Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malwarebytes got rid of a virus but im still worried


  • Please log in to reply
17 replies to this topic

#1 wigannwuk

wigannwuk

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:12 PM

Posted 04 April 2014 - 06:36 AM

Hi

 

Last weel Malwarebytes picked up a trojan & backdoor virus ( whatever that is) it got rid of them . - ive rerun it and nothing showing now but it makes me feel a bit paranoid if im logging into anything sensitive. I wonder if someone could help to give me an all clear please?

 

Thanks



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:12 PM

Posted 04 April 2014 - 10:45 AM

Hello wiganwuk
 
Do you know the name that MBAM gave those infections?
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 wigannwuk

wigannwuk
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:12 PM

Posted 08 April 2014 - 04:23 AM

no i didnt think to list them.....one did say backdoor i remember...thats what worried me...ill go through your instructions now



#4 wigannwuk

wigannwuk
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:12 PM

Posted 08 April 2014 - 04:27 AM

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Clive.Cox (administrator) on 08-04-2014 at 10:26:13
Running from "C:\Users\clive.cox\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
10.11.12.1 main
 
 
========================= IP Configuration: ================================
 
Dell Wireless 1703 802.11b/g/n (2.4GHz) = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : BCLPTP-CLIVE
   Primary Dns Suffix  . . . . . . . : buildcheck.local
   Node Type . . . . . . . . . . . . : Broadcast
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : buildcheck.local
                                       Home
 
PPP adapter Buildcheck VPN Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Buildcheck VPN Connection
   Physical Address. . . . . . . . . : 
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.11.12.20(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.255
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : 10.11.12.1
   Primary WINS Server . . . . . . . : 10.11.12.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : F4-B7-E2-8A-88-1C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Dell Wireless 1703 802.11b/g/n (2.4GHz)
   Physical Address. . . . . . . . . : F4-B7-E2-8A-88-1B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.0.9(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 08 April 2014 09:37:28
   Lease Expires . . . . . . . . . . : 09 April 2014 09:37:27
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : medusa.mezzonet.net
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : E0-DB-55-D3-EB-0E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.Home:
 
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.9%17(Preferred) 
   Default Gateway . . . . . . . . . : 
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{05ED9F83-151D-4D28-8323-21D22B081198}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.medusa.mezzonet.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{600E7108-F5FC-4B6B-AEFA-E60121EB0BBD}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  main.buildcheck.local
Address:  10.11.12.1
 
Name:    google.com
Addresses:  2a00:1450:4009:804::1007
 74.125.227.78
 74.125.227.69
 74.125.227.65
 74.125.227.70
 74.125.227.67
 74.125.227.71
 74.125.227.66
 74.125.227.68
 74.125.227.72
 74.125.227.64
 74.125.227.73
 
 
Pinging google.com [74.125.227.78] with 32 bytes of data:
Reply from 74.125.227.78: bytes=32 time=184ms TTL=52
Reply from 74.125.227.78: bytes=32 time=165ms TTL=52
 
Ping statistics for 74.125.227.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 165ms, Maximum = 184ms, Average = 174ms
Server:  main.buildcheck.local
Address:  10.11.12.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=200ms TTL=52
Reply from 206.190.36.45: bytes=32 time=202ms TTL=52
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 200ms, Maximum = 202ms, Average = 201ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 36...........................Buildcheck VPN Connection
 14...f4 b7 e2 8a 88 1c ......Bluetooth Device (Personal Area Network)
 12...f4 b7 e2 8a 88 1b ......Dell Wireless 1703 802.11b/g/n (2.4GHz)
 11...e0 db 55 d3 eb 0e ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.9     25
         10.0.0.0        255.0.0.0      10.11.12.21      10.11.12.20     26
      10.11.12.20  255.255.255.255         On-link       10.11.12.20    281
     92.27.10.171  255.255.255.255      192.168.0.1      192.168.0.9     26
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.9    281
      192.168.0.9  255.255.255.255         On-link       192.168.0.9    281
    192.168.0.255  255.255.255.255         On-link       192.168.0.9    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.9    281
        224.0.0.0        240.0.0.0         On-link       10.11.12.20    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.9    281
  255.255.255.255  255.255.255.255         On-link       10.11.12.20    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 17    286 fe80::5efe:192.168.0.9/128
                                    On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/08/2014 10:21:39 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (04/08/2014 09:38:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/07/2014 02:45:34 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
 
Error: (04/07/2014 01:45:32 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
 
Error: (04/07/2014 00:01:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.
 
Error: (04/07/2014 09:49:05 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (04/07/2014 10:14:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/06/2014 02:14:13 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (04/06/2014 01:16:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/05/2014 11:32:17 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
 
System errors:
=============
Error: (04/08/2014 09:42:57 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{600E7108-F5FC-4B6B-AEFA-E60121EB0BBD} because another computer on the network has the same name.  The server could not start.
 
Error: (04/08/2014 09:40:48 AM) (Source: Microsoft-Windows-GroupPolicy) (User: BUILDCHECK)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (04/08/2014 09:38:25 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (04/08/2014 09:37:27 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain BUILDCHECK due to the following: 
%%1311
 
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
 
 
 
ADDITIONAL INFO
 
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
 
Error: (04/07/2014 09:19:39 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service hung on starting.
 
Error: (04/07/2014 09:18:38 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{600E7108-F5FC-4B6B-AEFA-E60121EB0BBD} because another computer on the network has the same name.  The server could not start.
 
Error: (04/07/2014 10:16:37 AM) (Source: Microsoft-Windows-GroupPolicy) (User: BUILDCHECK)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (04/07/2014 10:14:38 AM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
Error: (04/07/2014 10:14:09 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain BUILDCHECK due to the following: 
%%1311
 
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
 
 
 
ADDITIONAL INFO
 
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
 
Error: (04/06/2014 01:19:10 PM) (Source: Microsoft-Windows-GroupPolicy) (User: BUILDCHECK)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.
 
 
Microsoft Office Sessions:
=========================
Error: (04/08/2014 10:21:39 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (04/08/2014 09:38:23 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/07/2014 02:45:34 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
 
Error: (04/07/2014 01:45:32 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
 
Error: (04/07/2014 00:01:32 PM) (Source: SideBySide)(User: )
Description: C:\Program Files\WinZip\adxloader.dll.ManifestC:\Program Files\WinZip\adxloader.dll.Manifest2
 
Error: (04/07/2014 09:49:05 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (04/07/2014 10:14:32 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/06/2014 02:14:13 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (04/06/2014 01:16:47 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/05/2014 11:32:17 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-24 00:49:07.054
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-23 23:31:33.696
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-23 23:31:33.585
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-23 23:31:33.438
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-23 23:30:36.190
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-23 23:30:36.107
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-23 23:30:35.996
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-23 23:28:00.154
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-23 23:26:09.969
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-23 23:26:09.465
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MaxxAudioAPOShell64.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
64 Bit HP CIO Components Installer (Version: 7.2.8)
AC3Filter 2.5b (Version: 2.5b)
AcceliCAD 2012v.6.6 (Version: 6.6)
Adobe AIR (Version: 3.6.0.6090)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Reader XI (11.0.06) (Version: 11.0.06)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
Advanced Audio FX Engine (Version: 1.12.05)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Atheros Bluetooth Suite (64) (Version: 7.4.0.126)
Avidemux 2.6 (32-bit) (Version: 2.6.7.8981)
B110 (Version: 140.0.142.000)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 140.0.212.000)
Calumen II (Version: 1.2.6)
CCleaner (Version: 4.12)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Citrix Authentication Manager (Version: 4.0.0.53726)
Citrix Receiver (HDX Flash Redirection) (Version: 13.4.0.25)
Citrix Receiver (Version: 13.4.0.25)
Citrix Receiver Inside (Version: 3.4.0.29585)
Citrix Receiver Updater (Version: 3.4.0.29577)
Citrix Receiver(Aero) (Version: 13.4.0.25)
Citrix Receiver(DV) (Version: 13.4.0.25)
Citrix Receiver(USB) (Version: 13.4.0.25)
Conexant SmartAudio HD (Version: 8.54.29.0)
ConvertXtoDVD 4.0.3.313 (Version: 4.0.3.313)
CutePDF Writer 3.0 (Version:  3.0)
CyberLink PowerDVD 9.5 (Version: 9.5.1.5425)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup - Support Software (Version: 9.4.67)
Dell DataSafe Local Backup (Version: 9.4.67)
Dell DataSafe Online (Version: 2.1.19634)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Version: 3.1.5907.16)
Dell Touchpad (Version: 11.3.3.5)
Dell Webcam Central (Version: 2.01.18)
Dell WLAN and Bluetooth Client Installation (Version: 9.0)
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 140.0.212.000)
DigitalPersona Fingerprint Software 6.1 (Version: 6.1.0.279)
EPSON S21 Series Printer Uninstall
Garmin ANT Agent (Version: 2.3.4)
Garmin Communicator Plugin (Version: 4.0.4)
Garmin Communicator Plugin x64 (Version: 4.0.4)
Garmin USB Drivers (Version: 2.3.1.0)
Garmin WebUpdater (Version: 2.5.6)
GOM Player (Version: 2.2.53.5169)
Google Chrome (Version: 33.0.1750.154)
Google Drive (Version: 1.14.6059.644)
Google Update Helper (Version: 1.3.23.9)
GPBaseService2 (Version: 140.0.211.000)
Guardian Configurator (Version: 4.1.168)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photo Creations (Version: 1.0.0.2024)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (Version: 5.005.000.002)
HPAppStudio (Version: 140.0.95.000)
HPPhotoGadget (Version: 140.0.524.000)
HPProductAssistant (Version: 140.0.212.000)
HPSSupply (Version: 140.0.211.000)
Intel® Control Center (Version: 1.2.1.1008)
Intel® Management Engine Components (Version: 8.0.1.1399)
Intel® Processor Graphics (Version: 8.15.10.2696)
Intel® Rapid Storage Technology (Version: 11.6.0.1030)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
Intel® USB 3.0 eXtensible Host Controller Driver (Version: 1.0.5.235)
Intel® Trusted Connect Service Client (Version: 1.23.219.2)
iTunes (Version: 11.1.2.32)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 15.4.3502.0922)
LG United Mobile Driver (Version: 3.10.1.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 140.0.212.000)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office (Version: 14.0.6120.5004)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000)
Microsoft OneDrive (Version: 17.0.4035.0328)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MKV Converter Studio V2.5.4 (Version: 2.5.4)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Network64 (Version: 140.0.212.000)
Network64 (Version: 140.0.221.000)
Nitro Pro 8 (Version: 8.5.3.14)
Online Plug-in (Version: 13.4.0.25)
Panda Endpoint Agent (Version: 6.60.00.0000)
Panda Endpoint Protection (Version: 5.06.00.0000)
Panda Endpoint Protection (Version: 6.50.10)
ProtectStar ™ Data Shredder v2.2 Freeware (Version: 2.2.1369)
PS_AIO_07_B110_SW_Min (Version: 140.0.142.000)
Quickset64 (Version: 10.15.012)
QuickTransfer (Version: 140.0.98.000)
Rapport (Version: 3.5.1304.48)
Realtek USB 2.0 Card Reader (Version: 6.2.8400.39034)
Recuva (Version: 1.50)
Revo Uninstaller 1.95 (Version: 1.95)
Scan (Version: 140.0.77.000)
Self-service Plug-in (Version: 3.4.0.33684)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shop for HP Supplies (Version: 14.0)
Sky Go Desktop
Skype™ 6.11 (Version: 6.11.102)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 140.0.211.000)
ST Microelectronics 3 Axis Digital Accelerometer Solution (Version: 4.11.0018)
Status (Version: 140.0.212.000)
swMSM (Version: 12.0.0.1)
THERM5 (Version: 5.2.14)
Toolbox (Version: 140.0.424.000)
TrayApp (Version: 140.0.212.000)
Trusteer Endpoint Protection (Version: 3.5.1304.48)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Validity Sensors DDK (Version: 4.3.215.0)
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
VSDC Free Video Editor version 1.4.0.38 (Version: 1.4.0.38)
WebReg (Version: 140.0.212.017)
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices  (07/07/2009 1.12.2) (Version: 07/07/2009 1.12.2)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (Version: 02/06/2007 3.1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinRAR 5.01 (64-bit) (Version: 5.01.0)
WinToFlash Suggestor (Version: 1.2.5.0)
WinZip 17.5 (Version: 17.5.10562)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 60%
Total physical RAM: 3971.36 MB
Available physical RAM: 1551.88 MB
Total Pagefile: 7940.89 MB
Available Pagefile: 5318.68 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.82 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:450.96 GB) (Free:343.35 GB) NTFS
3 Drive e: () (Removable) (Total:14.83 GB) (Free:10.62 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\BCLPTP-CLIVE
 
