0x2030 MBR partitions:
07:49:53.0918 0x2030 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x177000
07:49:53.0918 0x2030 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18B000, BlocksNum 0x7457B000
07:49:53.0918 0x2030 ============================================================
07:49:53.0964 0x2030 C: <-> \Device\Harddisk0\DR0\Partition2
07:49:53.0964 0x2030 ============================================================
07:49:53.0964 0x2030 Initialize success
07:49:53.0964 0x2030 ============================================================
07:49:57.0114 0x0d0c ============================================================
07:49:57.0114 0x0d0c Scan started
07:49:57.0114 0x0d0c Mode: Manual;
07:49:57.0114 0x0d0c ============================================================
07:49:57.0114 0x0d0c KSN ping started
07:50:00.0871 0x0d0c KSN ping finished: true
07:50:03.0657 0x0d0c ================ Scan system memory ========================
07:50:03.0657 0x0d0c System memory - ok
07:50:03.0658 0x0d0c ================ Scan services =============================
07:50:03.0853 0x0d0c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
07:50:03.0863 0x0d0c 1394ohci - ok
07:50:04.0059 0x0d0c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
07:50:04.0069 0x0d0c ACPI - ok
07:50:04.0073 0x0d0c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
07:50:04.0074 0x0d0c AcpiPmi - ok
07:50:04.0174 0x0d0c [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:50:04.0179 0x0d0c AdobeARMservice - ok
07:50:04.0538 0x0d0c [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:50:04.0545 0x0d0c AdobeFlashPlayerUpdateSvc - ok
07:50:04.0560 0x0d0c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
07:50:04.0571 0x0d0c adp94xx - ok
07:50:04.0607 0x0d0c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
07:50:04.0615 0x0d0c adpahci - ok
07:50:04.0640 0x0d0c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
07:50:04.0645 0x0d0c adpu320 - ok
07:50:04.0670 0x0d0c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
07:50:04.0674 0x0d0c AeLookupSvc - ok
07:50:04.0719 0x0d0c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
07:50:04.0732 0x0d0c AFD - ok
07:50:04.0768 0x0d0c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
07:50:04.0770 0x0d0c agp440 - ok
07:50:04.0844 0x0d0c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
07:50:04.0847 0x0d0c ALG - ok
07:50:04.0920 0x0d0c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
07:50:04.0921 0x0d0c aliide - ok
07:50:04.0986 0x0d0c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
07:50:04.0987 0x0d0c amdide - ok
07:50:04.0992 0x0d0c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
07:50:04.0994 0x0d0c AmdK8 - ok
07:50:04.0999 0x0d0c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
07:50:05.0001 0x0d0c AmdPPM - ok
07:50:05.0052 0x0d0c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
07:50:05.0074 0x0d0c amdsata - ok
07:50:05.0080 0x0d0c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
07:50:05.0084 0x0d0c amdsbs - ok
07:50:05.0124 0x0d0c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
07:50:05.0125 0x0d0c amdxata - ok
07:50:05.0193 0x0d0c [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
07:50:05.0195 0x0d0c AppID - ok
07:50:05.0249 0x0d0c [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
07:50:05.0258 0x0d0c AppIDSvc - ok
07:50:05.0322 0x0d0c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
07:50:05.0324 0x0d0c Appinfo - ok
07:50:05.0336 0x0d0c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
07:50:05.0338 0x0d0c arc - ok
07:50:05.0345 0x0d0c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
07:50:05.0350 0x0d0c arcsas - ok
07:50:05.0662 0x0d0c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:50:05.0664 0x0d0c aspnet_state - ok
07:50:05.0670 0x0d0c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
07:50:05.0672 0x0d0c AsyncMac - ok
07:50:05.0764 0x0d0c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
07:50:05.0765 0x0d0c atapi - ok
07:50:05.0967 0x0d0c [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:50:05.0980 0x0d0c AudioEndpointBuilder - ok
07:50:05.0996 0x0d0c [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv C:\Windows\System32\Audiosrv.dll
07:50:06.0006 0x0d0c AudioSrv - ok
07:50:06.0077 0x0d0c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
07:50:06.0081 0x0d0c AxInstSV - ok
07:50:06.0205 0x0d0c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
07:50:06.0212 0x0d0c b06bdrv - ok
07:50:06.0221 0x0d0c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
07:50:06.0226 0x0d0c b57nd60a - ok
07:50:06.0260 0x0d0c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
07:50:06.0265 0x0d0c BDESVC - ok
07:50:06.0290 0x0d0c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
07:50:06.0291 0x0d0c Beep - ok
07:50:06.0315 0x0d0c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
07:50:06.0349 0x0d0c BFE - ok
07:50:06.0407 0x0d0c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
07:50:06.0442 0x0d0c BITS - ok
07:50:06.0473 0x0d0c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
07:50:06.0474 0x0d0c blbdrive - ok
07:50:06.0850 0x0d0c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:50:06.0860 0x0d0c Bonjour Service - ok
07:50:06.0895 0x0d0c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
07:50:06.0898 0x0d0c bowser - ok
07:50:06.0902 0x0d0c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
07:50:06.0904 0x0d0c BrFiltLo - ok
07:50:06.0913 0x0d0c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
07:50:06.0916 0x0d0c BrFiltUp - ok
07:50:07.0001 0x0d0c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
07:50:07.0004 0x0d0c Browser - ok
07:50:07.0071 0x0d0c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
07:50:07.0079 0x0d0c Brserid - ok
07:50:07.0110 0x0d0c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
07:50:07.0112 0x0d0c BrSerWdm - ok
07:50:07.0202 0x0d0c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
07:50:07.0203 0x0d0c BrUsbMdm - ok
07:50:07.0235 0x0d0c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
07:50:07.0236 0x0d0c BrUsbSer - ok
07:50:07.0270 0x0d0c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
07:50:07.0272 0x0d0c BTHMODEM - ok
07:50:07.0345 0x0d0c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
07:50:07.0347 0x0d0c bthserv - ok
07:50:07.0377 0x0d0c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
07:50:07.0380 0x0d0c cdfs - ok
07:50:07.0472 0x0d0c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
07:50:07.0476 0x0d0c cdrom - ok
07:50:07.0526 0x0d0c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
07:50:07.0529 0x0d0c CertPropSvc - ok
07:50:07.0560 0x0d0c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
07:50:07.0561 0x0d0c circlass - ok
07:50:07.0695 0x0d0c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
07:50:07.0701 0x0d0c CLFS - ok
07:50:08.0507 0x0d0c [ 871EEE78F98D6E31C80FD39433A8FE2F, 67602F597FADA1E7102BC373287A4A78339E057D37FCEAD0B2502F70450EC7CE ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
07:50:08.0556 0x0d0c ClickToRunSvc - ok
07:50:08.0612 0x0d0c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:50:08.0615 0x0d0c clr_optimization_v2.0.50727_32 - ok
07:50:08.0697 0x0d0c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:50:08.0700 0x0d0c clr_optimization_v2.0.50727_64 - ok
07:50:08.0751 0x0d0c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:50:08.0779 0x0d0c clr_optimization_v4.0.30319_32 - ok
07:50:08.0839 0x0d0c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:50:08.0842 0x0d0c clr_optimization_v4.0.30319_64 - ok
07:50:08.0903 0x0d0c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
07:50:08.0904 0x0d0c CmBatt - ok
07:50:08.0969 0x0d0c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
07:50:08.0970 0x0d0c cmdide - ok
07:50:09.0145 0x0d0c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
07:50:09.0153 0x0d0c CNG - ok
07:50:09.0174 0x0d0c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
07:50:09.0175 0x0d0c Compbatt - ok
07:50:09.0209 0x0d0c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
07:50:09.0211 0x0d0c CompositeBus - ok
07:50:09.0215 0x0d0c COMSysApp - ok
07:50:09.0708 0x0d0c [ 2FACE3C1610D5857CB88D622086D7C5E, 60CA9C75E27BD93FAC8C2FA81D4B8C047A25CB0452F631B8E7B5292DBA2F5FF7 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
07:50:09.0715 0x0d0c cphs - ok
07:50:09.0775 0x0d0c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
07:50:09.0776 0x0d0c crcdisk - ok
07:50:09.0878 0x0d0c [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
07:50:09.0883 0x0d0c CryptSvc - ok
07:50:10.0018 0x0d0c [ 48D4184201452D112577C3649B591C1F, 823DFC7CB3FB4CECAFAB949085D2036E5E607DC9A7C34C774C0BB21E086BA4ED ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
07:50:10.0020 0x0d0c ctxusbm - ok
07:50:10.0120 0x0d0c [ E1617EC33B0B88FEC429BF6EB7B9FA52, 8F9A784674DDF4B2924645836AB03BA54D714FA16BB9130EE36E96C6D2073D6A ] dcdbas C:\Windows\system32\DRIVERS\dcdbas64.sys
07:50:10.0122 0x0d0c dcdbas - ok
07:50:10.0347 0x0d0c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
07:50:10.0358 0x0d0c DcomLaunch - ok
07:50:10.0481 0x0d0c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
07:50:10.0486 0x0d0c defragsvc - ok
07:50:10.0541 0x0d0c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
07:50:10.0545 0x0d0c DfsC - ok
07:50:10.0565 0x0d0c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
07:50:10.0572 0x0d0c Dhcp - ok
07:50:10.0640 0x0d0c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
07:50:10.0642 0x0d0c discache - ok
07:50:10.0671 0x0d0c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
07:50:10.0674 0x0d0c Disk - ok
07:50:10.0781 0x0d0c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
07:50:10.0786 0x0d0c Dnscache - ok
07:50:10.0856 0x0d0c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
07:50:10.0863 0x0d0c dot3svc - ok
07:50:10.0891 0x0d0c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
07:50:10.0896 0x0d0c DPS - ok
07:50:10.0980 0x0d0c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
07:50:10.0981 0x0d0c drmkaud - ok
07:50:11.0321 0x0d0c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
07:50:11.0342 0x0d0c DXGKrnl - ok
07:50:11.0567 0x0d0c [ 6FA47EE7164599CA962451BD704F7FBA, 489E93414A74D6095D768F1347C1D5E2D3A2BFB6DE16DAA5C0A73CF061BF113D ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
07:50:11.0576 0x0d0c e1cexpress - ok
07:50:11.0602 0x0d0c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
07:50:11.0605 0x0d0c EapHost - ok
07:50:11.0701 0x0d0c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
07:50:11.0803 0x0d0c ebdrv - ok
07:50:11.0848 0x0d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
07:50:11.0850 0x0d0c EFS - ok
07:50:12.0112 0x0d0c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
07:50:12.0123 0x0d0c ehRecvr - ok
07:50:12.0145 0x0d0c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
07:50:12.0236 0x0d0c ehSched - ok
07:50:12.0428 0x0d0c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
07:50:12.0470 0x0d0c elxstor - ok
07:50:12.0821 0x0d0c [ F44EC0A46E92B7AA3A1BBB693DAF0EF9, E168159074EE26C3FB8CF3CEB941509B93EE91BA0C626D957997B7E5ADD0EF26 ] EmbassyService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
07:50:12.0827 0x0d0c EmbassyService - ok
07:50:12.0855 0x0d0c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
07:50:12.0856 0x0d0c ErrDev - ok
07:50:13.0070 0x0d0c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
07:50:13.0077 0x0d0c EventSystem - ok
07:50:13.0132 0x0d0c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
07:50:13.0135 0x0d0c exfat - ok
07:50:13.0233 0x0d0c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
07:50:13.0236 0x0d0c fastfat - ok
07:50:13.0411 0x0d0c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
07:50:13.0428 0x0d0c Fax - ok
07:50:13.0441 0x0d0c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
07:50:13.0443 0x0d0c fdc - ok
07:50:13.0494 0x0d0c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
07:50:13.0495 0x0d0c fdPHost - ok
07:50:13.0540 0x0d0c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
07:50:13.0542 0x0d0c FDResPub - ok
07:50:13.0621 0x0d0c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
07:50:13.0623 0x0d0c FileInfo - ok
07:50:13.0663 0x0d0c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
07:50:13.0665 0x0d0c Filetrace - ok
07:50:14.0104 0x0d0c [ 6E68E646ECB5874520A6B96A952C8938, 5EEE32AE128CEEB0483CE08325E0996B2585C03C6684526D65B3772370CED52B ] Fitbit C:\Program Files (x86)\Fitbit\fitbit.exe
07:50:14.0147 0x0d0c Fitbit - ok
07:50:14.0520 0x0d0c [ 2EEF003D6E8C32F171C9ECC3BBE208DC, 027DEDCFC56E06FA8D2D9961E82D94A94BDD6BE443364BDB92C8AE4080BA5FBE ] Fitbit Connect C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
07:50:14.0584 0x0d0c Fitbit Connect - ok
07:50:14.0641 0x0d0c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
07:50:14.0643 0x0d0c flpydisk - ok
07:50:14.0682 0x0d0c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
07:50:14.0687 0x0d0c FltMgr - ok
07:50:14.0835 0x0d0c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
07:50:14.0869 0x0d0c FontCache - ok
07:50:14.0921 0x0d0c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:50:14.0922 0x0d0c FontCache3.0.0.0 - ok
07:50:14.0941 0x0d0c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
07:50:14.0944 0x0d0c FsDepends - ok
07:50:14.0991 0x0d0c [ B16B626996C74B564005BA855C5DEE90, B432C669EB610C262B18F3F8308EEE1B910DE7F7BC2A8EB5483419DC52A07AE1 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
07:50:14.0993 0x0d0c fssfltr - ok
07:50:15.0082 0x0d0c [ 812E1BA5C52A78F13EA6AA10DF708B1D, CF1C4D8E072CF0D66C977DFA4C852E5CE757843BEAF5D29454D26A9AC5766E61 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
07:50:15.0151 0x0d0c fsssvc - ok
07:50:15.0223 0x0d0c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:50:15.0224 0x0d0c Fs_Rec - ok
07:50:15.0300 0x0d0c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
07:50:15.0305 0x0d0c fvevol - ok
07:50:15.0335 0x0d0c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
07:50:15.0337 0x0d0c gagp30kx - ok
07:50:15.0433 0x0d0c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:50:15.0434 0x0d0c GEARAspiWDM - ok
07:50:15.0687 0x0d0c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
07:50:15.0703 0x0d0c gpsvc - ok
07:50:15.0728 0x0d0c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
07:50:15.0730 0x0d0c hcw85cir - ok
07:50:15.0756 0x0d0c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
07:50:15.0761 0x0d0c HDAudBus - ok
07:50:15.0765 0x0d0c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
07:50:15.0766 0x0d0c HidBatt - ok
07:50:15.0772 0x0d0c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
07:50:15.0774 0x0d0c HidBth - ok
07:50:15.0781 0x0d0c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
07:50:15.0783 0x0d0c HidIr - ok
07:50:15.0806 0x0d0c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
07:50:15.0808 0x0d0c hidserv - ok
07:50:15.0832 0x0d0c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
07:50:15.0834 0x0d0c HidUsb - ok
07:50:15.0851 0x0d0c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:50:15.0855 0x0d0c hkmsvc - ok
07:50:15.0905 0x0d0c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:50:15.0911 0x0d0c HomeGroupListener - ok
07:50:15.0949 0x0d0c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:50:15.0954 0x0d0c HomeGroupProvider - ok
07:50:15.0964 0x0d0c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
07:50:15.0966 0x0d0c HpSAMD - ok
07:50:15.0997 0x0d0c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:50:16.0038 0x0d0c HTTP - ok
07:50:16.0067 0x0d0c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
07:50:16.0068 0x0d0c hwpolicy - ok
07:50:16.0083 0x0d0c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
07:50:16.0086 0x0d0c i8042prt - ok
07:50:16.0154 0x0d0c [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor C:\Windows\system32\drivers\iaStor.sys
07:50:16.0165 0x0d0c iaStor - ok
07:50:16.0557 0x0d0c [ 1F35EFEC56CD1BF62435EAF97EABC3B3, 0246EB0295D28A33FC4C430117FFEE2B553C007040DB975EFCBB29FF881F2D4B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
07:50:16.0558 0x0d0c IAStorDataMgrSvc - ok
07:50:16.0865 0x0d0c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
07:50:16.0889 0x0d0c iaStorV - ok
07:50:17.0123 0x0d0c [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
07:50:17.0127 0x0d0c ICCS - ok
07:50:17.0400 0x0d0c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:50:17.0498 0x0d0c idsvc - ok
07:50:17.0529 0x0d0c IEEtwCollectorService - ok
07:50:18.0093 0x0d0c [ 0143C860F0D09B8465AE803FDDB47BE9, C11B079AC7338981BA844BF62B96FDC4FD83018E9F67CCA9ADE426978FCF2562 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
07:50:18.0249 0x0d0c igfx - ok
07:50:18.0468 0x0d0c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
07:50:18.0470 0x0d0c iirsp - ok
07:50:18.0904 0x0d0c [ EDCCC8C13B1EB882F77BA0ABB84566E7, DB299C1D2CFC197CF2FE69358F5EEDE94DCC4C919AF5D2CDFFF0DE476612C988 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
07:50:18.0907 0x0d0c IJPLMSVC - ok
07:50:19.0002 0x0d0c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
07:50:19.0029 0x0d0c IKEEXT - ok
07:50:19.0125 0x0d0c [ 561E2397C1F6B7DD01D95D1A7AF22BD3, 3B60A5D2A9485079BCD33F6906B410EA4377ECF3FD9385A22D38D2DBEBFF9B85 ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHD64.sys
07:50:19.0218 0x0d0c IntcAzAudAddService - ok
07:50:19.0270 0x0d0c [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
07:50:19.0279 0x0d0c IntcDAud - ok
07:50:19.0401 0x0d0c [ A53C54D81C726BEB508F0005F445C4A0, 81CA5BFB192D4F6C5807BDB4DD07BD726E48CFBB33F60BACD055AA23959DD33D ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
07:50:19.0406 0x0d0c Intel(R) PROSet Monitoring Service - ok
07:50:19.0466 0x0d0c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
07:50:19.0467 0x0d0c intelide - ok
07:50:19.0535 0x0d0c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
07:50:19.0537 0x0d0c intelppm - ok
07:50:19.0604 0x0d0c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:50:19.0609 0x0d0c IPBusEnum - ok
07:50:19.0637 0x0d0c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:50:19.0639 0x0d0c IpFilterDriver - ok
07:50:19.0847 0x0d0c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
07:50:19.0885 0x0d0c iphlpsvc - ok
07:50:19.0954 0x0d0c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
07:50:19.0956 0x0d0c IPMIDRV - ok
07:50:19.0989 0x0d0c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
07:50:19.0992 0x0d0c IPNAT - ok
07:50:20.0649 0x0d0c [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
07:50:20.0660 0x0d0c iPod Service - ok
07:50:20.0791 0x0d0c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:50:20.0792 0x0d0c IRENUM - ok
07:50:20.0821 0x0d0c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
07:50:20.0822 0x0d0c isapnp - ok
07:50:20.0962 0x0d0c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
07:50:20.0969 0x0d0c iScsiPrt - ok
07:50:21.0058 0x0d0c [ 75779002A6084C1A011E195E421A9C75, 03D84CE7E50EEA1DFB298F4CE3669F478920ECEB33513FE2DC16C8BF90DF3830 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
07:50:21.0059 0x0d0c iusb3hcs - ok
07:50:21.0232 0x0d0c [ F390B641FE6115F536B8B78AA71B8814, 8F26FCEC9B1442224A8DEE3B6459F788DBCEDFB206846BFAA3B26E40B06E2D28 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
07:50:21.0239 0x0d0c iusb3hub - ok
07:50:21.0295 0x0d0c [ 653B86AA174FF7661D00EE1E524B234F, F4598336206097DD3C838F7315D87D989D8AB755F773ED613E984C2CC95D511B ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
07:50:21.0322 0x0d0c iusb3xhc - ok
07:50:21.0375 0x0d0c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
07:50:21.0376 0x0d0c kbdclass - ok
07:50:21.0409 0x0d0c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
07:50:21.0410 0x0d0c kbdhid - ok
07:50:21.0431 0x0d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
07:50:21.0433 0x0d0c KeyIso - ok
07:50:21.0498 0x0d0c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:50:21.0500 0x0d0c KSecDD - ok
07:50:21.0588 0x0d0c [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
07:50:21.0592 0x0d0c KSecPkg - ok
07:50:21.0697 0x0d0c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
07:50:21.0699 0x0d0c ksthunk - ok
07:50:21.0848 0x0d0c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
07:50:21.0855 0x0d0c KtmRm - ok
07:50:21.0930 0x0d0c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
07:50:21.0935 0x0d0c LanmanServer - ok
07:50:22.0001 0x0d0c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:50:22.0006 0x0d0c LanmanWorkstation - ok
07:50:22.0042 0x0d0c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:50:22.0044 0x0d0c lltdio - ok
07:50:22.0075 0x0d0c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:50:22.0083 0x0d0c lltdsvc - ok
07:50:22.0108 0x0d0c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:50:22.0110 0x0d0c lmhosts - ok
07:50:22.0131 0x0d0c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
07:50:22.0134 0x0d0c LSI_FC - ok
07:50:22.0139 0x0d0c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
07:50:22.0142 0x0d0c LSI_SAS - ok
07:50:22.0147 0x0d0c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
07:50:22.0149 0x0d0c LSI_SAS2 - ok
07:50:22.0158 0x0d0c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
07:50:22.0162 0x0d0c LSI_SCSI - ok
07:50:22.0211 0x0d0c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
07:50:22.0235 0x0d0c luafv - ok
07:50:22.0363 0x0d0c [ 5C3669B71657F22E67A1D4BD49D2CBE7, 7CAE59AA6CA9CBBD70BBD707A155FB169BF3F71096275BF7C0F415B6A092C671 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
07:50:22.0364 0x0d0c MBAMProtector - ok
07:50:22.0613 0x0d0c [ 6D8A2EE4244630B290A837E79C0F37A1, 6783BBC0BDC93E4D6D43531A1AD0DF5CD26C3BBFA6384927C5CF65AD97FB04AD ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
07:50:22.0653 0x0d0c MBAMScheduler - ok
07:50:22.0920 0x0d0c [ 09D4503CBB6ADB3A54E7C7A75090B728, 6139EA3338FD64205481EDEC813A44F8D395FDA7B67AA431DA61F3631C3EDAE6 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
07:50:22.0946 0x0d0c MBAMService - ok
07:50:23.0004 0x0d0c [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
07:50:23.0006 0x0d0c MBAMSwissArmy - ok
07:50:23.0068 0x0d0c [ 95EF63A7827D4E3A229CBBCB42619E93, FA38DD035B2C4FC82B60868F49D45A39FBBC96096AAD5A2C8BD752A250255BA7 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
07:50:23.0070 0x0d0c MBAMWebAccessControl - ok
07:50:23.0132 0x0d0c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
07:50:23.0135 0x0d0c Mcx2Svc - ok
07:50:23.0200 0x0d0c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
07:50:23.0201 0x0d0c megasas - ok
07:50:23.0306 0x0d0c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
07:50:23.0312 0x0d0c MegaSR - ok
07:50:23.0403 0x0d0c [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
07:50:23.0405 0x0d0c MEIx64 - ok
07:50:23.0473 0x0d0c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
07:50:23.0475 0x0d0c MMCSS - ok
07:50:23.0537 0x0d0c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
07:50:23.0539 0x0d0c Modem - ok
07:50:23.0570 0x0d0c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:50:23.0571 0x0d0c monitor - ok
07:50:23.0601 0x0d0c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
07:50:23.0602 0x0d0c mouclass - ok
07:50:23.0637 0x0d0c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
07:50:23.0638 0x0d0c mouhid - ok
07:50:23.0667 0x0d0c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
07:50:23.0669 0x0d0c mountmgr - ok
07:50:23.0918 0x0d0c [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:50:23.0920 0x0d0c MozillaMaintenance - ok
07:50:24.0055 0x0d0c [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
07:50:24.0062 0x0d0c MpFilter - ok
07:50:24.0085 0x0d0c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
07:50:24.0089 0x0d0c mpio - ok
07:50:24.0108 0x0d0c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:50:24.0110 0x0d0c mpsdrv - ok
07:50:24.0331 0x0d0c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
07:50:24.0373 0x0d0c MpsSvc - ok
07:50:24.0527 0x0d0c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:50:24.0628 0x0d0c MRxDAV - ok
07:50:24.0733 0x0d0c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:50:24.0736 0x0d0c mrxsmb - ok
07:50:24.0836 0x0d0c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:50:24.0841 0x0d0c mrxsmb10 - ok
07:50:24.0873 0x0d0c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:50:24.0876 0x0d0c mrxsmb20 - ok
07:50:24.0931 0x0d0c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
07:50:24.0932 0x0d0c msahci - ok
07:50:25.0000 0x0d0c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
07:50:25.0003 0x0d0c msdsm - ok
07:50:25.0086 0x0d0c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
07:50:25.0090 0x0d0c MSDTC - ok
07:50:25.0115 0x0d0c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:50:25.0116 0x0d0c Msfs - ok
07:50:25.0160 0x0d0c [ F9D215A46A8B9753F61767FA72A20326,
lynda
Regular Member
 
