Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows Action Centre reported Win32 Small.CA virus: I haven't found anything...


  • This topic is locked This topic is locked
7 replies to this topic

#1 GKL206

GKL206

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 07 September 2013 - 05:33 AM

I ran scans with several things, my antivirus, Windows Defender, Malware Bytes Anti-Malware and all came out clean. Eventually I took the brutal approach and did a clean Windows install. Since then I've had a couple of BSOD crashes and Chrome keeps on doing it's "this page has crashed please reload thing so I've decided it's time to ask an expert.

I followed steps 1 to 6 Here

and came up with the following log:

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16660  BrowserJavaVersion: 10.25.2
Run by Graham at 11:16:16 on 2013-09-07
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.16247.13743 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\dinotify.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{FC857935-D6BA-41AA-8245-5F3F4EA822B6} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Graham\AppData\Roaming\Mozilla\Firefox\Profiles\mgkxsvou.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-08-04 18:18; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-8-4 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-8-4 189936]
R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2013-8-13 295696]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2013-8-4 1030952]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2013-8-4 378944]
R1 RapportCerberus_56758;RapportCerberus_56758;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys [2013-8-22 589872]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2013-8-19 265872]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2013-8-19 384432]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-3-29 241152]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2013-8-4 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-8-4 80816]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-8-4 46808]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2013-8-19 1435928]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-9-22 321064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-8-13 19456]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-8-13 57856]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-8-4 1255736]
.
=============== Created Last 30 ================
.
2013-09-06 09:34:46 9515512 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9120631B-7F1D-4554-B493-BDDB1113B720}\mpengine.dll
2013-09-05 12:33:10 -------- d-----w- C:\Users\Graham\AppData\Local\Mozilla
2013-09-05 12:12:59 -------- d-----w- C:\Users\Graham\AppData\Local\AVG SafeGuard toolbar
2013-09-05 12:12:23 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search
2013-09-05 12:12:00 -------- d--h--w- C:\ProgramData\Common Files
2013-09-01 20:00:54 -------- d-----w- C:\Users\Graham\AppData\Roaming\BBCiPlayerDesktop
2013-09-01 20:00:53 -------- d-----w- C:\Users\Graham\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
2013-09-01 20:00:50 -------- d-----w- C:\Program Files (x86)\BBC iPlayer Desktop
2013-08-31 10:45:42 -------- d-----w- C:\Users\Graham\AppData\Local\BeamDog
2013-08-31 10:45:38 -------- d-----w- C:\Program Files (x86)\BeamDog
2013-08-17 12:07:21 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-17 12:07:21 -------- d-----w- C:\Program Files\iTunes
2013-08-17 12:07:21 -------- d-----w- C:\Program Files\iPod
2013-08-17 12:07:21 -------- d-----w- C:\Program Files (x86)\iTunes
2013-08-15 06:03:57 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-08-13 06:32:15 295696 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2013-08-13 06:30:32 -------- d-----w- C:\Users\Graham\AppData\Local\Trusteer
2013-08-13 06:30:28 -------- d-----w- C:\Program Files (x86)\Trusteer
2013-08-13 06:29:15 -------- d-----w- C:\ProgramData\Trusteer
2013-08-13 05:55:52 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-08-13 05:52:49 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2013-08-13 05:52:49 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2013-08-09 07:28:56 -------- d-----w- C:\Users\Graham\AppData\Roaming\LibreOffice
2013-08-08 15:37:18 466456 ----a-w- C:\Windows\System32\wrap_oal.dll
2013-08-08 15:37:18 444952 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2013-08-08 15:37:18 122904 ----a-w- C:\Windows\System32\OpenAL32.dll
2013-08-08 15:37:18 109080 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2013-08-08 15:37:18 -------- d-----w- C:\Program Files (x86)\OpenAL
.
==================== Find3M  ====================
.
2013-08-07 03:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-08-06 08:22:40 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-08-05 12:58:58 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2013-08-05 12:58:57 175616 ----a-w- C:\Windows\System32\msclmd.dll
2013-08-04 18:52:27 0 ----a-w- C:\Windows\ativpsrm.bin
2013-08-04 17:35:09 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-08-04 17:35:09 1030952 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-08-04 16:45:54 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-04 16:45:53 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-08-04 16:45:53 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-07-26 05:13:37 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-07-26 05:12:08 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-07-26 05:12:04 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-07-26 05:12:03 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-07-26 03:35:08 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-07-26 03:13:24 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-07-26 03:12:04 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-07-26 03:12:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-07-26 03:12:00 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-07-26 02:49:14 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-07-26 02:39:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-26 01:59:38 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-07-25 09:25:54 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-07-25 08:57:27 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-07-23 07:30:22 773968 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-07-23 07:30:22 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 06:03:30 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-07-09 05:54:22 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-07-09 05:53:12 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 05:03:34 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-07-09 05:03:34 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-07-09 04:53:47 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:33 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-09 04:45:07 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2013-07-09 02:49:42 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-07-09 02:49:41 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-07-09 02:49:39 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-07-09 02:49:38 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-07-06 06:03:53 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-06-15 04:32:16 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
.
============= FINISH: 11:17:03.99 ===============
 

Thanks in advance for help.

Attached Files



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:10 AM

Posted 12 September 2013 - 05:35 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/507022 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:10 PM

Posted 13 September 2013 - 08:00 AM

Hi there,
 
:step1: Win32 Small.CA is a data theft trojan and so I need to give you this warning:
 
Backdoor trojans allows hackers to remotely control your computer,steal critical system information and download and execute files.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

That said, backdoor trojans would not survive a complete system wipe and so you will have removed it when you reinstalled Windows.

:step2: What we do need to check for is rootkits (which will survive a re-install of Windows).


Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
Casey

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#4 GKL206

GKL206
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 14 September 2013 - 03:20 AM

First of all thanks very much for your time Casey.

 

Since I posted the thread I *hope* I've solved the problem: I took the side off the computer and checked all the connections within my competence before posting and since then the problems with Chrome have gone away so I'm hoping it was a dodgy RAM connection causing problems rather than a virus.