Administrator            cstadmin                 Guest                    
 
 
**** End of log ****


#5 wigannwuk

wigannwuk
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:12 PM

Posted 08 April 2014 - 04:36 AM

I ran TDSS Killer  - didnt find anything...i clicked on report but it wouldnt let me copy and paste - sorry



#6 wigannwuk

wigannwuk
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:12 PM

Posted 08 April 2014 - 04:52 AM

# AdwCleaner v3.023 - Report created 08/04/2014 at 10:43:52
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Clive.Cox - BCLPTP-CLIVE
# Running from : C:\Users\clive.cox\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Program Files (x86)\WinToFlash Suggestor
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer
Key Deleted : HKLM\SOFTWARE\Classes\SMBarBroker.SMBarDealer.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{43769158-3B03-4932-8D8A-8F0F344BF024}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D9B1B31-D034-4738-8F6E-40F0AFCC742C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC36B0BD-27F0-4CDD-8AB1-50651EFC3EFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\Software\PIP
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16521
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\clive.cox\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\clive.cox\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3668 octets] - [08/04/2014 10:37:32]
AdwCleaner[S0].txt - [3426 octets] - [08/04/2014 10:43:52]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3486 octets] ##########


#7 wigannwuk

wigannwuk
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:12 PM

Posted 08 April 2014 - 05:04 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Clive.Cox on 08/04/2014 at 10:54:00.53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\clive.cox\appdata\local\{78477A65-6B91-442E-8F1F-11D1B9A1579B}
Successfully deleted: [Empty Folder] C:\Users\clive.cox\appdata\local\{F07FBC77-72AA-487F-BF4F-25200559F3E8}
Successfully deleted: [Empty Folder] C:\Users\clive.cox\appdata\local\{F5F315A2-0C6D-4D70-B467-63CE2D0CCBD3}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/04/2014 at 11:04:06.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,471 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:05:12 PM

Posted 08 April 2014 - 06:43 AM

Last weel Malwarebytes picked up a trojan & backdoor virus ( whatever that is)...

When boopme has cleaned you up, be sure to read Glossary of Malware Related Terms which explains what they are.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:12 PM

Posted 08 April 2014 - 02:06 PM

Can you look here for the MBAM log as I have a concern over the backdoor.
◾The log is automatically saved and can be viewed by clicking the Logs tab.
◾Copy and paste the contents of that report in your next reply.


A backdoor Trojan can allow an attacker to
gain control of the system, log keystrokes, steal passwords, access personal
data, send malevolent outgoing traffic, and close the security warning
messages displayed by some anti-virus and security programs.

From a known clean computer and change any passwords or security information held
on the infected computer. In particular, check whatever relates to online
banking financial transactions, shopping, credit cards, or sensitive
personal information. It is also wise to contact your financial institutions
to apprise them of your situation.


Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 wigannwuk

wigannwuk
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:12 PM

Posted 08 April 2014 - 02:50 PM

C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application deleted - quarantined
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application deleted - quarantined
C:\Users\clive.cox\Documents\Back up\S II Phone memory card back up\download\44mub62t.apk a variant of Android/TrojanSMS.Agent.KA trojan deleted - quarantined
C:\Users\clive.cox\Documents\Back up\S II Phone memory card back up\download\aswd.apk a variant of Android/TrojanSMS.Agent.KA trojan deleted - quarantined
C:\Users\clive.cox\Downloads\ac3filter_2_5b.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\clive.cox\Downloads\cbsidlm-cbsi176-VSDC_Free_Video_Editor-ORG-75764187.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\clive.cox\Downloads\cbsidlm-tr1_11-CutePDF_Writer-ORG-10206470.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
C:\Users\clive.cox\Downloads\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
C:\Users\clive.cox\Downloads\GOMVIDEOCONVERTERSETUP_ENG.EXE Win32/InstallMonetizer.AN potentially unwanted application deleted - quarantined
C:\Users\clive.cox\Downloads\rcsetup150.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\clive.cox\Downloads\WinZip175.exe a variant of Win32/OpenInstall potentially unwanted application deleted - quarantined
C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined


#11 wigannwuk

wigannwuk
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:12 PM

Posted 08 April 2014 - 03:15 PM

TDSS killer did leave a log ive just noticed see below

 