Posts: 47
Joined: October 29th, 2014, 6:21 pm

Re: dllhost.exe COM surrogate problem

Unread postby lynda » November 2nd, 2014, 9:57 am

Part 2 of 3 TDDSKILLER:

6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
07:50:25.0161 0x0d0c mshidkmdf - ok
07:50:25.0223 0x0d0c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
07:50:25.0246 0x0d0c msisadrv - ok
07:50:25.0321 0x0d0c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:50:25.0325 0x0d0c MSiSCSI - ok
07:50:25.0331 0x0d0c msiserver - ok
07:50:25.0409 0x0d0c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:50:25.0425 0x0d0c MSKSSRV - ok
07:50:25.0521 0x0d0c [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:50:25.0522 0x0d0c MsMpSvc - ok
07:50:25.0595 0x0d0c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:50:25.0596 0x0d0c MSPCLOCK - ok
07:50:25.0614 0x0d0c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:50:25.0615 0x0d0c MSPQM - ok
07:50:25.0713 0x0d0c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:50:25.0720 0x0d0c MsRPC - ok
07:50:25.0746 0x0d0c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
07:50:25.0747 0x0d0c mssmbios - ok
07:50:25.0751 0x0d0c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:50:25.0752 0x0d0c MSTEE - ok
07:50:25.0756 0x0d0c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
07:50:25.0757 0x0d0c MTConfig - ok
07:50:25.0778 0x0d0c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
07:50:25.0780 0x0d0c Mup - ok
07:50:25.0954 0x0d0c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
07:50:25.0965 0x0d0c napagent - ok
07:50:26.0065 0x0d0c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:50:26.0071 0x0d0c NativeWifiP - ok
07:50:26.0729 0x0d0c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
07:50:26.0774 0x0d0c NDIS - ok
07:50:26.0824 0x0d0c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
07:50:26.0826 0x0d0c NdisCap - ok
07:50:26.0859 0x0d0c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:50:26.0860 0x0d0c NdisTapi - ok
07:50:26.0892 0x0d0c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:50:26.0894 0x0d0c Ndisuio - ok
07:50:26.0964 0x0d0c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:50:26.0968 0x0d0c NdisWan - ok
07:50:26.0991 0x0d0c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:50:26.0994 0x0d0c NDProxy - ok
07:50:27.0038 0x0d0c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:50:27.0039 0x0d0c NetBIOS - ok
07:50:27.0088 0x0d0c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
07:50:27.0093 0x0d0c NetBT - ok
07:50:27.0122 0x0d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
07:50:27.0124 0x0d0c Netlogon - ok
07:50:27.0254 0x0d0c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
07:50:27.0261 0x0d0c Netman - ok
07:50:27.0702 0x0d0c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:50:27.0705 0x0d0c NetMsmqActivator - ok
07:50:27.0711 0x0d0c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:50:27.0714 0x0d0c NetPipeActivator - ok
07:50:27.0849 0x0d0c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
07:50:27.0857 0x0d0c netprofm - ok
07:50:27.0862 0x0d0c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:50:27.0864 0x0d0c NetTcpActivator - ok
07:50:27.0869 0x0d0c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:50:27.0871 0x0d0c NetTcpPortSharing - ok
07:50:27.0894 0x0d0c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
07:50:27.0896 0x0d0c nfrd960 - ok
07:50:27.0988 0x0d0c [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:50:27.0990 0x0d0c NisDrv - ok
07:50:28.0109 0x0d0c [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
07:50:28.0115 0x0d0c NisSrv - ok
07:50:28.0197 0x0d0c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:50:28.0205 0x0d0c NlaSvc - ok
07:50:28.0225 0x0d0c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:50:28.0227 0x0d0c Npfs - ok
07:50:28.0245 0x0d0c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
07:50:28.0247 0x0d0c nsi - ok
07:50:28.0278 0x0d0c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:50:28.0279 0x0d0c nsiproxy - ok
07:50:28.0579 0x0d0c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:50:28.0623 0x0d0c Ntfs - ok
07:50:28.0687 0x0d0c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
07:50:28.0689 0x0d0c Null - ok
07:50:28.0702 0x0d0c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:50:28.0724 0x0d0c nvraid - ok
07:50:28.0776 0x0d0c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:50:28.0779 0x0d0c nvstor - ok
07:50:28.0811 0x0d0c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
07:50:28.0817 0x0d0c nv_agp - ok
07:50:28.0834 0x0d0c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
07:50:28.0836 0x0d0c ohci1394 - ok
07:50:29.0031 0x0d0c [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:50:29.0034 0x0d0c ose - ok
07:50:29.0298 0x0d0c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:50:29.0476 0x0d0c osppsvc - ok
07:50:29.0597 0x0d0c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
07:50:29.0603 0x0d0c p2pimsvc - ok
07:50:29.0728 0x0d0c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
07:50:29.0740 0x0d0c p2psvc - ok
07:50:29.0763 0x0d0c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
07:50:29.0766 0x0d0c Parport - ok
07:50:29.0819 0x0d0c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:50:29.0821 0x0d0c partmgr - ok
07:50:29.0925 0x0d0c [ F76829EDCD7F5C3C8B500DCB6DC99B25, C39150796B4234D523C9F8114871781E194BD64F7E65C27E46D4035BC7964A08 ] PbaDrvSvc_x64 C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
07:50:29.0926 0x0d0c PbaDrvSvc_x64 - ok
07:50:29.0992 0x0d0c [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
07:50:29.0997 0x0d0c PcaSvc - ok
07:50:30.0069 0x0d0c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
07:50:30.0074 0x0d0c pci - ok
07:50:30.0092 0x0d0c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
07:50:30.0094 0x0d0c pciide - ok
07:50:30.0102 0x0d0c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
07:50:30.0108 0x0d0c pcmcia - ok
07:50:30.0134 0x0d0c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
07:50:30.0138 0x0d0c pcw - ok
07:50:30.0312 0x0d0c [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:50:30.0323 0x0d0c PEAUTH - ok
07:50:30.0383 0x0d0c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
07:50:30.0385 0x0d0c PerfHost - ok
07:50:30.0443 0x0d0c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
07:50:30.0508 0x0d0c pla - ok
07:50:30.0571 0x0d0c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:50:30.0582 0x0d0c PlugPlay - ok
07:50:30.0610 0x0d0c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
07:50:30.0613 0x0d0c PNRPAutoReg - ok
07:50:30.0624 0x0d0c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
07:50:30.0631 0x0d0c PNRPsvc - ok
07:50:30.0666 0x0d0c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:50:30.0682 0x0d0c PolicyAgent - ok
07:50:30.0723 0x0d0c [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
07:50:30.0729 0x0d0c Power - ok
07:50:30.0747 0x0d0c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:50:30.0750 0x0d0c PptpMiniport - ok
07:50:30.0763 0x0d0c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
07:50:30.0765 0x0d0c Processor - ok
07:50:30.0786 0x0d0c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
07:50:30.0793 0x0d0c ProfSvc - ok
07:50:30.0814 0x0d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:50:30.0816 0x0d0c ProtectedStorage - ok
07:50:30.0839 0x0d0c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
07:50:30.0842 0x0d0c Psched - ok
07:50:30.0901 0x0d0c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
07:50:30.0933 0x0d0c ql2300 - ok
07:50:30.0955 0x0d0c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
07:50:30.0959 0x0d0c ql40xx - ok
07:50:30.0979 0x0d0c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
07:50:30.0986 0x0d0c QWAVE - ok
07:50:31.0009 0x0d0c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:50:31.0011 0x0d0c QWAVEdrv - ok
07:50:31.0020 0x0d0c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:50:31.0021 0x0d0c RasAcd - ok
07:50:31.0075 0x0d0c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
07:50:31.0077 0x0d0c RasAgileVpn - ok
07:50:31.0119 0x0d0c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
07:50:31.0122 0x0d0c RasAuto - ok
07:50:31.0140 0x0d0c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:50:31.0144 0x0d0c Rasl2tp - ok
07:50:31.0168 0x0d0c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
07:50:31.0178 0x0d0c RasMan - ok
07:50:31.0203 0x0d0c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:50:31.0206 0x0d0c RasPppoe - ok
07:50:31.0218 0x0d0c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:50:31.0221 0x0d0c RasSstp - ok
07:50:31.0249 0x0d0c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:50:31.0257 0x0d0c rdbss - ok
07:50:31.0311 0x0d0c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
07:50:31.0312 0x0d0c rdpbus - ok
07:50:31.0348 0x0d0c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:50:31.0348 0x0d0c RDPCDD - ok
07:50:31.0373 0x0d0c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:50:31.0374 0x0d0c RDPENCDD - ok
07:50:31.0382 0x0d0c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
07:50:31.0382 0x0d0c RDPREFMP - ok
07:50:31.0457 0x0d0c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:50:31.0463 0x0d0c RDPWD - ok
07:50:31.0479 0x0d0c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
07:50:31.0484 0x0d0c rdyboost - ok
07:50:31.0504 0x0d0c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:50:31.0508 0x0d0c RemoteAccess - ok
07:50:31.0547 0x0d0c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:50:31.0553 0x0d0c RemoteRegistry - ok
07:50:31.0581 0x0d0c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
07:50:31.0585 0x0d0c RpcEptMapper - ok
07:50:31.0597 0x0d0c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
07:50:31.0599 0x0d0c RpcLocator - ok
07:50:31.0621 0x0d0c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
07:50:31.0639 0x0d0c RpcSs - ok
07:50:31.0694 0x0d0c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:50:31.0698 0x0d0c rspndr - ok
07:50:31.0722 0x0d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
07:50:31.0724 0x0d0c SamSs - ok
07:50:31.0752 0x0d0c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
07:50:31.0755 0x0d0c sbp2port - ok
07:50:31.0765 0x0d0c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:50:31.0771 0x0d0c SCardSvr - ok
07:50:31.0776 0x0d0c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
07:50:31.0779 0x0d0c scfilter - ok
07:50:32.0023 0x0d0c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
07:50:32.0046 0x0d0c Schedule - ok
07:50:32.0066 0x0d0c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
07:50:32.0068 0x0d0c SCPolicySvc - ok
07:50:32.0082 0x0d0c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:50:32.0088 0x0d0c SDRSVC - ok
07:50:32.0102 0x0d0c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:50:32.0103 0x0d0c secdrv - ok
07:50:32.0122 0x0d0c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
07:50:32.0125 0x0d0c seclogon - ok
07:50:32.0346 0x0d0c [ 76E42C8F47D06323B501DDE9BFA4239F, 6A3B0C71CC15606F823A0CA03309B64F1794CE976E79DDE3DB6030F8C1685940 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
07:50:32.0421 0x0d0c SecureStorageService - ok
07:50:32.0442 0x0d0c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
07:50:32.0445 0x0d0c SENS - ok
07:50:32.0449 0x0d0c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
07:50:32.0453 0x0d0c SensrSvc - ok
07:50:32.0477 0x0d0c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
07:50:32.0478 0x0d0c Serenum - ok
07:50:32.0511 0x0d0c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
07:50:32.0514 0x0d0c Serial - ok
07:50:32.0530 0x0d0c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
07:50:32.0532 0x0d0c sermouse - ok
07:50:32.0548 0x0d0c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
07:50:32.0552 0x0d0c SessionEnv - ok
07:50:32.0557 0x0d0c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
07:50:32.0558 0x0d0c sffdisk - ok
07:50:32.0563 0x0d0c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
07:50:32.0564 0x0d0c sffp_mmc - ok
07:50:32.0569 0x0d0c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
07:50:32.0571 0x0d0c sffp_sd - ok
07:50:32.0577 0x0d0c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
07:50:32.0579 0x0d0c sfloppy - ok
07:50:32.0685 0x0d0c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
07:50:32.0694 0x0d0c SharedAccess - ok
07:50:32.0819 0x0d0c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:50:32.0828 0x0d0c ShellHWDetection - ok
07:50:32.0832 0x0d0c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
07:50:32.0834 0x0d0c SiSRaid2 - ok
07:50:32.0838 0x0d0c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
07:50:32.0840 0x0d0c SiSRaid4 - ok
07:50:32.0868 0x0d0c [ 4C9F8E72F87F50A6125AAA31B63B2D18, 6EA3C9E8CC0CF848EAA4D760F4526E1FC17EBB731AF45086966EC240C8099367 ] SIUSBXP C:\Windows\system32\drivers\SiUSBXp.sys
07:50:32.0870 0x0d0c SIUSBXP - ok
07:50:32.0875 0x0d0c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:50:32.0878 0x0d0c Smb - ok
07:50:32.0931 0x0d0c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:50:32.0933 0x0d0c SNMPTRAP - ok
07:50:32.0970 0x0d0c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
07:50:32.0971 0x0d0c spldr - ok
07:50:33.0180 0x0d0c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
07:50:33.0194 0x0d0c Spooler - ok
07:50:33.0305 0x0d0c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
07:50:33.0421 0x0d0c sppsvc - ok
07:50:33.0468 0x0d0c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
07:50:33.0471 0x0d0c sppuinotify - ok
07:50:33.0498 0x0d0c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
07:50:33.0507 0x0d0c srv - ok
07:50:33.0590 0x0d0c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:50:33.0599 0x0d0c srv2 - ok
07:50:33.0618 0x0d0c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:50:33.0622 0x0d0c srvnet - ok
07:50:33.0655 0x0d0c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:50:33.0662 0x0d0c SSDPSRV - ok
07:50:33.0678 0x0d0c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:50:33.0682 0x0d0c SstpSvc - ok
07:50:33.0702 0x0d0c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
07:50:33.0703 0x0d0c stexstor - ok
07:50:33.0751 0x0d0c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
07:50:33.0778 0x0d0c stisvc - ok
07:50:33.0807 0x0d0c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
07:50:33.0808 0x0d0c swenum - ok
07:50:33.0834 0x0d0c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
07:50:33.0847 0x0d0c swprv - ok
07:50:34.0051 0x0d0c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
07:50:34.0095 0x0d0c SysMain - ok
07:50:34.0120 0x0d0c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:50:34.0125 0x0d0c TabletInputService - ok
07:50:34.0190 0x0d0c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
07:50:34.0200 0x0d0c TapiSrv - ok
07:50:34.0214 0x0d0c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
07:50:34.0218 0x0d0c TBS - ok
07:50:34.0287 0x0d0c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:50:34.0356 0x0d0c Tcpip - ok
07:50:34.0401 0x0d0c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
07:50:34.0439 0x0d0c TCPIP6 - ok
07:50:34.0475 0x0d0c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:50:34.0477 0x0d0c tcpipreg - ok
07:50:34.0546 0x0d0c [ 40C2F1FAEBF7D5E15A5F264B06D8CC70, AE4816932918E37AD33DBFFE51853B74FE9D1339AEF1B0BCE1C84EE07ADAD62F ] tcsd_win32.exe C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe
07:50:34.0605 0x0d0c tcsd_win32.exe - ok
07:50:34.0819 0x0d0c [ 0C979CD330A5D024F9994B2437BD1F56, 96212A94B534AEC00ADE327531A5983ABD0A6647CB5F907227980A04D2627505 ] TdmService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
07:50:34.0967 0x0d0c TdmService - ok
07:50:35.0023 0x0d0c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:50:35.0024 0x0d0c TDPIPE - ok
07:50:35.0061 0x0d0c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:50:35.0063 0x0d0c TDTCP - ok
07:50:35.0108 0x0d0c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:50:35.0111 0x0d0c tdx - ok
07:50:35.0146 0x0d0c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
07:50:35.0148 0x0d0c TermDD - ok
07:50:35.0272 0x0d0c [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
07:50:35.0297 0x0d0c TermService - ok
07:50:35.0333 0x0d0c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
07:50:35.0336 0x0d0c Themes - ok
07:50:35.0406 0x0d0c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
07:50:35.0409 0x0d0c THREADORDER - ok