 

But having said that there has been malware on this computer, my computer is vital for me and I know malware can persist so I would like to run through the checks to be as safe as possible. Even in the brief time since re-installing Windows the loathsome AVG Secure Search slipped past my notice and wasted the best part of an hour getting rid of it. So in that spirit here's the TDSSKiller log:

 

08:57:14.0246 0x0ee8  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
08:57:14.0373 0x0ee8  ============================================================
08:57:14.0373 0x0ee8  Current date / time: 2013/09/14 08:57:14.0373
08:57:14.0373 0x0ee8  SystemInfo:
08:57:14.0373 0x0ee8  
08:57:14.0374 0x0ee8  OS Version: 6.1.7601 ServicePack: 1.0
08:57:14.0374 0x0ee8  Product type: Workstation
08:57:14.0374 0x0ee8  ComputerName: DESKTOP
08:57:14.0374 0x0ee8  UserName: Graham
08:57:14.0374 0x0ee8  Windows directory: C:\Windows
08:57:14.0374 0x0ee8  System windows directory: C:\Windows
08:57:14.0374 0x0ee8  Running under WOW64
08:57:14.0374 0x0ee8  Processor architecture: Intel x64
08:57:14.0374 0x0ee8  Number of processors: 4
08:57:14.0374 0x0ee8  Page size: 0x1000
08:57:14.0374 0x0ee8  Boot type: Normal boot
08:57:14.0374 0x0ee8  ============================================================
08:57:15.0265 0x0ee8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:57:15.0267 0x0ee8  Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:57:15.0311 0x0ee8  Drive \Device\Harddisk6\DR6 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:57:22.0978 0x0ee8  Drive \Device\Harddisk7\DR7 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:57:29.0209 0x0ee8  ============================================================
08:57:29.0209 0x0ee8  \Device\Harddisk0\DR0:
08:57:29.0209 0x0ee8  MBR partitions:
08:57:29.0209 0x0ee8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3B000, BlocksNum 0x16E3000
08:57:29.0209 0x0ee8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x171E000, BlocksNum 0x72FE8000
08:57:29.0210 0x0ee8  \Device\Harddisk1\DR1:
08:57:29.0212 0x0ee8  MBR partitions:
08:57:29.0212 0x0ee8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93800
08:57:29.0212 0x0ee8  \Device\Harddisk6\DR6:
08:57:29.0234 0x0ee8  MBR partitions:
08:57:29.0234 0x0ee8  \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1
08:57:29.0234 0x0ee8  \Device\Harddisk7\DR7:
08:57:29.0235 0x0ee8  MBR partitions:
08:57:29.0235 0x0ee8  \Device\Harddisk7\DR7\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xAEA86741
08:57:29.0235 0x0ee8  ============================================================
08:57:29.0264 0x0ee8  C: <-> \Device\Harddisk0\DR0\Partition2
08:57:29.0265 0x0ee8  D: <-> \Device\Harddisk1\DR1\Partition1
08:57:29.0278 0x0ee8  F: <-> \Device\Harddisk6\DR6\Partition1
08:57:29.0396 0x0ee8  L: <-> \Device\Harddisk7\DR7\Partition1
08:57:29.0396 0x0ee8  ============================================================
08:57:29.0396 0x0ee8  Initialize success
08:57:29.0396 0x0ee8  ============================================================
08:58:02.0517 0x0df4  ============================================================
08:58:02.0517 0x0df4  Scan started
08:58:02.0518 0x0df4  Mode: Manual; 
08:58:02.0518 0x0df4  ============================================================
08:58:02.0843 0x0df4  ================ Scan system memory ========================
08:58:02.0843 0x0df4  System memory - ok
08:58:02.0843 0x0df4  ================ Scan services =============================
08:58:03.0054 0x0df4  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
08:58:03.0059 0x0df4  1394ohci - ok
08:58:03.0107 0x0df4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
08:58:03.0112 0x0df4  ACPI - ok
08:58:03.0151 0x0df4  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
08:58:03.0153 0x0df4  AcpiPmi - ok
08:58:03.0252 0x0df4  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:58:03.0254 0x0df4  AdobeARMservice - ok
08:58:03.0302 0x0df4  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:58:03.0311 0x0df4  adp94xx - ok
08:58:03.0333 0x0df4  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:58:03.0339 0x0df4  adpahci - ok
08:58:03.0349 0x0df4  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:58:03.0353 0x0df4  adpu320 - ok
08:58:03.0391 0x0df4  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:58:03.0392 0x0df4  AeLookupSvc - ok
08:58:03.0450 0x0df4  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
08:58:03.0455 0x0df4  AFD - ok
08:58:03.0492 0x0df4  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
08:58:03.0495 0x0df4  agp440 - ok
08:58:03.0510 0x0df4  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
08:58:03.0511 0x0df4  ALG - ok
08:58:03.0552 0x0df4  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
08:58:03.0554 0x0df4  aliide - ok
08:58:03.0611 0x0df4  [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
08:58:03.0614 0x0df4  AMD External Events Utility - ok
08:58:03.0634 0x0df4  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
08:58:03.0636 0x0df4  amdide - ok
08:58:03.0663 0x0df4  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:58:03.0665 0x0df4  AmdK8 - ok
08:58:03.0859 0x0df4  [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
08:58:04.0017 0x0df4  amdkmdag - ok
08:58:04.0041 0x0df4  [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
08:58:04.0044 0x0df4  amdkmdap - ok
08:58:04.0063 0x0df4  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:58:04.0065 0x0df4  AmdPPM - ok
08:58:04.0104 0x0df4  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:58:04.0107 0x0df4  amdsata - ok
08:58:04.0133 0x0df4  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:58:04.0137 0x0df4  amdsbs - ok
08:58:04.0158 0x0df4  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:58:04.0160 0x0df4  amdxata - ok
08:58:04.0198 0x0df4  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
08:58:04.0201 0x0df4  AppID - ok
08:58:04.0213 0x0df4  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:58:04.0214 0x0df4  AppIDSvc - ok
08:58:04.0258 0x0df4  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
08:58:04.0260 0x0df4  Appinfo - ok
08:58:04.0334 0x0df4  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:58:04.0337 0x0df4  Apple Mobile Device - ok
08:58:04.0357 0x0df4  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:58:04.0359 0x0df4  arc - ok
08:58:04.0365 0x0df4  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:58:04.0368 0x0df4  arcsas - ok
08:58:04.0506 0x0df4  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:58:04.0508 0x0df4  aspnet_state - ok
08:58:04.0551 0x0df4  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
08:58:04.0552 0x0df4  aswFsBlk - ok
08:58:04.0599 0x0df4  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
08:58:04.0601 0x0df4  aswMonFlt - ok
08:58:04.0638 0x0df4  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
08:58:04.0639 0x0df4  aswRdr - ok
08:58:04.0651 0x0df4  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
08:58:04.0652 0x0df4  aswRvrt - ok
08:58:04.0682 0x0df4  [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
08:58:04.0691 0x0df4  aswSnx - ok
08:58:04.0743 0x0df4  [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
08:58:04.0748 0x0df4  aswSP - ok
08:58:04.0791 0x0df4  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
08:58:04.0792 0x0df4  aswTdi - ok