10:30:41.0396 0x09b0  TDSS rootkit removing tool 3.0.0.30 Apr  7 2014 15:39:12
10:30:46.0409 0x09b0  ============================================================
10:30:46.0409 0x09b0  Current date / time: 2014/04/08 10:30:46.0408
10:30:46.0409 0x09b0  SystemInfo:
10:30:46.0409 0x09b0  
10:30:46.0409 0x09b0  OS Version: 6.1.7601 ServicePack: 1.0
10:30:46.0409 0x09b0  Product type: Workstation
10:30:46.0409 0x09b0  ComputerName: BCLPTP-CLIVE
10:30:46.0410 0x09b0  UserName: Clive.Cox
10:30:46.0410 0x09b0  Windows directory: C:\Windows
10:30:46.0410 0x09b0  System windows directory: C:\Windows
10:30:46.0410 0x09b0  Running under WOW64
10:30:46.0410 0x09b0  Processor architecture: Intel x64
10:30:46.0410 0x09b0  Number of processors: 4
10:30:46.0410 0x09b0  Page size: 0x1000
10:30:46.0410 0x09b0  Boot type: Normal boot
10:30:46.0410 0x09b0  ============================================================
10:30:52.0007 0x09b0  KLMD registered as C:\Windows\system32\drivers\93539317.sys
10:30:52.0342 0x09b0  System UUID: {B439D7E7-1C5B-D608-1EAE-B76DF3AF546A}
10:30:52.0960 0x09b0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:30:52.0976 0x09b0  Drive \Device\Harddisk1\DR1 - Size: 0x3B5980000 (14.84 Gb), SectorSize: 0x200, Cylinders: 0x790, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:30:52.0979 0x09b0  ============================================================
10:30:52.0979 0x09b0  \Device\Harddisk0\DR0:
10:30:52.0985 0x09b0  MBR partitions:
10:30:52.0985 0x09b0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D85000
10:30:52.0985 0x09b0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D99000, BlocksNum 0x385EC800
10:30:52.0985 0x09b0  \Device\Harddisk1\DR1:
10:30:52.0987 0x09b0  MBR partitions:
10:30:52.0987 0x09b0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x1DAAC00
10:30:52.0987 0x09b0  ============================================================
10:30:53.0012 0x09b0  C: <-> \Device\Harddisk0\DR0\Partition2
10:30:53.0012 0x09b0  ============================================================
10:30:53.0012 0x09b0  Initialize success
10:30:53.0012 0x09b0  ============================================================
10:31:25.0935 0x1c1c  ============================================================
10:31:25.0936 0x1c1c  Scan started
10:31:25.0936 0x1c1c  Mode: Manual; 
10:31:25.0936 0x1c1c  ============================================================
10:31:25.0936 0x1c1c  KSN ping started
10:31:28.0698 0x1c1c  KSN ping finished: true
10:31:30.0062 0x1c1c  ================ Scan system memory ========================
10:31:30.0062 0x1c1c  System memory - ok
10:31:30.0063 0x1c1c  ================ Scan services =============================
10:31:30.0206 0x1c1c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:31:30.0219 0x1c1c  1394ohci - ok
10:31:30.0283 0x1c1c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:31:30.0300 0x1c1c  ACPI - ok
10:31:30.0305 0x1c1c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:31:30.0306 0x1c1c  AcpiPmi - ok
10:31:30.0362 0x1c1c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:31:30.0366 0x1c1c  AdobeARMservice - ok
10:31:30.0441 0x1c1c  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:31:30.0445 0x1c1c  AdobeFlashPlayerUpdateSvc - ok
10:31:30.0488 0x1c1c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:31:30.0503 0x1c1c  adp94xx - ok
10:31:30.0525 0x1c1c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:31:30.0534 0x1c1c  adpahci - ok
10:31:30.0549 0x1c1c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:31:30.0555 0x1c1c  adpu320 - ok
10:31:30.0577 0x1c1c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:31:30.0581 0x1c1c  AeLookupSvc - ok
10:31:30.0632 0x1c1c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
10:31:30.0656 0x1c1c  AFD - ok
10:31:30.0678 0x1c1c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:31:30.0682 0x1c1c  agp440 - ok
10:31:30.0713 0x1c1c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:31:30.0719 0x1c1c  ALG - ok
10:31:30.0752 0x1c1c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:31:30.0757 0x1c1c  aliide - ok
10:31:30.0770 0x1c1c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:31:30.0773 0x1c1c  amdide - ok
10:31:30.0781 0x1c1c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:31:30.0785 0x1c1c  AmdK8 - ok
10:31:30.0792 0x1c1c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
10:31:30.0795 0x1c1c  AmdPPM - ok
10:31:30.0812 0x1c1c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:31:30.0819 0x1c1c  amdsata - ok
10:31:30.0837 0x1c1c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:31:30.0847 0x1c1c  amdsbs - ok
10:31:30.0861 0x1c1c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:31:30.0865 0x1c1c  amdxata - ok
10:31:30.0904 0x1c1c  [ 8769A70C4E7648D1885BECF0119AEA1C, BE1395D34F06C98AAA0230F113174A8A4C7BCFEE29C32487D0FA58CF140E1AFD ] andnetadb       C:\Windows\system32\Drivers\lgandnetadb.sys
10:31:30.0909 0x1c1c  andnetadb - ok
10:31:30.0944 0x1c1c  [ B46840E5BDAEE0C749A3E5778F65EBE4, 121C68A65E3D3A9423363C5028568799A81B569801BE0F876AFE6EC86F9D2E92 ] AndNetDiag      C:\Windows\system32\DRIVERS\lgandnetdiag64.sys
10:31:30.0949 0x1c1c  AndNetDiag - ok
10:31:30.0964 0x1c1c  [ 51BEFD43D9F06D6F351DF6318FF95EFB, FEA849779461B28FC9792FD0832059FCF928D77034E5704F5E473471730551E5 ] AndNetDiag2     C:\Windows\system32\DRIVERS\lgandnetdiag264.sys
10:31:30.0968 0x1c1c  AndNetDiag2 - ok
10:31:30.0997 0x1c1c  [ 130701C53E4DF44B54FED8C3892150F5, C9EB4D1793BA3D20FB1846AD508C6310D038E8BEFBE13B5A0A30A1F39D1586AB ] ANDNetModem     C:\Windows\system32\DRIVERS\lgandnetmodem64.sys
10:31:31.0002 0x1c1c  ANDNetModem - ok
10:31:31.0015 0x1c1c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:31:31.0029 0x1c1c  AppID - ok
10:31:31.0053 0x1c1c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:31:31.0057 0x1c1c  AppIDSvc - ok
10:31:31.0090 0x1c1c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:31:31.0095 0x1c1c  Appinfo - ok
10:31:31.0144 0x1c1c  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:31:31.0150 0x1c1c  Apple Mobile Device - ok
10:31:31.0194 0x1c1c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
10:31:31.0206 0x1c1c  AppMgmt - ok
10:31:31.0226 0x1c1c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
10:31:31.0231 0x1c1c  arc - ok
10:31:31.0244 0x1c1c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:31:31.0247 0x1c1c  arcsas - ok
10:31:31.0340 0x1c1c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:31:31.0343 0x1c1c  aspnet_state - ok
10:31:31.0370 0x1c1c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:31:31.0374 0x1c1c  AsyncMac - ok
10:31:31.0414 0x1c1c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:31:31.0417 0x1c1c  atapi - ok
10:31:31.0444 0x1c1c  [ 78B183A794A08978EA0A8D017054352B, 5C9BEF59619F235BB1F81A9BD88A39D7C7D594443F198B68B5373F20001937C3 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
10:31:31.0449 0x1c1c  AthBTPort - ok
10:31:31.0499 0x1c1c  [ E1211175C28C86A14BFC216BA3F4C2E7, 651632309620DA98D35F3337BB76E087674F110FB5E75597EAE914AC0221E6EA ] AtherosSvc      C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
10:31:31.0505 0x1c1c  AtherosSvc - ok
10:31:31.0612 0x1c1c  [ 0B034E43E0B4A33BB5624C28EFE3C6ED, 5C727562C79E487B5D85F59B9496273FD56E502CED399EE613FAB0A50E12EE16 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
10:31:31.0726 0x1c1c  athr - ok
10:31:31.0782 0x1c1c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:31:31.0821 0x1c1c  AudioEndpointBuilder - ok
10:31:31.0849 0x1c1c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:31:31.0860 0x1c1c  AudioSrv - ok
10:31:31.0883 0x1c1c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:31:31.0888 0x1c1c  AxInstSV - ok
10:31:31.0942 0x1c1c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:31:31.0976 0x1c1c  b06bdrv - ok
10:31:32.0014 0x1c1c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:31:32.0028 0x1c1c  b57nd60a - ok
10:31:32.0055 0x1c1c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:31:32.0062 0x1c1c  BDESVC - ok
10:31:32.0074 0x1c1c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:31:32.0076 0x1c1c  Beep - ok
10:31:32.0132 0x1c1c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:31:32.0158 0x1c1c  BFE - ok
10:31:32.0221 0x1c1c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:31:32.0262 0x1c1c  BITS - ok
10:31:32.0295 0x1c1c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:31:32.0297 0x1c1c  blbdrive - ok
10:31:32.0373 0x1c1c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:31:32.0402 0x1c1c  Bonjour Service - ok
10:31:32.0431 0x1c1c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:31:32.0435 0x1c1c  bowser - ok
10:31:32.0454 0x1c1c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:31:32.0456 0x1c1c  BrFiltLo - ok
10:31:32.0459 0x1c1c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:31:32.0461 0x1c1c  BrFiltUp - ok
10:31:32.0489 0x1c1c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:31:32.0496 0x1c1c  Browser - ok
10:31:32.0523 0x1c1c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:31:32.0533 0x1c1c  Brserid - ok
10:31:32.0537 0x1c1c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:31:32.0539 0x1c1c  BrSerWdm - ok
10:31:32.0542 0x1c1c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:31:32.0544 0x1c1c  BrUsbMdm - ok
10:31:32.0547 0x1c1c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:31:32.0549 0x1c1c  BrUsbSer - ok
10:31:32.0598 0x1c1c  [ 3E352B570E9CD1047A596927896D6F7C, DB2678DB48919408C0D856C58962B1E5188B8B7393145C5373556EB649868F0D ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
10:31:32.0612 0x1c1c  BTATH_A2DP - ok
10:31:32.0632 0x1c1c  [ AF715C0F2A656BDA9D4AF470224325C7, D969A96FA1D4E2D508C00A54DB5568147616432ED3697E6D9302DB4E8D6399F6 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
10:31:32.0637 0x1c1c  btath_avdt - ok
10:31:32.0669 0x1c1c  [ D438A33D568C76C24E8D7394981F42DC, E5884C20E55B8EDC8E19C55DDFBE4A8FDFBE2327ACE94BFC2BFD3BCEE6EBC2AD ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
10:31:32.0672 0x1c1c  BTATH_BUS - ok
10:31:32.0691 0x1c1c  [ 6EFA8C93009E0BE0886C2422C7D20BC5, 55717C459893B533C9F21FAA997004001646F43629F4DA9D8464408E20575F02 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
10:31:32.0701 0x1c1c  BTATH_HCRP - ok
10:31:32.0722 0x1c1c  [ 168506D0F0C8DF588F8A7E25C58A2DE6, EF744D95797F66D8D7F79B3256AEB3255D161A61BCA9D39CDB3F3699079AC61B ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
10:31:32.0727 0x1c1c  BTATH_LWFLT - ok
10:31:32.0751 0x1c1c  [ 7C8FB1D73BD279DD914CCA6ED0F4F62B, 936492E05E760A65DF507651E18A7BB331FDEE9FBEF7ABC556389308F53726F0 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
10:31:32.0765 0x1c1c  BTATH_RCP - ok
10:31:32.0820 0x1c1c  [ 4F6EA72C82C05C8C67643C9E0585108A, 0D69265E7C42691FC95880FEF9ED73763A4E81D864B34D4EAB9D22C62EFDD864 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
10:31:32.0853 0x1c1c  BtFilter - ok
10:31:32.0879 0x1c1c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
10:31:32.0883 0x1c1c  BthEnum - ok
10:31:32.0910 0x1c1c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:31:32.0915 0x1c1c  BTHMODEM - ok
10:31:32.0936 0x1c1c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
10:31:32.0944 0x1c1c  BthPan - ok
10:31:32.0981 0x1c1c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
10:31:33.0014 0x1c1c  BTHPORT - ok
10:31:33.0049 0x1c1c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:31:33.0054 0x1c1c  bthserv - ok
10:31:33.0069 0x1c1c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
10:31:33.0075 0x1c1c  BTHUSB - ok
10:31:33.0089 0x1c1c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:31:33.0096 0x1c1c  cdfs - ok
10:31:33.0129 0x1c1c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:31:33.0138 0x1c1c  cdrom - ok
10:31:33.0161 0x1c1c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:31:33.0166 0x1c1c  CertPropSvc - ok
10:31:33.0192 0x1c1c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:31:33.0195 0x1c1c  circlass - ok
10:31:33.0216 0x1c1c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:31:33.0225 0x1c1c  CLFS - ok
10:31:33.0276 0x1c1c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:31:33.0280 0x1c1c  clr_optimization_v2.0.50727_32 - ok
10:31:33.0321 0x1c1c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:31:33.0326 0x1c1c  clr_optimization_v2.0.50727_64 - ok
10:31:33.0388 0x1c1c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:31:33.0429 0x1c1c  clr_optimization_v4.0.30319_32 - ok
10:31:33.0455 0x1c1c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:31:33.0497 0x1c1c  clr_optimization_v4.0.30319_64 - ok
10:31:33.0537 0x1c1c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
10:31:33.0539 0x1c1c  CmBatt - ok
10:31:33.0573 0x1c1c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:31:33.0578 0x1c1c  cmdide - ok
10:31:33.0627 0x1c1c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:31:33.0650 0x1c1c  CNG - ok
10:31:33.0730 0x1c1c  [ 97238AC8006C14EAF80E374D3B81C2B3, 1E1BE4D4211055CFB7DA88C259D10749AEE389392D31E52ADF5A55F21294998D ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
10:31:33.0781 0x1c1c  CnxtHdAudService - ok