07:50:35.0436 0x0d0c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
07:50:35.0439 0x0d0c TrkWks - ok
07:50:35.0576 0x0d0c [ A1965DFC0CD91E7CFC42925F8F597274, 7478D7DACD94F0C3D4F0CDAC9CD71CB03CB45C503DE6B1207A51F989844CB1F3 ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
07:50:35.0578 0x0d0c TrueSight - ok
07:50:35.0602 0x0d0c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:50:35.0607 0x0d0c TrustedInstaller - ok
07:50:35.0631 0x0d0c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:50:35.0633 0x0d0c tssecsrv - ok
07:50:35.0651 0x0d0c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
07:50:35.0653 0x0d0c TsUsbFlt - ok
07:50:35.0658 0x0d0c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
07:50:35.0661 0x0d0c TsUsbGD - ok
07:50:35.0703 0x0d0c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:50:35.0707 0x0d0c tunnel - ok
07:50:35.0718 0x0d0c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
07:50:35.0720 0x0d0c uagp35 - ok
07:50:35.0740 0x0d0c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:50:35.0747 0x0d0c udfs - ok
07:50:35.0769 0x0d0c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:50:35.0772 0x0d0c UI0Detect - ok
07:50:35.0806 0x0d0c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
07:50:35.0808 0x0d0c uliagpkx - ok
07:50:35.0825 0x0d0c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
07:50:35.0829 0x0d0c umbus - ok
07:50:35.0838 0x0d0c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
07:50:35.0839 0x0d0c UmPass - ok
07:50:35.0918 0x0d0c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
07:50:35.0944 0x0d0c upnphost - ok
07:50:36.0043 0x0d0c [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
07:50:36.0048 0x0d0c USBAAPL64 - ok
07:50:36.0102 0x0d0c [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:50:36.0106 0x0d0c usbccgp - ok
07:50:36.0145 0x0d0c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
07:50:36.0147 0x0d0c usbcir - ok
07:50:36.0173 0x0d0c [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
07:50:36.0179 0x0d0c usbehci - ok
07:50:36.0235 0x0d0c [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
07:50:36.0243 0x0d0c usbhub - ok
07:50:36.0364 0x0d0c [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
07:50:36.0365 0x0d0c usbohci - ok
07:50:36.0443 0x0d0c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
07:50:36.0445 0x0d0c usbprint - ok
07:50:36.0495 0x0d0c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
07:50:36.0497 0x0d0c usbscan - ok
07:50:36.0536 0x0d0c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:50:36.0538 0x0d0c USBSTOR - ok
07:50:36.0587 0x0d0c [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
07:50:36.0589 0x0d0c usbuhci - ok
07:50:36.0627 0x0d0c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
07:50:36.0630 0x0d0c UxSms - ok
07:50:36.0656 0x0d0c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
07:50:36.0657 0x0d0c VaultSvc - ok
07:50:36.0708 0x0d0c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
07:50:36.0709 0x0d0c vdrvroot - ok
07:50:36.0730 0x0d0c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
07:50:36.0791 0x0d0c vds - ok
07:50:36.0814 0x0d0c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:50:36.0815 0x0d0c vga - ok
07:50:36.0819 0x0d0c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
07:50:36.0820 0x0d0c VgaSave - ok
07:50:36.0829 0x0d0c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
07:50:36.0834 0x0d0c vhdmp - ok
07:50:36.0886 0x0d0c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
07:50:36.0887 0x0d0c viaide - ok
07:50:36.0921 0x0d0c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
07:50:36.0923 0x0d0c volmgr - ok
07:50:36.0944 0x0d0c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:50:36.0951 0x0d0c volmgrx - ok
07:50:36.0984 0x0d0c [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
07:50:36.0994 0x0d0c volsnap - ok
07:50:37.0030 0x0d0c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
07:50:37.0034 0x0d0c vsmraid - ok
07:50:37.0131 0x0d0c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
07:50:37.0174 0x0d0c VSS - ok
07:50:37.0191 0x0d0c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
07:50:37.0193 0x0d0c vwifibus - ok
07:50:37.0205 0x0d0c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
07:50:37.0215 0x0d0c W32Time - ok
07:50:37.0243 0x0d0c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
07:50:37.0244 0x0d0c WacomPen - ok
07:50:37.0335 0x0d0c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
07:50:37.0338 0x0d0c WANARP - ok
07:50:37.0345 0x0d0c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:50:37.0347 0x0d0c Wanarpv6 - ok
07:50:37.0463 0x0d0c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
07:50:37.0514 0x0d0c WatAdminSvc - ok
07:50:37.0715 0x0d0c [ 547A0D588E8C3FBC81A7BF6069E11213, 9C923F740E47B13DF649D3C4FC28B558A404D3263CC947038107749BE5A3FC24 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
07:50:37.0769 0x0d0c Wave Authentication Manager Service - ok
07:50:37.0846 0x0d0c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
07:50:37.0905 0x0d0c wbengine - ok
07:50:37.0987 0x0d0c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
07:50:37.0993 0x0d0c WbioSrvc - ok
07:50:38.0020 0x0d0c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:50:38.0047 0x0d0c wcncsvc - ok
07:50:38.0126 0x0d0c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:50:38.0129 0x0d0c WcsPlugInService - ok
07:50:38.0136 0x0d0c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
07:50:38.0139 0x0d0c Wd - ok
07:50:38.0338 0x0d0c [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
07:50:38.0339 0x0d0c WDC_SAM - ok
07:50:38.0417 0x0d0c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:50:38.0442 0x0d0c Wdf01000 - ok
07:50:38.0497 0x0d0c [ 95B3CEAF06A2DF96FE28CD0755D319C4, 4BFA65F9786AB80FF321A1D21C243DCCDA168FCD35394B1066BE9379A811F135 ] wdips C:\Windows\system32\drivers\ihdlcv.sys
07:50:38.0504 0x0d0c wdips - ok
07:50:38.0535 0x0d0c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:50:38.0539 0x0d0c WdiServiceHost - ok
07:50:38.0543 0x0d0c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:50:38.0547 0x0d0c WdiSystemHost - ok
07:50:38.0626 0x0d0c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
07:50:38.0644 0x0d0c WebClient - ok
07:50:38.0721 0x0d0c [ CBA25A299ECDBAE3A2300B68598AABA3, 5AC6F75FBDA58CD9D17922AF2780A37B89067EB4A97EE792A644B238BE94490D ] Wecsvc C:\Windows\system32\wecsvc.dll
07:50:38.0728 0x0d0c Wecsvc - ok
07:50:38.0743 0x0d0c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:50:38.0748 0x0d0c wercplsupport - ok
07:50:38.0763 0x0d0c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
07:50:38.0768 0x0d0c WerSvc - ok
07:50:38.0801 0x0d0c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
07:50:38.0805 0x0d0c WfpLwf - ok
07:50:38.0842 0x0d0c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
07:50:38.0847 0x0d0c WIMMount - ok
07:50:38.0907 0x0d0c WinDefend - ok
07:50:38.0922 0x0d0c WinHttpAutoProxySvc - ok
07:50:38.0992 0x0d0c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:50:38.0998 0x0d0c Winmgmt - ok
07:50:39.0134 0x0d0c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
07:50:39.0199 0x0d0c WinRM - ok
07:50:39.0262 0x0d0c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
07:50:39.0263 0x0d0c WinUsb - ok
07:50:39.0324 0x0d0c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
07:50:39.0408 0x0d0c Wlansvc - ok
07:50:39.0921 0x0d0c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:50:39.0968 0x0d0c wlidsvc - ok
07:50:40.0015 0x0d0c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
07:50:40.0016 0x0d0c WmiAcpi - ok
07:50:40.0091 0x0d0c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:50:40.0096 0x0d0c wmiApSrv - ok
07:50:40.0120 0x0d0c WMPNetworkSvc - ok
07:50:40.0133 0x0d0c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:50:40.0136 0x0d0c WPCSvc - ok
07:50:40.0182 0x0d0c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:50:40.0201 0x0d0c WPDBusEnum - ok
07:50:40.0266 0x0d0c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:50:40.0268 0x0d0c ws2ifsl - ok
07:50:40.0463 0x0d0c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
07:50:40.0468 0x0d0c wscsvc - ok
07:50:40.0471 0x0d0c WSearch - ok
07:50:40.0666 0x0d0c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
07:50:40.0747 0x0d0c wuauserv - ok
07:50:40.0787 0x0d0c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
07:50:40.0790 0x0d0c WudfPf - ok
07:50:40.0829 0x0d0c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:50:40.0834 0x0d0c WUDFRd - ok
07:50:40.0887 0x0d0c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:50:40.0891 0x0d0c wudfsvc - ok
07:50:40.0956 0x0d0c [ 20E4DCE310F474F71F71D1EBE04B82F0, 0F4EDCF47E61BFE1253BA93FAC64F204FAA72C5DC076FBBF306003AD0276869F ] WvPCR C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
07:50:40.0962 0x0d0c WvPCR - ok
07:50:41.0056 0x0d0c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
07:50:41.0063 0x0d0c WwanSvc - ok
07:50:41.0098 0x0d0c ================ Scan global ===============================
07:50:41.0150 0x0d0c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
07:50:41.0165 0x0d0c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
07:50:41.0200 0x0d0c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
07:50:41.0269 0x0d0c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
07:50:41.0330 0x0d0c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
07:50:41.0339 0x0d0c [ Global ] - ok
07:50:41.0343 0x0d0c ================ Scan MBR ==================================
07:50:41.0385 0x0d0c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
07:50:41.0766 0x0d0c \Device\Harddisk0\DR0 - ok
07:50:41.0767 0x0d0c ================ Scan VBR ==================================
07:50:41.0771 0x0d0c [ 4AFF295273D60441A3A80E5A26AC7CA6 ] \Device\Harddisk0\DR0\Partition1
07:50:41.0891 0x0d0c \Device\Harddisk0\DR0\Partition1 - ok
07:50:41.0904 0x0d0c [ 008C7B4B9D015CA6AC9D47493C224898 ] \Device\Harddisk0\DR0\Partition2
07:50:42.0006 0x0d0c \Device\Harddisk0\DR0\Partition2 - ok
07:50:42.0007 0x0d0c ================ Scan generic autorun ======================
07:50:42.0107 0x0d0c [ A5CC90E39091FD58ADCB9FEED3EB0112, E55BB4F7F43EC54B91646FC196BFE81E0A53B555E16083978420ED3B89458D4D ] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
07:50:42.0221 0x0d0c RtHDVCpl - ok
07:50:42.0294 0x0d0c [ 6D1370238D80B1DDC158654D8A5200AA, E16B1A003C560A2EEE7AB90C987C976B446221B08E8FFFC9012A4762AC650970 ] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
07:50:42.0302 0x0d0c TdmNotify - ok
07:50:42.0425 0x0d0c [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
07:50:42.0453 0x0d0c MSC - ok
07:50:42.0515 0x0d0c [ 7FB5D43F89B2D1ED308C697784104D48, C8E90A760919FC246FFBA5E34F15CAC0968D44218BA01F4A48377E7296F9B7E0 ] C:\Program Files\Greenshot\Greenshot.exe
07:50:42.0530 0x0d0c Greenshot - ok
07:50:42.0560 0x0d0c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
07:50:42.0563 0x0d0c Logitech Download Assistant - ok
07:50:42.0589 0x0d0c [ 9D3281F6BA13057E39DE362900B43F45, D4B3442CDF290561DA51FF44DAF885604342D0B9AF42AD78CA3F61AA9E60B809 ] C:\Windows\system32\igfxtray.exe
07:50:42.0594 0x0d0c IgfxTray - ok
07:50:42.0622 0x0d0c [ AEBD7FD2670A1CBE3A4B38067F483B96, F2852DF9B198FFF6A6B4488F768DF5F0AC2E8B5311DC802FE7D0BA05E6DBE554 ] C:\Windows\system32\hkcmd.exe
07:50:42.0631 0x0d0c HotKeysCmds - ok
07:50:42.0675 0x0d0c [ E960BF8EDA5153F66A46DD305F208B0A, 06B99DCFB7BCB2B32993317157C52FC987EEA831B02713454F61D185770A22E6 ] C:\Windows\system32\igfxpers.exe
07:50:42.0685 0x0d0c Persistence - ok
07:50:42.0784 0x0d0c [ 796227FCA947A0B8E3D6A097B27F2363, F14B1F8CF253A27554D4C24228911355FA475AABF086B66A498E825E8E3CBFA5 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
07:50:42.0790 0x0d0c USB3MON - ok
07:50:42.0857 0x0d0c [ BB43C092AE2CC1B02E59FB259247D26E, E6AF6F29E9145C317972617284EF2B52C40933C4F1E0936DDDE7567929481408 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
07:50:42.0859 0x0d0c IAStorIcon - ok
07:50:42.0904 0x0d0c [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
07:50:42.0906 0x0d0c APSDaemon - ok
07:50:42.0968 0x0d0c [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
07:50:42.0996 0x0d0c Adobe ARM - ok
07:50:43.0104 0x0d0c CitrixReceiver - ok
07:50:43.0173 0x0d0c [ A785978D962E2768C62FC283071F938A, CEBEA4964EF3A0D6FEAEA3456423F14210AF10041D4156CD17D9752426D2263A ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
07:50:43.0182 0x0d0c ConnectionCenter - ok
07:50:43.0212 0x0d0c [ 3FBD05B5A4E13DFC7D7BE7459BDF7EB8, C73146EC537C81FCEC3B70DDF945F7DB95616A6825B178E3B207CE5C56C16325 ] C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
07:50:43.0215 0x0d0c Redirector - ok
07:50:43.0360 0x0d0c [ 46A1426064203CE6E02430B4660EE04F, 33D685ED8E57ED74B31EAD1A6D9AA8D335608F4B37EF443825FE7EA382C1CE1A ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
07:50:43.0459 0x0d0c Fitbit Connect - ok
07:50:43.0511 0x0d0c [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
07:50:43.0515 0x0d0c iTunesHelper - ok
07:50:43.0726 0x0d0c [ 6AD64E318ED6B5F04AFAC2849DE05EA0, E71BAAC529BA31762519342303DA0AF1BD230DD1EDBACD1B0CA261041F21BEBB ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
07:50:43.0750 0x0d0c CanonQuickMenu - ok
07:50:43.0874 0x0d0c [ 6B53177248AC5327FFB5CB2D5C500C94, 2F03DA955BF63BDCA979B76B263FBE4EB1BA2A76476EF0D9145E66CAB781C67C ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
07:50:43.0885 0x0d0c IJNetworkScannerSelectorEX - ok
07:50:43.0990 0x0d0c [ 842C198BB5FB3A051C34D493F3A7DFF4, DAAA42E02CC0D268FAEB72FE37D75A8832C1A31207C789138BBE9FCB1A98B183 ] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
07:50:44.0439 0x0d0c Malwarebytes Anti-Malware (cleanup) - ok
07:50:44.0505 0x0d0c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
07:50:44.0529 0x0d0c Sidebar - ok
07:50:44.0598 0x0d0c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
07:50:44.0601 0x0d0c mctadmin - ok
07:50:44.0625 0x0d0c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
07:50:44.0647 0x0d0c Sidebar - ok
07:50:44.0653 0x0d0c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
07:50:44.0656 0x0d0c mctadmin - ok
07:50:44.0734 0x0d0c [ A6E45D093DCC8A6E235962153401B5D9, 0579322E7DF33236FC72CEF2FA7BFA57FEA6FEC8E2080DEF901C18D2D2B26D47 ] C:\Program Files (x86)\Fitbit\fitbit-tray.exe
07:50:44.0801 0x0d0c Fitbit Service Monitor - ok
07:50:44.0929 0x0d0c [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
07:50:44.0963 0x0d0c Sidebar - ok
07:50:45.0265 0x0d0c [ 4084E12C0EB927FB788EB9A42BAA1B6C, A033BF6081771DF6B946D85621BFD1D0096879BFD57FD5B987C6E6397FAC78A1 ] C:\Program Files (x86)\Origin\Origin.exe
07:50:45.0370 0x0d0c EADM - ok
07:50:45.0484 0x0d0c [ 46A1426064203CE6E02430B4660EE04F, 33D685ED8E57ED74B31EAD1A6D9AA8D335608F4B37EF443825FE7EA382C1CE1A ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
07:50:45.0556 0x0d0c Fitbit Connect - ok
07:50:45.0560 0x0d0c Waiting for KSN requests completion. In queue: 81
07:50:46.0560 0x0d0c Waiting for KSN requests completion. In queue: 81
07:50:47.0560 0x0d0c Waiting for KSN requests completion. In queue: 81
07:50:48.0560 0x0d0c Waiting for KSN requests completion. In queue: 81
07:50:49.0560 0x0d0c Waiting for KSN requests completion. In queue: 81
07:50:50.0561 0x0d0c Waiting for KSN requests completion. In queue: 81
07:50:51.0561 0x0d0c Waiting for KSN requests completion. In queue: 81
07:50:52.0561 0x0d0c Waiting for KSN requests completion. In queue: 81
07:50:54.0107 0x0d0c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
07:50:54.0276 0x0d0c Win FW state via NFP2: enabled
07:50:57.0296 0x0d0c ============================================================
07:50:57.0296 0x0d0c Scan finished
07:50:57.0296 0x0d0c ============================================================
07:50:57.0308 0x3458 Detected object count: 0
07:50:57.0308 0x3458 Actual detected object count: 0
07:51:22.0637 0x3974 ============================================================
07:51:22.0637 0x3974 Scan started
07:51:22.0637 0x3974 Mode: Manual; SigCheck;
07:51:22.0637 0x3974 ============================================================
07:51:22.0637 0x3974 KSN ping started
07:51:25.0587 0x3974 KSN ping finished: true
07:51:27.0970 0x3974 ================ Scan system memory ========================
07:51:27.0970 0x3974 System memory - ok
07:51:27.0971 0x3974 ================ Scan services =============================
07:51:28.0113 0x3974 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
07:51:28.0383 0x3974 1394ohci - ok
lynda
Regular Member
 