08:58:04.0866 0x0df4  [ 22F521108881DC59837F6FC614E0568F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
08:58:04.0898 0x0df4  aswVmm - ok
08:58:04.0954 0x0df4  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:58:04.0994 0x0df4  AsyncMac - ok
08:58:05.0049 0x0df4  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
08:58:05.0050 0x0df4  atapi - ok
08:58:05.0119 0x0df4  [ ED3A041014FBBFDC23D6C04F9C7A5D79 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
08:58:05.0121 0x0df4  AtiHDAudioService - ok
08:58:05.0173 0x0df4  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:58:05.0180 0x0df4  AudioEndpointBuilder - ok
08:58:05.0198 0x0df4  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:58:05.0205 0x0df4  AudioSrv - ok
08:58:05.0303 0x0df4  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:58:05.0305 0x0df4  avast! Antivirus - ok
08:58:05.0326 0x0df4  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:58:05.0328 0x0df4  AxInstSV - ok
08:58:05.0356 0x0df4  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
08:58:05.0364 0x0df4  b06bdrv - ok
08:58:05.0405 0x0df4  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:58:05.0410 0x0df4  b57nd60a - ok
08:58:05.0471 0x0df4  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:58:05.0473 0x0df4  BDESVC - ok
08:58:05.0485 0x0df4  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:58:05.0486 0x0df4  Beep - ok
08:58:05.0555 0x0df4  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
08:58:05.0561 0x0df4  BFE - ok
08:58:05.0612 0x0df4  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
08:58:05.0625 0x0df4  BITS - ok
08:58:05.0666 0x0df4  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:58:05.0667 0x0df4  blbdrive - ok
08:58:05.0715 0x0df4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:58:05.0720 0x0df4  Bonjour Service - ok
08:58:05.0758 0x0df4  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:58:05.0761 0x0df4  bowser - ok
08:58:05.0779 0x0df4  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:58:05.0781 0x0df4  BrFiltLo - ok
08:58:05.0795 0x0df4  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:58:05.0796 0x0df4  BrFiltUp - ok
08:58:05.0813 0x0df4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
08:58:05.0814 0x0df4  Browser - ok
08:58:05.0839 0x0df4  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:58:05.0842 0x0df4  Brserid - ok
08:58:05.0869 0x0df4  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:58:05.0871 0x0df4  BrSerWdm - ok
08:58:05.0890 0x0df4  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:58:05.0891 0x0df4  BrUsbMdm - ok
08:58:05.0897 0x0df4  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:58:05.0898 0x0df4  BrUsbSer - ok
08:58:05.0902 0x0df4  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:58:05.0904 0x0df4  BTHMODEM - ok
08:58:05.0922 0x0df4  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
08:58:05.0923 0x0df4  bthserv - ok
08:58:05.0939 0x0df4  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:58:05.0941 0x0df4  cdfs - ok
08:58:05.0975 0x0df4  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
08:58:05.0977 0x0df4  cdrom - ok
08:58:06.0018 0x0df4  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
08:58:06.0021 0x0df4  CertPropSvc - ok
08:58:06.0042 0x0df4  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:58:06.0044 0x0df4  circlass - ok
08:58:06.0098 0x0df4  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
08:58:06.0103 0x0df4  CLFS - ok
08:58:06.0190 0x0df4  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:58:06.0192 0x0df4  clr_optimization_v2.0.50727_32 - ok
08:58:06.0271 0x0df4  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:58:06.0274 0x0df4  clr_optimization_v2.0.50727_64 - ok
08:58:06.0366 0x0df4  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:58:06.0406 0x0df4  clr_optimization_v4.0.30319_32 - ok
08:58:06.0429 0x0df4  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:58:06.0432 0x0df4  clr_optimization_v4.0.30319_64 - ok
08:58:06.0451 0x0df4  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:58:06.0453 0x0df4  CmBatt - ok
08:58:06.0489 0x0df4  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
08:58:06.0492 0x0df4  cmdide - ok
08:58:06.0537 0x0df4  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
08:58:06.0544 0x0df4  CNG - ok
08:58:06.0572 0x0df4  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:58:06.0573 0x0df4  Compbatt - ok
08:58:06.0608 0x0df4  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
08:58:06.0611 0x0df4  CompositeBus - ok
08:58:06.0616 0x0df4  COMSysApp - ok
08:58:06.0644 0x0df4  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:58:06.0646 0x0df4  crcdisk - ok
08:58:06.0680 0x0df4  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:58:06.0685 0x0df4  CryptSvc - ok
08:58:06.0733 0x0df4  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:58:06.0742 0x0df4  DcomLaunch - ok
08:58:06.0785 0x0df4  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
08:58:06.0789 0x0df4  defragsvc - ok
08:58:06.0826 0x0df4  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:58:06.0828 0x0df4  DfsC - ok
08:58:06.0874 0x0df4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:58:06.0881 0x0df4  Dhcp - ok
08:58:06.0893 0x0df4  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
08:58:06.0894 0x0df4  discache - ok
08:58:06.0908 0x0df4  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:58:06.0910 0x0df4  Disk - ok
08:58:06.0957 0x0df4  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:58:06.0963 0x0df4  Dnscache - ok
08:58:07.0011 0x0df4  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:58:07.0015 0x0df4  dot3svc - ok
08:58:07.0053 0x0df4  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
08:58:07.0056 0x0df4  DPS - ok
08:58:07.0095 0x0df4  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:58:07.0097 0x0df4  drmkaud - ok
08:58:07.0144 0x0df4  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:58:07.0154 0x0df4  DXGKrnl - ok
08:58:07.0192 0x0df4  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
08:58:07.0196 0x0df4  EapHost - ok
08:58:07.0421 0x0df4  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
08:58:07.0478 0x0df4  ebdrv - ok
08:58:07.0497 0x0df4  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
08:58:07.0500 0x0df4  EFS - ok
08:58:07.0545 0x0df4  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:58:07.0549 0x0df4  ehRecvr - ok
08:58:07.0596 0x0df4  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
08:58:07.0599 0x0df4  ehSched - ok
08:58:07.0628 0x0df4  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:58:07.0636 0x0df4  elxstor - ok
08:58:07.0676 0x0df4  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
08:58:07.0678 0x0df4  ErrDev - ok
08:58:07.0702 0x0df4  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
08:58:07.0708 0x0df4  EventSystem - ok
08:58:07.0714 0x0df4  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
08:58:07.0717 0x0df4  exfat - ok
08:58:07.0731 0x0df4  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:58:07.0735 0x0df4  fastfat - ok
08:58:07.0782 0x0df4  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
08:58:07.0791 0x0df4  Fax - ok
08:58:07.0808 0x0df4  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:58:07.0809 0x0df4  fdc - ok
08:58:07.0825 0x0df4  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