10:31:33.0801 0x1c1c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
10:31:33.0803 0x1c1c  Compbatt - ok
10:31:33.0815 0x1c1c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
10:31:33.0818 0x1c1c  CompositeBus - ok
10:31:33.0826 0x1c1c  COMSysApp - ok
10:31:33.0898 0x1c1c  [ CEF81AA95945FAC20A9FC515443A95D0, BB39CA8679980EECED6F6B08F47FAFC2C12E5D371333AE873078F6FC27DD948A ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:31:33.0910 0x1c1c  cphs - ok
10:31:33.0921 0x1c1c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:31:33.0926 0x1c1c  crcdisk - ok
10:31:33.0968 0x1c1c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:31:33.0979 0x1c1c  CryptSvc - ok
10:31:34.0016 0x1c1c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
10:31:34.0039 0x1c1c  CSC - ok
10:31:34.0081 0x1c1c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
10:31:34.0105 0x1c1c  CscService - ok
10:31:34.0152 0x1c1c  [ DF214BFF646880D0EB31BDC86136B29B, A641AB1FB7E8A5453584B5577587FF43E0C1F9EEAA2A931A1D8B8FAB3913414D ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:31:34.0162 0x1c1c  CtClsFlt - ok
10:31:34.0217 0x1c1c  [ C20E2A7A29F06A69C40E949255257B01, 309044604363E563A32086770AECCD99C6BF20925E4EB404604E88E5393F5F6B ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
10:31:34.0224 0x1c1c  ctxusbm - ok
10:31:34.0276 0x1c1c  [ 9A59DF2CA690019FEA3B265D5A7EB619, F15D51B3C78A213BA6D6FF7CEA58549673CEAFE97C0A6C90C93591637CE4D5B2 ] CxUtilSvc       C:\Program Files\Conexant\SA3\CxUtilSvc.exe
10:31:34.0283 0x1c1c  CxUtilSvc - ok
10:31:34.0406 0x1c1c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:31:34.0419 0x1c1c  DcomLaunch - ok
10:31:34.0441 0x1c1c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:31:34.0450 0x1c1c  defragsvc - ok
10:31:34.0462 0x1c1c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:31:34.0466 0x1c1c  DfsC - ok
10:31:34.0480 0x1c1c  dgderdrv - ok
10:31:34.0516 0x1c1c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:31:34.0524 0x1c1c  Dhcp - ok
10:31:34.0541 0x1c1c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:31:34.0544 0x1c1c  discache - ok
10:31:34.0568 0x1c1c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
10:31:34.0574 0x1c1c  Disk - ok
10:31:34.0603 0x1c1c  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
10:31:34.0610 0x1c1c  dmvsc - ok
10:31:34.0644 0x1c1c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:31:34.0654 0x1c1c  Dnscache - ok
10:31:34.0673 0x1c1c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:31:34.0684 0x1c1c  dot3svc - ok
10:31:34.0729 0x1c1c  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
10:31:34.0737 0x1c1c  Dot4 - ok
10:31:34.0775 0x1c1c  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:31:34.0779 0x1c1c  Dot4Print - ok
10:31:34.0794 0x1c1c  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
10:31:34.0799 0x1c1c  dot4usb - ok
10:31:34.0875 0x1c1c  [ AD57743DBA53B0B525202AB47CA90CC5, E063B0A498D3A32BAEABD9FE225802726B506628FBC86C0D2D1B7C0950494452 ] DpHost          C:\Program Files\DigitalPersona\Bin\DpHostW.exe
10:31:34.0895 0x1c1c  DpHost - ok
10:31:34.0935 0x1c1c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:31:34.0945 0x1c1c  DPS - ok
10:31:34.0978 0x1c1c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:31:34.0981 0x1c1c  drmkaud - ok
10:31:35.0054 0x1c1c  [ C9910740D07BF8FFDFCAF1901B710F62, 3D8F5B6DC4DF18AF43EE837F74122C12C38D3422ABB50FE5B7EBF83C9209DA1D ] dvctprov        C:\Windows\system32\DRIVERS\dvctprov.sys
10:31:35.0061 0x1c1c  dvctprov - ok
10:31:35.0134 0x1c1c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:31:35.0164 0x1c1c  DXGKrnl - ok
10:31:35.0198 0x1c1c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:31:35.0203 0x1c1c  EapHost - ok
10:31:35.0313 0x1c1c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:31:35.0424 0x1c1c  ebdrv - ok
10:31:35.0449 0x1c1c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
10:31:35.0452 0x1c1c  EFS - ok
10:31:35.0525 0x1c1c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:31:35.0536 0x1c1c  ehRecvr - ok
10:31:35.0551 0x1c1c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:31:35.0553 0x1c1c  ehSched - ok
10:31:35.0593 0x1c1c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:31:35.0606 0x1c1c  elxstor - ok
10:31:35.0610 0x1c1c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:31:35.0611 0x1c1c  ErrDev - ok
10:31:35.0657 0x1c1c  [ BDE749140581B45CC312F623E667DB37, 4FDDF3BC9C148F673F021007A0AFD8FA4DF4D9C6FBCCF2DC0D272EC7AEF94C5E ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
10:31:35.0668 0x1c1c  ETD - ok
10:31:35.0709 0x1c1c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:31:35.0723 0x1c1c  EventSystem - ok
10:31:35.0745 0x1c1c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:31:35.0752 0x1c1c  exfat - ok
10:31:35.0772 0x1c1c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:31:35.0783 0x1c1c  fastfat - ok
10:31:35.0836 0x1c1c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:31:35.0860 0x1c1c  Fax - ok
10:31:35.0878 0x1c1c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
10:31:35.0881 0x1c1c  fdc - ok
10:31:35.0894 0x1c1c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:31:35.0896 0x1c1c  fdPHost - ok
10:31:35.0909 0x1c1c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:31:35.0913 0x1c1c  FDResPub - ok
10:31:35.0933 0x1c1c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:31:35.0939 0x1c1c  FileInfo - ok
10:31:35.0949 0x1c1c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:31:35.0952 0x1c1c  Filetrace - ok
10:31:35.0969 0x1c1c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:31:35.0972 0x1c1c  flpydisk - ok
10:31:35.0991 0x1c1c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:31:36.0002 0x1c1c  FltMgr - ok
10:31:36.0069 0x1c1c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:31:36.0102 0x1c1c  FontCache - ok
10:31:36.0134 0x1c1c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:31:36.0135 0x1c1c  FontCache3.0.0.0 - ok
10:31:36.0153 0x1c1c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:31:36.0158 0x1c1c  FsDepends - ok
10:31:36.0180 0x1c1c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:31:36.0184 0x1c1c  Fs_Rec - ok
10:31:36.0213 0x1c1c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:31:36.0223 0x1c1c  fvevol - ok
10:31:36.0241 0x1c1c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:31:36.0246 0x1c1c  gagp30kx - ok
10:31:36.0279 0x1c1c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:31:36.0283 0x1c1c  GEARAspiWDM - ok
10:31:36.0335 0x1c1c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:31:36.0377 0x1c1c  gpsvc - ok
10:31:36.0457 0x1c1c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:31:36.0462 0x1c1c  gupdate - ok
10:31:36.0474 0x1c1c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:31:36.0479 0x1c1c  gupdatem - ok
10:31:36.0512 0x1c1c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:31:36.0515 0x1c1c  hcw85cir - ok
10:31:36.0537 0x1c1c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:31:36.0541 0x1c1c  HDAudBus - ok
10:31:36.0556 0x1c1c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
10:31:36.0560 0x1c1c  HidBatt - ok
10:31:36.0564 0x1c1c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:31:36.0567 0x1c1c  HidBth - ok
10:31:36.0593 0x1c1c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:31:36.0596 0x1c1c  HidIr - ok
10:31:36.0624 0x1c1c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:31:36.0629 0x1c1c  hidserv - ok
10:31:36.0675 0x1c1c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:31:36.0679 0x1c1c  HidUsb - ok
10:31:36.0695 0x1c1c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:31:36.0703 0x1c1c  hkmsvc - ok
10:31:36.0729 0x1c1c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:31:36.0743 0x1c1c  HomeGroupListener - ok
10:31:36.0774 0x1c1c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:31:36.0781 0x1c1c  HomeGroupProvider - ok
10:31:36.0903 0x1c1c  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:31:36.0917 0x1c1c  hpqcxs08 - ok
10:31:36.0932 0x1c1c  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:31:36.0937 0x1c1c  hpqddsvc - ok
10:31:36.0958 0x1c1c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:31:36.0962 0x1c1c  HpSAMD - ok
10:31:37.0045 0x1c1c  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:31:37.0063 0x1c1c  HPSLPSVC - ok
10:31:37.0096 0x1c1c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:31:37.0113 0x1c1c  HTTP - ok
10:31:37.0122 0x1c1c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:31:37.0124 0x1c1c  hwpolicy - ok
10:31:37.0164 0x1c1c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:31:37.0171 0x1c1c  i8042prt - ok
10:31:37.0229 0x1c1c  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
10:31:37.0240 0x1c1c  iaStorA - ok
10:31:37.0299 0x1c1c  [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:31:37.0301 0x1c1c  IAStorDataMgrSvc - ok
10:31:37.0333 0x1c1c  [ 2B38F13E18E272459CD2CE83E6722C12, 58FB127C05FF7399F88F3B53CE4B460A7D3EA739AFCD273C0E687053BBA074D6 ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
10:31:37.0338 0x1c1c  iaStorF - ok
10:31:37.0388 0x1c1c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:31:37.0420 0x1c1c  iaStorV - ok
10:31:37.0479 0x1c1c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:31:37.0493 0x1c1c  idsvc - ok
10:31:37.0546 0x1c1c  IEEtwCollectorService - ok
10:31:37.0913 0x1c1c  [ 371D7F91C0D2314EB984A4A6CBEABC92, DD4B04308596C1E6C75B8772D4421137F3A83285DBCFD4DF54166D2B0B45A317 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:31:38.0292 0x1c1c  igfx - ok
10:31:38.0324 0x1c1c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:31:38.0327 0x1c1c  iirsp - ok
10:31:38.0381 0x1c1c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:31:38.0419 0x1c1c  IKEEXT - ok
10:31:38.0654 0x1c1c  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:31:38.0691 0x1c1c  IntcDAud - ok
10:31:38.0876 0x1c1c  [ 7C76466F4E0F76CE259C6005D161E9E8, 19F3CCC3A86B68DB70B7608F9ED33746518F5B2450E5BAF9581127CE7A9AA5D2 ] Intel® Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
10:31:38.0897 0x1c1c  Intel® Capability Licensing Service Interface - ok
10:31:38.0933 0x1c1c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:31:38.0937 0x1c1c  intelide - ok
10:31:38.0966 0x1c1c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:31:38.0971 0x1c1c  intelppm - ok
10:31:38.0995 0x1c1c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:31:39.0003 0x1c1c  IPBusEnum - ok
10:31:39.0028 0x1c1c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:31:39.0034 0x1c1c  IpFilterDriver - ok
10:31:39.0085 0x1c1c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:31:39.0108 0x1c1c  iphlpsvc - ok
10:31:39.0114 0x1c1c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:31:39.0117 0x1c1c  IPMIDRV - ok
10:31:39.0122 0x1c1c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:31:39.0125 0x1c1c  IPNAT - ok
10:31:39.0179 0x1c1c  [ B6E8B931EFEF4112C6A401931627DC6B, 89A0745360928F7DD0A522FF5FBFEED4FC831F37D6CF88D5E66FA91FD6F0A1DF ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:31:39.0206 0x1c1c  iPod Service - ok
10:31:39.0226 0x1c1c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:31:39.0228 0x1c1c  IRENUM - ok
10:31:39.0245 0x1c1c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:31:39.0248 0x1c1c  isapnp - ok
10:31:39.0264 0x1c1c  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:31:39.0294 0x1c1c  iScsiPrt - ok
10:31:39.0328 0x1c1c  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
10:31:39.0332 0x1c1c  iusb3hcs - ok
10:31:39.0364 0x1c1c  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
10:31:39.0378 0x1c1c  iusb3hub - ok
10:31:39.0418 0x1c1c  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:31:39.0444 0x1c1c  iusb3xhc - ok
10:31:39.0457 0x1c1c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:31:39.0460 0x1c1c  kbdclass - ok
10:31:39.0475 0x1c1c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:31:39.0478 0x1c1c  kbdhid - ok
10:31:39.0492 0x1c1c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
10:31:39.0506 0x1c1c  KeyIso - ok
10:31:39.0531 0x1c1c  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:31:39.0538 0x1c1c  KSecDD - ok
10:31:39.0554 0x1c1c  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:31:39.0561 0x1c1c  KSecPkg - ok
10:31:39.0573 0x1c1c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:31:39.0576 0x1c1c  ksthunk - ok
10:31:39.0614 0x1c1c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:31:39.0634 0x1c1c  KtmRm - ok
10:31:39.0673 0x1c1c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:31:39.0688 0x1c1c  LanmanServer - ok
10:31:39.0707 0x1c1c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:31:39.0716 0x1c1c  LanmanWorkstation - ok
10:31:39.0765 0x1c1c  [ 02538E602280C07438C94489DCBE77D5, 2E2B60E5FB7A274F4945444D5EDB058E62CAC268C5336FF8F4B9E82245095211 ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
10:31:39.0767 0x1c1c  libusb0 - ok
10:31:39.0793 0x1c1c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:31:39.0798 0x1c1c  lltdio - ok
10:31:39.0832 0x1c1c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:31:39.0847 0x1c1c  lltdsvc - ok
10:31:39.0867 0x1c1c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:31:39.0872 0x1c1c  lmhosts - ok