Posts: 47
Joined: October 29th, 2014, 6:21 pm

Re: dllhost.exe COM surrogate problem

Unread postby lynda » November 2nd, 2014, 9:59 am

Part 3 of 3 TDSSKILLER:

07:51:28.0461 0x3974 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
07:51:28.0486 0x3974 ACPI - ok
07:51:28.0512 0x3974 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
07:51:28.0602 0x3974 AcpiPmi - ok
07:51:28.0686 0x3974 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:51:28.0699 0x3974 AdobeARMservice - ok
07:51:28.0934 0x3974 [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:51:28.0964 0x3974 AdobeFlashPlayerUpdateSvc - ok
07:51:29.0058 0x3974 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
07:51:29.0096 0x3974 adp94xx - ok
07:51:29.0126 0x3974 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
07:51:29.0144 0x3974 adpahci - ok
07:51:29.0158 0x3974 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
07:51:29.0174 0x3974 adpu320 - ok
07:51:29.0224 0x3974 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
07:51:29.0474 0x3974 AeLookupSvc - ok
07:51:29.0532 0x3974 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
07:51:29.0674 0x3974 AFD - ok
07:51:29.0704 0x3974 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
07:51:29.0717 0x3974 agp440 - ok
07:51:29.0763 0x3974 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
07:51:29.0849 0x3974 ALG - ok
07:51:29.0865 0x3974 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
07:51:29.0876 0x3974 aliide - ok
07:51:29.0881 0x3974 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
07:51:29.0892 0x3974 amdide - ok
07:51:29.0909 0x3974 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
07:51:29.0979 0x3974 AmdK8 - ok
07:51:30.0010 0x3974 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
07:51:30.0050 0x3974 AmdPPM - ok
07:51:30.0090 0x3974 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
07:51:30.0104 0x3974 amdsata - ok
07:51:30.0131 0x3974 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
07:51:30.0155 0x3974 amdsbs - ok
07:51:30.0178 0x3974 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
07:51:30.0189 0x3974 amdxata - ok
07:51:30.0210 0x3974 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
07:51:30.0354 0x3974 AppID - ok
07:51:30.0378 0x3974 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
07:51:30.0404 0x3974 AppIDSvc - ok
07:51:30.0467 0x3974 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
07:51:30.0531 0x3974 Appinfo - ok
07:51:30.0542 0x3974 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
07:51:30.0554 0x3974 arc - ok
07:51:30.0599 0x3974 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
07:51:30.0612 0x3974 arcsas - ok
07:51:30.0741 0x3974 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
07:51:30.0755 0x3974 aspnet_state - ok
07:51:30.0760 0x3974 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
07:51:30.0831 0x3974 AsyncMac - ok
07:51:30.0884 0x3974 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
07:51:30.0895 0x3974 atapi - ok
07:51:30.0949 0x3974 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:51:31.0032 0x3974 AudioEndpointBuilder - ok
07:51:31.0074 0x3974 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv C:\Windows\System32\Audiosrv.dll
07:51:31.0193 0x3974 AudioSrv - ok
07:51:31.0231 0x3974 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
07:51:31.0350 0x3974 AxInstSV - ok
07:51:31.0378 0x3974 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
07:51:31.0455 0x3974 b06bdrv - ok
07:51:31.0470 0x3974 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
07:51:31.0532 0x3974 b57nd60a - ok
07:51:31.0572 0x3974 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
07:51:31.0661 0x3974 BDESVC - ok
07:51:31.0676 0x3974 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
07:51:31.0742 0x3974 Beep - ok
07:51:31.0793 0x3974 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
07:51:31.0941 0x3974 BFE - ok
07:51:31.0977 0x3974 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
07:51:32.0223 0x3974 BITS - ok
07:51:32.0259 0x3974 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
07:51:32.0301 0x3974 blbdrive - ok
07:51:32.0420 0x3974 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:51:32.0443 0x3974 Bonjour Service - ok
07:51:32.0482 0x3974 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
07:51:32.0642 0x3974 bowser - ok
07:51:32.0679 0x3974 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
07:51:32.0728 0x3974 BrFiltLo - ok
07:51:32.0732 0x3974 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
07:51:32.0783 0x3974 BrFiltUp - ok
07:51:32.0800 0x3974 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
07:51:32.0834 0x3974 Browser - ok
07:51:32.0847 0x3974 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
07:51:32.0932 0x3974 Brserid - ok
07:51:32.0938 0x3974 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
07:51:32.0961 0x3974 BrSerWdm - ok
07:51:32.0967 0x3974 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
07:51:32.0982 0x3974 BrUsbMdm - ok
07:51:32.0988 0x3974 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
07:51:33.0001 0x3974 BrUsbSer - ok
07:51:33.0017 0x3974 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
07:51:33.0036 0x3974 BTHMODEM - ok
07:51:33.0067 0x3974 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
07:51:33.0116 0x3974 bthserv - ok
07:51:33.0154 0x3974 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
07:51:33.0247 0x3974 cdfs - ok
07:51:33.0285 0x3974 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
07:51:33.0329 0x3974 cdrom - ok
07:51:33.0355 0x3974 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
07:51:33.0391 0x3974 CertPropSvc - ok
07:51:33.0397 0x3974 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
07:51:33.0431 0x3974 circlass - ok
07:51:33.0441 0x3974 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
07:51:33.0478 0x3974 CLFS - ok
07:51:33.0708 0x3974 [ 871EEE78F98D6E31C80FD39433A8FE2F, 67602F597FADA1E7102BC373287A4A78339E057D37FCEAD0B2502F70450EC7CE ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
07:51:33.0821 0x3974 ClickToRunSvc - ok
07:51:33.0866 0x3974 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:51:33.0878 0x3974 clr_optimization_v2.0.50727_32 - ok
07:51:33.0934 0x3974 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
07:51:33.0945 0x3974 clr_optimization_v2.0.50727_64 - ok
07:51:33.0980 0x3974 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:51:33.0995 0x3974 clr_optimization_v4.0.30319_32 - ok
07:51:34.0026 0x3974 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
07:51:34.0042 0x3974 clr_optimization_v4.0.30319_64 - ok
07:51:34.0047 0x3974 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
07:51:34.0092 0x3974 CmBatt - ok
07:51:34.0123 0x3974 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
07:51:34.0134 0x3974 cmdide - ok
07:51:34.0191 0x3974 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
07:51:34.0236 0x3974 CNG - ok
07:51:34.0245 0x3974 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
07:51:34.0255 0x3974 Compbatt - ok
07:51:34.0304 0x3974 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
07:51:34.0340 0x3974 CompositeBus - ok
07:51:34.0345 0x3974 COMSysApp - ok
07:51:34.0411 0x3974 [ 2FACE3C1610D5857CB88D622086D7C5E, 60CA9C75E27BD93FAC8C2FA81D4B8C047A25CB0452F631B8E7B5292DBA2F5FF7 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
07:51:34.0517 0x3974 cphs - ok
07:51:34.0522 0x3974 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
07:51:34.0534 0x3974 crcdisk - ok
07:51:34.0582 0x3974 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
07:51:34.0654 0x3974 CryptSvc - ok
07:51:34.0689 0x3974 [ 48D4184201452D112577C3649B591C1F, 823DFC7CB3FB4CECAFAB949085D2036E5E607DC9A7C34C774C0BB21E086BA4ED ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
07:51:34.0717 0x3974 ctxusbm - ok
07:51:34.0757 0x3974 [ E1617EC33B0B88FEC429BF6EB7B9FA52, 8F9A784674DDF4B2924645836AB03BA54D714FA16BB9130EE36E96C6D2073D6A ] dcdbas C:\Windows\system32\DRIVERS\dcdbas64.sys
07:51:34.0781 0x3974 dcdbas - ok
07:51:34.0844 0x3974 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
07:51:34.0971 0x3974 DcomLaunch - ok
07:51:35.0019 0x3974 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
07:51:35.0125 0x3974 defragsvc - ok
07:51:35.0187 0x3974 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
07:51:35.0317 0x3974 DfsC - ok
07:51:35.0364 0x3974 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
07:51:35.0558 0x3974 Dhcp - ok
07:51:35.0586 0x3974 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
07:51:35.0634 0x3974 discache - ok
07:51:35.0650 0x3974 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
07:51:35.0663 0x3974 Disk - ok
07:51:35.0694 0x3974 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
07:51:35.0748 0x3974 Dnscache - ok
07:51:35.0776 0x3974 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
07:51:35.0835 0x3974 dot3svc - ok
07:51:35.0853 0x3974 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
07:51:35.0906 0x3974 DPS - ok
07:51:35.0942 0x3974 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
07:51:35.0989 0x3974 drmkaud - ok
07:51:36.0040 0x3974 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
07:51:36.0091 0x3974 DXGKrnl - ok
07:51:36.0123 0x3974 [ 6FA47EE7164599CA962451BD704F7FBA, 489E93414A74D6095D768F1347C1D5E2D3A2BFB6DE16DAA5C0A73CF061BF113D ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
07:51:36.0162 0x3974 e1cexpress - ok
07:51:36.0224 0x3974 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
07:51:36.0274 0x3974 EapHost - ok
07:51:36.0430 0x3974 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
07:51:36.0553 0x3974 ebdrv - ok
07:51:36.0610 0x3974 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
07:51:36.0683 0x3974 EFS - ok
07:51:36.0760 0x3974 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
07:51:36.0882 0x3974 ehRecvr - ok
07:51:36.0982 0x3974 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
07:51:37.0088 0x3974 ehSched - ok
07:51:37.0151 0x3974 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
07:51:37.0174 0x3974 elxstor - ok
07:51:37.0243 0x3974 [ F44EC0A46E92B7AA3A1BBB693DAF0EF9, E168159074EE26C3FB8CF3CEB941509B93EE91BA0C626D957997B7E5ADD0EF26 ] EmbassyService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
07:51:37.0261 0x3974 EmbassyService - ok
07:51:37.0265 0x3974 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
07:51:37.0404 0x3974 ErrDev - ok
07:51:37.0459 0x3974 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
07:51:37.0514 0x3974 EventSystem - ok
07:51:37.0524 0x3974 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
07:51:37.0620 0x3974 exfat - ok
07:51:37.0738 0x3974 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
07:51:37.0780 0x3974 fastfat - ok
07:51:37.0823 0x3974 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
07:51:37.0893 0x3974 Fax - ok
07:51:37.0916 0x3974 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
07:51:38.0010 0x3974 fdc - ok
07:51:38.0050 0x3974 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
07:51:38.0299 0x3974 fdPHost - ok
07:51:38.0336 0x3974 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
07:51:38.0388 0x3974 FDResPub - ok
07:51:38.0425 0x3974 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
07:51:38.0438 0x3974 FileInfo - ok
07:51:38.0517 0x3974 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
07:51:38.0643 0x3974 Filetrace - ok
07:51:38.0720 0x3974 [ 6E68E646ECB5874520A6B96A952C8938, 5EEE32AE128CEEB0483CE08325E0996B2585C03C6684526D65B3772370CED52B ] Fitbit C:\Program Files (x86)\Fitbit\fitbit.exe
07:51:38.0848 0x3974 Fitbit - detected UnsignedFile.Multi.Generic ( 1 )
07:51:38.0848 0x3974 Detect skipped due to KSN trusted
07:51:38.0848 0x3974 Fitbit - ok
07:51:38.0999 0x3974 [ 2EEF003D6E8C32F171C9ECC3BBE208DC, 027DEDCFC56E06FA8D2D9961E82D94A94BDD6BE443364BDB92C8AE4080BA5FBE ] Fitbit Connect C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
07:51:39.0059 0x3974 Fitbit Connect - ok
07:51:39.0082 0x3974 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
07:51:39.0165 0x3974 flpydisk - ok
07:51:39.0203 0x3974 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
07:51:39.0221 0x3974 FltMgr - ok
07:51:39.0285 0x3974 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
07:51:39.0378 0x3974 FontCache - ok
07:51:39.0482 0x3974 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:51:39.0493 0x3974 FontCache3.0.0.0 - ok
07:51:39.0499 0x3974 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
07:51:39.0511 0x3974 FsDepends - ok
07:51:39.0560 0x3974 [ B16B626996C74B564005BA855C5DEE90, B432C669EB610C262B18F3F8308EEE1B910DE7F7BC2A8EB5483419DC52A07AE1 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
07:51:39.0574 0x3974 fssfltr - ok
07:51:39.0667 0x3974 [ 812E1BA5C52A78F13EA6AA10DF708B1D, CF1C4D8E072CF0D66C977DFA4C852E5CE757843BEAF5D29454D26A9AC5766E61 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
07:51:39.0759 0x3974 fsssvc - ok
07:51:39.0787 0x3974 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:51:39.0800 0x3974 Fs_Rec - ok
07:51:39.0819 0x3974 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
07:51:39.0839 0x3974 fvevol - ok
07:51:39.0923 0x3974 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
07:51:39.0936 0x3974 gagp30kx - ok
07:51:39.0961 0x3974 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
07:51:39.0970 0x3974 GEARAspiWDM - ok
07:51:40.0033 0x3974 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
07:51:40.0138 0x3974 gpsvc - ok
07:51:40.0173 0x3974 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
07:51:40.0299 0x3974 hcw85cir - ok
07:51:40.0343 0x3974 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
07:51:40.0383 0x3974 HDAudBus - ok
07:51:40.0440 0x3974 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
07:51:40.0519 0x3974 HidBatt - ok
07:51:40.0529 0x3974 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
07:51:40.0616 0x3974 HidBth - ok
07:51:40.0677 0x3974 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
07:51:40.0905 0x3974 HidIr - ok
07:51:40.0992 0x3974 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
07:51:41.0261 0x3974 hidserv - ok
07:51:41.0385 0x3974 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
07:51:41.0501 0x3974 HidUsb - ok
07:51:41.0545 0x3974 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:51:41.0650 0x3974 hkmsvc - ok
07:51:41.0683 0x3974 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:51:41.0729 0x3974 HomeGroupListener - ok
07:51:41.0751 0x3974 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:51:41.0786 0x3974 HomeGroupProvider - ok
07:51:41.0812 0x3974 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
07:51:41.0835 0x3974 HpSAMD - ok
07:51:41.0893 0x3974 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:51:42.0006 0x3974 HTTP - ok
07:51:42.0044 0x3974 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
07:51:42.0055 0x3974 hwpolicy - ok
07:51:42.0073 0x3974 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
07:51:42.0120 0x3974 i8042prt - ok
07:51:42.0232 0x3974 [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor C:\Windows\system32\drivers\iaStor.sys
07:51:42.0272 0x3974 iaStor - ok
07:51:42.0353 0x3974 [ 1F35EFEC56CD1BF62435EAF97EABC3B3, 0246EB0295D28A33FC4C430117FFEE2B553C007040DB975EFCBB29FF881F2D4B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
07:51:42.0362 0x3974 IAStorDataMgrSvc - ok
07:51:42.0436 0x3974 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
07:51:42.0457 0x3974 iaStorV - ok
07:51:42.0546 0x3974 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
07:51:42.0560 0x3974 ICCS - ok
07:51:42.0674 0x3974 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:51:42.0751 0x3974 idsvc - ok
07:51:42.0762 0x3974 IEEtwCollectorService - ok
07:51:42.0953 0x3974 [ 0143C860F0D09B8465AE803FDDB47BE9, C11B079AC7338981BA844BF62B96FDC4FD83018E9F67CCA9ADE426978FCF2562 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
07:51:43.0229 0x3974 igfx - ok
07:51:43.0272 0x3974 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
07:51:43.0285 0x3974 iirsp - ok
07:51:43.0407 0x3974 [ EDCCC8C13B1EB882F77BA0ABB84566E7, DB299C1D2CFC197CF2FE69358F5EEDE94DCC4C919AF5D2CDFFF0DE476612C988 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
07:51:43.0420 0x3974 IJPLMSVC - ok
07:51:43.0482 0x3974 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
07:51:43.0763 0x3974 IKEEXT - ok
07:51:43.0894 0x3974 [ 561E2397C1F6B7DD01D95D1A7AF22BD3, 3B60A5D2A9485079BCD33F6906B410EA4377ECF3FD9385A22D38D2DBEBFF9B85 ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHD64.sys
07:51:44.0015 0x3974 IntcAzAudAddService - ok
07:51:44.0049 0x3974 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
07:51:44.0147 0x3974 IntcDAud - ok
07:51:44.0263 0x3974 [ A53C54D81C726BEB508F0005F445C4A0, 81CA5BFB192D4F6C5807BDB4DD07BD726E48CFBB33F60BACD055AA23959DD33D ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
07:51:44.0283 0x3974 Intel(R) PROSet Monitoring Service - ok
07:51:44.0328 0x3974 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
07:51:44.0339 0x3974 intelide - ok
07:51:44.0356 0x3974 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
07:51:44.0385 0x3974 intelppm - ok
07:51:44.0457 0x3974 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:51:44.0512 0x3974 IPBusEnum - ok
07:51:44.0520 0x3974 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:51:44.0555 0x3974 IpFilterDriver - ok
07:51:44.0603 0x3974 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
07:51:44.0780 0x3974 iphlpsvc - ok
07:51:44.0791 0x3974 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
07:51:44.0816 0x3974 IPMIDRV - ok
07:51:44.0834 0x3974 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
07:51:45.0013 0x3974 IPNAT - ok
07:51:45.0083 0x3974 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
07:51:45.0122 0x3974 iPod Service - ok
07:51:45.0153 0x3974 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:51:45.0207 0x3974 IRENUM - ok
07:51:45.0215 0x3974 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
07:51:45.0226 0x3974 isapnp - ok
07:51:45.0291 0x3974 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
07:51:45.0334 0x3974 iScsiPrt - ok
07:51:45.0395 0x3974 [ 75779002A6084C1A011E195E421A9C75, 03D84CE7E50EEA1DFB298F4CE3669F478920ECEB33513FE2DC16C8BF90DF3830 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
07:51:45.0426 0x3974 iusb3hcs - ok
07:51:45.0471 0x3974 [ F390B641FE6115F536B8B78AA71B8814, 8F26FCEC9B1442224A8DEE3B6459F788DBCEDFB206846BFAA3B26E40B06E2D28 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
07:51:45.0520 0x3974 iusb3hub - ok
