Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Rpcqt.dll not found error, Malware


  • Please log in to reply
10 replies to this topic

#1 bcbk19

bcbk19

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 06 August 2013 - 07:41 AM

Hi all! Thanks a lot for the help last time but I think my brother downloaded something he shouldn't have and now I got a little problem.

 

System Info:
Windows 7 Home Premium
Service Pack 1
64-bit Operating System

When things started
1. Upon logging into a user account, an error message showed up stating that C:\Users\[User]\AppData\Local\Temp\Rpcqt.dll was missing and that runDLL could not be found.

 

So upon this I google'd and error and followed the instructions recommended on microsoft website: http://answers.microsoft.com/en-us/windows/forum/windows_7-system/rpcqtdll-not-found-in-startup-means-whathow-can-i/8b24d40c-ff9d-48d9-bb10-407e73272ea5?msgId=8c61ea7b-fe4d-4763-8d9c-506dc1feea26

 

I basically did

1) Go to Start -> Run -> type "regedit"...


HKEY_CURRENT_USER -> Software -> Microsoft -> Windows -> Current Version -> Run and RunOnce

Delete "Video Library" from those directorys

 

2) Delete said files mentioned by another user

  • C:\Users\<User Name>\AppData\Local\Temp\Rpcqt.dll
  • C:\Windows\SysWOW64\Rundll32.exe - This file should only be in the system32 folder, it is a cloaked installer for the malware
  • Go to Start -> Run -> type "regedit"...Click Yes you want it to run when the UAC pops up, Press F3 to do a search and search for the following deleting those entries.  Make sure they are exact, otherwise you might mess up your computer, doing a restore point before doing this will help in case you mess up, 
  1. Rpcqt.dll
  2. SysWOW64\Rundll32.exe
  3. Video Library

 

 

The error message did not reappear upon log in and I haven't gotten a chance to run a full scan with my antivirus, McAfee VirusScan Enterprise + AntiSpyware Enterprise 8.8. But I was wondering if there are any other steps I should perform to ensure that this is gone.

 

 

 



BC AdBot (Login to Remove)

 


#2 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:27 PM

Posted 06 August 2013 - 07:42 AM

:welcome:

 

Let's look for malware...

 

:step1:  Install and run MBAM

 

:step2:    Running TDSSKiller to obtain log

 

Note: Don't cure or delete a threat, but choose skip for all instead.

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters

tds2.jpg

  • In the Additional options: Check Detect TDLFS file system
  • Click Start Scan and allow the scan process to run

tds4-1.jpg

  • Choose for all threats to Skip for all of them.
  • Click Continue
  • Please post the TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)

===================================================

 

:step2:  ESET Online Scanner

==================

Note: If your AV is blocking Eset online scanner, please temporarily disable your AV.

 

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and » UNCHECK "Remove found threats" <== Important
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. (If no malware was found you will not be presented with a log).
  • Click the Back button.
  • Click the Finish button.

===================================================


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#3 bcbk19

bcbk19
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 06 August 2013 - 04:15 PM

Thanks for the reply GodfatherKing. I ran MBAM but my dad shut off my computer when it was done. I google'd the location of the log files but can't seem to find any for today's scan session. I was wondering if there might be another location or way to recover/find the log file.

 

:step1: Did another scan. Here is the log file:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.08.06.05
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Peng :: PENG-PC [administrator]
 
8/6/2013 5:28:55 PM
mbam-log-2013-08-06 (17-28-55).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 471466
Time elapsed: 1 hour(s), 50 minute(s), 38 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 3
C:\Users\Peng\AppData\Local\Google\Chrome\User Data\Default\Cache\f_004e8c (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Peng\Documents\Employment\WinRar 4.2 Professional.rar (RiskWare.Tool.HCK) -> Quarantined and deleted successfully.
C:\Users\Peng\Documents\HRBlock\RA3\trainer 1.00\bws-cnct.rar (Malware.Packer.Gen) -> Quarantined and deleted successfully.
 
(end)

 

 

:step2: TDSSKiller log

 