10:31:39.0932 0x1c1c  [ 5C08357C65F658E29B5DDC2EF18D575C, 80802787D7CD07BFB4F2EEE463837FB0CBB3626A2D5451B32794DB66A3CC3D98 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:31:39.0945 0x1c1c  LMS - ok
10:31:39.0975 0x1c1c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:31:39.0980 0x1c1c  LSI_FC - ok
10:31:39.0984 0x1c1c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:31:39.0987 0x1c1c  LSI_SAS - ok
10:31:39.0993 0x1c1c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:31:39.0996 0x1c1c  LSI_SAS2 - ok
10:31:40.0004 0x1c1c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:31:40.0008 0x1c1c  LSI_SCSI - ok
10:31:40.0020 0x1c1c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:31:40.0024 0x1c1c  luafv - ok
10:31:40.0049 0x1c1c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:31:40.0057 0x1c1c  Mcx2Svc - ok
10:31:40.0073 0x1c1c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:31:40.0078 0x1c1c  megasas - ok
10:31:40.0104 0x1c1c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:31:40.0112 0x1c1c  MegaSR - ok
10:31:40.0131 0x1c1c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
10:31:40.0133 0x1c1c  MEIx64 - ok
10:31:40.0152 0x1c1c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:31:40.0159 0x1c1c  MMCSS - ok
10:31:40.0177 0x1c1c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:31:40.0182 0x1c1c  Modem - ok
10:31:40.0201 0x1c1c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:31:40.0206 0x1c1c  monitor - ok
10:31:40.0227 0x1c1c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:31:40.0231 0x1c1c  mouclass - ok
10:31:40.0245 0x1c1c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:31:40.0248 0x1c1c  mouhid - ok
10:31:40.0273 0x1c1c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:31:40.0281 0x1c1c  mountmgr - ok
10:31:40.0302 0x1c1c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:31:40.0312 0x1c1c  mpio - ok
10:31:40.0354 0x1c1c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:31:40.0360 0x1c1c  mpsdrv - ok
10:31:40.0402 0x1c1c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:31:40.0430 0x1c1c  MpsSvc - ok
10:31:40.0469 0x1c1c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:31:40.0478 0x1c1c  MRxDAV - ok
10:31:40.0513 0x1c1c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:31:40.0522 0x1c1c  mrxsmb - ok
10:31:40.0552 0x1c1c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:31:40.0566 0x1c1c  mrxsmb10 - ok
10:31:40.0588 0x1c1c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:31:40.0594 0x1c1c  mrxsmb20 - ok
10:31:40.0626 0x1c1c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:31:40.0629 0x1c1c  msahci - ok
10:31:40.0658 0x1c1c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:31:40.0666 0x1c1c  msdsm - ok
10:31:40.0716 0x1c1c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:31:40.0726 0x1c1c  MSDTC - ok
10:31:40.0744 0x1c1c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:31:40.0747 0x1c1c  Msfs - ok
10:31:40.0757 0x1c1c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:31:40.0760 0x1c1c  mshidkmdf - ok
10:31:40.0787 0x1c1c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:31:40.0791 0x1c1c  msisadrv - ok
10:31:40.0835 0x1c1c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:31:40.0846 0x1c1c  MSiSCSI - ok
10:31:40.0851 0x1c1c  msiserver - ok
10:31:40.0867 0x1c1c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:31:40.0869 0x1c1c  MSKSSRV - ok
10:31:40.0878 0x1c1c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:31:40.0880 0x1c1c  MSPCLOCK - ok
10:31:40.0883 0x1c1c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:31:40.0884 0x1c1c  MSPQM - ok
10:31:40.0900 0x1c1c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:31:40.0909 0x1c1c  MsRPC - ok
10:31:40.0915 0x1c1c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:31:40.0917 0x1c1c  mssmbios - ok
10:31:40.0931 0x1c1c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:31:40.0934 0x1c1c  MSTEE - ok
10:31:40.0937 0x1c1c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:31:40.0939 0x1c1c  MTConfig - ok
10:31:40.0949 0x1c1c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:31:40.0952 0x1c1c  Mup - ok
10:31:41.0024 0x1c1c  [ D605AF5D179BEE253CF13D8E60180EB4, 98CCF13AF302F9D3C51FEC1B3EDF52C2DB11D42CA7E5406EA21900AB0615B0BE ] NanoServiceMain C:\Program Files (x86)\Panda Security\WAC\PSANHost.exe
10:31:41.0033 0x1c1c  NanoServiceMain - ok
10:31:41.0066 0x1c1c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:31:41.0087 0x1c1c  napagent - ok
10:31:41.0121 0x1c1c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:31:41.0129 0x1c1c  NativeWifiP - ok
10:31:41.0197 0x1c1c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:31:41.0246 0x1c1c  NDIS - ok
10:31:41.0259 0x1c1c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:31:41.0262 0x1c1c  NdisCap - ok
10:31:41.0275 0x1c1c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:31:41.0278 0x1c1c  NdisTapi - ok
10:31:41.0292 0x1c1c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:31:41.0295 0x1c1c  Ndisuio - ok
10:31:41.0316 0x1c1c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:31:41.0322 0x1c1c  NdisWan - ok
10:31:41.0345 0x1c1c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:31:41.0350 0x1c1c  NDProxy - ok
10:31:41.0399 0x1c1c  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:31:41.0402 0x1c1c  Net Driver HPZ12 - ok
10:31:41.0411 0x1c1c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:31:41.0414 0x1c1c  NetBIOS - ok
10:31:41.0421 0x1c1c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:31:41.0428 0x1c1c  NetBT - ok
10:31:41.0436 0x1c1c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
10:31:41.0437 0x1c1c  Netlogon - ok
10:31:41.0482 0x1c1c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:31:41.0513 0x1c1c  Netman - ok
10:31:41.0580 0x1c1c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:41.0587 0x1c1c  NetMsmqActivator - ok
10:31:41.0604 0x1c1c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:41.0610 0x1c1c  NetPipeActivator - ok
10:31:41.0632 0x1c1c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:31:41.0644 0x1c1c  netprofm - ok
10:31:41.0650 0x1c1c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:41.0652 0x1c1c  NetTcpActivator - ok
10:31:41.0658 0x1c1c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:31:41.0660 0x1c1c  NetTcpPortSharing - ok
10:31:41.0701 0x1c1c  [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
10:31:41.0713 0x1c1c  netvsc - ok
10:31:41.0733 0x1c1c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:31:41.0737 0x1c1c  nfrd960 - ok
10:31:41.0821 0x1c1c  [ ACD774B8E4684257C7A9709FC3F94198, 79D988B8095AAFA725B08B99F8C5F903A378CE0B8CE37B4390E0A7A1951D5F50 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
10:31:41.0833 0x1c1c  NitroDriverReadSpool8 - ok
10:31:41.0869 0x1c1c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:31:41.0886 0x1c1c  NlaSvc - ok
10:31:41.0950 0x1c1c  [ EAAF02F20988E2711498C1BF43A69F28, FE61C9FB9D1D0B2BB859C718636EC425C082F1C5BD129E308F56CF842B9DB311 ] nlsX86cc        C:\Windows\SysWOW64\NLSSRV32.EXE
10:31:41.0954 0x1c1c  nlsX86cc - ok
10:31:41.0990 0x1c1c  [ FFF6EA3E67C5B28620C256CDB603C028, 8AE3AD55577AFAFA6FCFA30294F1D499EED79F7FE66C7D1F4FC7205BB7C585FD ] NNSALPC         C:\Windows\system32\DRIVERS\NNSAlpc.sys
10:31:41.0994 0x1c1c  NNSALPC - ok
10:31:42.0018 0x1c1c  [ D2B319304A08559E4D9997DC0804D83A, 784272952AE900FD19C60AC1468FFBCCA2081E4D70114211F6D1603275B9C254 ] NNSHTTP         C:\Windows\system32\DRIVERS\NNSHttp.sys
10:31:42.0027 0x1c1c  NNSHTTP - ok
10:31:42.0045 0x1c1c  [ DB536B0B8A5B5D59EFDF213B1E82DB6A, ECA55C4ECBA82C7EB9F995990409E8BE92623AAD3CFA6153FC8559C7CFA9502A ] NNSHTTPS        C:\Windows\system32\DRIVERS\NNSHttps.sys
10:31:42.0053 0x1c1c  NNSHTTPS - ok
10:31:42.0067 0x1c1c  [ 659DC8B8BA688406147276D8425CABC2, D7A581956924DC4CF72F8FB846FEC03059143B168693FF18A60CE8939C7B3604 ] NNSIDS          C:\Windows\system32\DRIVERS\NNSIds.sys
10:31:42.0074 0x1c1c  NNSIDS - ok
10:31:42.0105 0x1c1c  [ 06BBEFD91803E6A6B6B8C1263EB28DF4, 8B4A72B0153D2DF862DF1FC71B3C2EA95C3FB826CCBFB572E82430C6C4F3E612 ] NNSNAHSL        C:\Windows\system32\DRIVERS\NNSNAHSL.sys
10:31:42.0107 0x1c1c  NNSNAHSL - ok
10:31:42.0133 0x1c1c  [ 8C88B4B1AA1F06E1B6AC2EC56FB6514D, 7084C873B92179BAF1C9FA116A7C9FAF20AF3F6000D6C6FCA1E9C2B5C611435D ] NNSPICC         C:\Windows\system32\DRIVERS\NNSPicc.sys
10:31:42.0139 0x1c1c  NNSPICC - ok
10:31:42.0167 0x1c1c  [ 6B76EE3EBBCEB2E8890D7CE0DBD285B0, 9B714F71DA86D682D1BC4E3E7A4AA00E1C12BCF3E995C45E2E961551E35CE098 ] NNSPIHSW        C:\Windows\system32\DRIVERS\NNSPihsw.sys
10:31:42.0173 0x1c1c  NNSPIHSW - ok
10:31:42.0187 0x1c1c  [ CCB98CD04AF3968881E04902ABF545BF, A965BF0CF9087834FE26F0323AF52D171E09E6D4F2DBF9B275821F473F8A68DE ] NNSPOP3         C:\Windows\system32\DRIVERS\NNSPop3.sys
10:31:42.0194 0x1c1c  NNSPOP3 - ok
10:31:42.0214 0x1c1c  [ 0B955CC4F50344FDDF852E0FBFC8C6BC, 60C6D86B48279F5B63562891F0E853BEF32B945E1BB830CBB3476E194E4B00F7 ] NNSPROT         C:\Windows\system32\DRIVERS\NNSProt.sys
10:31:42.0227 0x1c1c  NNSPROT - ok
10:31:42.0244 0x1c1c  [ DCDE95B5E71EA978E0E5B672A559C835, CD82298086394F6B91D17AE4D54CEFABD4F22CC1EDD8AC6307FAE7F821220283 ] NNSPRV          C:\Windows\system32\DRIVERS\NNSPrv.sys
10:31:42.0249 0x1c1c  NNSPRV - ok
10:31:42.0262 0x1c1c  [ 771DD03712048E6C530240A7345C9F33, CC914549CF5787B092EF882A2B26449A1F14D335BD5E930C1AA95960E4BA3718 ] NNSSMTP         C:\Windows\system32\DRIVERS\NNSSmtp.sys
10:31:42.0266 0x1c1c  NNSSMTP - ok
10:31:42.0298 0x1c1c  [ CA4887A1FE8D89252A1602E187B6024F, 539927A7ACF383DCB167B8CD6A34BA08071CD7ADF4640E616D6949754577224A ] NNSSTRM         C:\Windows\system32\DRIVERS\NNSStrm.sys
10:31:42.0309 0x1c1c  NNSSTRM - ok
10:31:42.0336 0x1c1c  [ EA0A4D7CA49709E68586449E897AB114, 77B02A718BB3379008F13BBB565B41C069AAE93FF446848E9E4719950C5A5CDE ] NNSTLSC         C:\Windows\system32\DRIVERS\NNSTlsc.sys
10:31:42.0339 0x1c1c  NNSTLSC - ok
10:31:42.0489 0x1c1c  [ B9B72FAAAA41D59B73B88FE3DD737ED1, 050E741FB5313523340B19C9C168611222C4AE9A6084FE3E2F908A49EA909A29 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
10:31:42.0589 0x1c1c  NOBU - ok
10:31:42.0625 0x1c1c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:31:42.0628 0x1c1c  Npfs - ok
10:31:42.0644 0x1c1c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:31:42.0647 0x1c1c  nsi - ok
10:31:42.0660 0x1c1c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:31:42.0663 0x1c1c  nsiproxy - ok
10:31:42.0719 0x1c1c  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:31:42.0763 0x1c1c  Ntfs - ok
10:31:42.0777 0x1c1c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:31:42.0780 0x1c1c  Null - ok
10:31:42.0794 0x1c1c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:31:42.0799 0x1c1c  nvraid - ok
10:31:42.0821 0x1c1c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:31:42.0832 0x1c1c  nvstor - ok
10:31:42.0859 0x1c1c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:31:42.0868 0x1c1c  nv_agp - ok
10:31:42.0876 0x1c1c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:31:42.0881 0x1c1c  ohci1394 - ok
10:31:42.0962 0x1c1c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:31:42.0968 0x1c1c  ose - ok
10:31:43.0130 0x1c1c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:31:43.0278 0x1c1c  osppsvc - ok
10:31:43.0310 0x1c1c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:31:43.0319 0x1c1c  p2pimsvc - ok
10:31:43.0348 0x1c1c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:31:43.0369 0x1c1c  p2psvc - ok
10:31:43.0392 0x1c1c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
10:31:43.0401 0x1c1c  Parport - ok
10:31:43.0426 0x1c1c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:31:43.0430 0x1c1c  partmgr - ok
10:31:43.0444 0x1c1c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:31:43.0451 0x1c1c  PcaSvc - ok
10:31:43.0469 0x1c1c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:31:43.0479 0x1c1c  pci - ok
10:31:43.0518 0x1c1c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:31:43.0522 0x1c1c  pciide - ok
10:31:43.0547 0x1c1c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:31:43.0560 0x1c1c  pcmcia - ok
10:31:43.0607 0x1c1c  [ AF7CE12C4F3DC8CB2B07685C916BBCFE, 1AF47113778D411BF3CF82ACF428676908121B1F3252133A5F98E188ED1E9C6C ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
10:31:43.0613 0x1c1c  pcouffin - ok
10:31:43.0626 0x1c1c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:31:43.0631 0x1c1c  pcw - ok
10:31:43.0656 0x1c1c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:31:43.0680 0x1c1c  PEAUTH - ok
10:31:43.0747 0x1c1c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
10:31:43.0790 0x1c1c  PeerDistSvc - ok
10:31:43.0839 0x1c1c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:31:43.0843 0x1c1c  PerfHost - ok
10:31:43.0925 0x1c1c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:31:43.0983 0x1c1c  pla - ok
10:31:44.0017 0x1c1c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:31:44.0028 0x1c1c  PlugPlay - ok
10:31:44.0085 0x1c1c  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:31:44.0090 0x1c1c  Pml Driver HPZ12 - ok
10:31:44.0105 0x1c1c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:31:44.0108 0x1c1c  PNRPAutoReg - ok
10:31:44.0126 0x1c1c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:31:44.0142 0x1c1c  PNRPsvc - ok
10:31:44.0185 0x1c1c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:31:44.0215 0x1c1c  PolicyAgent - ok
10:31:44.0241 0x1c1c  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
10:31:44.0248 0x1c1c  Power - ok
10:31:44.0282 0x1c1c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:31:44.0294 0x1c1c  PptpMiniport - ok
10:31:44.0304 0x1c1c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
10:31:44.0308 0x1c1c  Processor - ok
10:31:44.0333 0x1c1c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:31:44.0339 0x1c1c  ProfSvc - ok
10:31:44.0351 0x1c1c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:31:44.0355 0x1c1c  ProtectedStorage - ok
10:31:44.0373 0x1c1c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:31:44.0378 0x1c1c  Psched - ok
10:31:44.0424 0x1c1c  [ CBE7C4F87FA60F3C9F95AECFE30BDD5C, 8B3CB2B97FC0A0A29EB66210D2B29E390EB5135B5EEA44D5EE8C0EFA04D81478 ] PSINAflt        C:\Windows\system32\DRIVERS\PSINAflt.sys
10:31:44.0434 0x1c1c  PSINAflt - ok
10:31:44.0469 0x1c1c  [ 3B94BB88836C8FAFEDBAAA62E3002B5E, B40F41BE28E2536124AA30EB14E394772728187EEC92CDCC39F4F8CDEE518DB3 ] PSINDvct        C:\Windows\system32\DRIVERS\PSINDvct.sys
10:31:44.0474 0x1c1c  PSINDvct - ok
10:31:44.0488 0x1c1c  [ AE075A504EDDAF9D159A32820B611486, DF7A45093E5BF8CB0545BB7A5633D3B4B44D8BA1057E737489BDC8D77570C191 ] PSINFile        C:\Windows\system32\DRIVERS\PSINFile.sys
10:31:44.0493 0x1c1c  PSINFile - ok
10:31:44.0514 0x1c1c  [ 77B751DEB9985AC6BA0AD2A75AC2ADD0, 0E08C7A0B7AFD7D67BB35E8701DA867FAD2B69465C41535F1E18E73CF380F2B1 ] PSINKNC         C:\Windows\system32\DRIVERS\psinknc.sys
10:31:44.0521 0x1c1c  PSINKNC - ok
10:31:44.0542 0x1c1c  [ 4CA08FED1BCF8A34051EBBCB84CF688B, 0CB9AF32E022B1E37575C5184F9C01E7B71A28EA49835ED967BD3BE7A9560F2E ] PSINProc        C:\Windows\system32\DRIVERS\PSINProc.sys
10:31:44.0551 0x1c1c  PSINProc - ok
10:31:44.0562 0x1c1c  [ F450FE0C1DB5E8096BEF59A5F169F447, C6CC2B347EBC0FDB937B2DC23245835A0B1BD9B929D89CF017B3D9BCC068F5C0 ] PSINProt        C:\Windows\system32\DRIVERS\PSINProt.sys
10:31:44.0567 0x1c1c  PSINProt - ok
10:31:44.0629 0x1c1c  [ B3D55D17538F0FE4373206E82600D612, CDA83A92CF67280D5A17E203ED4C55E2BE93F8200B115B6BA33664861F0E5130 ] PSKMAD          C:\Windows\system32\DRIVERS\PSKMAD.sys
10:31:44.0634 0x1c1c  PSKMAD - ok
10:31:44.0663 0x1c1c  [ B8E4A12C2CC2F6D3076C10DDC87590AE, FF9080C9E5B014940B1165B1FE82DF331F3746DA74047E75E754360E8A78DCA7 ] PSUAService     C:\Program Files (x86)\Panda Security\WAC\PSUAService.exe
10:31:44.0695 0x1c1c  PSUAService - ok
10:31:44.0764 0x1c1c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:31:44.0805 0x1c1c  ql2300 - ok
10:31:44.0813 0x1c1c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:31:44.0819 0x1c1c  ql40xx - ok
10:31:44.0844 0x1c1c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:31:44.0853 0x1c1c  QWAVE - ok
10:31:44.0872 0x1c1c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:31:44.0877 0x1c1c  QWAVEdrv - ok
10:31:45.0007 0x1c1c  [ 000D82CC258E2D341605A6F350C4D1E6, 59EC5BA95D8B9EC739BC7D0BBE0E244CA2AE2DF01A8B65BFF7741DFBE38C2940 ] RapportCerberus_59849 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_59849.sys
10:31:45.0029 0x1c1c  RapportCerberus_59849 - ok
10:31:45.0099 0x1c1c  [ BCDB116C40D3C4C8D4D3EF2EFE3BE27C, DE62A7835C0DB8400EA66D3941420DBF99B7040CECC679F9D21E328C6835FAB0 ] RapportEI64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
10:31:45.0113 0x1c1c  RapportEI64 - ok
10:31:45.0166 0x1c1c  [ 9A8F69CEEC2062FCD156F53B867BDCEA, BE4D48ADFFA0C29F51714560E2621DAC5CA20441A91E685421B5220CE76A975A ] RapportKE64     C:\Windows\system32\Drivers\RapportKE64.sys
10:31:45.0180 0x1c1c  RapportKE64 - ok
10:31:45.0252 0x1c1c  [ FC0BF82B3968F1D8CD13B3F721668193, E3AAD9C2A6FC134140F31F45AF64BD1C035C6D803C795184C2B843CE2907324E ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
10:31:45.0293 0x1c1c  RapportMgmtService - ok
10:31:45.0324 0x1c1c  [ 52EF7E3508EEF387100127AA75D28969, 4720E8BBF9FF18F79AD8E1662D1B008CAB40EEC40206955726C2D0C43BDDE70C ] RapportPG64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
10:31:45.0330 0x1c1c  RapportPG64 - ok
10:31:45.0345 0x1c1c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:31:45.0348 0x1c1c  RasAcd - ok
10:31:45.0386 0x1c1c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:31:45.0391 0x1c1c  RasAgileVpn - ok
10:31:45.0425 0x1c1c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:31:45.0433 0x1c1c  RasAuto - ok
10:31:45.0454 0x1c1c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:31:45.0462 0x1c1c  Rasl2tp - ok
10:31:45.0510 0x1c1c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:31:45.0527 0x1c1c  RasMan - ok
10:31:45.0543 0x1c1c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:31:45.0547 0x1c1c  RasPppoe - ok
10:31:45.0561 0x1c1c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:31:45.0564 0x1c1c  RasSstp - ok
10:31:45.0584 0x1c1c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:31:45.0593 0x1c1c  rdbss - ok
10:31:45.0606 0x1c1c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:31:45.0609 0x1c1c  rdpbus - ok
10:31:45.0632 0x1c1c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:31:45.0635 0x1c1c  RDPCDD - ok
10:31:45.0667 0x1c1c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:31:45.0677 0x1c1c  RDPDR - ok
10:31:45.0701 0x1c1c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:31:45.0705 0x1c1c  RDPENCDD - ok
10:31:45.0714 0x1c1c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:31:45.0715 0x1c1c  RDPREFMP - ok
10:31:45.0749 0x1c1c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:31:45.0754 0x1c1c  RdpVideoMiniport - ok
10:31:45.0789 0x1c1c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:31:45.0801 0x1c1c  RDPWD - ok
10:31:45.0835 0x1c1c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:31:45.0848 0x1c1c  rdyboost - ok
10:31:45.0877 0x1c1c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:31:45.0885 0x1c1c  RemoteAccess - ok
10:31:45.0908 0x1c1c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:31:45.0920 0x1c1c  RemoteRegistry - ok
10:31:45.0940 0x1c1c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
10:31:45.0945 0x1c1c  RFCOMM - ok
10:31:45.0980 0x1c1c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:31:45.0987 0x1c1c  RpcEptMapper - ok
10:31:46.0004 0x1c1c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:31:46.0009 0x1c1c  RpcLocator - ok
10:31:46.0037 0x1c1c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:31:46.0047 0x1c1c  RpcSs - ok
10:31:46.0069 0x1c1c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:31:46.0073 0x1c1c  rspndr - ok
10:31:46.0115 0x1c1c  [ F6820BB4C4A6A6E04A9229B4F633648C, 4CB18BA57DDE78C2AB560D12B3441C0FAE7CBF5D758020E88DCA1C2E271C32B4 ] RSUSBVSTOR      C:\Windows\system32\Drivers\RTSUVSTOR.sys
10:31:46.0132 0x1c1c  RSUSBVSTOR - ok
10:31:46.0169 0x1c1c  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:31:46.0198 0x1c1c  RTL8167 - ok
10:31:46.0225 0x1c1c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
10:31:46.0228 0x1c1c  s3cap - ok
10:31:46.0245 0x1c1c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
10:31:46.0249 0x1c1c  SamSs - ok
10:31:46.0275 0x1c1c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:31:46.0278 0x1c1c  sbp2port - ok
10:31:46.0314 0x1c1c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:31:46.0323 0x1c1c  SCardSvr - ok
10:31:46.0345 0x1c1c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:31:46.0348 0x1c1c  scfilter - ok
10:31:46.0386 0x1c1c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:31:46.0420 0x1c1c  Schedule - ok
10:31:46.0442 0x1c1c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:31:46.0443 0x1c1c  SCPolicySvc - ok
10:31:46.0464 0x1c1c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:31:46.0470 0x1c1c  SDRSVC - ok
10:31:46.0493 0x1c1c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:31:46.0495 0x1c1c  secdrv - ok
10:31:46.0505 0x1c1c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:31:46.0511 0x1c1c  seclogon - ok
10:31:46.0529 0x1c1c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:31:46.0536 0x1c1c  SENS - ok
10:31:46.0553 0x1c1c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:31:46.0560 0x1c1c  SensrSvc - ok
10:31:46.0591 0x1c1c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:31:46.0595 0x1c1c  Serenum - ok
10:31:46.0604 0x1c1c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
10:31:46.0610 0x1c1c  Serial - ok
10:31:46.0616 0x1c1c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:31:46.0620 0x1c1c  sermouse - ok
10:31:46.0638 0x1c1c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:31:46.0643 0x1c1c  SessionEnv - ok
10:31:46.0646 0x1c1c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:31:46.0648 0x1c1c  sffdisk - ok
10:31:46.0651 0x1c1c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:31:46.0653 0x1c1c  sffp_mmc - ok
10:31:46.0657 0x1c1c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:31:46.0659 0x1c1c  sffp_sd - ok
10:31:46.0674 0x1c1c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:31:46.0676 0x1c1c  sfloppy - ok
10:31:46.0753 0x1c1c  [ 4215C271D6E6898C3F4DABAB4F387DC9, 10D845466AC239E18A381FA3BCF1DA1CDCF7CC4363D3A6B4695D6562B3EF7541 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
10:31:46.0795 0x1c1c  SftService - ok
10:31:46.0827 0x1c1c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:31:46.0843 0x1c1c  SharedAccess - ok
10:31:46.0866 0x1c1c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:31:46.0876 0x1c1c  ShellHWDetection - ok
10:31:46.0890 0x1c1c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:31:46.0894 0x1c1c  SiSRaid2 - ok
10:31:46.0902 0x1c1c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:31:46.0906 0x1c1c  SiSRaid4 - ok
10:31:46.0964 0x1c1c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
10:31:46.0971 0x1c1c  SkypeUpdate - ok
10:31:46.0987 0x1c1c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:31:46.0993 0x1c1c  Smb - ok
10:31:47.0025 0x1c1c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:31:47.0028 0x1c1c  SNMPTRAP - ok
10:31:47.0038 0x1c1c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:31:47.0041 0x1c1c  spldr - ok
10:31:47.0085 0x1c1c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:31:47.0107 0x1c1c  Spooler - ok
10:31:47.0216 0x1c1c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:31:47.0339 0x1c1c  sppsvc - ok
10:31:47.0360 0x1c1c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:31:47.0364 0x1c1c  sppuinotify - ok
10:31:47.0399 0x1c1c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:31:47.0421 0x1c1c  srv - ok
10:31:47.0445 0x1c1c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:31:47.0456 0x1c1c  srv2 - ok
10:31:47.0471 0x1c1c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:31:47.0477 0x1c1c  srvnet - ok
10:31:47.0510 0x1c1c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:31:47.0516 0x1c1c  SSDPSRV - ok
10:31:47.0533 0x1c1c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:31:47.0541 0x1c1c  SstpSvc - ok
10:31:47.0565 0x1c1c  [ E4EA2412FB1B8AEE33667A9CC6D456A4, E553D07BBD98CB026033D7D10D859795682D1BFCB9D33D494177B2E747EA5064 ] stdcfltn        C:\Windows\system32\DRIVERS\stdcfltn.sys
10:31:47.0567 0x1c1c  stdcfltn - ok
10:31:47.0594 0x1c1c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:31:47.0598 0x1c1c  stexstor - ok
10:31:47.0636 0x1c1c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:31:47.0658 0x1c1c  stisvc - ok
10:31:47.0673 0x1c1c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
10:31:47.0679 0x1c1c  StorSvc - ok
10:31:47.0716 0x1c1c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
10:31:47.0721 0x1c1c  storvsc - ok
10:31:47.0752 0x1c1c  [ 10D69C83513B50F34032F7F96E40019D, 8B941AB6867197FE219CB316E8566B7A2F122178561E9A1D88A4B19398EFAC2C ] ST_ACCEL        C:\Windows\system32\DRIVERS\ST_ACCEL.sys
10:31:47.0757 0x1c1c  ST_ACCEL - ok
10:31:47.0778 0x1c1c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:31:47.0782 0x1c1c  swenum - ok
10:31:47.0809 0x1c1c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:31:47.0822 0x1c1c  swprv - ok
10:31:47.0838 0x1c1c  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
10:31:47.0841 0x1c1c  SynthVid - ok
10:31:47.0915 0x1c1c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:31:47.0984 0x1c1c  SysMain - ok
10:31:48.0003 0x1c1c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:31:48.0009 0x1c1c  TabletInputService - ok
10:31:48.0029 0x1c1c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:31:48.0039 0x1c1c  TapiSrv - ok
10:31:48.0055 0x1c1c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:31:48.0059 0x1c1c  TBS - ok
10:31:48.0165 0x1c1c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:31:48.0252 0x1c1c  Tcpip - ok
10:31:48.0343 0x1c1c  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:31:48.0393 0x1c1c  TCPIP6 - ok
10:31:48.0413 0x1c1c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:31:48.0416 0x1c1c  tcpipreg - ok
10:31:48.0437 0x1c1c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:31:48.0439 0x1c1c  TDPIPE - ok
10:31:48.0461 0x1c1c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:31:48.0464 0x1c1c  TDTCP - ok
10:31:48.0495 0x1c1c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:31:48.0502 0x1c1c  tdx - ok
10:31:48.0516 0x1c1c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:31:48.0522 0x1c1c  TermDD - ok
10:31:48.0578 0x1c1c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
10:31:48.0619 0x1c1c  TermService - ok
10:31:48.0636 0x1c1c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:31:48.0640 0x1c1c  Themes - ok
10:31:48.0657 0x1c1c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:31:48.0661 0x1c1c  THREADORDER - ok
10:31:48.0672 0x1c1c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:31:48.0676 0x1c1c  TrkWks - ok
10:31:48.0720 0x1c1c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:31:48.0730 0x1c1c  TrustedInstaller - ok
10:31:48.0774 0x1c1c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:31:48.0777 0x1c1c  tssecsrv - ok
10:31:48.0801 0x1c1c  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:31:48.0804 0x1c1c  TsUsbFlt - ok
10:31:48.0824 0x1c1c  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
10:31:48.0829 0x1c1c  TsUsbGD - ok
10:31:48.0864 0x1c1c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:31:48.0872 0x1c1c  tunnel - ok
10:31:48.0900 0x1c1c  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
10:31:48.0904 0x1c1c  TurboB - ok
10:31:48.0945 0x1c1c  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
10:31:48.0955 0x1c1c  TurboBoost - ok
10:31:48.0972 0x1c1c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:31:48.0976 0x1c1c  uagp35 - ok
10:31:48.0990 0x1c1c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:31:48.0999 0x1c1c  udfs - ok
10:31:49.0016 0x1c1c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:31:49.0020 0x1c1c  UI0Detect - ok
10:31:49.0031 0x1c1c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:31:49.0034 0x1c1c  uliagpkx - ok
10:31:49.0049 0x1c1c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:31:49.0051 0x1c1c  umbus - ok
10:31:49.0055 0x1c1c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:31:49.0056 0x1c1c  UmPass - ok
10:31:49.0087 0x1c1c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
10:31:49.0100 0x1c1c  UmRdpService - ok
10:31:49.0167 0x1c1c  [ 0DFC9713D117B349E41A2A477448107A, 0C7B2162C2FA0BA46C2D3D9986CB542926C1802532E0785A49AC9B18284267AC ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:31:49.0184 0x1c1c  UNS - ok
10:31:49.0212 0x1c1c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:31:49.0241 0x1c1c  upnphost - ok
10:31:49.0280 0x1c1c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:31:49.0284 0x1c1c  USBAAPL64 - ok
10:31:49.0304 0x1c1c  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:31:49.0311 0x1c1c  usbccgp - ok
10:31:49.0345 0x1c1c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:31:49.0353 0x1c1c  usbcir - ok
10:31:49.0371 0x1c1c  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:31:49.0376 0x1c1c  usbehci - ok
10:31:49.0413 0x1c1c  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:31:49.0423 0x1c1c  usbhub - ok
10:31:49.0440 0x1c1c  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:31:49.0443 0x1c1c  usbohci - ok
10:31:49.0460 0x1c1c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:31:49.0463 0x1c1c  usbprint - ok
10:31:49.0511 0x1c1c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:31:49.0516 0x1c1c  usbscan - ok
10:31:49.0543 0x1c1c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:31:49.0551 0x1c1c  USBSTOR - ok
10:31:49.0563 0x1c1c  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:31:49.0568 0x1c1c  usbuhci - ok
10:31:49.0612 0x1c1c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
10:31:49.0622 0x1c1c  usbvideo - ok
10:31:49.0647 0x1c1c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:31:49.0655 0x1c1c  UxSms - ok
10:31:49.0679 0x1c1c  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
10:31:49.0682 0x1c1c  VaultSvc - ok
10:31:49.0795 0x1c1c  [ 6392117B3F8B4AC98408D430D8F12366, E747200E22EA96E190BBF585AD3ECD00F98F39791981CC67DD72509CED2D33E6 ] vcsFPService    C:\Windows\system32\vcsFPService.exe
10:31:49.0933 0x1c1c  vcsFPService - ok
10:31:49.0964 0x1c1c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:31:49.0966 0x1c1c  vdrvroot - ok
10:31:49.0997 0x1c1c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:31:50.0019 0x1c1c  vds - ok
10:31:50.0032 0x1c1c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:31:50.0035 0x1c1c  vga - ok
10:31:50.0047 0x1c1c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:31:50.0049 0x1c1c  VgaSave - ok
10:31:50.0062 0x1c1c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:31:50.0069 0x1c1c  vhdmp - ok
10:31:50.0095 0x1c1c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:31:50.0098 0x1c1c  viaide - ok
10:31:50.0117 0x1c1c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
10:31:50.0122 0x1c1c  VMBusHID - ok
10:31:50.0147 0x1c1c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:31:50.0153 0x1c1c  volmgr - ok
10:31:50.0177 0x1c1c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:31:50.0185 0x1c1c  volmgrx - ok
10:31:50.0205 0x1c1c  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:31:50.0212 0x1c1c  volsnap - ok
10:31:50.0255 0x1c1c  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
10:31:50.0266 0x1c1c  vpcbus - ok
10:31:50.0297 0x1c1c  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
10:31:50.0300 0x1c1c  vpcnfltr - ok
10:31:50.0329 0x1c1c  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
10:31:50.0337 0x1c1c  vpcusb - ok
10:31:50.0380 0x1c1c  [ 30D4243726A15A14F5C5E45898D14394, 0EED69CACCDEC1260C79B187370E420C12654F0F5F777A1FF27F5C5FF3BAE2E1 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
10:31:50.0397 0x1c1c  vpcvmm - ok
10:31:50.0409 0x1c1c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:31:50.0414 0x1c1c  vsmraid - ok
10:31:50.0489 0x1c1c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:31:50.0535 0x1c1c  VSS - ok
10:31:50.0552 0x1c1c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
10:31:50.0555 0x1c1c  vwifibus - ok
10:31:50.0582 0x1c1c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
10:31:50.0588 0x1c1c  vwififlt - ok
10:31:50.0626 0x1c1c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:31:50.0642 0x1c1c  W32Time - ok
10:31:50.0649 0x1c1c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:31:50.0651 0x1c1c  WacomPen - ok
10:31:50.0731 0x1c1c  [ 9581ECD2B0413CFFA2037D16B4C732A1, 7A90CB6DF10B6324010D9F63BED8EB41BAB3E7FEDAB2B57AF71624E5F8D30251 ] WAHost          C:\Program Files (x86)\Panda Security\WaAgent\WAHost\WAHost.exe
10:31:50.0764 0x1c1c  WAHost - ok
10:31:50.0792 0x1c1c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:31:50.0795 0x1c1c  WANARP - ok
10:31:50.0809 0x1c1c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:31:50.0811 0x1c1c  Wanarpv6 - ok
10:31:50.0888 0x1c1c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
10:31:50.0926 0x1c1c  WatAdminSvc - ok
10:31:50.0978 0x1c1c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:31:51.0038 0x1c1c  wbengine - ok
10:31:51.0052 0x1c1c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:31:51.0058 0x1c1c  WbioSrvc - ok
10:31:51.0076 0x1c1c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:31:51.0086 0x1c1c  wcncsvc - ok
10:31:51.0099 0x1c1c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:31:51.0103 0x1c1c  WcsPlugInService - ok
10:31:51.0121 0x1c1c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
10:31:51.0124 0x1c1c  Wd - ok
10:31:51.0188 0x1c1c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:31:51.0230 0x1c1c  Wdf01000 - ok
10:31:51.0257 0x1c1c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:31:51.0261 0x1c1c  WdiServiceHost - ok
10:31:51.0266 0x1c1c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:31:51.0269 0x1c1c  WdiSystemHost - ok
10:31:51.0311 0x1c1c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:31:51.0328 0x1c1c  WebClient - ok
10:31:51.0348 0x1c1c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:31:51.0359 0x1c1c  Wecsvc - ok
10:31:51.0376 0x1c1c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:31:51.0382 0x1c1c  wercplsupport - ok
10:31:51.0409 0x1c1c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:31:51.0415 0x1c1c  WerSvc - ok
10:31:51.0447 0x1c1c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:31:51.0451 0x1c1c  WfpLwf - ok
10:31:51.0484 0x1c1c  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
10:31:51.0491 0x1c1c  WimFltr - ok
10:31:51.0506 0x1c1c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:31:51.0509 0x1c1c  WIMMount - ok
10:31:51.0532 0x1c1c  WinDefend - ok
10:31:51.0540 0x1c1c  WinHttpAutoProxySvc - ok
10:31:51.0590 0x1c1c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:31:51.0603 0x1c1c  Winmgmt - ok
10:31:51.0675 0x1c1c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:31:51.0725 0x1c1c  WinRM - ok
10:31:51.0761 0x1c1c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
10:31:51.0763 0x1c1c  WinUSB - ok
10:31:51.0813 0x1c1c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:31:51.0855 0x1c1c  Wlansvc - ok
10:31:51.0898 0x1c1c  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:31:51.0903 0x1c1c  wlcrasvc - ok
10:31:52.0008 0x1c1c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:31:52.0102 0x1c1c  wlidsvc - ok
10:31:52.0127 0x1c1c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:31:52.0129 0x1c1c  WmiAcpi - ok
10:31:52.0158 0x1c1c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:31:52.0170 0x1c1c  wmiApSrv - ok
10:31:52.0191 0x1c1c  WMPNetworkSvc - ok
10:31:52.0227 0x1c1c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:31:52.0233 0x1c1c  WPCSvc - ok
10:31:52.0255 0x1c1c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:31:52.0263 0x1c1c  WPDBusEnum - ok
10:31:52.0272 0x1c1c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:31:52.0274 0x1c1c  ws2ifsl - ok
10:31:52.0292 0x1c1c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:31:52.0296 0x1c1c  wscsvc - ok
10:31:52.0299 0x1c1c  WSearch - ok
10:31:52.0371 0x1c1c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:31:52.0429 0x1c1c  wuauserv - ok
10:31:52.0451 0x1c1c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:31:52.0455 0x1c1c  WudfPf - ok
10:31:52.0483 0x1c1c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:31:52.0494 0x1c1c  WUDFRd - ok
10:31:52.0510 0x1c1c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:31:52.0514 0x1c1c  wudfsvc - ok
10:31:52.0552 0x1c1c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:31:52.0568 0x1c1c  WwanSvc - ok
10:31:52.0623 0x1c1c  [ 25020240C87E9BD41D11DCFA694F5963, 04482BE0D04F8E1EB78EDA43A1487239398DDC471ABCA87527890CBC5A04822C ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
10:31:52.0632 0x1c1c  ZAtheros Bt&Wlan Coex Agent - ok
10:31:52.0654 0x1c1c  [ DE1E57C275379FD4647C4730A6260516, 2F6680BE2C3E4336CCEFE67ACE9374681D3C78AABDABBBEF88FF9C7C4A30E4F1 ] ZAtheros Wlan Agent C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
10:31:52.0660 0x1c1c  ZAtheros Wlan Agent - ok
10:31:52.0682 0x1c1c  ================ Scan global ===============================
10:31:52.0709 0x1c1c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:31:52.0752 0x1c1c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:31:52.0774 0x1c1c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:31:52.0801 0x1c1c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:31:52.0828 0x1c1c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:31:52.0838 0x1c1c  [ Global ] - ok
10:31:52.0838 0x1c1c  ================ Scan MBR ==================================
10:31:52.0851 0x1c1c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:31:53.0056 0x1c1c  \Device\Harddisk0\DR0 - ok
10:31:53.0063 0x1c1c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
10:31:53.0070 0x1c1c  \Device\Harddisk1\DR1 - ok
10:31:53.0071 0x1c1c  ================ Scan VBR ==================================
10:31:53.0074 0x1c1c  [ C3F0F8FF66203ADA35689F92650D6C24 ] \Device\Harddisk0\DR0\Partition1
10:31:53.0081 0x1c1c  \Device\Harddisk0\DR0\Partition1 - ok
10:31:53.0083 0x1c1c  [ C35FF86CD6F9A25DF4FA3530CE93E40A ] \Device\Harddisk0\DR0\Partition2
10:31:53.0094 0x1c1c  \Device\Harddisk0\DR0\Partition2 - ok
10:31:53.0098 0x1c1c  [ EB33F17F23A6792575A1A4A9EB7E7964 ] \Device\Harddisk1\DR1\Partition1
10:31:53.0100 0x1c1c  \Device\Harddisk1\DR1\Partition1 - ok
10:31:53.0101 0x1c1c  Waiting for KSN requests completion. In queue: 128
10:31:54.0101 0x1c1c  Waiting for KSN requests completion. In queue: 128
10:31:55.0101 0x1c1c  Waiting for KSN requests completion. In queue: 128
10:31:56.0166 0x1c1c  AV detected via SS2: Panda Endpoint Protection,  (  ), 0x71000 ( enabled : updated )
10:31:56.0168 0x1c1c  FW detected via SS2: Panda Endpoint Protection Firewall,  (  ), 0x71010 ( enabled )
10:31:58.0616 0x1c1c  ============================================================
10:31:58.0616 0x1c1c  Scan finished
10:31:58.0616 0x1c1c  ============================================================
10:31:58.0627 0x1fc4  Detected object count: 0
10:31:58.0627 0x1fc4  Actual detected object count: 0
10:34:03.0229 0x23a8  Deinitialize success


#12 wigannwuk

wigannwuk
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:12 PM

Posted 08 April 2014 - 03:25 PM

ive found 2 malwarebytes logs as follows

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.03.31.09
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Clive.Cox :: BCLPTP-CLIVE [administrator]
 
31/03/2014 22:44:30
mbam-log-2014-03-31 (22-44-30).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 320806
Time elapsed: 35 minute(s), 55 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Users\clive.cox\AppData\Local\Temp\poclbm120222.cl (Trojan.BitcoinMiner) -> Quarantined and deleted successfully.
 
(end)

and more worryingly


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.04.02.05
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Clive.Cox :: BCLPTP-CLIVE [administrator]
 
02/04/2014 16:11:16
mbam-log-2014-04-02 (16-11-16).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 322070
Time elapsed: 27 minute(s), 50 second(s)
 
Memory Processes Detected: 1
C:\Users\clive.cox\AppData\Local\Temp\.exe (Backdoor.Agent.RDL) -> 4952 -> Delete on reboot.
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.
 
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Backdoor.Agent) -> Data: explorer.exe,C:\Users\clive.cox\AppData\Local\Temp\.exe -> Quarantined and deleted successfully.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 5
C:\Users\clive.cox\AppData\Local\Temp\.exe (Backdoor.Agent.RDL) -> Delete on reboot.
C:\Users\clive.cox\AppData\Roaming\DataWork\70048.exe (Trojan.MSIL.Agent) -> Quarantined and deleted successfully.
C:\Users\clive.cox\AppData\Local\Temp\navk.exe (Backdoor.Agent.RDL) -> Quarantined and deleted successfully.
C:\Users\clive.cox\Local Settings\Temporary Internet Files\Content.IE5\LV5W994M\svc[1].exe (Trojan.MSIL.Agent) -> Quarantined and deleted successfully.
C:\Users\clive.cox\AppData\Roaming\Sample.lnk (Trojan.Agent) -> Quarantined and deleted successfully.
 
(end)


#13 wigannwuk

wigannwuk
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:12 PM

Posted 08 April 2014 - 03:40 PM

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-04-08 20:52:21
-----------------------------
20:52:21.687    OS Version: Windows x64 6.1.7601 Service Pack 1
20:52:21.688    Number of processors: 4 586 0x3A09
20:52:21.688    ComputerName: BCLPTP-CLIVE  UserName: Clive.Cox
20:52:24.684    Initialize success
20:55:52.323    AVAST engine defs: 14040800
21:02:33.386    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007f
21:02:33.389    Disk 0 Vendor: ATA_____ DEM1 Size: 476940MB BusType: 11
21:02:33.488    Disk 0 MBR read successfully
21:02:33.492    Disk 0 MBR scan
21:02:33.502    Disk 0 Windows VISTA default MBR code
21:02:33.507    Disk 0 Partition 1 00     DE Dell Utility DELL 4.1       39 MB offset 63
21:02:33.518    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        15114 MB offset 81920
21:02:33.536    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       461785 MB offset 31035392
21:02:33.581    Disk 0 scanning C:\Windows\system32\drivers
21:02:46.747    Service scanning
21:03:14.231    Modules scanning
21:03:14.242    Disk 0 trace - called modules:
21:03:14.259    ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys iaStorF.sys storport.sys hal.dll iaStorA.sys 
21:03:14.268    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006cc6060]
21:03:14.275    3 CLASSPNP.SYS[fffff88001d7c43f] -> nt!IofCallDriver -> [0xfffffa8006b62b90]
21:03:14.282    5 stdcfltn.sys[fffff88001875d12] -> nt!IofCallDriver -> [0xfffffa8006b619c0]
21:03:14.289    7 iaStorF.sys[fffff88001d18168] -> nt!IofCallDriver -> \Device\0000007f[0xfffffa8004ae0910]
21:03:23.954    AVAST engine scan C:\Windows
21:03:26.430    AVAST engine scan C:\Windows\system32
21:06:58.938    AVAST engine scan C:\Windows\system32\drivers
21:07:27.124    AVAST engine scan C:\Users\clive.cox
21:33:29.079    AVAST engine scan C:\ProgramData
21:35:39.097    Scan finished successfully
21:39:22.488    Disk 0 MBR has been saved successfully to "C:\Users\clive.cox\Desktop\MBR.dat"
21:39:22.499    The log file has been saved successfully to "C:\Users\clive.cox\Desktop\aswMBR.txt"


#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:12 PM

Posted 08 April 2014 - 05:57 PM

Ok not so bad.. if you had any Bitcoin it was taken.
Nothing else showing.. Change your passwords and advise your banks you had a backdoor.

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 wigannwuk

wigannwuk
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:12 PM

Posted 15 April 2014 - 09:48 AM

are the backdoor agents on the 2nd malwarebytes report not a problem anymore?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users