07:51:45.0565 0x3974 [ 653B86AA174FF7661D00EE1E524B234F, F4598336206097DD3C838F7315D87D989D8AB755F773ED613E984C2CC95D511B ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
07:51:45.0663 0x3974 iusb3xhc - ok
07:51:45.0704 0x3974 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
07:51:45.0718 0x3974 kbdclass - ok
07:51:45.0724 0x3974 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
07:51:45.0923 0x3974 kbdhid - ok
07:51:45.0960 0x3974 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
07:51:45.0980 0x3974 KeyIso - ok
07:51:46.0010 0x3974 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:51:46.0024 0x3974 KSecDD - ok
07:51:46.0059 0x3974 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
07:51:46.0078 0x3974 KSecPkg - ok
07:51:46.0118 0x3974 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
07:51:46.0270 0x3974 ksthunk - ok
07:51:46.0329 0x3974 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
07:51:46.0416 0x3974 KtmRm - ok
07:51:46.0467 0x3974 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
07:51:46.0661 0x3974 LanmanServer - ok
07:51:46.0721 0x3974 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:51:46.0788 0x3974 LanmanWorkstation - ok
07:51:46.0810 0x3974 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:51:46.0981 0x3974 lltdio - ok
07:51:47.0141 0x3974 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:51:47.0264 0x3974 lltdsvc - ok
07:51:47.0320 0x3974 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:51:47.0469 0x3974 lmhosts - ok
07:51:47.0501 0x3974 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
07:51:47.0516 0x3974 LSI_FC - ok
07:51:47.0527 0x3974 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
07:51:47.0541 0x3974 LSI_SAS - ok
07:51:47.0548 0x3974 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
07:51:47.0560 0x3974 LSI_SAS2 - ok
07:51:47.0594 0x3974 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
07:51:47.0612 0x3974 LSI_SCSI - ok
07:51:47.0698 0x3974 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
07:51:47.0746 0x3974 luafv - ok
07:51:47.0784 0x3974 [ 5C3669B71657F22E67A1D4BD49D2CBE7, 7CAE59AA6CA9CBBD70BBD707A155FB169BF3F71096275BF7C0F415B6A092C671 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
07:51:47.0794 0x3974 MBAMProtector - ok
07:51:47.0889 0x3974 [ 6D8A2EE4244630B290A837E79C0F37A1, 6783BBC0BDC93E4D6D43531A1AD0DF5CD26C3BBFA6384927C5CF65AD97FB04AD ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
07:51:47.0960 0x3974 MBAMScheduler - ok
07:51:48.0045 0x3974 [ 09D4503CBB6ADB3A54E7C7A75090B728, 6139EA3338FD64205481EDEC813A44F8D395FDA7B67AA431DA61F3631C3EDAE6 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
07:51:48.0076 0x3974 MBAMService - ok
07:51:48.0241 0x3974 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
07:51:48.0267 0x3974 MBAMSwissArmy - ok
07:51:48.0339 0x3974 [ 95EF63A7827D4E3A229CBBCB42619E93, FA38DD035B2C4FC82B60868F49D45A39FBBC96096AAD5A2C8BD752A250255BA7 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
07:51:48.0390 0x3974 MBAMWebAccessControl - ok
07:51:48.0461 0x3974 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
07:51:48.0478 0x3974 Mcx2Svc - ok
07:51:48.0503 0x3974 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
07:51:48.0515 0x3974 megasas - ok
07:51:48.0526 0x3974 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
07:51:48.0546 0x3974 MegaSR - ok
07:51:48.0624 0x3974 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
07:51:48.0674 0x3974 MEIx64 - ok
07:51:48.0710 0x3974 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
07:51:48.0973 0x3974 MMCSS - ok
07:51:48.0985 0x3974 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
07:51:49.0120 0x3974 Modem - ok
07:51:49.0132 0x3974 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:51:49.0215 0x3974 monitor - ok
07:51:49.0246 0x3974 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
07:51:49.0259 0x3974 mouclass - ok
07:51:49.0299 0x3974 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
07:51:49.0317 0x3974 mouhid - ok
07:51:49.0340 0x3974 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
07:51:49.0354 0x3974 mountmgr - ok
07:51:49.0413 0x3974 [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:51:49.0427 0x3974 MozillaMaintenance - ok
07:51:49.0492 0x3974 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
07:51:49.0550 0x3974 MpFilter - ok
07:51:49.0579 0x3974 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
07:51:49.0594 0x3974 mpio - ok
07:51:49.0637 0x3974 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:51:49.0758 0x3974 mpsdrv - ok
07:51:49.0802 0x3974 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
07:51:49.0920 0x3974 MpsSvc - ok
07:51:49.0981 0x3974 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:51:50.0287 0x3974 MRxDAV - ok
07:51:50.0373 0x3974 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:51:50.0469 0x3974 mrxsmb - ok
07:51:50.0493 0x3974 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:51:50.0546 0x3974 mrxsmb10 - ok
07:51:50.0578 0x3974 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:51:50.0628 0x3974 mrxsmb20 - ok
07:51:50.0709 0x3974 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
07:51:50.0721 0x3974 msahci - ok
07:51:50.0737 0x3974 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
07:51:50.0754 0x3974 msdsm - ok
07:51:50.0789 0x3974 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
07:51:50.0842 0x3974 MSDTC - ok
07:51:50.0902 0x3974 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:51:50.0946 0x3974 Msfs - ok
07:51:50.0972 0x3974 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
07:51:51.0063 0x3974 mshidkmdf - ok
07:51:51.0101 0x3974 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
07:51:51.0113 0x3974 msisadrv - ok
07:51:51.0195 0x3974 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:51:51.0303 0x3974 MSiSCSI - ok
07:51:51.0326 0x3974 msiserver - ok
07:51:51.0333 0x3974 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:51:51.0378 0x3974 MSKSSRV - ok
07:51:51.0450 0x3974 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
07:51:51.0462 0x3974 MsMpSvc - ok
07:51:51.0475 0x3974 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:51:51.0647 0x3974 MSPCLOCK - ok
07:51:51.0660 0x3974 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:51:51.0734 0x3974 MSPQM - ok
07:51:51.0800 0x3974 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:51:51.0821 0x3974 MsRPC - ok
07:51:51.0858 0x3974 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
07:51:51.0869 0x3974 mssmbios - ok
07:51:51.0884 0x3974 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:51:51.0974 0x3974 MSTEE - ok
07:51:51.0978 0x3974 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
07:51:52.0035 0x3974 MTConfig - ok
07:51:52.0074 0x3974 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
07:51:52.0087 0x3974 Mup - ok
07:51:52.0126 0x3974 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
07:51:52.0215 0x3974 napagent - ok
07:51:52.0244 0x3974 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:51:52.0270 0x3974 NativeWifiP - ok
07:51:52.0369 0x3974 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
07:51:52.0409 0x3974 NDIS - ok
07:51:52.0445 0x3974 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
07:51:52.0494 0x3974 NdisCap - ok
07:51:52.0513 0x3974 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:51:52.0640 0x3974 NdisTapi - ok
07:51:52.0644 0x3974 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:51:52.0852 0x3974 Ndisuio - ok
07:51:52.0885 0x3974 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:51:52.0929 0x3974 NdisWan - ok
07:51:52.0945 0x3974 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:51:52.0995 0x3974 NDProxy - ok
07:51:53.0016 0x3974 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:51:53.0296 0x3974 NetBIOS - ok
07:51:53.0338 0x3974 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
07:51:53.0396 0x3974 NetBT - ok
07:51:53.0443 0x3974 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
07:51:53.0523 0x3974 Netlogon - ok
07:51:53.0594 0x3974 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
07:51:53.0667 0x3974 Netman - ok
07:51:53.0715 0x3974 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:51:53.0731 0x3974 NetMsmqActivator - ok
07:51:53.0748 0x3974 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:51:53.0762 0x3974 NetPipeActivator - ok
07:51:53.0781 0x3974 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
07:51:53.0885 0x3974 netprofm - ok
07:51:53.0892 0x3974 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:51:53.0907 0x3974 NetTcpActivator - ok
07:51:53.0915 0x3974 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:51:53.0930 0x3974 NetTcpPortSharing - ok
07:51:53.0971 0x3974 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
07:51:53.0985 0x3974 nfrd960 - ok
07:51:54.0026 0x3974 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
07:51:54.0042 0x3974 NisDrv - ok
07:51:54.0072 0x3974 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
07:51:54.0097 0x3974 NisSrv - ok
07:51:54.0127 0x3974 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:51:54.0231 0x3974 NlaSvc - ok
07:51:54.0295 0x3974 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:51:54.0428 0x3974 Npfs - ok
07:51:54.0456 0x3974 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
07:51:54.0540 0x3974 nsi - ok
07:51:54.0556 0x3974 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:51:54.0671 0x3974 nsiproxy - ok
07:51:54.0743 0x3974 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:51:54.0819 0x3974 Ntfs - ok
07:51:54.0848 0x3974 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
07:51:54.0980 0x3974 Null - ok
07:51:55.0005 0x3974 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:51:55.0021 0x3974 nvraid - ok
07:51:55.0038 0x3974 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:51:55.0053 0x3974 nvstor - ok
07:51:55.0069 0x3974 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
07:51:55.0083 0x3974 nv_agp - ok
07:51:55.0104 0x3974 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
07:51:55.0158 0x3974 ohci1394 - ok
07:51:55.0218 0x3974 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:51:55.0234 0x3974 ose - ok
07:51:55.0436 0x3974 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:51:55.0709 0x3974 osppsvc - ok
07:51:55.0760 0x3974 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
07:51:55.0810 0x3974 p2pimsvc - ok
07:51:55.0834 0x3974 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
07:51:55.0893 0x3974 p2psvc - ok
07:51:55.0902 0x3974 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
07:51:55.0989 0x3974 Parport - ok
07:51:56.0031 0x3974 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:51:56.0046 0x3974 partmgr - ok
07:51:56.0070 0x3974 [ F76829EDCD7F5C3C8B500DCB6DC99B25, C39150796B4234D523C9F8114871781E194BD64F7E65C27E46D4035BC7964A08 ] PbaDrvSvc_x64 C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
07:51:56.0178 0x3974 PbaDrvSvc_x64 - detected UnsignedFile.Multi.Generic ( 1 )
07:51:56.0178 0x3974 Detect skipped due to KSN trusted
07:51:56.0178 0x3974 PbaDrvSvc_x64 - ok
07:51:56.0229 0x3974 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
07:51:56.0495 0x3974 PcaSvc - ok
07:51:56.0540 0x3974 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
07:51:56.0556 0x3974 pci - ok
07:51:56.0579 0x3974 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
07:51:56.0592 0x3974 pciide - ok
07:51:56.0631 0x3974 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
07:51:56.0648 0x3974 pcmcia - ok
07:51:56.0662 0x3974 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
07:51:56.0676 0x3974 pcw - ok
07:51:56.0727 0x3974 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:51:56.0816 0x3974 PEAUTH - ok
07:51:56.0919 0x3974 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
07:51:56.0960 0x3974 PerfHost - ok
07:51:57.0120 0x3974 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
07:51:57.0269 0x3974 pla - ok
07:51:57.0312 0x3974 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:51:57.0410 0x3974 PlugPlay - ok
07:51:57.0464 0x3974 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
07:51:57.0522 0x3974 PNRPAutoReg - ok
07:51:57.0543 0x3974 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
07:51:57.0578 0x3974 PNRPsvc - ok
07:51:57.0618 0x3974 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:51:57.0676 0x3974 PolicyAgent - ok
07:51:57.0718 0x3974 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
07:51:57.0803 0x3974 Power - ok
07:51:57.0825 0x3974 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:51:57.0961 0x3974 PptpMiniport - ok
07:51:57.0979 0x3974 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
07:51:58.0006 0x3974 Processor - ok
07:51:58.0056 0x3974 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
07:51:58.0241 0x3974 ProfSvc - ok
07:51:58.0267 0x3974 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:51:58.0288 0x3974 ProtectedStorage - ok
07:51:58.0326 0x3974 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
07:51:58.0393 0x3974 Psched - ok
07:51:58.0520 0x3974 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
07:51:58.0579 0x3974 ql2300 - ok
07:51:58.0601 0x3974 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
07:51:58.0615 0x3974 ql40xx - ok
07:51:58.0666 0x3974 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
07:51:58.0714 0x3974 QWAVE - ok
07:51:58.0754 0x3974 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:51:58.0933 0x3974 QWAVEdrv - ok
07:51:58.0940 0x3974 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:51:59.0039 0x3974 RasAcd - ok
07:51:59.0087 0x3974 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
07:51:59.0126 0x3974 RasAgileVpn - ok
07:51:59.0165 0x3974 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
07:51:59.0215 0x3974 RasAuto - ok
07:51:59.0269 0x3974 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:51:59.0477 0x3974 Rasl2tp - ok
07:51:59.0490 0x3974 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
07:51:59.0544 0x3974 RasMan - ok
07:51:59.0565 0x3974 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:51:59.0706 0x3974 RasPppoe - ok
07:51:59.0723 0x3974 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:51:59.0804 0x3974 RasSstp - ok
07:51:59.0846 0x3974 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:51:59.0936 0x3974 rdbss - ok
07:51:59.0942 0x3974 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
07:51:59.0972 0x3974 rdpbus - ok
07:51:59.0994 0x3974 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:52:00.0085 0x3974 RDPCDD - ok
07:52:00.0219 0x3974 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:52:00.0275 0x3974 RDPENCDD - ok
07:52:00.0300 0x3974 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
07:52:00.0344 0x3974 RDPREFMP - ok
07:52:00.0463 0x3974 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:52:00.0671 0x3974 RDPWD - ok
07:52:00.0709 0x3974 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
07:52:00.0723 0x3974 rdyboost - ok
07:52:00.0792 0x3974 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:52:00.0869 0x3974 RemoteAccess - ok
07:52:00.0893 0x3974 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:52:00.0977 0x3974 RemoteRegistry - ok
07:52:01.0044 0x3974 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
07:52:01.0110 0x3974 RpcEptMapper - ok
07:52:01.0159 0x3974 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
07:52:01.0198 0x3974 RpcLocator - ok
07:52:01.0234 0x3974 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
07:52:01.0285 0x3974 RpcSs - ok
07:52:01.0298 0x3974 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:52:01.0449 0x3974 rspndr - ok
07:52:01.0493 0x3974 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
07:52:01.0650 0x3974 SamSs - ok
07:52:01.0673 0x3974 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
07:52:01.0689 0x3974 sbp2port - ok
07:52:01.0762 0x3974 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:52:01.0828 0x3974 SCardSvr - ok
07:52:01.0863 0x3974 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
07:52:01.0903 0x3974 scfilter - ok
07:52:01.0955 0x3974 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
07:52:02.0071 0x3974 Schedule - ok
07:52:02.0095 0x3974 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
07:52:02.0136 0x3974 SCPolicySvc - ok
07:52:02.0158 0x3974 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:52:02.0318 0x3974 SDRSVC - ok
07:52:02.0356 0x3974 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:52:02.0425 0x3974 secdrv - ok
07:52:02.0495 0x3974 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
07:52:02.0616 0x3974 seclogon - ok
07:52:02.0755 0x3974 [ 76E42C8F47D06323B501DDE9BFA4239F, 6A3B0C71CC15606F823A0CA03309B64F1794CE976E79DDE3DB6030F8C1685940 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
07:52:02.0851 0x3974 SecureStorageService - ok
07:52:02.0878 0x3974 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
07:52:02.0937 0x3974 SENS - ok
07:52:02.0943 0x3974 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
07:52:03.0055 0x3974 SensrSvc - ok
07:52:03.0088 0x3974 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
07:52:03.0209 0x3974 Serenum - ok
07:52:03.0224 0x3974 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
07:52:03.0246 0x3974 Serial - ok
07:52:03.0266 0x3974 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
07:52:03.0307 0x3974 sermouse - ok
07:52:03.0364 0x3974 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
07:52:03.0484 0x3974 SessionEnv - ok
07:52:03.0501 0x3974 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
07:52:03.0542 0x3974 sffdisk - ok
07:52:03.0548 0x3974 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
07:52:03.0659 0x3974 sffp_mmc - ok
07:52:03.0687 0x3974 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
07:52:03.0717 0x3974 sffp_sd - ok
07:52:03.0724 0x3974 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
07:52:03.0758 0x3974 sfloppy - ok
07:52:03.0811 0x3974 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
07:52:03.0897 0x3974 SharedAccess - ok
07:52:03.0949 0x3974 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:52:03.0994 0x3974 ShellHWDetection - ok
07:52:04.0019 0x3974 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
07:52:04.0031 0x3974 SiSRaid2 - ok
07:52:04.0036 0x3974 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
07:52:04.0049 0x3974 SiSRaid4 - ok
07:52:04.0080 0x3974 [ 4C9F8E72F87F50A6125AAA31B63B2D18, 6EA3C9E8CC0CF848EAA4D760F4526E1FC17EBB731AF45086966EC240C8099367 ] SIUSBXP C:\Windows\system32\drivers\SiUSBXp.sys
07:52:04.0095 0x3974 SIUSBXP - ok
07:52:04.0109 0x3974 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:52:04.0176 0x3974 Smb - ok