19:36:12.0921 9028  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:36:13.0307 9028  ============================================================
19:36:13.0307 9028  Current date / time: 2013/08/06 19:36:13.0307
19:36:13.0307 9028  SystemInfo:
19:36:13.0307 9028  
19:36:13.0307 9028  OS Version: 6.1.7601 ServicePack: 1.0
19:36:13.0307 9028  Product type: Workstation
19:36:13.0308 9028  ComputerName: PENG-PC
19:36:13.0308 9028  UserName: Peng
19:36:13.0308 9028  Windows directory: C:\windows
19:36:13.0308 9028  System windows directory: C:\windows
19:36:13.0308 9028  Running under WOW64
19:36:13.0308 9028  Processor architecture: Intel x64
19:36:13.0308 9028  Number of processors: 8
19:36:13.0308 9028  Page size: 0x1000
19:36:13.0308 9028  Boot type: Normal boot
19:36:13.0308 9028  ============================================================
19:36:14.0858 9028  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:36:14.0867 9028  ============================================================
19:36:14.0867 9028  \Device\Harddisk0\DR0:
19:36:14.0867 9028  MBR partitions:
19:36:14.0868 9028  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
19:36:14.0868 9028  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x557C76F0
19:36:14.0868 9028  ============================================================
19:36:14.0909 9028  C: <-> \Device\Harddisk0\DR0\Partition2
19:36:14.0910 9028  ============================================================
19:36:14.0910 9028  Initialize success
19:36:14.0910 9028  ============================================================
19:37:18.0966 8944  ============================================================
19:37:18.0966 8944  Scan started
19:37:18.0966 8944  Mode: Manual; TDLFS; 
19:37:18.0966 8944  ============================================================
19:37:19.0213 8944  ================ Scan system memory ========================
19:37:19.0213 8944  System memory - ok
19:37:19.0214 8944  ================ Scan services =============================
19:37:19.0452 8944  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
19:37:19.0584 8944  1394ohci - ok
19:37:19.0613 8944  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\windows\system32\drivers\ACPI.sys
19:37:19.0615 8944  ACPI - ok
19:37:19.0638 8944  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
19:37:19.0734 8944  AcpiPmi - ok
19:37:19.0871 8944  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:37:19.0974 8944  AdobeARMservice - ok
19:37:20.0017 8944  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
19:37:20.0041 8944  adp94xx - ok
19:37:20.0098 8944  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\windows\system32\drivers\adpahci.sys
19:37:20.0121 8944  adpahci - ok
19:37:20.0150 8944  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\windows\system32\drivers\adpu320.sys
19:37:20.0166 8944  adpu320 - ok
19:37:20.0224 8944  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
19:37:20.0227 8944  AeLookupSvc - ok
19:37:20.0305 8944  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
19:37:20.0308 8944  AESTFilters - ok
19:37:20.0359 8944  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\windows\system32\drivers\afd.sys
19:37:20.0371 8944  AFD - ok
19:37:20.0413 8944  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\windows\system32\drivers\agp440.sys
19:37:20.0423 8944  agp440 - ok
19:37:20.0451 8944  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\windows\System32\alg.exe
19:37:20.0455 8944  ALG - ok
19:37:20.0487 8944  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\windows\system32\drivers\aliide.sys
19:37:20.0497 8944  aliide - ok
19:37:20.0510 8944  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\windows\system32\drivers\amdide.sys
19:37:20.0515 8944  amdide - ok
19:37:20.0547 8944  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
19:37:20.0554 8944  AmdK8 - ok
19:37:20.0574 8944  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\windows\system32\drivers\amdppm.sys
19:37:20.0581 8944  AmdPPM - ok
19:37:20.0604 8944  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\windows\system32\drivers\amdsata.sys
19:37:20.0663 8944  amdsata - ok
19:37:20.0701 8944  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
19:37:20.0708 8944  amdsbs - ok
19:37:20.0721 8944  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\windows\system32\drivers\amdxata.sys
19:37:20.0850 8944  amdxata - ok
19:37:20.0890 8944  [ D46391F209DE0A98A97D1D1765F53438 ] AMPPAL          C:\windows\system32\DRIVERS\AMPPAL.sys
19:37:20.0944 8944  AMPPAL - ok
19:37:20.0979 8944  [ D46391F209DE0A98A97D1D1765F53438 ] AMPPALP         C:\windows\system32\DRIVERS\amppal.sys
19:37:20.0980 8944  AMPPALP - ok
19:37:21.0040 8944  [ EDFB061F7D553B84731B8263077FD520 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
19:37:21.0051 8944  AMPPALR3 - ok
19:37:21.0092 8944  [ 24ED0EB2B2558970176ECEE680F8F806 ] ApfiltrService  C:\windows\system32\DRIVERS\Apfiltr.sys
19:37:21.0164 8944  ApfiltrService - ok
19:37:21.0216 8944  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\windows\system32\drivers\appid.sys
19:37:21.0291 8944  AppID - ok
19:37:21.0325 8944  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\windows\System32\appidsvc.dll
19:37:21.0328 8944  AppIDSvc - ok
19:37:21.0368 8944  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\windows\System32\appinfo.dll
19:37:21.0370 8944  Appinfo - ok
19:37:21.0400 8944  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\windows\system32\drivers\arc.sys
19:37:21.0408 8944  arc - ok
19:37:21.0430 8944  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\windows\system32\drivers\arcsas.sys
19:37:21.0444 8944  arcsas - ok
19:37:21.0571 8944  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:37:21.0658 8944  aspnet_state - ok
19:37:21.0680 8944  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
19:37:21.0681 8944  AsyncMac - ok
19:37:21.0729 8944  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\windows\system32\drivers\atapi.sys
19:37:21.0734 8944  atapi - ok
19:37:21.0796 8944  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:37:21.0891 8944  AudioEndpointBuilder - ok
19:37:21.0900 8944  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\windows\System32\Audiosrv.dll
19:37:21.0903 8944  AudioSrv - ok
19:37:21.0936 8944  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\windows\System32\AxInstSV.dll
19:37:22.0007 8944  AxInstSV - ok
19:37:22.0075 8944  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
19:37:22.0098 8944  b06bdrv - ok
19:37:22.0141 8944  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
19:37:22.0158 8944  b57nd60a - ok
19:37:22.0204 8944  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\windows\System32\bdesvc.dll
19:37:22.0209 8944  BDESVC - ok
19:37:22.0228 8944  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\windows\system32\drivers\Beep.sys
19:37:22.0231 8944  Beep - ok
19:37:22.0282 8944  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\windows\System32\bfe.dll
19:37:22.0314 8944  BFE - ok
19:37:22.0361 8944  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\windows\System32\qmgr.dll
19:37:22.0376 8944  BITS - ok
19:37:22.0400 8944  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
19:37:22.0404 8944  blbdrive - ok
19:37:22.0478 8944  [ 5FF7B9916A10E8E69E7C0D16F0B4787A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
19:37:22.0492 8944  Bluetooth Device Monitor - ok
19:37:22.0547 8944  [ E43D73CAF1023976EFBA1D0F0E69E271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
19:37:22.0567 8944  Bluetooth Media Service - ok
19:37:22.0591 8944  [ 20427929646784A482DF34EF8C4FED23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
19:37:22.0596 8944  Bluetooth OBEX Service - ok
19:37:22.0621 8944  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
19:37:22.0624 8944  bowser - ok
19:37:22.0663 8944  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
19:37:22.0674 8944  BrFiltLo - ok
19:37:22.0686 8944  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
19:37:22.0693 8944  BrFiltUp - ok
19:37:22.0744 8944  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\windows\System32\browser.dll
19:37:22.0749 8944  Browser - ok
19:37:22.0791 8944  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\windows\System32\Drivers\Brserid.sys
19:37:22.0809 8944  Brserid - ok
19:37:22.0826 8944  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
19:37:22.0837 8944  BrSerWdm - ok
19:37:22.0865 8944  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
19:37:22.0872 8944  BrUsbMdm - ok
19:37:22.0879 8944  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
19:37:22.0885 8944  BrUsbSer - ok
19:37:22.0958 8944  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\windows\system32\drivers\BthEnum.sys
19:37:22.0966 8944  BthEnum - ok
19:37:22.0983 8944  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
19:37:22.0989 8944  BTHMODEM - ok
19:37:23.0018 8944  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
19:37:23.0027 8944  BthPan - ok
19:37:23.0072 8944  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\windows\System32\Drivers\BTHport.sys
19:37:23.0187 8944  BTHPORT - ok
19:37:23.0222 8944  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\windows\system32\bthserv.dll
19:37:23.0226 8944  bthserv - ok
19:37:23.0244 8944  [ A3BC030FC526643DFDCA27299F75544B ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
19:37:23.0249 8944  BTHSSecurityMgr - ok
19:37:23.0281 8944  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\windows\System32\Drivers\BTHUSB.sys
19:37:23.0284 8944  BTHUSB - ok
19:37:23.0322 8944  [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio        C:\windows\system32\drivers\btmaud.sys
19:37:23.0400 8944  btmaudio - ok
19:37:23.0433 8944  [ 75EAB5AAF6E9F83739249CE60B4B9C39 ] btmaux          C:\windows\system32\DRIVERS\btmaux.sys
19:37:23.0514 8944  btmaux - ok
19:37:23.0538 8944  [ 0B1CC2221DC5990E4557A78CE9AFAD4F ] btmhsf          C:\windows\system32\DRIVERS\btmhsf.sys
19:37:23.0607 8944  btmhsf - ok