08:58:07.0828 0x0df4  fdPHost - ok
08:58:07.0838 0x0df4  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:58:07.0840 0x0df4  FDResPub - ok
08:58:07.0850 0x0df4  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:58:07.0852 0x0df4  FileInfo - ok
08:58:07.0858 0x0df4  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:58:07.0860 0x0df4  Filetrace - ok
08:58:07.0878 0x0df4  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:58:07.0879 0x0df4  flpydisk - ok
08:58:07.0937 0x0df4  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:58:07.0941 0x0df4  FltMgr - ok
08:58:08.0004 0x0df4  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
08:58:08.0015 0x0df4  FontCache - ok
08:58:08.0094 0x0df4  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:58:08.0096 0x0df4  FontCache3.0.0.0 - ok
08:58:08.0108 0x0df4  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:58:08.0109 0x0df4  FsDepends - ok
08:58:08.0145 0x0df4  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:58:08.0145 0x0df4  Fs_Rec - ok
08:58:08.0168 0x0df4  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:58:08.0169 0x0df4  fvevol - ok
08:58:08.0195 0x0df4  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:58:08.0197 0x0df4  gagp30kx - ok
08:58:08.0254 0x0df4  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:58:08.0255 0x0df4  GEARAspiWDM - ok
08:58:08.0307 0x0df4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
08:58:08.0321 0x0df4  gpsvc - ok
08:58:08.0403 0x0df4  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:58:08.0405 0x0df4  gupdate - ok
08:58:08.0411 0x0df4  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:58:08.0413 0x0df4  gupdatem - ok
08:58:08.0464 0x0df4  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:58:08.0467 0x0df4  gusvc - ok
08:58:08.0486 0x0df4  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:58:08.0488 0x0df4  hcw85cir - ok
08:58:08.0528 0x0df4  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:58:08.0534 0x0df4  HdAudAddService - ok
08:58:08.0559 0x0df4  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
08:58:08.0561 0x0df4  HDAudBus - ok
08:58:08.0604 0x0df4  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
08:58:08.0606 0x0df4  HECIx64 - ok
08:58:08.0640 0x0df4  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:58:08.0642 0x0df4  HidBatt - ok
08:58:08.0663 0x0df4  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:58:08.0665 0x0df4  HidBth - ok
08:58:08.0686 0x0df4  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:58:08.0689 0x0df4  HidIr - ok
08:58:08.0733 0x0df4  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
08:58:08.0736 0x0df4  hidserv - ok
08:58:08.0755 0x0df4  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
08:58:08.0757 0x0df4  HidUsb - ok
08:58:08.0794 0x0df4  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:58:08.0798 0x0df4  hkmsvc - ok
08:58:08.0842 0x0df4  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:58:08.0847 0x0df4  HomeGroupListener - ok
08:58:08.0863 0x0df4  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:58:08.0871 0x0df4  HomeGroupProvider - ok
08:58:08.0890 0x0df4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
08:58:08.0893 0x0df4  HpSAMD - ok
08:58:08.0940 0x0df4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:58:08.0948 0x0df4  HTTP - ok
08:58:08.0988 0x0df4  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:58:08.0989 0x0df4  hwpolicy - ok
08:58:09.0023 0x0df4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
08:58:09.0026 0x0df4  i8042prt - ok
08:58:09.0051 0x0df4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:58:09.0059 0x0df4  iaStorV - ok
08:58:09.0122 0x0df4  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:58:09.0132 0x0df4  idsvc - ok
08:58:09.0149 0x0df4  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:58:09.0151 0x0df4  iirsp - ok
08:58:09.0177 0x0df4  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
08:58:09.0184 0x0df4  IKEEXT - ok
08:58:09.0220 0x0df4  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
08:58:09.0222 0x0df4  intelide - ok
08:58:09.0249 0x0df4  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:58:09.0251 0x0df4  intelppm - ok
08:58:09.0293 0x0df4  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:58:09.0297 0x0df4  IPBusEnum - ok
08:58:09.0336 0x0df4  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:58:09.0339 0x0df4  IpFilterDriver - ok
08:58:09.0373 0x0df4  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:58:09.0380 0x0df4  iphlpsvc - ok
08:58:09.0415 0x0df4  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
08:58:09.0418 0x0df4  IPMIDRV - ok
08:58:09.0440 0x0df4  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:58:09.0443 0x0df4  IPNAT - ok
08:58:09.0508 0x0df4  [ 78486992AC657AE5065C4A2135838570 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:58:09.0515 0x0df4  iPod Service - ok
08:58:09.0546 0x0df4  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:58:09.0547 0x0df4  IRENUM - ok
08:58:09.0584 0x0df4  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
08:58:09.0586 0x0df4  isapnp - ok
08:58:09.0598 0x0df4  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
08:58:09.0604 0x0df4  iScsiPrt - ok
08:58:09.0652 0x0df4  [ 9D7EA8C7215D8D4AE7BE110EEE61085D ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
08:58:09.0656 0x0df4  k57nd60a - ok
08:58:09.0668 0x0df4  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
08:58:09.0670 0x0df4  kbdclass - ok
08:58:09.0675 0x0df4  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
08:58:09.0678 0x0df4  kbdhid - ok
08:58:09.0692 0x0df4  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
08:58:09.0695 0x0df4  KeyIso - ok
08:58:09.0738 0x0df4  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:58:09.0740 0x0df4  KSecDD - ok
08:58:09.0778 0x0df4  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:58:09.0830 0x0df4  KSecPkg - ok
08:58:09.0855 0x0df4  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:58:09.0857 0x0df4  ksthunk - ok
08:58:09.0894 0x0df4  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:58:09.0901 0x0df4  KtmRm - ok
08:58:09.0937 0x0df4  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:58:09.0945 0x0df4  LanmanServer - ok
08:58:09.0984 0x0df4  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:58:09.0991 0x0df4  LanmanWorkstation - ok
08:58:10.0007 0x0df4  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:58:10.0009 0x0df4  lltdio - ok
08:58:10.0090 0x0df4  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:58:10.0097 0x0df4  lltdsvc - ok
08:58:10.0123 0x0df4  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:58:10.0127 0x0df4  lmhosts - ok
08:58:10.0152 0x0df4  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:58:10.0156 0x0df4  LSI_FC - ok
08:58:10.0181 0x0df4  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:58:10.0184 0x0df4  LSI_SAS - ok
08:58:10.0206 0x0df4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:58:10.0208 0x0df4  LSI_SAS2 - ok
08:58:10.0214 0x0df4  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:58:10.0217 0x0df4  LSI_SCSI - ok
08:58:10.0242 0x0df4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
08:58:10.0244 0x0df4  luafv - ok
08:58:10.0281 0x0df4  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:58:10.0285 0x0df4  Mcx2Svc - ok