07:52:04.0226 0x3974 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:52:04.0241 0x3974 SNMPTRAP - ok
07:52:04.0274 0x3974 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
07:52:04.0285 0x3974 spldr - ok
07:52:04.0367 0x3974 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
07:52:04.0466 0x3974 Spooler - ok
07:52:04.0636 0x3974 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
07:52:04.0834 0x3974 sppsvc - ok
07:52:04.0871 0x3974 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
07:52:05.0015 0x3974 sppuinotify - ok
07:52:05.0137 0x3974 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
07:52:05.0235 0x3974 srv - ok
07:52:05.0261 0x3974 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:52:05.0393 0x3974 srv2 - ok
07:52:05.0429 0x3974 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:52:05.0510 0x3974 srvnet - ok
07:52:05.0550 0x3974 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:52:05.0615 0x3974 SSDPSRV - ok
07:52:05.0673 0x3974 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:52:05.0837 0x3974 SstpSvc - ok
07:52:05.0880 0x3974 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
07:52:05.0895 0x3974 stexstor - ok
07:52:05.0921 0x3974 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
07:52:06.0038 0x3974 stisvc - ok
07:52:06.0068 0x3974 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
07:52:06.0087 0x3974 swenum - ok
07:52:06.0121 0x3974 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
07:52:06.0193 0x3974 swprv - ok
07:52:06.0304 0x3974 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
07:52:06.0511 0x3974 SysMain - ok
07:52:06.0548 0x3974 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:52:06.0686 0x3974 TabletInputService - ok
07:52:06.0751 0x3974 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
07:52:06.0831 0x3974 TapiSrv - ok
07:52:06.0842 0x3974 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
07:52:06.0965 0x3974 TBS - ok
07:52:07.0049 0x3974 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:52:07.0125 0x3974 Tcpip - ok
07:52:07.0189 0x3974 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
07:52:07.0254 0x3974 TCPIP6 - ok
07:52:07.0320 0x3974 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:52:07.0381 0x3974 tcpipreg - ok
07:52:07.0486 0x3974 [ 40C2F1FAEBF7D5E15A5F264B06D8CC70, AE4816932918E37AD33DBFFE51853B74FE9D1339AEF1B0BCE1C84EE07ADAD62F ] tcsd_win32.exe C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe
07:52:07.0554 0x3974 tcsd_win32.exe - detected UnsignedFile.Multi.Generic ( 1 )
07:52:07.0554 0x3974 Detect skipped due to KSN trusted
07:52:07.0554 0x3974 tcsd_win32.exe - ok
07:52:07.0926 0x3974 [ 0C979CD330A5D024F9994B2437BD1F56, 96212A94B534AEC00ADE327531A5983ABD0A6647CB5F907227980A04D2627505 ] TdmService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
07:52:08.0115 0x3974 TdmService - ok
07:52:08.0151 0x3974 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:52:08.0197 0x3974 TDPIPE - ok
07:52:08.0230 0x3974 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:52:08.0245 0x3974 TDTCP - ok
07:52:08.0311 0x3974 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:52:08.0421 0x3974 tdx - ok
07:52:08.0449 0x3974 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
07:52:08.0468 0x3974 TermDD - ok
07:52:08.0524 0x3974 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
07:52:08.0562 0x3974 TermService - ok
07:52:08.0619 0x3974 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
07:52:08.0666 0x3974 Themes - ok
07:52:08.0734 0x3974 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
07:52:08.0889 0x3974 THREADORDER - ok
07:52:08.0923 0x3974 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
07:52:09.0111 0x3974 TrkWks - ok
07:52:09.0163 0x3974 [ A1965DFC0CD91E7CFC42925F8F597274, 7478D7DACD94F0C3D4F0CDAC9CD71CB03CB45C503DE6B1207A51F989844CB1F3 ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
07:52:09.0180 0x3974 TrueSight - ok
07:52:09.0206 0x3974 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:52:09.0280 0x3974 TrustedInstaller - ok
07:52:09.0313 0x3974 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:52:09.0365 0x3974 tssecsrv - ok
07:52:09.0371 0x3974 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
07:52:09.0400 0x3974 TsUsbFlt - ok
07:52:09.0463 0x3974 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
07:52:09.0530 0x3974 TsUsbGD - ok
07:52:09.0565 0x3974 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:52:09.0639 0x3974 tunnel - ok
07:52:09.0644 0x3974 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
07:52:09.0657 0x3974 uagp35 - ok
07:52:09.0684 0x3974 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:52:09.0727 0x3974 udfs - ok
07:52:09.0771 0x3974 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:52:09.0835 0x3974 UI0Detect - ok
07:52:09.0846 0x3974 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
07:52:09.0860 0x3974 uliagpkx - ok
07:52:09.0878 0x3974 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
07:52:09.0937 0x3974 umbus - ok
07:52:09.0977 0x3974 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
07:52:09.0996 0x3974 UmPass - ok
07:52:10.0017 0x3974 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
07:52:10.0086 0x3974 upnphost - ok
07:52:10.0211 0x3974 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
07:52:10.0223 0x3974 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
07:52:10.0223 0x3974 Detect skipped due to KSN trusted
07:52:10.0223 0x3974 USBAAPL64 - ok
07:52:10.0260 0x3974 [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:52:10.0337 0x3974 usbccgp - ok
07:52:10.0395 0x3974 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
07:52:10.0436 0x3974 usbcir - ok
07:52:10.0500 0x3974 [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
07:52:10.0627 0x3974 usbehci - ok
07:52:10.0671 0x3974 [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
07:52:10.0759 0x3974 usbhub - ok
07:52:10.0799 0x3974 [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
07:52:10.0812 0x3974 usbohci - ok
07:52:10.0896 0x3974 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
07:52:10.0935 0x3974 usbprint - ok
07:52:10.0964 0x3974 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
07:52:11.0261 0x3974 usbscan - ok
07:52:11.0278 0x3974 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:52:11.0341 0x3974 USBSTOR - ok
07:52:11.0381 0x3974 [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
07:52:11.0400 0x3974 usbuhci - ok
07:52:11.0455 0x3974 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
07:52:11.0559 0x3974 UxSms - ok
07:52:11.0591 0x3974 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
07:52:11.0635 0x3974 VaultSvc - ok
07:52:11.0677 0x3974 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
07:52:11.0689 0x3974 vdrvroot - ok
07:52:11.0726 0x3974 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
07:52:11.0792 0x3974 vds - ok
07:52:11.0809 0x3974 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:52:11.0834 0x3974 vga - ok
07:52:11.0877 0x3974 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
07:52:11.0979 0x3974 VgaSave - ok
07:52:12.0044 0x3974 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
07:52:12.0063 0x3974 vhdmp - ok
07:52:12.0105 0x3974 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
07:52:12.0117 0x3974 viaide - ok
07:52:12.0215 0x3974 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
07:52:12.0228 0x3974 volmgr - ok
07:52:12.0271 0x3974 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:52:12.0294 0x3974 volmgrx - ok
07:52:12.0370 0x3974 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
07:52:12.0404 0x3974 volsnap - ok
07:52:12.0440 0x3974 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
07:52:12.0456 0x3974 vsmraid - ok
07:52:12.0514 0x3974 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
07:52:12.0658 0x3974 VSS - ok
07:52:12.0694 0x3974 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
07:52:12.0749 0x3974 vwifibus - ok
07:52:12.0761 0x3974 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
07:52:12.0831 0x3974 W32Time - ok
07:52:12.0838 0x3974 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
07:52:12.0993 0x3974 WacomPen - ok
07:52:13.0065 0x3974 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
07:52:13.0104 0x3974 WANARP - ok
07:52:13.0109 0x3974 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:52:13.0228 0x3974 Wanarpv6 - ok
07:52:13.0321 0x3974 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
07:52:13.0379 0x3974 WatAdminSvc - ok
07:52:13.0549 0x3974 [ 547A0D588E8C3FBC81A7BF6069E11213, 9C923F740E47B13DF649D3C4FC28B558A404D3263CC947038107749BE5A3FC24 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
07:52:13.0729 0x3974 Wave Authentication Manager Service - detected UnsignedFile.Multi.Generic ( 1 )
07:52:13.0729 0x3974 Detect skipped due to KSN trusted
07:52:13.0729 0x3974 Wave Authentication Manager Service - ok
07:52:13.0783 0x3974 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
07:52:13.0909 0x3974 wbengine - ok
07:52:13.0928 0x3974 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
07:52:14.0026 0x3974 WbioSrvc - ok
07:52:14.0050 0x3974 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:52:14.0111 0x3974 wcncsvc - ok
07:52:14.0146 0x3974 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:52:14.0210 0x3974 WcsPlugInService - ok
07:52:14.0219 0x3974 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
07:52:14.0230 0x3974 Wd - ok
07:52:14.0265 0x3974 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
07:52:14.0361 0x3974 WDC_SAM - ok
07:52:14.0437 0x3974 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:52:14.0486 0x3974 Wdf01000 - ok
07:52:14.0550 0x3974 [ 95B3CEAF06A2DF96FE28CD0755D319C4, 4BFA65F9786AB80FF321A1D21C243DCCDA168FCD35394B1066BE9379A811F135 ] wdips C:\Windows\system32\drivers\ihdlcv.sys
07:52:14.0569 0x3974 wdips - ok
07:52:14.0604 0x3974 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:52:14.0720 0x3974 WdiServiceHost - ok
07:52:14.0729 0x3974 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:52:14.0776 0x3974 WdiSystemHost - ok
07:52:14.0829 0x3974 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
07:52:14.0957 0x3974 WebClient - ok
07:52:15.0032 0x3974 [ CBA25A299ECDBAE3A2300B68598AABA3, 5AC6F75FBDA58CD9D17922AF2780A37B89067EB4A97EE792A644B238BE94490D ] Wecsvc C:\Windows\system32\wecsvc.dll
07:52:15.0391 0x3974 Wecsvc - ok
07:52:15.0461 0x3974 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:52:15.0506 0x3974 wercplsupport - ok
07:52:15.0573 0x3974 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
07:52:15.0645 0x3974 WerSvc - ok
07:52:15.0678 0x3974 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
07:52:15.0714 0x3974 WfpLwf - ok
07:52:15.0719 0x3974 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
07:52:15.0730 0x3974 WIMMount - ok
07:52:15.0776 0x3974 WinDefend - ok
07:52:15.0816 0x3974 WinHttpAutoProxySvc - ok
07:52:15.0940 0x3974 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:52:16.0088 0x3974 Winmgmt - ok
07:52:16.0176 0x3974 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
07:52:16.0312 0x3974 WinRM - ok
07:52:16.0406 0x3974 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
07:52:16.0518 0x3974 WinUsb - ok
07:52:17.0077 0x3974 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
07:52:17.0177 0x3974 Wlansvc - ok
07:52:17.0609 0x3974 [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:52:17.0702 0x3974 wlidsvc - ok
07:52:17.0918 0x3974 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
07:52:17.0941 0x3974 WmiAcpi - ok
07:52:18.0019 0x3974 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:52:18.0042 0x3974 wmiApSrv - ok
07:52:18.0065 0x3974 WMPNetworkSvc - ok
07:52:18.0201 0x3974 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:52:18.0275 0x3974 WPCSvc - ok
07:52:18.0285 0x3974 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:52:18.0390 0x3974 WPDBusEnum - ok
07:52:18.0436 0x3974 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:52:18.0488 0x3974 ws2ifsl - ok
07:52:18.0550 0x3974 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
07:52:18.0577 0x3974 wscsvc - ok
07:52:18.0591 0x3974 WSearch - ok
07:52:18.0806 0x3974 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
07:52:18.0928 0x3974 wuauserv - ok
07:52:18.0982 0x3974 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
07:52:19.0068 0x3974 WudfPf - ok
07:52:19.0149 0x3974 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:52:19.0171 0x3974 WUDFRd - ok
07:52:19.0207 0x3974 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:52:19.0252 0x3974 wudfsvc - ok
07:52:19.0335 0x3974 [ 20E4DCE310F474F71F71D1EBE04B82F0, 0F4EDCF47E61BFE1253BA93FAC64F204FAA72C5DC076FBBF306003AD0276869F ] WvPCR C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
07:52:19.0348 0x3974 WvPCR - ok
07:52:19.0426 0x3974 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
07:52:19.0465 0x3974 WwanSvc - ok
07:52:19.0534 0x3974 ================ Scan global ===============================
07:52:19.0570 0x3974 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
07:52:19.0593 0x3974 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
07:52:19.0627 0x3974 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
07:52:19.0714 0x3974 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
07:52:19.0750 0x3974 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
07:52:19.0759 0x3974 [ Global ] - ok
07:52:19.0760 0x3974 ================ Scan MBR ==================================
07:52:19.0838 0x3974 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
07:52:20.0005 0x3974 \Device\Harddisk0\DR0 - ok
07:52:20.0006 0x3974 ================ Scan VBR ==================================
07:52:20.0008 0x3974 [ 4AFF295273D60441A3A80E5A26AC7CA6 ] \Device\Harddisk0\DR0\Partition1
07:52:20.0086 0x3974 \Device\Harddisk0\DR0\Partition1 - ok
07:52:20.0091 0x3974 [ 008C7B4B9D015CA6AC9D47493C224898 ] \Device\Harddisk0\DR0\Partition2
07:52:20.0286 0x3974 \Device\Harddisk0\DR0\Partition2 - ok
07:52:20.0287 0x3974 ================ Scan generic autorun ======================
07:52:20.0447 0x3974 [ A5CC90E39091FD58ADCB9FEED3EB0112, E55BB4F7F43EC54B91646FC196BFE81E0A53B555E16083978420ED3B89458D4D ] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
07:52:20.0588 0x3974 RtHDVCpl - ok
07:52:20.0632 0x3974 [ 6D1370238D80B1DDC158654D8A5200AA, E16B1A003C560A2EEE7AB90C987C976B446221B08E8FFFC9012A4762AC650970 ] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
07:52:20.0653 0x3974 TdmNotify - ok
07:52:20.0781 0x3974 [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
07:52:20.0877 0x3974 MSC - ok
07:52:20.0957 0x3974 [ 7FB5D43F89B2D1ED308C697784104D48, C8E90A760919FC246FFBA5E34F15CAC0968D44218BA01F4A48377E7296F9B7E0 ] C:\Program Files\Greenshot\Greenshot.exe
07:52:21.0056 0x3974 Greenshot - detected UnsignedFile.Multi.Generic ( 1 )
07:52:21.0056 0x3974 Detect skipped due to KSN trusted
07:52:21.0056 0x3974 Greenshot - ok
07:52:21.0088 0x3974 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
07:52:21.0182 0x3974 Logitech Download Assistant - ok
07:52:21.0217 0x3974 [ 9D3281F6BA13057E39DE362900B43F45, D4B3442CDF290561DA51FF44DAF885604342D0B9AF42AD78CA3F61AA9E60B809 ] C:\Windows\system32\igfxtray.exe
07:52:21.0308 0x3974 IgfxTray - ok
07:52:21.0350 0x3974 [ AEBD7FD2670A1CBE3A4B38067F483B96, F2852DF9B198FFF6A6B4488F768DF5F0AC2E8B5311DC802FE7D0BA05E6DBE554 ] C:\Windows\system32\hkcmd.exe
07:52:21.0400 0x3974 HotKeysCmds - ok
07:52:21.0514 0x3974 [ E960BF8EDA5153F66A46DD305F208B0A, 06B99DCFB7BCB2B32993317157C52FC987EEA831B02713454F61D185770A22E6 ] C:\Windows\system32\igfxpers.exe
07:52:21.0541 0x3974 Persistence - ok
07:52:21.0728 0x3974 [ 796227FCA947A0B8E3D6A097B27F2363, F14B1F8CF253A27554D4C24228911355FA475AABF086B66A498E825E8E3CBFA5 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
07:52:21.0749 0x3974 USB3MON - ok
07:52:21.0885 0x3974 [ BB43C092AE2CC1B02E59FB259247D26E, E6AF6F29E9145C317972617284EF2B52C40933C4F1E0936DDDE7567929481408 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
07:52:21.0905 0x3974 IAStorIcon - ok
07:52:22.0016 0x3974 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
07:52:22.0027 0x3974 APSDaemon - ok
07:52:22.0142 0x3974 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
07:52:22.0239 0x3974 Adobe ARM - ok
07:52:22.0339 0x3974 CitrixReceiver - ok
07:52:22.0468 0x3974 [ A785978D962E2768C62FC283071F938A, CEBEA4964EF3A0D6FEAEA3456423F14210AF10041D4156CD17D9752426D2263A ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
07:52:22.0499 0x3974 ConnectionCenter - ok
07:52:22.0531 0x3974 [ 3FBD05B5A4E13DFC7D7BE7459BDF7EB8, C73146EC537C81FCEC3B70DDF945F7DB95616A6825B178E3B207CE5C56C16325 ] C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
07:52:22.0544 0x3974 Redirector - ok
07:52:22.0762 0x3974 [ 46A1426064203CE6E02430B4660EE04F, 33D685ED8E57ED74B31EAD1A6D9AA8D335608F4B37EF443825FE7EA382C1CE1A ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
07:52:22.0937 0x3974 Fitbit Connect - ok
07:52:23.0035 0x3974 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
07:52:23.0064 0x3974 iTunesHelper - ok
07:52:23.0494 0x3974 [ 6AD64E318ED6B5F04AFAC2849DE05EA0, E71BAAC529BA31762519342303DA0AF1BD230DD1EDBACD1B0CA261041F21BEBB ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
07:52:23.0535 0x3974 CanonQuickMenu - ok
07:52:23.0778 0x3974 [ 6B53177248AC5327FFB5CB2D5C500C94, 2F03DA955BF63BDCA979B76B263FBE4EB1BA2A76476EF0D9145E66CAB781C67C ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
07:52:23.0810 0x3974 IJNetworkScannerSelectorEX - ok
07:52:24.0027 0x3974 [ 842C198BB5FB3A051C34D493F3A7DFF4, DAAA42E02CC0D268FAEB72FE37D75A8832C1A31207C789138BBE9FCB1A98B183 ] C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe
07:52:24.0040 0x3974 Malwarebytes Anti-Malware (cleanup) - ok
07:52:24.0212 0x3974 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
07:52:24.0294 0x3974 Sidebar - ok
07:52:24.0335 0x3974 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
07:52:24.0354 0x3974 mctadmin - ok
07:52:24.0401 0x3974 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
07:52:24.0479 0x3974 Sidebar - ok
07:52:24.0502 0x3974 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
07:52:24.0529 0x3974 mctadmin - ok
07:52:24.0654 0x3974 [ A6E45D093DCC8A6E235962153401B5D9, 0579322E7DF33236FC72CEF2FA7BFA57FEA6FEC8E2080DEF901C18D2D2B26D47 ] C:\Program Files (x86)\Fitbit\fitbit-tray.exe
07:52:24.0800 0x3974 Fitbit Service Monitor - detected UnsignedFile.Multi.Generic ( 1 )
07:52:24.0800 0x3974 Detect skipped due to KSN trusted
07:52:24.0800 0x3974 Fitbit Service Monitor - ok
07:52:24.0980 0x3974 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
lynda
Regular Member
 