19:37:23.0628 8944  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
19:37:23.0629 8944  cdfs - ok
19:37:23.0676 8944  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
19:37:23.0681 8944  cdrom - ok
19:37:23.0727 8944  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\windows\System32\certprop.dll
19:37:23.0730 8944  CertPropSvc - ok
19:37:23.0751 8944  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\windows\system32\drivers\circlass.sys
19:37:23.0758 8944  circlass - ok
19:37:23.0790 8944  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\windows\system32\CLFS.sys
19:37:23.0813 8944  CLFS - ok
19:37:23.0880 8944  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:37:23.0884 8944  clr_optimization_v2.0.50727_32 - ok
19:37:23.0938 8944  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:37:23.0948 8944  clr_optimization_v2.0.50727_64 - ok
19:37:24.0023 8944  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:37:24.0026 8944  clr_optimization_v4.0.30319_32 - ok
19:37:24.0050 8944  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:37:24.0054 8944  clr_optimization_v4.0.30319_64 - ok
19:37:24.0107 8944  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
19:37:24.0110 8944  CmBatt - ok
19:37:24.0122 8944  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\windows\system32\drivers\cmdide.sys
19:37:24.0125 8944  cmdide - ok
19:37:24.0179 8944  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\windows\system32\Drivers\cng.sys
19:37:24.0262 8944  CNG - ok
19:37:24.0289 8944  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
19:37:24.0292 8944  Compbatt - ok
19:37:24.0309 8944  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
19:37:24.0369 8944  CompositeBus - ok
19:37:24.0378 8944  COMSysApp - ok
19:37:24.0396 8944  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
19:37:24.0398 8944  crcdisk - ok
19:37:24.0430 8944  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\windows\system32\cryptsvc.dll
19:37:24.0476 8944  CryptSvc - ok
19:37:24.0529 8944  [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt        C:\windows\system32\DRIVERS\CtClsFlt.sys
19:37:24.0627 8944  CtClsFlt - ok
19:37:24.0681 8944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\windows\system32\rpcss.dll
19:37:24.0692 8944  DcomLaunch - ok
19:37:24.0735 8944  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\windows\System32\defragsvc.dll
19:37:24.0743 8944  defragsvc - ok
19:37:24.0778 8944  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\windows\system32\Drivers\dfsc.sys
19:37:24.0865 8944  DfsC - ok
19:37:24.0895 8944  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\windows\system32\dhcpcore.dll
19:37:24.0899 8944  Dhcp - ok
19:37:24.0923 8944  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\windows\system32\drivers\discache.sys
19:37:24.0930 8944  discache - ok
19:37:24.0966 8944  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\windows\system32\drivers\disk.sys
19:37:24.0978 8944  Disk - ok
19:37:24.0997 8944  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\windows\System32\dnsrslvr.dll
19:37:25.0003 8944  Dnscache - ok
19:37:25.0032 8944  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\windows\System32\dot3svc.dll
19:37:25.0039 8944  dot3svc - ok
19:37:25.0058 8944  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\windows\system32\dps.dll
19:37:25.0062 8944  DPS - ok
19:37:25.0088 8944  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
19:37:25.0099 8944  drmkaud - ok
19:37:25.0150 8944  [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01     C:\windows\system32\DRIVERS\dtsoftbus01.sys
19:37:25.0156 8944  dtsoftbus01 - ok
19:37:25.0209 8944  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
19:37:25.0225 8944  DXGKrnl - ok
19:37:25.0232 8944  EagleX64 - ok
19:37:25.0270 8944  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\windows\System32\eapsvc.dll
19:37:25.0280 8944  EapHost - ok
19:37:25.0386 8944  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\windows\system32\drivers\evbda.sys
19:37:25.0503 8944  ebdrv - ok
19:37:25.0529 8944  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\windows\System32\lsass.exe
19:37:25.0531 8944  EFS - ok
19:37:25.0591 8944  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
19:37:25.0709 8944  ehRecvr - ok
19:37:25.0729 8944  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\windows\ehome\ehsched.exe
19:37:25.0733 8944  ehSched - ok
19:37:25.0778 8944  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\windows\system32\drivers\elxstor.sys
19:37:25.0800 8944  elxstor - ok
19:37:25.0813 8944  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\windows\system32\drivers\errdev.sys
19:37:25.0821 8944  ErrDev - ok
19:37:25.0877 8944  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\windows\system32\es.dll
19:37:25.0887 8944  EventSystem - ok
19:37:25.0987 8944  [ 6EB16C7286FBCD3AB206743BA813EC48 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:37:26.0005 8944  EvtEng - ok
19:37:26.0035 8944  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\windows\system32\drivers\exfat.sys
19:37:26.0041 8944  exfat - ok
19:37:26.0073 8944  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\windows\system32\drivers\fastfat.sys
19:37:26.0077 8944  fastfat - ok
19:37:26.0136 8944  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\windows\system32\fxssvc.exe
19:37:26.0168 8944  Fax - ok
19:37:26.0187 8944  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\windows\system32\drivers\fdc.sys
19:37:26.0195 8944  fdc - ok
19:37:26.0216 8944  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\windows\system32\fdPHost.dll
19:37:26.0219 8944  fdPHost - ok
19:37:26.0239 8944  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\windows\system32\fdrespub.dll
19:37:26.0245 8944  FDResPub - ok
19:37:26.0262 8944  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
19:37:26.0268 8944  FileInfo - ok
19:37:26.0280 8944  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
19:37:26.0284 8944  Filetrace - ok
19:37:26.0298 8944  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
19:37:26.0306 8944  flpydisk - ok
19:37:26.0328 8944  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
19:37:26.0335 8944  FltMgr - ok
19:37:26.0403 8944  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\windows\system32\FntCache.dll
19:37:26.0440 8944  FontCache - ok
19:37:26.0487 8944  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:37:26.0491 8944  FontCache3.0.0.0 - ok
19:37:26.0517 8944  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
19:37:26.0520 8944  FsDepends - ok
19:37:26.0545 8944  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
19:37:26.0546 8944  Fs_Rec - ok
19:37:26.0584 8944  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
19:37:26.0644 8944  fvevol - ok
19:37:26.0680 8944  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
19:37:26.0691 8944  gagp30kx - ok
19:37:26.0740 8944  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:37:26.0746 8944  GamesAppService - ok
19:37:26.0791 8944  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\windows\System32\gpsvc.dll
19:37:26.0826 8944  gpsvc - ok
19:37:26.0920 8944  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:37:26.0923 8944  gupdate - ok
19:37:26.0932 8944  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:37:26.0935 8944  gupdatem - ok
19:37:26.0972 8944  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
19:37:26.0975 8944  hcw85cir - ok
19:37:27.0006 8944  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:37:27.0080 8944  HdAudAddService - ok
19:37:27.0109 8944  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
19:37:27.0112 8944  HDAudBus - ok
19:37:27.0124 8944  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
19:37:27.0131 8944  HidBatt - ok
19:37:27.0147 8944  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\windows\system32\drivers\hidbth.sys
19:37:27.0155 8944  HidBth - ok
19:37:27.0183 8944  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\windows\system32\drivers\hidir.sys
19:37:27.0189 8944  HidIr - ok
19:37:27.0221 8944  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\windows\system32\hidserv.dll
19:37:27.0225 8944  hidserv - ok
19:37:27.0258 8944  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\windows\system32\DRIVERS\hidusb.sys
19:37:27.0305 8944  HidUsb - ok
19:37:27.0333 8944  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\windows\system32\kmsvc.dll
19:37:27.0407 8944  hkmsvc - ok
19:37:27.0436 8944  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:37:27.0443 8944  HomeGroupListener - ok
19:37:27.0479 8944  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:37:27.0486 8944  HomeGroupProvider - ok
19:37:27.0514 8944  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
19:37:27.0573 8944  HpSAMD - ok
19:37:27.0597 8944  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\windows\system32\drivers\HTTP.sys
19:37:27.0605 8944  HTTP - ok
19:37:27.0611 8944  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
19:37:27.0613 8944  hwpolicy - ok
19:37:27.0645 8944  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
19:37:27.0654 8944  i8042prt - ok
19:37:27.0696 8944  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\windows\system32\DRIVERS\iaStor.sys
19:37:27.0700 8944  iaStor - ok
19:37:27.0741 8944  [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
19:37:27.0743 8944  IAStorDataMgrSvc - ok
19:37:27.0779 8944  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
19:37:27.0846 8944  iaStorV - ok
19:37:27.0878 8944  [ 8A4EC1C3F10385181B1066120C610AE5 ] iBtFltCoex      C:\windows\system32\DRIVERS\iBtFltCoex.sys
19:37:27.0934 8944  iBtFltCoex - ok
19:37:28.0039 8944  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:37:28.0128 8944  IDriverT - ok
19:37:28.0211 8944  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:37:28.0240 8944  idsvc - ok
19:37:28.0515 8944  [ 174BCAC474DE13B2650E444CF124828E ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
19:37:28.0849 8944  igfx - ok