08:58:10.0300 0x0df4  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:58:10.0302 0x0df4  megasas - ok
08:58:10.0323 0x0df4  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:58:10.0328 0x0df4  MegaSR - ok
08:58:10.0388 0x0df4  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
08:58:10.0392 0x0df4  MMCSS - ok
08:58:10.0407 0x0df4  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
08:58:10.0409 0x0df4  Modem - ok
08:58:10.0425 0x0df4  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:58:10.0426 0x0df4  monitor - ok
08:58:10.0442 0x0df4  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:58:10.0443 0x0df4  mouclass - ok
08:58:10.0454 0x0df4  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:58:10.0456 0x0df4  mouhid - ok
08:58:10.0491 0x0df4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:58:10.0493 0x0df4  mountmgr - ok
08:58:10.0558 0x0df4  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:58:10.0560 0x0df4  MozillaMaintenance - ok
08:58:10.0580 0x0df4  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
08:58:10.0583 0x0df4  mpio - ok
08:58:10.0603 0x0df4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:58:10.0604 0x0df4  mpsdrv - ok
08:58:10.0653 0x0df4  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:58:10.0658 0x0df4  MpsSvc - ok
08:58:10.0699 0x0df4  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:58:10.0702 0x0df4  MRxDAV - ok
08:58:10.0742 0x0df4  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:58:10.0746 0x0df4  mrxsmb - ok
08:58:10.0764 0x0df4  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:58:10.0769 0x0df4  mrxsmb10 - ok
08:58:10.0814 0x0df4  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:58:10.0817 0x0df4  mrxsmb20 - ok
08:58:10.0857 0x0df4  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
08:58:10.0860 0x0df4  msahci - ok
08:58:10.0880 0x0df4  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
08:58:10.0885 0x0df4  msdsm - ok
08:58:10.0905 0x0df4  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
08:58:10.0912 0x0df4  MSDTC - ok
08:58:10.0937 0x0df4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:58:10.0939 0x0df4  Msfs - ok
08:58:10.0954 0x0df4  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:58:10.0955 0x0df4  mshidkmdf - ok
08:58:10.0996 0x0df4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
08:58:10.0997 0x0df4  msisadrv - ok
08:58:11.0044 0x0df4  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:58:11.0049 0x0df4  MSiSCSI - ok
08:58:11.0054 0x0df4  msiserver - ok
08:58:11.0085 0x0df4  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:58:11.0087 0x0df4  MSKSSRV - ok
08:58:11.0107 0x0df4  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:58:11.0109 0x0df4  MSPCLOCK - ok
08:58:11.0121 0x0df4  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:58:11.0123 0x0df4  MSPQM - ok
08:58:11.0164 0x0df4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:58:11.0169 0x0df4  MsRPC - ok
08:58:11.0184 0x0df4  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
08:58:11.0185 0x0df4  mssmbios - ok
08:58:11.0207 0x0df4  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:58:11.0209 0x0df4  MSTEE - ok
08:58:11.0231 0x0df4  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:58:11.0233 0x0df4  MTConfig - ok
08:58:11.0253 0x0df4  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
08:58:11.0255 0x0df4  Mup - ok
08:58:11.0304 0x0df4  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
08:58:11.0311 0x0df4  napagent - ok
08:58:11.0339 0x0df4  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:58:11.0344 0x0df4  NativeWifiP - ok
08:58:11.0392 0x0df4  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:58:11.0400 0x0df4  NDIS - ok
08:58:11.0416 0x0df4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:58:11.0418 0x0df4  NdisCap - ok
08:58:11.0423 0x0df4  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:58:11.0425 0x0df4  NdisTapi - ok
08:58:11.0460 0x0df4  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:58:11.0463 0x0df4  Ndisuio - ok
08:58:11.0509 0x0df4  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:58:11.0513 0x0df4  NdisWan - ok
08:58:11.0562 0x0df4  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:58:11.0564 0x0df4  NDProxy - ok
08:58:11.0574 0x0df4  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:58:11.0576 0x0df4  NetBIOS - ok
08:58:11.0620 0x0df4  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:58:11.0622 0x0df4  NetBT - ok
08:58:11.0634 0x0df4  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
08:58:11.0636 0x0df4  Netlogon - ok
08:58:11.0686 0x0df4  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
08:58:11.0691 0x0df4  Netman - ok
08:58:11.0724 0x0df4  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:58:11.0726 0x0df4  NetMsmqActivator - ok
08:58:11.0732 0x0df4  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:58:11.0735 0x0df4  NetPipeActivator - ok
08:58:11.0747 0x0df4  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
08:58:11.0756 0x0df4  netprofm - ok
08:58:11.0760 0x0df4  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:58:11.0762 0x0df4  NetTcpActivator - ok
08:58:11.0767 0x0df4  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:58:11.0768 0x0df4  NetTcpPortSharing - ok
08:58:11.0786 0x0df4  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:58:11.0788 0x0df4  nfrd960 - ok
08:58:11.0804 0x0df4  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:58:11.0810 0x0df4  NlaSvc - ok
08:58:11.0821 0x0df4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:58:11.0822 0x0df4  Npfs - ok
08:58:11.0845 0x0df4  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
08:58:11.0848 0x0df4  nsi - ok
08:58:11.0870 0x0df4  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:58:11.0871 0x0df4  nsiproxy - ok
08:58:11.0926 0x0df4  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:58:11.0950 0x0df4  Ntfs - ok
08:58:11.0963 0x0df4  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
08:58:11.0964 0x0df4  Null - ok
08:58:12.0000 0x0df4  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:58:12.0003 0x0df4  nvraid - ok
08:58:12.0042 0x0df4  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:58:12.0046 0x0df4  nvstor - ok
08:58:12.0084 0x0df4  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
08:58:12.0088 0x0df4  nv_agp - ok
08:58:12.0104 0x0df4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
08:58:12.0107 0x0df4  ohci1394 - ok
08:58:12.0129 0x0df4  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:58:12.0135 0x0df4  p2pimsvc - ok
08:58:12.0149 0x0df4  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
08:58:12.0155 0x0df4  p2psvc - ok
08:58:12.0161 0x0df4  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:58:12.0163 0x0df4  Parport - ok
08:58:12.0200 0x0df4  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:58:12.0201 0x0df4  partmgr - ok
08:58:12.0226 0x0df4  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:58:12.0232 0x0df4  PcaSvc - ok
08:58:12.0262 0x0df4  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
08:58:12.0281 0x0df4  pci - ok
08:58:12.0316 0x0df4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
08:58:12.0318 0x0df4  pciide - ok
08:58:12.0344 0x0df4  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:58:12.0348 0x0df4  pcmcia - ok
08:58:12.0369 0x0df4  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:58:12.0371 0x0df4  pcw - ok
08:58:12.0393 0x0df4  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:58:12.0403 0x0df4  PEAUTH - ok
08:58:12.0505 0x0df4  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:58:12.0509 0x0df4  PerfHost - ok
08:58:12.0580 0x0df4  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
08:58:12.0614 0x0df4  pla - ok
08:58:12.0673 0x0df4  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:58:12.0682 0x0df4  PlugPlay - ok
08:58:12.0691 0x0df4  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:58:12.0695 0x0df4  PNRPAutoReg - ok
08:58:12.0704 0x0df4  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:58:12.0711 0x0df4  PNRPsvc - ok
08:58:12.0756 0x0df4  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:58:12.0767 0x0df4  PolicyAgent - ok
08:58:12.0798 0x0df4  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
08:58:12.0804 0x0df4  Power - ok
08:58:12.0855 0x0df4  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:58:12.0858 0x0df4  PptpMiniport - ok
08:58:12.0875 0x0df4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:58:12.0878 0x0df4  Processor - ok
08:58:12.0938 0x0df4  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
08:58:12.0944 0x0df4  ProfSvc - ok
08:58:12.0959 0x0df4  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:58:12.0962 0x0df4  ProtectedStorage - ok
08:58:13.0010 0x0df4  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:58:13.0013 0x0df4  Psched - ok
08:58:13.0065 0x0df4  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:58:13.0096 0x0df4  ql2300 - ok
08:58:13.0102 0x0df4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:58:13.0105 0x0df4  ql40xx - ok
08:58:13.0136 0x0df4  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
08:58:13.0143 0x0df4  QWAVE - ok
08:58:13.0153 0x0df4  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:58:13.0155 0x0df4  QWAVEdrv - ok
08:58:13.0285 0x0df4  [ 81BE76652B1D5B9493B9DD339F2D0FC0 ] RapportCerberus_56758 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_56758.sys
08:58:13.0288 0x0df4  RapportCerberus_56758 - ok
08:58:13.0407 0x0df4  [ BFA1408016FD4E3C6A465CF352FD95A6 ] RapportEI64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
08:58:13.0411 0x0df4  RapportEI64 - ok
08:58:13.0456 0x0df4  [ 575EE9F33A90D4BDBFC515F9EFD17614 ] RapportKE64     C:\Windows\system32\Drivers\RapportKE64.sys
08:58:13.0462 0x0df4  RapportKE64 - ok
08:58:13.0525 0x0df4  [ 5C7B3D567E21E346456B6EDA274E0201 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
08:58:13.0539 0x0df4  RapportMgmtService - ok
08:58:13.0596 0x0df4  [ FB64C12E25272AA3E6E546C1FE80CC29 ] RapportPG64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
08:58:13.0598 0x0df4  RapportPG64 - ok
08:58:13.0610 0x0df4  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:58:13.0612 0x0df4  RasAcd - ok
08:58:13.0656 0x0df4  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:58:13.0658 0x0df4  RasAgileVpn - ok
08:58:13.0668 0x0df4  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
08:58:13.0672 0x0df4  RasAuto - ok
08:58:13.0733 0x0df4  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:58:13.0736 0x0df4  Rasl2tp - ok
08:58:13.0792 0x0df4  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
08:58:13.0800 0x0df4  RasMan - ok
08:58:13.0813 0x0df4  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:58:13.0816 0x0df4  RasPppoe - ok
08:58:13.0837 0x0df4  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:58:13.0840 0x0df4  RasSstp - ok
08:58:13.0855 0x0df4  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:58:13.0859 0x0df4  rdbss - ok
08:58:13.0878 0x0df4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:58:13.0880 0x0df4  rdpbus - ok
08:58:13.0899 0x0df4  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:58:13.0900 0x0df4  RDPCDD - ok
08:58:13.0922 0x0df4  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:58:13.0923 0x0df4  RDPENCDD - ok
08:58:13.0928 0x0df4  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:58:13.0929 0x0df4  RDPREFMP - ok
08:58:13.0979 0x0df4  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:58:13.0981 0x0df4  RdpVideoMiniport - ok
08:58:14.0016 0x0df4  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:58:14.0021 0x0df4  RDPWD - ok
08:58:14.0050 0x0df4  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:58:14.0054 0x0df4  rdyboost - ok
08:58:14.0096 0x0df4  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:58:14.0101 0x0df4  RemoteAccess - ok
08:58:14.0115 0x0df4  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:58:14.0121 0x0df4  RemoteRegistry - ok
08:58:14.0164 0x0df4  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:58:14.0170 0x0df4  RpcEptMapper - ok
08:58:14.0210 0x0df4  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
08:58:14.0214 0x0df4  RpcLocator - ok
08:58:14.0266 0x0df4  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
08:58:14.0275 0x0df4  RpcSs - ok
08:58:14.0287 0x0df4  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:58:14.0289 0x0df4  rspndr - ok
08:58:14.0297 0x0df4  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
08:58:14.0300 0x0df4  SamSs - ok
08:58:14.0344 0x0df4  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
08:58:14.0346 0x0df4  sbp2port - ok
08:58:14.0352 0x0df4  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:58:14.0358 0x0df4  SCardSvr - ok
08:58:14.0400 0x0df4  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:58:14.0402 0x0df4  scfilter - ok
08:58:14.0461 0x0df4  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
08:58:14.0476 0x0df4  Schedule - ok
08:58:14.0518 0x0df4  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:58:14.0520 0x0df4  SCPolicySvc - ok
08:58:14.0562 0x0df4  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:58:14.0568 0x0df4  SDRSVC - ok
08:58:14.0580 0x0df4  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:58:14.0582 0x0df4  secdrv - ok
08:58:14.0625 0x0df4  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
08:58:14.0629 0x0df4  seclogon - ok
08:58:14.0639 0x0df4  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
08:58:14.0644 0x0df4  SENS - ok
08:58:14.0666 0x0df4  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:58:14.0671 0x0df4  SensrSvc - ok
08:58:14.0695 0x0df4  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:58:14.0698 0x0df4  Serenum - ok
08:58:14.0720 0x0df4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:58:14.0723 0x0df4  Serial - ok
08:58:14.0744 0x0df4  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:58:14.0746 0x0df4  sermouse - ok
08:58:14.0795 0x0df4  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:58:14.0801 0x0df4  SessionEnv - ok
08:58:14.0839 0x0df4  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
08:58:14.0842 0x0df4  sffdisk - ok
08:58:14.0855 0x0df4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
08:58:14.0857 0x0df4  sffp_mmc - ok
08:58:14.0862 0x0df4  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
08:58:14.0865 0x0df4  sffp_sd - ok
08:58:14.0889 0x0df4  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:58:14.0891 0x0df4  sfloppy - ok
08:58:14.0922 0x0df4  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:58:14.0928 0x0df4  SharedAccess - ok
08:58:14.0969 0x0df4  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:58:14.0979 0x0df4  ShellHWDetection - ok
08:58:15.0001 0x0df4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:58:15.0003 0x0df4  SiSRaid2 - ok
08:58:15.0017 0x0df4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:58:15.0020 0x0df4  SiSRaid4 - ok
08:58:15.0056 0x0df4  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:58:15.0059 0x0df4  Smb - ok
08:58:15.0090 0x0df4  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:58:15.0094 0x0df4  SNMPTRAP - ok
08:58:15.0102 0x0df4  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:58:15.0103 0x0df4  spldr - ok
08:58:15.0150 0x0df4  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
08:58:15.0161 0x0df4  Spooler - ok
08:58:15.0261 0x0df4  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
08:58:15.0278 0x0df4  sppsvc - ok
08:58:15.0307 0x0df4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:58:15.0310 0x0df4  sppuinotify - ok
08:58:15.0356 0x0df4  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:58:15.0364 0x0df4  srv - ok
08:58:15.0386 0x0df4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:58:15.0393 0x0df4  srv2 - ok
08:58:15.0432 0x0df4  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:58:15.0436 0x0df4  srvnet - ok
08:58:15.0448 0x0df4  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:58:15.0454 0x0df4  SSDPSRV - ok
08:58:15.0465 0x0df4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:58:15.0470 0x0df4  SstpSvc - ok
08:58:15.0576 0x0df4  [ 3DBF9D2E5DE3A72B37AB27ABB79FEE69 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
08:58:15.0582 0x0df4  Steam Client Service - ok
08:58:15.0605 0x0df4  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:58:15.0607 0x0df4  stexstor - ok
08:58:15.0648 0x0df4  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
08:58:15.0657 0x0df4  stisvc - ok
08:58:15.0700 0x0df4  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
08:58:15.0701 0x0df4  swenum - ok
08:58:15.0719 0x0df4  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
08:58:15.0730 0x0df4  swprv - ok
08:58:15.0798 0x0df4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
08:58:15.0812 0x0df4  SysMain - ok
08:58:15.0855 0x0df4  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:58:15.0858 0x0df4  TabletInputService - ok
08:58:15.0901 0x0df4  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:58:15.0911 0x0df4  TapiSrv - ok
08:58:15.0923 0x0df4  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
08:58:15.0928 0x0df4  TBS - ok
08:58:16.0008 0x0df4  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:58:16.0049 0x0df4  Tcpip - ok
08:58:16.0108 0x0df4  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:58:16.0123 0x0df4  TCPIP6 - ok
08:58:16.0168 0x0df4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:58:16.0170 0x0df4  tcpipreg - ok
08:58:16.0197 0x0df4  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:58:16.0199 0x0df4  TDPIPE - ok
08:58:16.0224 0x0df4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:58:16.0227 0x0df4  TDTCP - ok
08:58:16.0289 0x0df4  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:58:16.0292 0x0df4  tdx - ok
08:58:16.0303 0x0df4  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
08:58:16.0305 0x0df4  TermDD - ok
08:58:16.0357 0x0df4  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
08:58:16.0372 0x0df4  TermService - ok
08:58:16.0383 0x0df4  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
08:58:16.0388 0x0df4  Themes - ok
08:58:16.0404 0x0df4  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
08:58:16.0408 0x0df4  THREADORDER - ok
08:58:16.0422 0x0df4  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
08:58:16.0428 0x0df4  TrkWks - ok
08:58:16.0475 0x0df4  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:58:16.0478 0x0df4  TrustedInstaller - ok
08:58:16.0497 0x0df4  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:58:16.0500 0x0df4  tssecsrv - ok
08:58:16.0556 0x0df4  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
08:58:16.0558 0x0df4  TsUsbFlt - ok
08:58:16.0615 0x0df4  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:58:16.0618 0x0df4  tunnel - ok
08:58:16.0644 0x0df4  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:58:16.0647 0x0df4  uagp35 - ok
08:58:16.0676 0x0df4  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:58:16.0682 0x0df4  udfs - ok
08:58:16.0703 0x0df4  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:58:16.0707 0x0df4  UI0Detect - ok
08:58:16.0720 0x0df4  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
08:58:16.0722 0x0df4  uliagpkx - ok
08:58:16.0773 0x0df4  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
08:58:16.0776 0x0df4  umbus - ok
08:58:16.0801 0x0df4  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:58:16.0803 0x0df4  UmPass - ok
08:58:16.0838 0x0df4  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
08:58:16.0847 0x0df4  upnphost - ok
08:58:16.0861 0x0df4  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:58:16.0864 0x0df4  usbccgp - ok
08:58:16.0909 0x0df4  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
08:58:16.0912 0x0df4  usbcir - ok
08:58:16.0932 0x0df4  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
08:58:16.0934 0x0df4  usbehci - ok
08:58:16.0951 0x0df4  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:58:16.0957 0x0df4  usbhub - ok
08:58:16.0972 0x0df4  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
08:58:16.0975 0x0df4  usbohci - ok
08:58:16.0996 0x0df4  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:58:16.0999 0x0df4  usbprint - ok
08:58:17.0023 0x0df4  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
08:58:17.0026 0x0df4  USBSTOR - ok
08:58:17.0041 0x0df4  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
08:58:17.0044 0x0df4  usbuhci - ok
08:58:17.0065 0x0df4  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
08:58:17.0070 0x0df4  UxSms - ok
08:58:17.0083 0x0df4  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
08:58:17.0087 0x0df4  VaultSvc - ok
08:58:17.0096 0x0df4  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
08:58:17.0098 0x0df4  vdrvroot - ok
08:58:17.0112 0x0df4  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
08:58:17.0117 0x0df4  vds - ok
08:58:17.0132 0x0df4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:58:17.0134 0x0df4  vga - ok
08:58:17.0147 0x0df4  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:58:17.0149 0x0df4  VgaSave - ok
08:58:17.0193 0x0df4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
08:58:17.0223 0x0df4  vhdmp - ok
08:58:17.0299 0x0df4  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
08:58:17.0319 0x0df4  viaide - ok
08:58:17.0337 0x0df4  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
08:58:17.0339 0x0df4  volmgr - ok
08:58:17.0394 0x0df4  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:58:17.0399 0x0df4  volmgrx - ok
08:58:17.0417 0x0df4  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
08:58:17.0423 0x0df4  volsnap - ok
08:58:17.0444 0x0df4  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:58:17.0448 0x0df4  vsmraid - ok
08:58:17.0491 0x0df4  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
08:58:17.0511 0x0df4  VSS - ok
08:58:17.0525 0x0df4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
08:58:17.0526 0x0df4  vwifibus - ok
08:58:17.0553 0x0df4  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
08:58:17.0557 0x0df4  W32Time - ok
08:58:17.0579 0x0df4  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:58:17.0581 0x0df4  WacomPen - ok
08:58:17.0608 0x0df4  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:58:17.0610 0x0df4  WANARP - ok
08:58:17.0622 0x0df4  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:58:17.0623 0x0df4  Wanarpv6 - ok
08:58:17.0719 0x0df4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:58:17.0732 0x0df4  WatAdminSvc - ok
08:58:17.0809 0x0df4  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
08:58:17.0827 0x0df4  wbengine - ok
08:58:17.0846 0x0df4  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:58:17.0853 0x0df4  WbioSrvc - ok
08:58:17.0906 0x0df4  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:58:17.0917 0x0df4  wcncsvc - ok
08:58:17.0928 0x0df4  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:58:17.0935 0x0df4  WcsPlugInService - ok
08:58:17.0956 0x0df4  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:58:17.0958 0x0df4  Wd - ok
08:58:18.0002 0x0df4  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:58:18.0011 0x0df4  Wdf01000 - ok
08:58:18.0027 0x0df4  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:58:18.0032 0x0df4  WdiServiceHost - ok
08:58:18.0036 0x0df4  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:58:18.0040 0x0df4  WdiSystemHost - ok
08:58:18.0061 0x0df4  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
08:58:18.0068 0x0df4  WebClient - ok
08:58:18.0088 0x0df4  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:58:18.0093 0x0df4  Wecsvc - ok
08:58:18.0137 0x0df4  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:58:18.0142 0x0df4  wercplsupport - ok
08:58:18.0168 0x0df4  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:58:18.0175 0x0df4  WerSvc - ok
08:58:18.0187 0x0df4  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:58:18.0189 0x0df4  WfpLwf - ok
08:58:18.0211 0x0df4  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:58:18.0213 0x0df4  WIMMount - ok
08:58:18.0250 0x0df4  WinDefend - ok
08:58:18.0268 0x0df4  WinHttpAutoProxySvc - ok
08:58:18.0352 0x0df4  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:58:18.0356 0x0df4  Winmgmt - ok
08:58:18.0435 0x0df4  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
08:58:18.0470 0x0df4  WinRM - ok
08:58:18.0521 0x0df4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:58:18.0536 0x0df4  Wlansvc - ok
08:58:18.0578 0x0df4  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
08:58:18.0580 0x0df4  WmiAcpi - ok
08:58:18.0603 0x0df4  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:58:18.0605 0x0df4  wmiApSrv - ok
08:58:18.0633 0x0df4  WMPNetworkSvc - ok
08:58:18.0644 0x0df4  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:58:18.0649 0x0df4  WPCSvc - ok
08:58:18.0658 0x0df4  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:58:18.0662 0x0df4  WPDBusEnum - ok
08:58:18.0676 0x0df4  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:58:18.0677 0x0df4  ws2ifsl - ok
08:58:18.0688 0x0df4  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
08:58:18.0693 0x0df4  wscsvc - ok
08:58:18.0697 0x0df4  WSearch - ok
08:58:18.0780 0x0df4  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
08:58:18.0803 0x0df4  wuauserv - ok
08:58:18.0848 0x0df4  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:58:18.0849 0x0df4  WudfPf - ok
08:58:18.0879 0x0df4  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:58:18.0883 0x0df4  WUDFRd - ok
08:58:18.0925 0x0df4  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:58:18.0932 0x0df4  wudfsvc - ok
08:58:18.0955 0x0df4  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:58:18.0966 0x0df4  WwanSvc - ok
08:58:18.0974 0x0df4  ================ Scan global ===============================
08:58:19.0005 0x0df4  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:58:19.0045 0x0df4  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
08:58:19.0061 0x0df4  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
08:58:19.0112 0x0df4  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:58:19.0159 0x0df4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:58:19.0168 0x0df4  [Global] - ok
08:58:19.0169 0x0df4  ================ Scan MBR ==================================
08:58:19.0178 0x0df4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
08:58:19.0381 0x0df4  \Device\Harddisk0\DR0 - ok
08:58:19.0386 0x0df4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
08:58:19.0408 0x0df4  \Device\Harddisk1\DR1 - ok
08:58:19.0441 0x0df4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
08:58:19.0452 0x0df4  \Device\Harddisk6\DR6 - ok
08:58:19.0456 0x0df4  [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk7\DR7
08:58:19.0514 0x0df4  \Device\Harddisk7\DR7 - ok
08:58:19.0514 0x0df4  ================ Scan VBR ==================================
08:58:19.0517 0x0df4  [ F30B1135C9B6B934B35D0E145A785299 ] \Device\Harddisk0\DR0\Partition1
08:58:19.0519 0x0df4  \Device\Harddisk0\DR0\Partition1 - ok
08:58:19.0525 0x0df4  [ 6467EB6F7423C3F120839D02A7D6ECD4 ] \Device\Harddisk0\DR0\Partition2
08:58:19.0527 0x0df4  \Device\Harddisk0\DR0\Partition2 - ok
08:58:19.0532 0x0df4  [ A1E739A8D77DEEE3C236F6585C8EEC52 ] \Device\Harddisk1\DR1\Partition1
08:58:19.0535 0x0df4  \Device\Harddisk1\DR1\Partition1 - ok
08:58:19.0541 0x0df4  [ E4881AE39E1611B86A322257F160261E ] \Device\Harddisk6\DR6\Partition1
08:58:19.0544 0x0df4  \Device\Harddisk6\DR6\Partition1 - ok
08:58:19.0549 0x0df4  [ D3FBCAAFFC47B42307A0F8CA6932629B ] \Device\Harddisk7\DR7\Partition1
08:58:19.0552 0x0df4  \Device\Harddisk7\DR7\Partition1 - ok
08:58:19.0553 0x0df4  ============================================================
08:58:19.0553 0x0df4  Scan finished
08:58:19.0553 0x0df4  ============================================================
08:58:19.0568 0x105c  Detected object count: 0
08:58:19.0568 0x105c  Actual detected object count: 0
 

Thanks again for your help.



#5 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:10 PM

Posted 14 September 2013 - 11:59 AM

Based on the info you've given and the clean scan, I think you're all clean.

 

The BSODs could have been coincidence. Have you fully updated Windows?

 

Casey


If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#6 GKL206

GKL206
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:10 PM

Posted 15 September 2013 - 03:25 AM

Yes: I have Windows set to download updates automatically and I then  check the 'important' updates and install as soon as convenient.

 

So it looks like it was a dodgy connection then. Good news for me.

 

Thanks very much for your help and setting my mind at rest

 

Graham


Edited by GKL206, 15 September 2013 - 03:26 AM.


#7 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:10 PM

Posted 15 September 2013 - 06:56 AM

No problem. I'll close this topic now but if you do experience any malware issues then let me know or start a new removal topic.

 

Casey


If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *


#8 Casey_boy

Casey_boy

    Bleeping physicist


  • Malware Response Team
  • 7,765 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:10 PM

Posted 15 September 2013 - 06:56 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

If I have been helping you and I do not reply within 48hours, feel free to send me a PM.


* My Website * Am I Infected? * Malware Removal Help * If you'd like to say thanks *





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users