Posts: 47
Joined: October 29th, 2014, 6:21 pm

Re: dllhost.exe COM surrogate problem

Unread postby lynda » November 2nd, 2014, 9:59 am

Part 4 of TDSSKiller

07:52:25.0178 0x3974 Sidebar - ok
07:52:25.0628 0x3974 [ 4084E12C0EB927FB788EB9A42BAA1B6C, A033BF6081771DF6B946D85621BFD1D0096879BFD57FD5B987C6E6397FAC78A1 ] C:\Program Files (x86)\Origin\Origin.exe
07:52:25.0795 0x3974 EADM - ok
07:52:26.0019 0x3974 [ 46A1426064203CE6E02430B4660EE04F, 33D685ED8E57ED74B31EAD1A6D9AA8D335608F4B37EF443825FE7EA382C1CE1A ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
07:52:26.0174 0x3974 Fitbit Connect - ok
07:52:26.0264 0x3974 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
07:52:26.0421 0x3974 Win FW state via NFP2: enabled
07:52:29.0637 0x3974 ============================================================
07:52:29.0637 0x3974 Scan finished
07:52:29.0637 0x3974 ============================================================
07:52:29.0689 0x3ff0 Detected object count: 0
07:52:29.0689 0x3ff0 Actual detected object count: 0
lynda
Regular Member
 
Posts: 47
Joined: October 29th, 2014, 6:21 pm

Re: dllhost.exe COM surrogate problem

Unread postby pgmigg » November 2nd, 2014, 12:07 pm

Hello lynda,

Please press simultaneously Ctrl + Alt + Del and select Start Task Manager.
The Windows Task Manager window will be opened. Please select Processes tab.

Please find all dllhost.exe entries in the list (first column labeled Image Name) and tell me what you can see under column labeled Description for all such processes.

Then we will decide what to do next...

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: dllhost.exe COM surrogate problem

Unread postby lynda » November 2nd, 2014, 2:16 pm

This is how I first found of this problem. When I currently look at the task manager I see multiple 'dllhost.exe *.32' with COM Surrogate in the description for 6 out of the 7 running. The top one does not have a Description.
Under the memory column the memory keeps increasing on all of those with the COM Surrogate in Description. Also as I type another dllhost.exe *32 COM Surrogate jsut started.

If i were to right click on one of these and ask for the 'FILE Location" it takes me to C:\Windows\SysWOW64.

If i "end process" on one of these it will allow me to kill all the ones labeled "COM Surrogate" but eventually they start back up.
I also notice when these are all ENDED then I do not receive the MalwareBytes popups. The Second I start seeeing the MalwareBytes Popups i see these "COM Surrogate" processes running.
lynda
Regular Member
 
Posts: 47
Joined: October 29th, 2014, 6:21 pm

Re: dllhost.exe COM surrogate problem

Unread postby pgmigg » November 2nd, 2014, 9:45 pm

Hello lynda,

This is how I first found of this problem. When I currently look at the task manager I see multiple 'dllhost.exe *.32' with COM Surrogate in the description for 6 out of the 7 running. The top one does not have a Description.
Under the memory column the memory keeps increasing on all of those with the COM Surrogate in Description.
Very well! :D Right now I know everything I would like to know. Let start cleaning...

Step 1.
OTL - Run Fix Script
You should still have OTL.exe on your desktop.
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe, select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Underneath Output at the top, make sure Standard Output is selected.
  3. Highlight and copy the following entries: into the Image text box.
    (Do not include the words Code: Select all - instead of it please click the Select all button next to Code: to select the entire script.)
    Code: Select all
    :Commands
    [createrestorepoint]
    
    :Processes
    ctfmon.exe
    dllhost.exe
    
    :Files
    C:\Windows\Prefetch\*.*
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Windows\SysWOW64\MsCtfMonitor.dll
    C:\Windows\SysWOW64\dllhost.exe
    C:\Windows\System32\dllhost.exe
    C:\Windows\winsxs\amd64_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_a018e05d0d33081d\dllhost.exe
    C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43fa44d954d596e7\dllhost.exe
    
    :Reg
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\753197c2_0]
    @=""
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList]
    "a"=-
    [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
    "C:\Windows\System32\dllhost.exe"=-
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\COMSysApp]
    "ImagePath"=
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\COMSysApp]
    "ImagePath"=
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\COMSysApp]
    "ImagePath"=
    [HKEY_USERS\S-1-5-21-1962258163-3716458331-2083168627-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\753197c2_0]
    @=""
    [HKEY_USERS\S-1-5-21-1962258163-3716458331-2083168627-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList]
    "a"=-
    [HKEY_USERS\S-1-5-21-1962258163-3716458331-2083168627-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
    "C:\Windows\System32\dllhost.exe"=-
    [HKEY_USERS\S-1-5-21-1962258163-3716458331-2083168627-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
    "C:\Windows\System32\dllhost.exe"=-
    
    :Commands
    [emptyflash]
    [emptyjava]
    [emptytemp]
    
  4. Click under the Custom Scan/Fixes box and paste the copied text.
  5. Click the Run Fix button. If prompted... click OK.
  6. OTL may ask to reboot the machine. Please do so if asked.
  7. Let the program run unhindered and reboot the PC when it is done.
    When the computer reboots, and you start your usual account, a Notepad text file will appear.
  8. Copy the contents of that file and post it in your next reply. The log can also be found, based on the date/time it was created, as C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log

Step 2.
Malwarebytes' Anti-Malware
As you have Malwarebytes' Anti-Malware installed on your computer, could you please do a scan using these settings:
  1. Launch Malwarebytes then click Update Now.
  2. Press the Scan icon on the top bar of the MBAM interface, make sure Threat Scan is checked.
  3. Press the Scan Now >> button.
  4. When the scan is finished:
  5. If clean, a message will be displayed "The scan completed successfully! No malicious items were detected!". Then post it in your next reply and proceed with Step 3.
  6. If infections were found, click the Quarantine all button.
  7. Press the View detailed log >> link to display the results log.
  8. Press the Copy to Clipboard button.
  9. Copy and paste the scan results in your next reply and exit MBAM.

Step 3.
ESET NOD32 Online Scan
  1. Firstly please Disable any Antivirus you have active, as shown in This topic. If active, it could impact the online scan.
    Do NOT use the computer while the scan is running!
    Make sure all other programs and windows are closed!
  2. You need to right-click on the Internet Explorer or Firefox icons on the Start Menu or Quick Launch Bar on the Taskbar and select "Run as Administrator" from the context menu.
  3. Go to ESET Online Scanner - © ESET All Rights Reserved, to run an online scan.
  4. Click the dark blue Run ESET Online Scanner button:
    • If you using Google Chrome or Mozilla Firefox you will need to download "esetsmartinstaller_enu.exe" when prompted. Then double click on it to install.
    • If you using Internet Explorer please read the End User License Agreement and check the box: Yes, I accept the terms of use. Then click the green Start button.
  5. Accept any security warnings from your browser and allow the download/installation of any required files.
    If your browser blocks or halts a download, please allow it to download any required files.
  6. Under scan settings:
    • Check "Scan archives"
    • UNCHECK "Remove found threats"
  7. Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  8. Click the Start button.
    ESET will install itself, download virus signature database updates and begin scanning your computer.
    The scan will take a while so please be patient. Do NOT use the computer while the scan is running!
  9. When the scan completes, please press the text: Image
  10. Press the text: Image, then save the file to your desktop as ESETScan.txt.
  11. Press the Back button, then press the Finish button.
  12. Copy and paste the contents of ESETScan.txt in your next reply.
    Note: If no threats are found, there is no option to create a log. Just report back to me there was nothing found.