19:37:28.0882 8944  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\windows\system32\drivers\iirsp.sys
19:37:28.0886 8944  iirsp - ok
19:37:28.0930 8944  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\windows\System32\ikeext.dll
19:37:28.0965 8944  IKEEXT - ok
19:37:29.0011 8944  [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
19:37:29.0074 8944  intaud_WaveExtensible - ok
19:37:29.0086 8944  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\windows\system32\drivers\intelide.sys
19:37:29.0088 8944  intelide - ok
19:37:29.0115 8944  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
19:37:29.0117 8944  intelppm - ok
19:37:29.0152 8944  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\windows\system32\ipbusenum.dll
19:37:29.0158 8944  IPBusEnum - ok
19:37:29.0195 8944  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
19:37:29.0198 8944  IpFilterDriver - ok
19:37:29.0245 8944  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
19:37:29.0307 8944  iphlpsvc - ok
19:37:29.0320 8944  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
19:37:29.0364 8944  IPMIDRV - ok
19:37:29.0393 8944  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\windows\system32\drivers\ipnat.sys
19:37:29.0395 8944  IPNAT - ok
19:37:29.0413 8944  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\windows\system32\drivers\irenum.sys
19:37:29.0416 8944  IRENUM - ok
19:37:29.0450 8944  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\windows\system32\drivers\isapnp.sys
19:37:29.0457 8944  isapnp - ok
19:37:29.0482 8944  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
19:37:29.0576 8944  iScsiPrt - ok
19:37:29.0623 8944  [ 716F66336F10885D935B08174DC54242 ] iwdbus          C:\windows\system32\DRIVERS\iwdbus.sys
19:37:29.0719 8944  iwdbus - ok
19:37:29.0748 8944  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
19:37:29.0759 8944  kbdclass - ok
19:37:29.0773 8944  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
19:37:29.0846 8944  kbdhid - ok
19:37:29.0873 8944  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\windows\system32\lsass.exe
19:37:29.0875 8944  KeyIso - ok
19:37:29.0912 8944  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
19:37:29.0915 8944  KSecDD - ok
19:37:29.0947 8944  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
19:37:29.0952 8944  KSecPkg - ok
19:37:29.0964 8944  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
19:37:29.0972 8944  ksthunk - ok
19:37:30.0015 8944  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\windows\system32\msdtckrm.dll
19:37:30.0026 8944  KtmRm - ok
19:37:30.0082 8944  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\windows\system32\srvsvc.dll
19:37:30.0170 8944  LanmanServer - ok
19:37:30.0206 8944  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:37:30.0209 8944  LanmanWorkstation - ok
19:37:30.0239 8944  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
19:37:30.0249 8944  lltdio - ok
19:37:30.0287 8944  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\windows\System32\lltdsvc.dll
19:37:30.0297 8944  lltdsvc - ok
19:37:30.0325 8944  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\windows\System32\lmhsvc.dll
19:37:30.0337 8944  lmhosts - ok
19:37:30.0392 8944  [ 0803906D607A9B83184447B75B60ECC2 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
19:37:30.0398 8944  LMS - ok
19:37:30.0431 8944  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
19:37:30.0441 8944  LSI_FC - ok
19:37:30.0478 8944  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
19:37:30.0487 8944  LSI_SAS - ok
19:37:30.0509 8944  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
19:37:30.0516 8944  LSI_SAS2 - ok
19:37:30.0529 8944  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
19:37:30.0540 8944  LSI_SCSI - ok
19:37:30.0576 8944  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\windows\system32\drivers\luafv.sys
19:37:30.0583 8944  luafv - ok
19:37:30.0639 8944  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\windows\system32\drivers\mbam.sys
19:37:30.0717 8944  MBAMProtector - ok
19:37:30.0804 8944  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:37:30.0880 8944  MBAMScheduler - ok
19:37:30.0905 8944  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:37:30.0915 8944  MBAMService - ok
19:37:30.0987 8944  [ 062D80F13D762F7BC2F38430D60F5048 ] McAfeeFramework C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
19:37:30.0990 8944  McAfeeFramework - ok
19:37:31.0065 8944  [ 00315DC847778D65728197B63803B523 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
19:37:31.0191 8944  McShield - ok
19:37:31.0223 8944  [ B15BB3AEF59158B4E1DDA5328C842713 ] McTaskManager   C:\Program Files (x86)\McAfee\VirusScan Enterprise\vstskmgr.exe
19:37:31.0226 8944  McTaskManager - ok
19:37:31.0249 8944  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
19:37:31.0255 8944  Mcx2Svc - ok
19:37:31.0281 8944  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\windows\system32\drivers\megasas.sys
19:37:31.0293 8944  megasas - ok
19:37:31.0336 8944  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
19:37:31.0355 8944  MegaSR - ok
19:37:31.0387 8944  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\windows\system32\DRIVERS\HECIx64.sys
19:37:31.0464 8944  MEIx64 - ok
19:37:31.0521 8944  [ 0D121A46E0148A3BC941FA3BB0269329 ] mfeapfk         C:\windows\system32\drivers\mfeapfk.sys
19:37:31.0525 8944  mfeapfk - ok
19:37:31.0578 8944  [ 93F251905C028809FFB49F95A63FCBC9 ] mfeavfk         C:\windows\system32\drivers\mfeavfk.sys
19:37:31.0675 8944  mfeavfk - ok
19:37:31.0725 8944  mfeavfk01 - ok
19:37:31.0766 8944  [ A282A937127EA7B15EB85559E59AE576 ] mfehidk         C:\windows\system32\drivers\mfehidk.sys
19:37:31.0863 8944  mfehidk - ok
19:37:31.0905 8944  [ 04D7E0E2A48730A1C535837F105E6352 ] mferkdet        C:\windows\system32\drivers\mferkdet.sys
19:37:31.0973 8944  mferkdet - ok
19:37:31.0992 8944  [ 45F1580C7C9F49A68B72EF2CCEFEF3A3 ] mfevtp          C:\windows\system32\mfevtps.exe
19:37:31.0994 8944  mfevtp - ok
19:37:32.0014 8944  [ 325DD1031CFD71BD4D8AFDB1FAAF3BEA ] mfewfpk         C:\windows\system32\drivers\mfewfpk.sys
19:37:32.0074 8944  mfewfpk - ok
19:37:32.0154 8944  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:37:32.0251 8944  Microsoft Office Groove Audit Service - ok
19:37:32.0280 8944  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\windows\system32\mmcss.dll
19:37:32.0282 8944  MMCSS - ok
19:37:32.0299 8944  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\windows\system32\drivers\modem.sys
19:37:32.0302 8944  Modem - ok
19:37:32.0337 8944  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\windows\system32\DRIVERS\monitor.sys
19:37:32.0338 8944  monitor - ok
19:37:32.0374 8944  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
19:37:32.0384 8944  mouclass - ok
19:37:32.0398 8944  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
19:37:32.0407 8944  mouhid - ok
19:37:32.0434 8944  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
19:37:32.0436 8944  mountmgr - ok
19:37:32.0498 8944  [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:37:32.0581 8944  MozillaMaintenance - ok
19:37:32.0599 8944  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\windows\system32\drivers\mpio.sys
19:37:32.0665 8944  mpio - ok
19:37:32.0684 8944  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
19:37:32.0688 8944  mpsdrv - ok
19:37:32.0737 8944  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\windows\system32\mpssvc.dll
19:37:32.0752 8944  MpsSvc - ok
19:37:32.0762 8944  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
19:37:32.0767 8944  MRxDAV - ok
19:37:32.0804 8944  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
19:37:32.0901 8944  mrxsmb - ok
19:37:32.0926 8944  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
19:37:32.0929 8944  mrxsmb10 - ok
19:37:32.0945 8944  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
19:37:32.0947 8944  mrxsmb20 - ok
19:37:32.0967 8944  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\windows\system32\drivers\msahci.sys
19:37:33.0036 8944  msahci - ok
19:37:33.0055 8944  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\windows\system32\drivers\msdsm.sys
19:37:33.0142 8944  msdsm - ok
19:37:33.0193 8944  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\windows\System32\msdtc.exe
19:37:33.0208 8944  MSDTC - ok
19:37:33.0261 8944  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\windows\system32\drivers\Msfs.sys
19:37:33.0263 8944  Msfs - ok
19:37:33.0287 8944  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
19:37:33.0298 8944  mshidkmdf - ok
19:37:33.0341 8944  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
19:37:33.0347 8944  msisadrv - ok
19:37:33.0386 8944  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
19:37:33.0401 8944  MSiSCSI - ok
19:37:33.0408 8944  msiserver - ok
19:37:33.0459 8944  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
19:37:33.0470 8944  MSKSSRV - ok
19:37:33.0488 8944  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
19:37:33.0498 8944  MSPCLOCK - ok
19:37:33.0513 8944  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
19:37:33.0519 8944  MSPQM - ok
19:37:33.0558 8944  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
19:37:33.0566 8944  MsRPC - ok
19:37:33.0581 8944  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
19:37:33.0581 8944  mssmbios - ok
19:37:33.0584 8944  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
19:37:33.0585 8944  MSTEE - ok
19:37:33.0598 8944  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
19:37:33.0601 8944  MTConfig - ok
19:37:33.0621 8944  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\windows\system32\Drivers\mup.sys
19:37:33.0631 8944  Mup - ok
19:37:33.0682 8944  [ 7E11D1788F5B531D49EF0AF97202437B ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:37:33.0689 8944  MyWiFiDHCPDNS - ok
19:37:33.0738 8944  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\windows\system32\qagentRT.dll
19:37:33.0748 8944  napagent - ok
19:37:33.0797 8944  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
19:37:33.0817 8944  NativeWifiP - ok
19:37:33.0911 8944  [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
19:37:33.0922 8944  NAUpdate - ok
19:37:33.0991 8944  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\windows\system32\drivers\ndis.sys
19:37:34.0025 8944  NDIS - ok
19:37:34.0056 8944  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
19:37:34.0068 8944  NdisCap - ok
19:37:34.0100 8944  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
19:37:34.0103 8944  NdisTapi - ok
19:37:34.0120 8944  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
19:37:34.0123 8944  Ndisuio - ok
19:37:34.0144 8944  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
19:37:34.0149 8944  NdisWan - ok
19:37:34.0181 8944  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
19:37:34.0184 8944  NDProxy - ok
19:37:34.0201 8944  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
19:37:34.0204 8944  NetBIOS - ok
19:37:34.0223 8944  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
19:37:34.0230 8944  NetBT - ok
19:37:34.0241 8944  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\windows\system32\lsass.exe
19:37:34.0245 8944  Netlogon - ok
19:37:34.0278 8944  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\windows\System32\netman.dll
19:37:34.0286 8944  Netman - ok
19:37:34.0325 8944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:37:34.0327 8944  NetMsmqActivator - ok
19:37:34.0330 8944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:37:34.0333 8944  NetPipeActivator - ok
19:37:34.0367 8944  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\windows\System32\netprofm.dll
19:37:34.0380 8944  netprofm - ok
19:37:34.0389 8944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:37:34.0391 8944  NetTcpActivator - ok
19:37:34.0394 8944  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:37:34.0395 8944  NetTcpPortSharing - ok
19:37:34.0605 8944  [ 219A40EEEA50D638BA9D08680C354A0C ] NETwNs64        C:\windows\system32\DRIVERS\Netwsw00.sys
19:37:34.0929 8944  NETwNs64 - ok
19:37:34.0965 8944  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
19:37:34.0974 8944  nfrd960 - ok
19:37:35.0013 8944  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\windows\System32\nlasvc.dll
19:37:35.0065 8944  NlaSvc - ok
19:37:35.0195 8944  [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
19:37:35.0364 8944  NOBU - ok
19:37:35.0377 8944  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\windows\system32\drivers\Npfs.sys
19:37:35.0379 8944  Npfs - ok
19:37:35.0404 8944  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\windows\system32\nsisvc.dll
19:37:35.0408 8944  nsi - ok
19:37:35.0428 8944  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
19:37:35.0436 8944  nsiproxy - ok
19:37:35.0516 8944  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
19:37:35.0593 8944  Ntfs - ok
19:37:35.0605 8944  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\windows\system32\drivers\Null.sys
19:37:35.0606 8944  Null - ok
19:37:35.0652 8944  [ 158AD24745BD85BA9BE3C51C38F48C32 ] nusb3hub        C:\windows\system32\DRIVERS\nusb3hub.sys
19:37:35.0720 8944  nusb3hub - ok
19:37:35.0737 8944  [ D40A13B2C0891E218F9523B376955DB6 ] nusb3xhc        C:\windows\system32\DRIVERS\nusb3xhc.sys
19:37:35.0802 8944  nusb3xhc - ok
19:37:35.0848 8944  [ F2662FDC20518EE8A8EED4F61BA42349 ] NVHDA           C:\windows\system32\drivers\nvhda64v.sys
19:37:35.0912 8944  NVHDA - ok
19:37:35.0960 8944  [ 5AA24BDF21D995D8E48747074C7C7018 ] nvkflt          C:\windows\system32\DRIVERS\nvkflt.sys
19:37:36.0008 8944  nvkflt - ok
19:37:36.0250 8944  [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm        C:\windows\system32\DRIVERS\nvlddmkm.sys
19:37:36.0321 8944  nvlddmkm - ok
19:37:36.0338 8944  [ 6D785C898F9D70905A90655F4D0D0AFB ] nvpciflt        C:\windows\system32\DRIVERS\nvpciflt.sys
19:37:36.0382 8944  nvpciflt - ok
19:37:36.0421 8944  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\windows\system32\drivers\nvraid.sys
19:37:36.0504 8944  nvraid - ok
19:37:36.0548 8944  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\windows\system32\drivers\nvstor.sys
19:37:36.0616 8944  nvstor - ok
19:37:36.0692 8944  [ A83AC04D672567CAF8BE7A4D73C0B850 ] NVSvc           C:\windows\system32\nvvsvc.exe
19:37:36.0734 8944  NVSvc - ok
19:37:36.0836 8944  [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:37:36.0947 8944  nvUpdatusService - ok
19:37:36.0963 8944  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
19:37:36.0969 8944  nv_agp - ok
19:37:37.0057 8944  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:37:37.0068 8944  odserv - ok
19:37:37.0085 8944  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
19:37:37.0098 8944  ohci1394 - ok
19:37:37.0135 8944  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:37:37.0203 8944  ose - ok
19:37:37.0231 8944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
19:37:37.0235 8944  p2pimsvc - ok
19:37:37.0276 8944  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\windows\system32\p2psvc.dll
19:37:37.0295 8944  p2psvc - ok
19:37:37.0321 8944  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\windows\system32\drivers\parport.sys
19:37:37.0325 8944  Parport - ok
19:37:37.0354 8944  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\windows\system32\drivers\partmgr.sys
19:37:37.0455 8944  partmgr - ok
19:37:37.0475 8944  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\windows\System32\pcasvc.dll
19:37:37.0478 8944  PcaSvc - ok
19:37:37.0494 8944  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\windows\system32\drivers\pci.sys
19:37:37.0555 8944  pci - ok
19:37:37.0573 8944  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\windows\system32\drivers\pciide.sys
19:37:37.0576 8944  pciide - ok
19:37:37.0587 8944  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
19:37:37.0593 8944  pcmcia - ok
19:37:37.0608 8944  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\windows\system32\drivers\pcw.sys
19:37:37.0610 8944  pcw - ok
19:37:37.0641 8944  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\windows\system32\drivers\peauth.sys
19:37:37.0676 8944  PEAUTH - ok
19:37:37.0772 8944  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\windows\SysWow64\perfhost.exe
19:37:37.0776 8944  PerfHost - ok
19:37:37.0844 8944  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\windows\system32\pla.dll
19:37:37.0900 8944  pla - ok
19:37:37.0935 8944  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
19:37:37.0998 8944  PlugPlay - ok
19:37:38.0015 8944  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
19:37:38.0017 8944  PNRPAutoReg - ok
19:37:38.0033 8944  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
19:37:38.0041 8944  PNRPsvc - ok
19:37:38.0082 8944  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
19:37:38.0094 8944  PolicyAgent - ok
19:37:38.0164 8944  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\windows\system32\umpo.dll
19:37:38.0172 8944  Power - ok
19:37:38.0211 8944  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
19:37:38.0256 8944  PptpMiniport - ok
19:37:38.0273 8944  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\windows\system32\drivers\processr.sys
19:37:38.0276 8944  Processor - ok
19:37:38.0311 8944  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\windows\system32\profsvc.dll
19:37:38.0319 8944  ProfSvc - ok
19:37:38.0340 8944  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
19:37:38.0343 8944  ProtectedStorage - ok
19:37:38.0354 8944  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\windows\system32\DRIVERS\pacer.sys
19:37:38.0359 8944  Psched - ok
19:37:38.0388 8944  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\windows\system32\Drivers\PxHlpa64.sys
19:37:38.0456 8944  PxHlpa64 - ok
19:37:38.0529 8944  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\windows\system32\drivers\ql2300.sys
19:37:38.0597 8944  ql2300 - ok
19:37:38.0623 8944  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
19:37:38.0632 8944  ql40xx - ok
19:37:38.0667 8944  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\windows\system32\qwave.dll
19:37:38.0675 8944  QWAVE - ok
19:37:38.0697 8944  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
19:37:38.0700 8944  QWAVEdrv - ok
19:37:38.0716 8944  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
19:37:38.0719 8944  RasAcd - ok
19:37:38.0754 8944  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
19:37:38.0757 8944  RasAgileVpn - ok
19:37:38.0788 8944  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\windows\System32\rasauto.dll
19:37:38.0803 8944  RasAuto - ok
19:37:38.0827 8944  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
19:37:38.0924 8944  Rasl2tp - ok
19:37:38.0942 8944  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\windows\System32\rasmans.dll
19:37:39.0018 8944  RasMan - ok
19:37:39.0043 8944  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
19:37:39.0056 8944  RasPppoe - ok
19:37:39.0075 8944  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
19:37:39.0082 8944  RasSstp - ok
19:37:39.0106 8944  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
19:37:39.0115 8944  rdbss - ok
19:37:39.0139 8944  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
19:37:39.0150 8944  rdpbus - ok
19:37:39.0178 8944  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
19:37:39.0180 8944  RDPCDD - ok
19:37:39.0193 8944  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
19:37:39.0195 8944  RDPENCDD - ok
19:37:39.0212 8944  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
19:37:39.0215 8944  RDPREFMP - ok
19:37:39.0259 8944  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
19:37:39.0262 8944  RdpVideoMiniport - ok
19:37:39.0297 8944  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
19:37:39.0388 8944  RDPWD - ok
19:37:39.0432 8944  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
19:37:39.0437 8944  rdyboost - ok
19:37:39.0515 8944  [ F09087C51C6AE42AE7DABE1EB3E44C17 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:37:39.0519 8944  RegSrvc - ok
19:37:39.0550 8944  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\windows\System32\mprdim.dll
19:37:39.0556 8944  RemoteAccess - ok
19:37:39.0580 8944  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\windows\system32\regsvc.dll
19:37:39.0588 8944  RemoteRegistry - ok
19:37:39.0625 8944  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
19:37:39.0638 8944  RFCOMM - ok
19:37:39.0758 8944  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
19:37:39.0782 8944  RoxMediaDB12OEM - ok
19:37:39.0811 8944  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
19:37:39.0818 8944  RoxWatch12 - ok
19:37:39.0855 8944  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
19:37:39.0860 8944  RpcEptMapper - ok
19:37:39.0890 8944  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\windows\system32\locator.exe
19:37:39.0893 8944  RpcLocator - ok
19:37:39.0925 8944  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\windows\system32\rpcss.dll
19:37:39.0936 8944  RpcSs - ok
19:37:39.0977 8944  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
19:37:39.0980 8944  rspndr - ok
19:37:40.0035 8944  [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR       C:\windows\system32\Drivers\RtsUStor.sys
19:37:40.0139 8944  RSUSBSTOR - ok
19:37:40.0179 8944  [ 2777226EE8BF50B059D7A7C90177E99C ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
19:37:40.0237 8944  RTL8167 - ok
19:37:40.0251 8944  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\windows\system32\lsass.exe
19:37:40.0252 8944  SamSs - ok
19:37:40.0266 8944  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
19:37:40.0322 8944  sbp2port - ok
19:37:40.0351 8944  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\windows\System32\SCardSvr.dll
19:37:40.0355 8944  SCardSvr - ok
19:37:40.0365 8944  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
19:37:40.0464 8944  scfilter - ok
19:37:40.0494 8944  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\windows\system32\schedsvc.dll
19:37:40.0517 8944  Schedule - ok
19:37:40.0548 8944  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\windows\System32\certprop.dll
19:37:40.0551 8944  SCPolicySvc - ok
19:37:40.0569 8944  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\windows\System32\SDRSVC.dll
19:37:40.0576 8944  SDRSVC - ok
19:37:40.0601 8944  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\windows\system32\drivers\secdrv.sys
19:37:40.0607 8944  secdrv - ok
19:37:40.0627 8944  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\windows\system32\seclogon.dll
19:37:40.0632 8944  seclogon - ok
19:37:40.0659 8944  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\windows\System32\sens.dll
19:37:40.0663 8944  SENS - ok
19:37:40.0683 8944  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\windows\system32\sensrsvc.dll
19:37:40.0688 8944  SensrSvc - ok
19:37:40.0709 8944  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\windows\system32\drivers\serenum.sys
19:37:40.0714 8944  Serenum - ok
19:37:40.0736 8944  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\windows\system32\drivers\serial.sys
19:37:40.0743 8944  Serial - ok
19:37:40.0781 8944  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\windows\system32\drivers\sermouse.sys
19:37:40.0788 8944  sermouse - ok
19:37:40.0824 8944  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\windows\system32\sessenv.dll
19:37:40.0827 8944  SessionEnv - ok
19:37:40.0844 8944  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
19:37:40.0853 8944  sffdisk - ok
19:37:40.0870 8944  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
19:37:40.0880 8944  sffp_mmc - ok
19:37:40.0899 8944  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
19:37:40.0995 8944  sffp_sd - ok
19:37:41.0018 8944  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
19:37:41.0023 8944  sfloppy - ok
19:37:41.0115 8944  [ 1968E6EBBEECF61D5F7D8603467E2AD0 ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
19:37:41.0164 8944  SftService - ok
19:37:41.0194 8944  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\windows\System32\ipnathlp.dll
19:37:41.0199 8944  SharedAccess - ok
19:37:41.0234 8944  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:37:41.0245 8944  ShellHWDetection - ok
19:37:41.0282 8944  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
19:37:41.0292 8944  SiSRaid2 - ok
19:37:41.0334 8944  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
19:37:41.0346 8944  SiSRaid4 - ok
19:37:41.0439 8944  [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:37:41.0822 8944  SkypeUpdate - ok
19:37:41.0848 8944  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\windows\system32\DRIVERS\smb.sys
19:37:41.0861 8944  Smb - ok
19:37:41.0922 8944  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\windows\System32\snmptrap.exe
19:37:41.0927 8944  SNMPTRAP - ok
19:37:41.0946 8944  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\windows\system32\drivers\spldr.sys
19:37:41.0953 8944  spldr - ok
19:37:42.0010 8944  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\windows\System32\spoolsv.exe
19:37:42.0079 8944  Spooler - ok
19:37:42.0165 8944  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\windows\system32\sppsvc.exe
19:37:42.0240 8944  sppsvc - ok
19:37:42.0262 8944  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\windows\system32\sppuinotify.dll
19:37:42.0264 8944  sppuinotify - ok
19:37:42.0303 8944  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\windows\system32\DRIVERS\srv.sys
19:37:42.0314 8944  srv - ok
19:37:42.0337 8944  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
19:37:42.0347 8944  srv2 - ok
19:37:42.0364 8944  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
19:37:42.0369 8944  srvnet - ok
19:37:42.0397 8944  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
19:37:42.0398 8944  SSDPSRV - ok
19:37:42.0415 8944  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\windows\system32\sstpsvc.dll
19:37:42.0421 8944  SstpSvc - ok
19:37:42.0489 8944  [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
19:37:42.0497 8944  STacSV - ok
19:37:42.0562 8944  [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:37:42.0572 8944  Steam Client Service - ok
19:37:42.0667 8944  [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:37:42.0676 8944  Stereo Service - ok
19:37:42.0705 8944  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\windows\system32\drivers\stexstor.sys
19:37:42.0712 8944  stexstor - ok
19:37:42.0760 8944  [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA           C:\windows\system32\DRIVERS\stwrt64.sys
19:37:42.0833 8944  STHDA - ok
19:37:42.0879 8944  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\windows\System32\wiaservc.dll
19:37:42.0891 8944  stisvc - ok
19:37:42.0929 8944  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
19:37:42.0933 8944  stllssvr - ok
19:37:42.0967 8944  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
19:37:42.0975 8944  swenum - ok
19:37:43.0012 8944  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\windows\System32\swprv.dll
19:37:43.0032 8944  swprv - ok
19:37:43.0092 8944  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\windows\system32\sysmain.dll
19:37:43.0157 8944  SysMain - ok
19:37:43.0187 8944  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
19:37:43.0193 8944  TabletInputService - ok
19:37:43.0209 8944  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\windows\System32\tapisrv.dll
19:37:43.0308 8944  TapiSrv - ok
19:37:43.0362 8944  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\windows\System32\tbssvc.dll
19:37:43.0368 8944  TBS - ok
19:37:43.0451 8944  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\windows\system32\drivers\tcpip.sys
19:37:43.0509 8944  Tcpip - ok
19:37:43.0576 8944  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
19:37:43.0595 8944  TCPIP6 - ok
19:37:43.0630 8944  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
19:37:43.0632 8944  tcpipreg - ok
19:37:43.0660 8944  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
19:37:43.0663 8944  TDPIPE - ok
19:37:43.0702 8944  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
19:37:43.0794 8944  TDTCP - ok
19:37:43.0816 8944  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\windows\system32\DRIVERS\tdx.sys
19:37:43.0818 8944  tdx - ok
19:37:43.0840 8944  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
19:37:43.0934 8944  TermDD - ok
19:37:43.0988 8944  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\windows\System32\termsrv.dll
19:37:44.0023 8944  TermService - ok
19:37:44.0044 8944  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\windows\system32\themeservice.dll
19:37:44.0049 8944  Themes - ok
19:37:44.0080 8944  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\windows\system32\mmcss.dll
19:37:44.0084 8944  THREADORDER - ok
19:37:44.0108 8944  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\windows\System32\trkwks.dll
19:37:44.0122 8944  TrkWks - ok
19:37:44.0178 8944  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:37:44.0182 8944  TrustedInstaller - ok
19:37:44.0205 8944  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
19:37:44.0271 8944  tssecsrv - ok
19:37:44.0322 8944  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
19:37:44.0374 8944  TsUsbFlt - ok
19:37:44.0394 8944  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
19:37:44.0443 8944  TsUsbGD - ok
19:37:44.0492 8944  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
19:37:44.0495 8944  tunnel - ok
19:37:44.0535 8944  [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB          C:\windows\system32\DRIVERS\TurboB.sys
19:37:44.0584 8944  TurboB - ok
19:37:44.0610 8944  [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
19:37:44.0612 8944  TurboBoost - ok
19:37:44.0623 8944  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\windows\system32\drivers\uagp35.sys
19:37:44.0634 8944  uagp35 - ok
19:37:44.0657 8944  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
19:37:44.0665 8944  udfs - ok
19:37:44.0705 8944  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\windows\system32\UI0Detect.exe
19:37:44.0710 8944  UI0Detect - ok
19:37:44.0728 8944  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
19:37:44.0737 8944  uliagpkx - ok
19:37:44.0768 8944  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\windows\system32\DRIVERS\umbus.sys
19:37:44.0833 8944  umbus - ok
19:37:44.0847 8944  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\windows\system32\drivers\umpass.sys
19:37:44.0849 8944  UmPass - ok
19:37:45.0011 8944  [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
19:37:45.0022 8944  UNS - ok
19:37:45.0057 8944  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\windows\System32\upnphost.dll
19:37:45.0062 8944  upnphost - ok
19:37:45.0099 8944  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
19:37:45.0162 8944  usbaudio - ok
19:37:45.0201 8944  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
19:37:45.0291 8944  usbccgp - ok
19:37:45.0308 8944  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\windows\system32\drivers\usbcir.sys
19:37:45.0312 8944  usbcir - ok
19:37:45.0324 8944  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
19:37:45.0403 8944  usbehci - ok
19:37:45.0451 8944  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
19:37:45.0460 8944  usbhub - ok
19:37:45.0478 8944  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\windows\system32\drivers\usbohci.sys
19:37:45.0538 8944  usbohci - ok
19:37:45.0569 8944  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
19:37:45.0572 8944  usbprint - ok
19:37:45.0586 8944  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
19:37:45.0655 8944  USBSTOR - ok
19:37:45.0687 8944  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
19:37:45.0776 8944  usbuhci - ok
19:37:45.0808 8944  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
19:37:45.0891 8944  usbvideo - ok
19:37:45.0919 8944  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\windows\System32\uxsms.dll
19:37:45.0921 8944  UxSms - ok
19:37:45.0928 8944  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\windows\system32\lsass.exe
19:37:45.0929 8944  VaultSvc - ok
19:37:45.0959 8944  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
19:37:45.0961 8944  vdrvroot - ok
19:37:45.0994 8944  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\windows\System32\vds.exe
19:37:46.0016 8944  vds - ok
19:37:46.0032 8944  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
19:37:46.0039 8944  vga - ok
19:37:46.0057 8944  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\windows\System32\drivers\vga.sys
19:37:46.0059 8944  VgaSave - ok
19:37:46.0089 8944  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
19:37:46.0164 8944  vhdmp - ok
19:37:46.0190 8944  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\windows\system32\drivers\viaide.sys
19:37:46.0194 8944  viaide - ok
19:37:46.0219 8944  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\windows\system32\drivers\volmgr.sys
19:37:46.0286 8944  volmgr - ok
19:37:46.0311 8944  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
19:37:46.0314 8944  volmgrx - ok
19:37:46.0330 8944  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\windows\system32\drivers\volsnap.sys
19:37:46.0408 8944  volsnap - ok
19:37:46.0445 8944  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
19:37:46.0453 8944  vsmraid - ok
19:37:46.0514 8944  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\windows\system32\vssvc.exe
19:37:46.0563 8944  VSS - ok
19:37:46.0578 8944  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
19:37:46.0580 8944  vwifibus - ok
19:37:46.0595 8944  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
19:37:46.0599 8944  vwififlt - ok
19:37:46.0617 8944  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
19:37:46.0619 8944  vwifimp - ok
19:37:46.0660 8944  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\windows\system32\w32time.dll
19:37:46.0671 8944  W32Time - ok
19:37:46.0701 8944  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\windows\system32\drivers\wacompen.sys
19:37:46.0705 8944  WacomPen - ok
19:37:46.0736 8944  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
19:37:46.0793 8944  WANARP - ok
19:37:46.0797 8944  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
19:37:46.0798 8944  Wanarpv6 - ok
19:37:46.0849 8944  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\windows\system32\wbengine.exe
19:37:46.0978 8944  wbengine - ok
19:37:46.0997 8944  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
19:37:47.0006 8944  WbioSrvc - ok
19:37:47.0029 8944  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\windows\System32\wcncsvc.dll
19:37:47.0038 8944  wcncsvc - ok
19:37:47.0063 8944  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:37:47.0065 8944  WcsPlugInService - ok
19:37:47.0083 8944  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\windows\system32\drivers\wd.sys
19:37:47.0094 8944  Wd - ok
19:37:47.0122 8944  [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM         C:\windows\system32\DRIVERS\wdcsam64.sys
19:37:47.0183 8944  WDC_SAM - ok
19:37:47.0218 8944  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
19:37:47.0226 8944  Wdf01000 - ok
19:37:47.0238 8944  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\windows\system32\wdi.dll
19:37:47.0253 8944  WdiServiceHost - ok
19:37:47.0263 8944  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\windows\system32\wdi.dll
19:37:47.0268 8944  WdiSystemHost - ok
19:37:47.0306 8944  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\windows\System32\webclnt.dll
19:37:47.0316 8944  WebClient - ok
19:37:47.0363 8944  [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc          C:\windows\system32\wecsvc.dll
19:37:47.0372 8944  Wecsvc - ok
19:37:47.0392 8944  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\windows\System32\wercplsupport.dll
19:37:47.0397 8944  wercplsupport - ok
19:37:47.0429 8944  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\windows\System32\WerSvc.dll
19:37:47.0434 8944  WerSvc - ok
19:37:47.0476 8944  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
19:37:47.0478 8944  WfpLwf - ok
19:37:47.0528 8944  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
19:37:47.0632 8944  WimFltr - ok
19:37:47.0651 8944  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\windows\system32\drivers\wimmount.sys
19:37:47.0652 8944  WIMMount - ok
19:37:47.0682 8944  WinDefend - ok
19:37:47.0701 8944  WinHttpAutoProxySvc - ok
19:37:47.0767 8944  [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
19:37:47.0821 8944  Winmgmt - ok
19:37:47.0905 8944  [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM           C:\windows\system32\WsmSvc.dll
19:37:47.0980 8944  WinRM - ok
19:37:48.0037 8944  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\windows\System32\wlansvc.dll
19:37:48.0071 8944  Wlansvc - ok
19:37:48.0133 8944  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:37:48.0237 8944  wlcrasvc - ok
19:37:48.0356 8944  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:37:48.0425 8944  wlidsvc - ok
19:37:48.0455 8944  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\windows\system32\DRIVERS\wmiacpi.sys
19:37:48.0456 8944  WmiAcpi - ok
19:37:48.0496 8944  [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
19:37:48.0502 8944  wmiApSrv - ok
19:37:48.0550 8944  WMPNetworkSvc - ok
19:37:48.0578 8944  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\windows\System32\wpcsvc.dll
19:37:48.0588 8944  WPCSvc - ok
19:37:48.0617 8944  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
19:37:48.0623 8944  WPDBusEnum - ok
19:37:48.0641 8944  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
19:37:48.0649 8944  ws2ifsl - ok
19:37:48.0660 8944  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\windows\System32\wscsvc.dll
19:37:48.0666 8944  wscsvc - ok
19:37:48.0675 8944  WSearch - ok
19:37:48.0787 8944  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\windows\system32\wuaueng.dll
19:37:48.0801 8944  wuauserv - ok
19:37:48.0827 8944  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
19:37:48.0829 8944  WudfPf - ok
19:37:48.0856 8944  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
19:37:48.0862 8944  WUDFRd - ok
19:37:48.0907 8944  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
19:37:48.0914 8944  wudfsvc - ok
19:37:48.0956 8944  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\windows\System32\wwansvc.dll
19:37:48.0965 8944  WwanSvc - ok
19:37:49.0033 8944  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\windows\system32\DRIVERS\xusb21.sys
19:37:49.0093 8944  xusb21 - ok
19:37:49.0217 8944  [ 5BCB1F6CB749B6826BE1C0F16FF2F600 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:37:49.0367 8944  ZeroConfigService - ok
19:37:49.0394 8944  ================ Scan global ===============================
19:37:49.0416 8944  [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
19:37:49.0459 8944  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
19:37:49.0481 8944  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
19:37:49.0513 8944  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
19:37:49.0554 8944  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
19:37:49.0583 8944  [Global] - ok
19:37:49.0583 8944  ================ Scan MBR ==================================
19:37:49.0598 8944  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:37:50.0063 8944  \Device\Harddisk0\DR0 - ok
19:37:50.0064 8944  ================ Scan VBR ==================================
19:37:50.0069 8944  [ 17E6064B18AA88ED8319B3238FE06A25 ] \Device\Harddisk0\DR0\Partition1
19:37:50.0072 8944  \Device\Harddisk0\DR0\Partition1 - ok
19:37:50.0102 8944  [ 02D3C531AC736F85F2D45F0E1FD3F66F ] \Device\Harddisk0\DR0\Partition2
19:37:50.0106 8944  \Device\Harddisk0\DR0\Partition2 - ok
19:37:50.0107 8944  ============================================================
19:37:50.0107 8944  Scan finished
19:37:50.0107 8944  ============================================================
19:37:50.0127 6184  Detected object count: 0
19:37:50.0127 6184  Actual detected object count: 0
19:39:04.0446 0516  Deinitialize success
 
 

3) ESET Online Scanner

 

C:\TDSSKiller_Quarantine\09.10.2012_21.50.43\tdlfs0000\tsk0000.dta a variant of Win32/Olmarik.AYI trojan

C:\Users\Peng\Documents\HRBlock\-Don't Starve-FLT\Don't Starve Trainer.exe a variant of Win32/HackTool.CheatEngine.AF application
C:\Users\Peng\Documents\HRBlock\RA3\CaCRA3FRip.linksfu.com.part01.rar a variant of Win32/Delf.QZL trojan
C:\Users\Peng\Documents\HRBlock\RA3\CaCRA3Full-Rip.zip a variant of Win32/Delf.QZL trojan
C:\Users\Peng\Documents\HRBlock\RA3\trainer 1.00\brewers.exe a variant of Win32/GameHack.O application

Edited by bcbk19, 06 August 2013 - 08:47 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:27 PM

Posted 06 August 2013 - 08:12 PM

Please note:
The actual key for this would be located here in the registry...
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Video Library

If you hold shift while clicking on delete, it will permanently remove the file from your computer bypassing the recycling bin.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 bcbk19

bcbk19
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 06 August 2013 - 08:43 PM

Yup I figured it would that path since the Video Library key shows up in Run and nowhere else after I did a F3 search.

 

Please note:
The actual key for this would be located here in the registry...
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Video Library

If you hold shift while clicking on delete, it will permanently remove the file from your computer bypassing the recycling bin.



#6 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:27 PM

Posted 09 August 2013 - 02:16 PM

Do you still have issues left?

 

Two tests to verify:

 

:step1: Run Rkill http://www.bleepingcomputer.com/forums/t/308364/rkill-what-it-does-and-what-it-doesnt-a-brief-introduction-to-the-program/

 

       Note: Sometimes AV's thinks Rkill is infected, this isn't true, it's just a false-positive. Just let it terminate the malware processes. Provide the Rkill log.

 

:step2: Download Malwarebytes Anti-Rootkit from HERE to your Desktop.

  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#7 bcbk19

bcbk19
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 09 August 2013 - 07:05 PM

The error message no longer shows up but as for the logs relating to MBAM, TDSS, and ESET scanner, should I run them again and remove the threats or let it be?

 

:step1: Rkill log

 

 Rkill 2.6.0 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 08/09/2013 08:10:28 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 08/09/2013 08:10:35 PM
Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)
 
 
:step2: Malwarebytes Anti-Rootkit log
 

mbar-log

Malwarebytes Anti-Rootkit BETA 1.06.1.1005
www.malwarebytes.org
 
Database version: v2013.08.09.07
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Peng :: PENG-PC [administrator]
 
8/9/2013 8:14:24 PM
mbar-log-2013-08-09 (20-14-24).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 268969
Time elapsed: 11 minute(s), 2 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 

system-log

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.1.1005
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 9.0.8112.16421
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8492589056, free: 5732773888
 
Downloaded database version: v2013.08.08.01
Downloaded database version: v2013.08.08.02
Downloaded database version: v2013.08.08.03
Downloaded database version: v2013.08.08.04
Downloaded database version: v2013.08.08.05
Downloaded database version: v2013.08.08.06
Downloaded database version: v2013.08.08.07
Downloaded database version: v2013.08.09.01
Downloaded database version: v2013.08.09.02
Downloaded database version: v2013.08.09.03
Downloaded database version: v2013.08.09.04
Downloaded database version: v2013.08.09.05
Downloaded database version: v2013.08.09.06
Downloaded database version: v2013.08.09.07
Initializing...
------------ Kernel report ------------
     08/09/2013 20:14:21
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\nvkflt.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\Netwsw00.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\AMPPAL.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\iwdbus.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\CtClsFlt.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\TurboB.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\nsi.dll
\Windows\System32\urlmon.dll
\Windows\System32\msctf.dll
\Windows\System32\sechost.dll
\Windows\System32\imagehlp.dll
\Windows\System32\oleaut32.dll
\Windows\System32\shell32.dll
\Windows\System32\gdi32.dll
\Windows\System32\ole32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\difxapi.dll
\Windows\System32\clbcatq.dll
\Windows\System32\iertutil.dll
\Windows\System32\ws2_32.dll
\Windows\System32\usp10.dll
\Windows\System32\Wldap32.dll
\Windows\System32\normaliz.dll
\Windows\System32\psapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\imm32.dll
\Windows\System32\wininet.dll
\Windows\System32\lpk.dll
\Windows\System32\setupapi.dll
\Windows\System32\user32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\kernel32.dll
\Windows\System32\crypt32.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\KernelBase.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007b7e060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa8007454050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007b7e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007b7eb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007b7e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007452950, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007454050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F81D3ED0
 
Partition information:
 
    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
 
    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 206848  Numsec = 30720000
    Partition file system is NTFS
    Partition is bootable
 
    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 30926848  Numsec = 1434220272
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 750156374016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1465129168-1465149168)...
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_1_206848_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished

Edited by bcbk19, 09 August 2013 - 07:44 PM.


#8 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:27 PM

Posted 10 August 2013 - 04:11 AM

Run ESET one more time and this time check "Remove found threats".

 

===

 

:step1: My advice is to keep your computer up to date with Windows Updates, Java and Adobe Reader and Flash Player.

 

:step2: Use WOT to inspect sites if they are safe or not :http://www.mywot.com/

 

:step3: A good working AntiVirus is also important. I personally advice Avast free or Avira. MSE it's detection is not so great.

 

:step4: Let's check how good your security is:

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • Notepad document should open automatically called checkup.txt; please post the contents of that document.

NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#9 bcbk19

bcbk19
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 11 August 2013 - 04:26 PM

:step4: SecurityCheck log

 

 Results of screen317's Security Check version 0.99.72  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
McAfee VirusScan Enterprise   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 25  
 Adobe Flash Player 11.8.800.94  
 Adobe Reader XI  
 Mozilla Firefox 12.0 Firefox out of Date!  
 Google Chrome 28.0.1500.72  
 Google Chrome 28.0.1500.95  
````````Process Check: objlist.exe by Laurent````````  
 McAfee VirusScan Enterprise vstskmgr.exe  
 McAfee VirusScan Enterprise mfeann.exe  
 McAfee VirusScan Enterprise SHSTAT.EXE  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log`````````````````````` 


#10 GodfatherKing

GodfatherKing

  • Members
  • 587 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:27 PM

Posted 12 August 2013 - 03:08 AM

:step1: Firefox needs update (very important), new version is 22.

 

===

 

Happy and safe browsing again.  :warrior:


If you have received help from me and I don't have respond to you for almost >= 3 days, send me a Private Message.  :hello:


#11 bcbk19

bcbk19
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:12:27 PM

Posted 12 August 2013 - 04:33 PM

Thank you very much!  :thumbup2:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users