Please post each log separately to prevent it being cut off by the forum post size limiter.
Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections....

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of the C:\_OTL\MovedFiles\MMDDYYYY_HHMMSS.log log file after OTL FixScript run
  3. Contents of the most recent C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs\mbam-log-2014-... file
  4. Contents of the ESETScan.txt log file
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg

Failure to post replies within 72 hours will result in this thread being closed
User avatar
pgmigg
MRU Teacher
MRU Teacher
 
Posts: 3187
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: dllhost.exe COM surrogate problem

Unread postby lynda » November 2nd, 2014, 11:06 pm

Step1:

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== PROCESSES ==========
No active process named ctfmon.exe was found!
Process dllhost.exe killed successfully!
========== FILES ==========
C:\Windows\Prefetch\ACRORD32.EXE-8F477773.pf moved successfully.
C:\Windows\Prefetch\ADOBEARM.EXE-F9223367.pf moved successfully.
C:\Windows\Prefetch\AgAppLaunch.db moved successfully.
C:\Windows\Prefetch\AGCP.EXE-19AE16C9.pf moved successfully.
C:\Windows\Prefetch\AgCx_S1_S-1-5-21-1962258163-3716458331-2083168627-1001.snp.db moved successfully.
C:\Windows\Prefetch\AgCx_SC1.db moved successfully.
C:\Windows\Prefetch\AgCx_SC1.db.trx moved successfully.
C:\Windows\Prefetch\AgCx_SC2.db moved successfully.
C:\Windows\Prefetch\AgCx_SC4.db moved successfully.
C:\Windows\Prefetch\AgGlFaultHistory.db moved successfully.
C:\Windows\Prefetch\AgGlFgAppHistory.db moved successfully.
C:\Windows\Prefetch\AgGlGlobalHistory.db moved successfully.
C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1962258163-3716458331-2083168627-1001.db moved successfully.
C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1962258163-3716458331-2083168627-1001.db moved successfully.
C:\Windows\Prefetch\AgRobust.db moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.1162.0.E-6400B5FB.pf moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.1219.0.E-912ECD32.pf moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.1368.0.E-18D0A303.pf moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.1427.0.E-14A712FF.pf moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.1564.0.E-C3A4F7F9.pf moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.1583.0.E-EFEF0D9E.pf moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.1682.0.E-4658C74E.pf moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.1819.0.E-9DA68290.pf moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.1823.0.E-6E4DF9BF.pf moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.1901.0.E-966E7F60.pf moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.1951.0.E-C7A69B81.pf moved successfully.
C:\Windows\Prefetch\AM_DELTA_PATCH_1.183.2091.0.E-818D25C5.pf moved successfully.
C:\Windows\Prefetch\APPLEMOBILEDEVICEHELPER.EXE-D36FFDFF.pf moved successfully.
C:\Windows\Prefetch\AUDIODG.EXE-AB22E9A6.pf moved successfully.
C:\Windows\Prefetch\CALC.EXE-43F37294.pf moved successfully.
C:\Windows\Prefetch\CMD.EXE-0BD30981.pf moved successfully.
C:\Windows\Prefetch\CMD.EXE-6D6290C5.pf moved successfully.
C:\Windows\Prefetch\CNMSEBU.EXE-0D022A4B.pf moved successfully.
C:\Windows\Prefetch\CONHOST.EXE-0C6456FB.pf moved successfully.
C:\Windows\Prefetch\CONSENT.EXE-40419367.pf moved successfully.
C:\Windows\Prefetch\CSC.EXE-F8803EEA.pf moved successfully.
C:\Windows\Prefetch\CTFMON.EXE-43603594.pf moved successfully.
C:\Windows\Prefetch\CTFMON.EXE-795F8130.pf moved successfully.
C:\Windows\Prefetch\CVTRES.EXE-CB8485B0.pf moved successfully.
C:\Windows\Prefetch\DEFRAG.EXE-3D9E8D72.pf moved successfully.
C:\Windows\Prefetch\DISTNOTED.EXE-BA71F399.pf moved successfully.
C:\Windows\Prefetch\DLLHOST.EXE-236A108B.pf moved successfully.
C:\Windows\Prefetch\DLLHOST.EXE-2E02FDCA.pf moved successfully.
C:\Windows\Prefetch\DLLHOST.EXE-4B6CB38A.pf moved successfully.
C:\Windows\Prefetch\DLLHOST.EXE-63B92852.pf moved successfully.
C:\Windows\Prefetch\DLLHOST.EXE-844858E7.pf moved successfully.
C:\Windows\Prefetch\DLLHOST.EXE-A010D183.pf moved successfully.
C:\Windows\Prefetch\DLLHOST.EXE-D49D3641.pf moved successfully.
C:\Windows\Prefetch\DLLHOST.EXE-DC06F8EA.pf moved successfully.
C:\Windows\Prefetch\EXCEL.EXE-3DA4CB4E.pf moved successfully.
C:\Windows\Prefetch\FLASHPLAYERINSTALLER.EXE-E1C03EA6.pf moved successfully.
C:\Windows\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-0129C0B2.pf moved successfully.
C:\Windows\Prefetch\FLASHUTIL64_14_0_0_145_ACTIVE-9DC953BF.pf moved successfully.
C:\Windows\Prefetch\FLASHUTIL64_15_0_0_152_ACTIVE-628E21F2.pf moved successfully.
C:\Windows\Prefetch\GREENSHOTOCRCOMMAND.EXE-DDDF08A4.pf moved successfully.
C:\Windows\Prefetch\IASTORDATAMGRSVC.EXE-C93872B4.pf moved successfully.
C:\Windows\Prefetch\IASTORICON.EXE-1AEFF90D.pf moved successfully.
C:\Windows\Prefetch\ICCPROXY.EXE-D039ED36.pf moved successfully.
C:\Windows\Prefetch\IEXPLORE.EXE-058FE8F5.pf moved successfully.
C:\Windows\Prefetch\IEXPLORE.EXE-A033F7A0.pf moved successfully.
C:\Windows\Prefetch\IGFXSRVC.EXE-C5618119.pf moved successfully.
C:\Windows\Prefetch\INSTALLFLASHPLAYER.EXE-076046BB.pf moved successfully.
C:\Windows\Prefetch\INSTALLFLASHPLAYER.EXE-38874399.pf moved successfully.
C:\Windows\Prefetch\INVCOLPC.EXE-EDE1A9C0.pf moved successfully.
C:\Windows\Prefetch\IPODSERVICE.EXE-716E0AD1.pf moved successfully.
C:\Windows\Prefetch\ITUNES.EXE-3ADE145E.pf moved successfully.
C:\Windows\Prefetch\JAVA.EXE-AB789167.pf moved successfully.
C:\Windows\Prefetch\Layout.ini moved successfully.
C:\Windows\Prefetch\MAKECAB.EXE-FC3CBE21.pf moved successfully.
C:\Windows\Prefetch\MAVINJECT32.EXE-1B810472.pf moved successfully.
C:\Windows\Prefetch\MPCMDRUN.EXE-BA176062.pf moved successfully.
C:\Windows\Prefetch\MPSIGSTUB.EXE-5D0450B3.pf moved successfully.
C:\Windows\Prefetch\MRT.EXE-46668014.pf moved successfully.
C:\Windows\Prefetch\MRTSTUB.EXE-C89A67F1.pf moved successfully.
C:\Windows\Prefetch\MSCORSVW.EXE-16B291C4.pf moved successfully.
C:\Windows\Prefetch\MSCORSVW.EXE-8CE1A322.pf moved successfully.
C:\Windows\Prefetch\MSIEXEC.EXE-8FFB1633.pf moved successfully.
C:\Windows\Prefetch\MSSPELLCHECKINGFACILITY.EXE-2435B712.pf moved successfully.
C:\Windows\Prefetch\NISSRV.EXE-CD83391D.pf moved successfully.
C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf moved successfully.
C:\Windows\Prefetch\OFFICEC2RCLIENT.EXE-4AF74B3E.pf moved successfully.
C:\Windows\Prefetch\ORIGIN.EXE-EF25CD3E.pf moved successfully.
C:\Windows\Prefetch\OSPPSVC.EXE-CAD928DD.pf moved successfully.
C:\Windows\Prefetch\OUTLOOK.EXE-EB43F602.pf moved successfully.
C:\Windows\Prefetch\PfSvPerfStats.bin moved successfully.
C:\Windows\Prefetch\PRINTISOLATIONHOST.EXE-3DD89C8E.pf moved successfully.
C:\Windows\Prefetch\RECEIVER.EXE-A5D8EF03.pf moved successfully.
C:\Windows\Prefetch\RUNDLL32.EXE-0D53616E.pf moved successfully.
C:\Windows\Prefetch\RUNDLL32.EXE-1C857323.pf moved successfully.
C:\Windows\Prefetch\RUNDLL32.EXE-31898C74.pf moved successfully.
C:\Windows\Prefetch\RUNDLL32.EXE-406F9EE6.pf moved successfully.
C:\Windows\Prefetch\RUNDLL32.EXE-51CCB287.pf moved successfully.
C:\Windows\Prefetch\RUNDLL32.EXE-6FD72002.pf moved successfully.
C:\Windows\Prefetch\RUNDLL32.EXE-817D6541.pf moved successfully.
C:\Windows\Prefetch\RUNDLL32.EXE-B2D5D8AB.pf moved successfully.
C:\Windows\Prefetch\RUNDLL32.EXE-B2D5D8D0.pf moved successfully.
C:\Windows\Prefetch\RUNONCE.EXE-FB4EF753.pf moved successfully.
C:\Windows\Prefetch\SCHTASKS.EXE-8B6144A9.pf moved successfully.
C:\Windows\Prefetch\SDCLT.EXE-94EAE077.pf moved successfully.
C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-9FED59A7.pf moved successfully.
C:\Windows\Prefetch\SELFSERVICE.EXE-9DD2DB72.pf moved successfully.
C:\Windows\Prefetch\SETUP.EXE-849B19F4.pf moved successfully.
C:\Windows\Prefetch\SETUP{154957FA-608A-4F2C-9125-18A7DE3B.pf moved successfully.
C:\Windows\Prefetch\SETUP{24682879-7D27-4543-8566-A375AE9A.pf moved successfully.
C:\Windows\Prefetch\SETUP{2D8C6BA2-D7DB-4240-AC12-87BCA060.pf moved successfully.
C:\Windows\Prefetch\SETUP{3C62C938-2F02-4FA2-9C7D-BB2D17E3.pf moved successfully.
C:\Windows\Prefetch\SETUP{3D53B42D-9F6F-4AF0-9610-15A05B75.pf moved successfully.
C:\Windows\Prefetch\SETUP{64136AA4-6105-4A5D-A6A5-0FB872DB.pf moved successfully.
C:\Windows\Prefetch\SETUP{65556600-8A08-4AFA-9C40-9CB57B27.pf moved successfully.
C:\Windows\Prefetch\SETUP{748ED0D5-0427-490D-8F76-5AC8064D.pf moved successfully.
C:\Windows\Prefetch\SETUP{7DD08380-F8CF-4223-BCF7-B850E113.pf moved successfully.
C:\Windows\Prefetch\SETUP{84C5D428-A597-48AA-824D-28BFE8E6.pf moved successfully.
C:\Windows\Prefetch\SETUP{A92F74C6-44FD-4C7C-98EE-B7964994.pf moved successfully.
C:\Windows\Prefetch\SETUP{AC520F8B-8478-4E2E-B4F4-1B575D95.pf moved successfully.
C:\Windows\Prefetch\SETUP{E44A203A-B2D8-4BA0-A518-DCAD79F3.pf moved successfully.
C:\Windows\Prefetch\SETUP{FE757742-3A2B-49C9-9F02-58B72D3B.pf moved successfully.
C:\Windows\Prefetch\SILVERLIGHT.CONFIGURATION.EXE-1B8BAC99.pf moved successfully.
C:\Windows\Prefetch\SNDVOL.EXE-425BC49B.pf moved successfully.
C:\Windows\Prefetch\SOFTWAREUPDATE.EXE-4F1A260C.pf moved successfully.
C:\Windows\Prefetch\SPLWOW64.EXE-57576C25.pf moved successfully.
C:\Windows\Prefetch\SPPSVC.EXE-96070FE0.pf moved successfully.
C:\Windows\Prefetch\SVCHOST.EXE-27D91624.pf moved successfully.
C:\Windows\Prefetch\SVCHOST.EXE-67EC2DA7.pf moved successfully.
C:\Windows\Prefetch\SVCHOST.EXE-6A249820.pf moved successfully.
C:\Windows\Prefetch\SVCHOST.EXE-6E1A6101.pf moved successfully.
C:\Windows\Prefetch\TASKENG.EXE-35FA9C06.pf moved successfully.
C:\Windows\Prefetch\TASKHOST.EXE-A0F5E092.pf moved successfully.
C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf moved successfully.
C:\Windows\Prefetch\UPDATEINSTALL.EXE-6ED2DC5F.pf moved successfully.
C:\Windows\Prefetch\UPDATETOOL.EXE-58C04383.pf moved successfully.
C:\Windows\Prefetch\VSSVC.EXE-6C8F0C66.pf moved successfully.
C:\Windows\Prefetch\WERMGR.EXE-F439C551.pf moved successfully.
C:\Windows\Prefetch\WINDOWS-KB890830-X64-V5.16-DE-C0FDA241.pf moved successfully.
C:\Windows\Prefetch\WINWORD.EXE-9C1B7AB3.pf moved successfully.
C:\Windows\Prefetch\WLXPGSS.SCR-001E0005.pf moved successfully.
C:\Windows\Prefetch\WLXPHOTOGALLERY.EXE-23C23094.pf moved successfully.
C:\Windows\Prefetch\WMIADAP.EXE-BB21CD77.pf moved successfully.
C:\Windows\Prefetch\WMIPRVSE.EXE-39F97B2D.pf moved successfully.
C:\Windows\Prefetch\WMIPRVSE.EXE-E8B8DD29.pf moved successfully.
C:\Windows\Prefetch\WMPNSCFG.EXE-18FC9E64.pf moved successfully.
C:\Windows\Prefetch\WSCEAA.EXE-AF7E9B2E.pf moved successfully.
C:\Windows\Prefetch\WSQMCONS.EXE-4048402C.pf moved successfully.
C:\Windows\Prefetch\WUAUCLT.EXE-5D573F0E.pf moved successfully.
File move failed. C:\Windows\SysWOW64\ctfmon.exe scheduled to be moved on reboot.
File move failed. C:\Windows\SysWOW64\MsCtfMonitor.dll scheduled to be moved on reboot.
File move failed. C:\Windows\SysWOW64\dllhost.exe scheduled to be moved on reboot.
File move failed. C:\Windows\System32\dllhost.exe scheduled to be moved on reboot.
File move failed. C:\Windows\winsxs\amd64_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_a018e05d0d33081d\dllhost.exe scheduled to be moved on reboot.
File move failed. C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43fa44d954d596e7\dllhost.exe scheduled to be moved on reboot.
========== REGISTRY ==========
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\753197c2_0\\@|"" /E : value set successfully!
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList\\a deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\System32\dllhost.exe deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\COMSysApp\\"ImagePath"| /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\COMSysApp\\"ImagePath"| /E : value set successfully!
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\COMSysApp\\"ImagePath"| /E : value set successfully!
HKEY_USERS\S-1-5-21-1962258163-3716458331-2083168627-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\753197c2_0\\@|"" /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1962258163-3716458331-2083168627-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\OpenWithList\\a not found.
Registry value HKEY_USERS\S-1-5-21-1962258163-3716458331-2083168627-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\System32\dllhost.exe not found.
Registry value HKEY_USERS\S-1-5-21-1962258163-3716458331-2083168627-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\\C:\Windows\System32\dllhost.exe not found.
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Dworaks
->Flash cache emptied: 492 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Dworaks
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Dworaks
->Temp folder emptied: 4641894648 bytes
->Temporary Internet Files folder emptied: 13242360 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 19397705 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 163805 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 4,458.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11022014_195345

Files\Folders moved on Reboot...
File move failed. C:\Windows\SysWOW64\ctfmon.exe scheduled to be moved on reboot.
File move failed. C:\Windows\SysWOW64\MsCtfMonitor.dll scheduled to be moved on reboot.
File move failed. C:\Windows\SysWOW64\dllhost.exe scheduled to be moved on reboot.
File move failed. C:\Windows\System32\dllhost.exe scheduled to be moved on reboot.
File move failed. C:\Windows\winsxs\amd64_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_a018e05d0d33081d\dllhost.exe scheduled to be moved on reboot.
File move failed. C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43fa44d954d596e7\dllhost.exe scheduled to be moved on reboot.
C:\Users\Dworaks\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Dworaks\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
C:\Windows\temp\DWORAKS-PC-20141102-0803.log moved successfully.
File\Folder C:\Windows\temp\officeclicktorun.exe_c2ruidll(2014110208032850C).log not found!
File\Folder C:\Windows\temp\officeclicktorun.exe_streamserver(2014110208032850C).log not found!
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
lynda
Regular Member
 
Posts: 47
Joined: October 29th, 2014, 6:21 pm
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 89 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware