Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Bank Fraud! PC on Network w/ comprised PC. TDL3 Root?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Bank Fraud! PC on Network w/ comprised PC. TDL3 Root?

Unread postby Confounded » January 15th, 2012, 2:13 pm

Please can you refer to my last topic below.

viewtopic.php?f=11&t=58703.

That PC(1) while infected passed all Antivirus cans with a trace of infection. After it was diagnosed here on Mlawareremoval.com, that box was reformatted and had Win XPpro reinstalled as recommended. A few days later we had a call from our bank and yes, our account was hacked and a new admin was added, new payees were added and payments set up to go out. Lots of them! Lucily we stopped it, thanks to your help! An impressive hack as that accont had two sets of 8 digits strong passwords where 3 random digits are chosen for access. 3 failed attempts before account is locked.

Anyway I need somemore information about that PC please. Can somepne please help me and tell me what entries refer to the rootkit and anything more about what can see from the DDS logs from that PC? I am working with Bank fraud IT foresenics team, but I do not have information to give them.

Another problem the PC above was on same network 2 other PCs.

Hi DDS Logs posted now are from another PC(2) (WIN7 ULT) on same Network and Workgroup as the compromised PC which had been compromised.
It runs clean on McAffee, Malwarebytes, awrMBR, Kasperspy TDSSKiller,

Here are the DDS LOGS from PC2. One states warning possible TDL3 Rootkit infection!
------------------------------------------------------------.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Medion at 22:56:15 on 2012-01-12
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.44.1033.18.3067.1458 [GMT 0:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Windows\system32\atashost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k ipripsvc
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\StkCSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\VoipCheapCom\voipcheapcom.exe
C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\iobit\Advanced SystemCare 5\ASCTray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Medion\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\svchost.exe -k HPHNDUService
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Users\Medion\Desktop\BLEEDING\aswMBR.exe
C:\Program Files\microsoft office\Office12\OUTLOOK.EXE
C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Users\Medion\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://google.co.uk/
mDefault_Search_URL = hxxp://www.google.com/ie
mSearch Bar = hxxp://www.google.com/ie
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = local;*.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - c:\program files\iobit toolbar\ie\4.9\iobitToolbarIE.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - c:\program files\iobit toolbar\ie\4.9\iobitToolbarIE.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111220230225.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: IObit Toolbar: {0bda0769-fd72-49f4-9266-e1fb004f4d8f} - c:\program files\iobit toolbar\ie\4.9\iobitToolbarIE.dll
TB: The Pirate Bay Toolbar: {5b291e6c-9a74-4034-971b-a4b007a0b313} -
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [VoipCheapCom] "c:\program files\voipcheapcom\voipcheapcom.exe" -nosplash -minimized
uRun: [cdloader] "c:\users\medion\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [Google Update] "c:\users\medion\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [784F1CD9974C91F5E55E6EF9914DD61C9F719E3A._service_run] "c:\users\medion\appdata\local\google\chrome\application\chrome.exe" --type=service
uRun: [Advanced SystemCare 5] "c:\program files\iobit\advanced systemcare 5\ASCTray.exe" /AutoStart
uRun: [AuctionSentry] c:\program files\auction sentry 4\AuctionSentry.exe
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [SearchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
StartupFolder: c:\users\medion\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\medion\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: intuit.com\ttlc
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
DPF: {3D19135C-6D38-44AD-80F0-D9318F48726D} - hxxp://appserver.dca.broadvoice.com/com ... utlook.CAB
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftup ... 0573484478
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/i ... ction2.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://cisco.webex.com/client/T27L10NS ... atgpc1.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{0A195CFF-53BE-4AC6-A6E6-A08D812FE459} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{48545A51-F61D-4502-A47A-AE3F806F20B8} : DhcpNameServer = 192.168.1.254
TCP: Interfaces\{48545A51-F61D-4502-A47A-AE3F806F20B8}\75C414E4144435C4 : DhcpNameServer = 154.15.207.130 154.15.207.134
TCP: Interfaces\{48545A51-F61D-4502-A47A-AE3F806F20B8}\C696E6B6379737 : DhcpNameServer = 208.94.80.254 208.94.81.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Handler: x-excid - {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\windows\downloaded program files\mimectl.dll
Hosts: 74.208.10.249 gs.apple.com
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-3-13 464176]
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-12-20 165680]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2011-11-7 56208]
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-10-11 15672]
R1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\drivers\mfenlfk.sys [2011-12-20 64880]
R1 RapportCerberus_34302;RapportCerberus_34302;c:\programdata\trusteer\rapport\store\exts\rapportcerberus\34302\RapportCerberus32_34302.sys [2011-12-15 228208]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2011-11-7 71440]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2011-11-7 164112]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 KMDFMEMIO;SAMSUNG Kernel Driver;c:\windows\system32\drivers\KMDFMEMIO.sys [2009-5-29 13312]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-4-14 45736]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-12-20 57600]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.2;c:\windows\system32\drivers\libusb0.sys [2011-7-23 42592]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-12 20464]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-12-20 180816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-12-20 59456]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-12-20 338176]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2010-1-28 66664]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;c:\windows\system32\drivers\StkCMini.sys [2009-5-29 1363088]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 ECS_Loader_220;Digital TV Receiver Firmware Loader 5.10.31.0;c:\windows\system32\drivers\ECS_Loader_220.sys [2005-10-31 15616]
S3 FileMonitor;FileMonitor;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\FileMonitor.sys [2012-1-10 18768]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-30 39272]
S3 hugoio;hugoio;c:\windows\system32\drivers\hugoio.sys [2011-4-9 9760]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-12-20 87656]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2012-1-12 18432]
S3 NWDellModem;Dell Wireless Mobile Broadband Modem Driver;c:\windows\system32\drivers\nwdelmdm.sys [2006-11-3 92160]
S3 NWDellPort;Dell Wireless Mobile Broadband Status Port Driver;c:\windows\system32\drivers\nwdelser.sys [2006-11-3 92160]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-6-23 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-23 52224]
S3 UrlFilter;UrlFilter;c:\program files\iobit\iobit malware fighter\drivers\win7_x86\UrlFilter.sys [2012-1-10 19792]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-14 17920]
.
=============== Created Last 30 ================
.
2012-01-12 16:59:48 -------- d-----w- c:\users\medion\appdata\roaming\Malwarebytes
2012-01-12 16:59:31 -------- d-----w- c:\programdata\Malwarebytes
2012-01-12 16:59:28 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-12 16:59:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-12 16:55:32 -------- d-----w- c:\windows\MATS
2012-01-12 16:55:32 -------- d-----w- c:\program files\Microsoft Fix it Center
2012-01-12 16:53:02 18432 ----a-w- c:\windows\system32\drivers\netaapl.sys
2012-01-12 14:58:44 -------- d-----w- c:\users\medion\appdata\roaming\OfficeRecovery
2012-01-12 14:37:50 -------- d-----w- c:\users\medion\appdata\local\{8ABEDF69-65AC-4373-948F-E8D2AB5D28FE}
2012-01-12 14:36:52 -------- d-----w- c:\users\medion\appdata\local\{589A3744-5A90-4BD7-8BF6-5AD795FA007A}
2012-01-12 13:25:15 -------- d-----w- c:\program files\common files\SWF Studio
2012-01-12 13:08:23 -------- d-----w- c:\users\medion\appdata\local\{1331E6B4-1D5F-4F45-8261-85BDD933A61C}
2012-01-12 01:26:11 -------- d-----w- c:\users\medion\appdata\local\{005DDE0A-4B60-41DC-8FD5-18A8341542AE}
2012-01-11 14:15:13 -------- d-----w- C:\TDSSKiller_Quarantine
2012-01-11 13:24:48 -------- d-----w- c:\users\medion\appdata\local\{6DBA7396-3234-499E-95A6-BE29F743A5E3}
2012-01-11 13:24:16 -------- d-----w- c:\users\medion\appdata\local\{C8B7C4E9-4E08-4DBD-BF1A-F3DC18E706D7}
2012-01-10 01:10:05 -------- d-----w- c:\program files\IObit Toolbar
2012-01-10 01:10:05 -------- d-----w- c:\program files\common files\Spigot
2012-01-10 01:10:05 -------- d-----w- c:\program files\Application Updater
2012-01-10 00:59:17 -------- d-----w- c:\users\medion\appdata\local\{72F1AB8B-4D17-4391-A6A3-41275DAEB30C}
2012-01-10 00:58:30 -------- d-----w- c:\users\medion\appdata\local\{1FD0DD62-D992-4BDD-B85B-E158DE2AB76E}
2012-01-09 21:54:55 -------- d-----w- c:\users\medion\appdata\roaming\HpUpdate
2012-01-09 21:54:50 -------- d-----w- c:\windows\Hewlett-Packard
2011-12-28 14:23:49 -------- d-----w- c:\users\medion\appdata\local\{3C0D776D-047B-42F5-9D4A-CAA41AD29AD0}
2011-12-28 14:23:38 -------- d-----w- c:\users\medion\appdata\local\{EE4BDD4A-002C-4E17-9111-FF4A875C8295}
2011-12-28 02:23:23 -------- d-----w- c:\users\medion\appdata\local\{B271C9EA-F180-461F-868E-8D0033AFA5B6}
2011-12-28 02:23:12 -------- d-----w- c:\users\medion\appdata\local\{E6FB7199-0016-4EDA-AB6A-2E8AB932F480}
2011-12-27 14:22:57 -------- d-----w- c:\users\medion\appdata\local\{6A462480-2BF1-46DC-B374-AEC04356B31C}
2011-12-27 14:22:45 -------- d-----w- c:\users\medion\appdata\local\{7F72A6B5-9E06-4F38-8D3A-CF285408A756}
2011-12-27 02:22:31 -------- d-----w- c:\users\medion\appdata\local\{A60BC8B6-D183-4336-8048-33AD6BCF3738}
2011-12-27 02:22:19 -------- d-----w- c:\users\medion\appdata\local\{4BBA21AA-D165-43CE-B817-E24061BC04F6}
2011-12-26 14:22:04 -------- d-----w- c:\users\medion\appdata\local\{4EF95EA5-885E-412F-939B-0AAF7C308A30}
2011-12-26 14:21:52 -------- d-----w- c:\users\medion\appdata\local\{77765E9D-C40A-4321-981B-5F46E3CA4B4E}
2011-12-26 02:21:37 -------- d-----w- c:\users\medion\appdata\local\{B4DBC98F-E8F5-4341-9A89-D039B0A71C94}
2011-12-26 02:21:25 -------- d-----w- c:\users\medion\appdata\local\{3FFB65C5-EB14-4098-BF30-86C0700CA6F0}
2011-12-25 14:21:11 -------- d-----w- c:\users\medion\appdata\local\{A011A275-9E3A-4CEA-A82E-8002D975A1D4}
2011-12-25 14:20:59 -------- d-----w- c:\users\medion\appdata\local\{22F78A15-F9D5-4959-BFA0-06929B212A81}
2011-12-25 02:20:45 -------- d-----w- c:\users\medion\appdata\local\{97CB25C5-47A9-4699-931F-6636636EB0E3}
2011-12-25 02:20:33 -------- d-----w- c:\users\medion\appdata\local\{F49D0641-46E2-4E98-A049-8918398DEA6C}
2011-12-24 14:20:20 -------- d-----w- c:\users\medion\appdata\local\{151C5983-CE04-4DBA-94FB-A9530D36D2DB}
2011-12-24 14:20:09 -------- d-----w- c:\users\medion\appdata\local\{141AF401-06CE-4693-93FF-B517B34D7768}
2011-12-24 02:19:56 -------- d-----w- c:\users\medion\appdata\local\{BBAED728-C89A-4A36-94C3-3D45A8314B93}
2011-12-24 02:19:45 -------- d-----w- c:\users\medion\appdata\local\{439FA60A-A26B-4BC5-982C-B997DB65BDB4}
2011-12-23 14:19:30 -------- d-----w- c:\users\medion\appdata\local\{61C38024-1136-4DEA-9B5B-DD6F8FD52AFA}
2011-12-23 14:19:16 -------- d-----w- c:\users\medion\appdata\local\{8B030EB8-F5AC-4A3B-ACBA-534BA66E4B31}
2011-12-23 02:19:02 -------- d-----w- c:\users\medion\appdata\local\{B26D2ADF-B614-4EF1-9EED-13AE6637E78D}
2011-12-23 02:18:50 -------- d-----w- c:\users\medion\appdata\local\{1F0D8981-8702-4960-8B2B-C8B847BE09F7}
2011-12-22 14:18:34 -------- d-----w- c:\users\medion\appdata\local\{4B3ED264-86D7-4E7E-953D-6DFEF64BCE9B}
2011-12-22 14:18:22 -------- d-----w- c:\users\medion\appdata\local\{4A4E602F-C8AE-4A49-B9F5-69546EC222C2}
2011-12-22 02:18:05 -------- d-----w- c:\users\medion\appdata\local\{103DC480-3F91-439C-8CAE-7A2333B63F10}
2011-12-22 02:17:53 -------- d-----w- c:\users\medion\appdata\local\{00D48A2B-2143-44D7-97F7-4B918A41FDF5}
2011-12-21 14:17:27 -------- d-----w- c:\users\medion\appdata\local\{662233D5-EF79-4942-A622-F402B918D930}
2011-12-21 14:17:16 -------- d-----w- c:\users\medion\appdata\local\{D2AE6C51-7A14-4C15-9958-DEC7CA769C70}
2011-12-21 02:16:58 -------- d-----w- c:\users\medion\appdata\local\{C1CF4FC4-A06B-4B03-9831-42CE50D8BEBF}
2011-12-21 02:16:47 -------- d-----w- c:\users\medion\appdata\local\{C8FB0B19-6F2A-42D8-8F75-2748FC50E898}
2011-12-20 18:05:09 9608 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2011-12-20 18:03:16 87656 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2011-12-20 18:03:16 64880 ----a-w- c:\windows\system32\drivers\mfenlfk.sys
2011-12-20 18:03:16 165680 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2011-12-20 18:03:15 59456 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2011-12-20 18:03:15 57600 ----a-w- c:\windows\system32\drivers\cfwids.sys
2011-12-20 18:03:15 338176 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2011-12-20 18:03:15 180816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2011-12-20 18:03:02 -------- d-----w- c:\program files\common files\Mcafee
2011-12-20 18:03:01 -------- d-----w- c:\program files\McAfee.com
2011-12-20 18:01:41 150856 ----a-w- c:\windows\system32\mfevtps.exe
2011-12-20 14:16:16 -------- d-----w- c:\users\medion\appdata\local\{7F4C3420-1D73-4897-B21D-C28930719E8C}
2011-12-20 14:16:04 -------- d-----w- c:\users\medion\appdata\local\{918E6C63-64ED-4947-B428-F517F7BDA447}
2011-12-20 02:15:47 -------- d-----w- c:\users\medion\appdata\local\{21DA5029-DA81-48E3-8DE3-B2EA1768107D}
2011-12-20 02:15:35 -------- d-----w- c:\users\medion\appdata\local\{7AE958BC-EEC4-45E5-BF46-7C0B1C480004}
2011-12-19 14:15:19 -------- d-----w- c:\users\medion\appdata\local\{84A8D585-0346-4F28-B469-7014D9CDB188}
2011-12-19 14:15:08 -------- d-----w- c:\users\medion\appdata\local\{77D75C52-51BC-4D28-A0F2-1D2A582D6F01}
2011-12-19 02:14:52 -------- d-----w- c:\users\medion\appdata\local\{D971AC74-53CF-4294-A398-D24BFF2C8E21}
2011-12-19 02:14:41 -------- d-----w- c:\users\medion\appdata\local\{6C9D3B99-0F10-4759-8EBC-19133C6459C9}
2011-12-18 14:14:28 -------- d-----w- c:\users\medion\appdata\local\{9B6715CE-193A-49A5-80C2-7F26B50B0519}
2011-12-18 14:14:17 -------- d-----w- c:\users\medion\appdata\local\{67F87DBD-252B-4432-8797-560CE5A9CBDA}
2011-12-18 02:14:01 -------- d-----w- c:\users\medion\appdata\local\{AF5220E9-EEFF-4063-A0FD-9C1DFE73659F}
2011-12-18 02:13:50 -------- d-----w- c:\users\medion\appdata\local\{0A2F5991-E2F8-4383-8D87-6D7365B7CA59}
2011-12-17 14:13:35 -------- d-----w- c:\users\medion\appdata\local\{037B11D1-C09B-47D6-9EF6-BCCAEA15D8C4}
2011-12-17 14:13:23 -------- d-----w- c:\users\medion\appdata\local\{9C58B9AD-DFA7-42F5-9276-F129BC031B63}
2011-12-17 02:13:06 -------- d-----w- c:\users\medion\appdata\local\{1FD8170A-4148-4EFF-9538-27D903CC5949}
2011-12-17 02:12:54 -------- d-----w- c:\users\medion\appdata\local\{168DDC1F-97BC-4105-816C-183886C808CC}
2011-12-16 14:12:34 -------- d-----w- c:\users\medion\appdata\local\{075DE090-AC9B-405F-A0F6-68C176C353F6}
2011-12-16 14:12:22 -------- d-----w- c:\users\medion\appdata\local\{A50F7B8D-D53B-4BD1-A4E6-969DB0D04D39}
2011-12-16 02:12:04 -------- d-----w- c:\users\medion\appdata\local\{E30E6471-24EF-4486-B4A6-16D6FE5837D3}
2011-12-16 02:11:52 -------- d-----w- c:\users\medion\appdata\local\{B905B699-9866-41F9-A156-D9F9FF25F9D3}
2011-12-15 21:16:17 -------- d-----w- c:\program files\QuickenUK
2011-12-15 14:11:36 -------- d-----w- c:\users\medion\appdata\local\{3B1C5FB6-3672-4D48-AE39-7A24F258AF76}
2011-12-15 14:11:25 -------- d-----w- c:\users\medion\appdata\local\{57D3D41B-49D8-4FB2-9615-A35CF7667467}
2011-12-15 12:46:05 4199768 ----a-w- c:\windows\system32\cdintf400.dll
2011-12-15 09:58:51 -------- d-----w- c:\users\medion\appdata\local\IsolatedStorage
2011-12-15 09:58:28 -------- d-----w- c:\program files\TurboTax
2011-12-15 02:11:10 -------- d-----w- c:\users\medion\appdata\local\{7C6044B2-8AC1-4A2F-ACCD-A7434AB16110}
2011-12-15 02:10:59 -------- d-----w- c:\users\medion\appdata\local\{372842E4-368F-40E4-84DF-91E5075DABAB}
2011-12-15 00:01:07 2342912 ----a-w- c:\windows\system32\win32k.sys
2011-12-15 00:00:59 2048 ----a-w- c:\windows\system32\tzres.dll
2011-12-15 00:00:21 534528 ----a-w- c:\windows\system32\EncDec.dll
2011-12-15 00:00:19 38912 ----a-w- c:\windows\system32\csrsrv.dll
2011-12-15 00:00:16 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-12-15 00:00:15 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-12-14 22:48:17 306 ----a-w- c:\windows\myClean.bat
2011-12-14 22:37:12 -------- d-----w- c:\program files\iPod
2011-12-14 22:37:09 -------- d-----w- c:\program files\iTunes
2011-12-14 21:01:23 74848 ----a-w- c:\windows\system32\MfeOtlkAddin.dll
2011-12-14 21:01:23 22816 ----a-w- c:\windows\system32\MFEOtlk.dll
2011-12-14 20:53:12 -------- d-----w- c:\users\medion\appdata\roaming\McAfee
2011-12-14 20:50:07 -------- d-----w- c:\program files\McAfee
2011-12-14 14:10:45 -------- d-----w- c:\users\medion\appdata\local\{79C034D6-B134-47AC-81F2-26687CF68F40}
2011-12-14 14:10:34 -------- d-----w- c:\users\medion\appdata\local\{18DEDA00-65CB-426D-9326-CD595233F63C}
2011-12-14 02:10:20 -------- d-----w- c:\users\medion\appdata\local\{F1BBC2DE-0DEC-41E5-AD75-07FEDAA1758D}
2011-12-14 02:10:10 -------- d-----w- c:\users\medion\appdata\local\{AC6A1AA9-7B80-4642-9A5D-B8D9B2BC48D4}
.
==================== Find3M ====================
.
2011-11-21 14:02:54 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-11-07 21:28:38 56208 ----a-w- c:\windows\system32\drivers\RapportKELL.sys
2011-11-03 22:47:42 1798144 ----a-w- c:\windows\system32\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2011-10-24 13:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2011-10-24 13:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts
2011-10-19 22:15:50 20312 ----a-w- c:\windows\system32\RegistryDefragBootTime.exe
2011-10-15 13:16:16 464176 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2011-10-15 13:16:16 121256 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2005-07-25 06:41:49 110657 ----a-w- c:\program files\common files\UninstallDrv.exe
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601 Disk: SAMSUNG_HM320JI rev.2SS00_01 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
.
device: opened successfully
user: MBR read successfully
.
Disk trace:
called modules: >>UNKNOWN [0x83850000]<< >>UNKNOWN [0x8D2B9000]<< >>UNKNOWN [0x8D2A8000]<< >>UNKNOWN [0x8CBB1000]<< >>UNKNOWN [0x83819000]<< >>UNKNOWN [0x8CAD3000]<< >>UNKNOWN [0x8CADA000]<< >>UNKNOWN [0x8CBA8000]<<
_asm { DEC EBP; POP EDX; NOP ; ADD [EBX], AL; ADD [EAX], AL; ADD [EAX+EAX], AL; ADD [EAX], AL; }
1 nt!IofCallDriver[0x8387EFAE] -> \Device\Harddisk0\DR0[0x870B03B8]
\Driver\Disk[0x870AF030] -> IRP_MJ_CREATE -> 0x8D2BD39F
3 [0x8D2BD59E] -> nt!IofCallDriver[0x8387EFAE] -> \Device\Ide\IdeDeviceP0T0L0-0[0x86BD8030]
\Driver\atapi[0x86BD6D28] -> IRP_MJ_CREATE -> 0x8CBCB8CC
kernel: MBR read successfully
_asm { XOR AX, AX; MOV DS, AX; MOV ES, AX; MOV SS, AX; MOV SP, 0x7c00; MOV SI, SP; MOV DI, 0x600; MOV CX, 0x100; CLD ; REP MOVSW ; JMP FAR 0x60:0x1b; }
user & kernel MBR OK
Warning: possible TDL3 rootkit infection !.
============= FINISH: 22:59:28.75 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume2
Install Date: 14/11/2009 04:48:32
System Uptime: 12/01/2012 20:36:20 (2 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | Q210
Processor: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz | U2E1 | 2000/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 144 GiB total, 41.774 GiB free.
D: is FIXED (NTFS) - 144 GiB total, 129.281 GiB free.
E: is CDROM (CDFS)
F: is FIXED (FAT32) - 98 GiB total, 91.835 GiB free.
G: is FIXED (FAT32) - 98 GiB total, 72.933 GiB free.
H: is FIXED (NTFS) - 173 GiB total, 0.008 GiB free.
I: is FIXED (FAT32) - 98 GiB total, 65.918 GiB free.
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Atheros AR5007EG Wireless Network Adapter
Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_7131144F&REV_01\4&4B6D97C&0&00E0
Manufacturer: Atheros Communications Inc.
Name: Atheros AR5007EG Wireless Network Adapter
PNP Device ID: PCI\VEN_168C&DEV_001C&SUBSYS_7131144F&REV_01\4&4B6D97C&0&00E0
Service: athr
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 4500 G510n-z
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 4500 G510n-z
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP456: 01/12/2011 00:00:05 - Windows Update
RP457: 04/12/2011 19:00:32 - Windows Backup
RP458: 11/12/2011 19:00:44 - Windows Backup
RP459: 12/12/2011 16:35:55 - Removed HP Update
RP460: 12/12/2011 16:57:33 - Windows Update
RP461: 15/12/2011 09:59:16 - Installed TurboTax 2010 wrapper
RP462: 18/12/2011 19:00:47 - Windows Backup
RP464: 20/12/2011 16:15:38 - Windows Defender Checkpoint
RP465: 25/12/2011 19:00:54 - Windows Backup
RP466: 28/12/2011 14:35:25 - Installed Auction Sentry
RP467: 01/01/2012 19:00:29 - Windows Backup
RP468: 08/01/2012 19:00:51 - Windows Backup
RP469: 10/01/2012 00:31:31 - Windows Update
RP470: 10/01/2012 00:48:32 - Windows Update
RP472: 11/01/2012 14:04:11 - IObit Uninstaller restore point
RP473: 11/01/2012 14:28:22 - Windows Update
RP474: 12/01/2012 13:44:53 - Restore Operation
RP475: 12/01/2012 14:57:04 - Removed FreeUndelete
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
2007 Microsoft Office system
32 Bit HP CIO Components Installer
4500_G510nz_Help
4500G510nz
4500G510nz_Software_Min
Acronis Disk Director 11 Home
Adobe Acrobat - Reader 6.0.2 Update
Adobe Acrobat 6.0.1 Professional
Adobe Acrobat and Reader 6.0.3 Update
Adobe Acrobat and Reader 6.0.4 Update
Adobe Acrobat and Reader 6.0.5 Update
Adobe Acrobat and Reader 6.0.6 Update
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader 8.1.4
Advanced SystemCare 5
Agere Systems HDA Modem
Amazon MP3 Downloader 1.0.9
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros WLAN Client
Auction Sentry
Basic PAYE Tools
BBC iPlayer Desktop
BELKIN F5U109
Bonjour
BufferChm
Bullzip PDF Printer 7.1.0.1218
CCleaner
CDCheck
CDDRV_Installer
CyberLink DVD Suite
CyberLink Power2Go
D3DX10
Dell Mobile Broadband Card Utility
Destinations
DeviceDiscovery
DocMgr
DocProc
Dropbox
DVB-T USB 2.0
DYMO Label Software
e-Saver 1.0
Easy Battery Manager
Easy Display Manager
Easy Network Manager 3.0
Easy SpeedUp Manager
erLT
Fax
ffdshow
Free HD Converter V 2.0
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
GPL Ghostscript Lite 8.70
HP Customer Participation Program 13.0
HP Document Manager 2.0
HP Imaging Device Functions 13.0
HP Officejet 4500 G510n-z
HP Product Detection
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPProductAssistant
HPSSupply
iCloud
imagine digital freedom - Samsung
IObit Malware Fighter
IObit Toolbar v4.9
iTunes
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
KhalInstallWrapper
LabelPrint
LibUSB-Win32-0.1.12.2
LightScribe Applications
LightScribe System Software
LightScribe Template Labeler
Logitech SetPoint
magicJack
magicJack Outlook Add-In 1.0.3.521
Malwarebytes Anti-Malware version 1.60.0.1800
MarketResearch
McAfee SecurityCenter
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Fix it Center
Microsoft IntelliPoint 8.2
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Outlook Web Access S/MIME
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SOAP Toolkit 2.0 SP2
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MobileMe Control Panel
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA PhysX
OCR Software by I.R.I.S. 13.0
OGA Notifier 2.0.0048.0
Palm Desktop
Play AVStation
Play Camera
PowerDirector
PowerDVD
PowerProducer
Quicken 2004
Quicken 2011
QuickTime
RapidShare Manager
Rapport
Realtek High Definition Audio Driver
Samsung Magic Doctor
Samsung Recovery Solution III
Samsung Update Plus
Satellite Antenna Alignment v2.80.0
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Shop for HP Supplies
Smart Defrag 2
SmartWebPrinting
SolutionCenter
Status
SureThing CD Labeler Deluxe Trial
Synaptics Pointing Device Driver
Toolbox
TouchCopy 11
TrayApp
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2596560)
USB2.0 UVC 1.3M WebCam
USB2.0 UVC WebCam
User Guide
Visual C++ 8.0 x86 Runtime Setup Package
VoipCheapCom
WebEx
WebReg
WIDCOMM Bluetooth Software 6.0.1.6300
WiFi Engine
Win7codecs
Windows Installer Clean Up
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Center
WinRAR archiver
X-Lite 2.0 release 1105x
.
==== Event Viewer Messages From Past Week ========
.
12/01/2012 22:52:21, Error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).
12/01/2012 22:52:21, Error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 22:52:21, Error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 22:52:21, Error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 22:52:21, Error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 22:52:21, Error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 20:40:04, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service service to connect.
12/01/2012 20:40:04, Error: Service Control Manager [7000] - The Intuit Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/01/2012 20:38:16, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
12/01/2012 20:37:01, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x82094efc, 0x80dbeb30, 0x80dbe710). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 011212-34991-01.
12/01/2012 14:37:32, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Scanner service to connect.
12/01/2012 14:37:32, Error: Service Control Manager [7000] - The McAfee Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/01/2012 14:37:32, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MCODS with arguments "" in order to run the server: {C98F04D7-CD30-4BB0-B7D7-8DD7448520F2}
12/01/2012 14:34:35, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
12/01/2012 14:28:53, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
12/01/2012 14:08:22, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running.
12/01/2012 14:08:22, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error: An instance of the service is already running.
12/01/2012 14:08:22, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error: An instance of the service is already running.
12/01/2012 14:07:22, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Shell Hardware Detection service, but this action failed with the following error: An instance of the service is already running.
12/01/2012 14:07:22, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running.
12/01/2012 14:06:22, Error: Service Control Manager [7034] - The Application Information service terminated unexpectedly. It has done this 1 time(s).
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Windows Update service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 14:06:22, Error: Service Control Manager [7031] - The Application Experience service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/01/2012 14:04:17, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding
12/01/2012 13:17:38, Error: Microsoft-Windows-Service Pack Installer [8] - Service Pack installation failed with error code 0x800f0a03.
11/01/2012 20:44:26, Error: Service Control Manager [7030] - The EVFPUYDSK service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
11/01/2012 20:07:33, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
11/01/2012 14:35:35, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000010d (0x0000000d, 0x8a93e500, 0x8adae368, 0x8a93cdd8). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 011112-32354-01.
11/01/2012 14:33:22, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f020b: DYMO - printer - DYMO LabelWriter DUO Tape.
11/01/2012 13:18:35, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x95c75efc, 0x80dc2b30, 0x80dc2710). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 011112-34741-01.
10/01/2012 01:35:34, Error: Service Control Manager [7030] - The YNEZZYWKD service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/01/2012 01:31:23, Error: Service Control Manager [7030] - The UJP service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/01/2012 01:30:01, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
10/01/2012 00:53:20, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007e (0xc0000005, 0x9548aefc, 0x80dbeb30, 0x80dbe710). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 011012-84630-01.
10/01/2012 00:51:11, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNASvc service.
10/01/2012 00:49:28, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x800f024b: DYMO - printer - DYMO LabelWriter DUO Tape.
10/01/2012 00:33:39, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070012: DYMO - printer - DYMO LabelWriter DUO Label.
10/01/2012 00:20:24, Error: Service Control Manager [7030] - The XRQIXPCMMCS service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/01/2012 00:19:41, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the QFNPWBKEOJ service to connect.
10/01/2012 00:19:41, Error: Service Control Manager [7000] - The QFNPWBKEOJ service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/01/2012 00:19:11, Error: Service Control Manager [7030] - The QFNPWBKEOJ service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
10/01/2012 00:18:54, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the DIEMXLE service to connect.
10/01/2012 00:18:54, Error: Service Control Manager [7000] - The DIEMXLE service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/01/2012 00:18:24, Error: Service Control Manager [7030] - The DIEMXLE service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
.
==== End Of File ===========================
Confounded
Active Member
 
Posts: 12
Joined: December 20th, 2011, 7:16 pm
Advertisement
Register to Remove

Re: Bank Fraud! PC on Network w/ comprised PC. TDL3 Root?

Unread postby MWR 3 day Mod » January 18th, 2012, 5:46 pm

Hi,

We are sorry to see your topic is over three days old and no one has yet been able to respond and offer help.

If you still require assistance, please post a link to your topic in our Waiting for help with malware removal? forum, and our staff will make an effort to assist you as promptly as possible. Only post a LINK to this topic, DO NOT post your DDS log!

Please do not reply to this topic.

If you haven't posted within two days in the "Waiting for help with malware removal?" forum, we will assume you have been able to get assistance in other ways and this topic will be closed.
MWR 3 day Mod
MRU Undergrad
MRU Undergrad
 
Posts: 2534
Joined: April 4th, 2008, 8:40 am

Re: Bank Fraud! PC on Network w/ comprised PC. TDL3 Root?

Unread postby mambass » January 19th, 2012, 11:10 am

Hi Confounded, :)

Welcome to the forum.

My nickname is mambass and I'll be helping you with any malware problems.

Before we begin...please read and follow these important guidelines so things will proceed smoothly.

  1. If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. Please read all instructions carefully before executing them and perform the steps in the order given.
    lf you have any questions or problems executing these instructions then <<STOP>> do not proceed but rather post back with the question or problem.
  4. Your security programs may give warnings for some of the tools I will ask you to use. Be assured that any links I give are safe.
  5. You must have Administrator rights permissions for this computer.
  6. DO NOT run any other fix or removal tools unless instructed to do so!
  7. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  8. Only post your problem at one (1) help site. Applying fixes from multiple help sites can cause problems.
  9. Only reply to this thread. Do not start another thread.
  10. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  11. You might want to place a link to this thread in your Favorites/Bookmarks for easy access.
  12. No Reply Within 3 Days Will Result In Your Topic Being Closed! Please let me know in advance if you will not be able to reply within this time limit.
  13. The logs I request can take a while to research so please be patient.
  14. I am currently in training at Malware Removal University. Each set of instructions that I provide will be reviewed by a faculty member before being posted to this thread. This process may add a small amount of time to my replies. On the positive side you will have two people working together to resolve your malware issues.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection. I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system or to necessitate you taking your computer to a repair shop.

Because of this I advise you to backup any personal files and folders before you start.

How to back up or transfer your data on a Windows-based computer

-----------------------------------------------------------

I am currently reviewing your log and will return as soon as possible with additional instructions.

Thanks,

mambass
User avatar
mambass
Retired Graduate
 
Posts: 826
Joined: April 23rd, 2010, 9:26 am

Re: Bank Fraud! PC on Network w/ comprised PC. TDL3 Root?

Unread postby Confounded » January 19th, 2012, 4:56 pm

Hello Mambass,
Welcome onboard. :hello1:

Its been over a week now so I am anxious :bounce: to know first off what you see, before we spend another week running programs and generating logs to check.

As I have posted we have had bank fraud from an infected box on the network. That machine was reformatted and OS re installed. I never learned from MalwareRemoval Forum what the infection was. BUt there is link in this thread to those logs from that PC.

Most of my Data is backed up. I'll do a double backup to make we are safe.

Waiting for your reply.
Confounded
Active Member
 
Posts: 12
Joined: December 20th, 2011, 7:16 pm

Re: Bank Fraud! PC on Network w/ comprised PC. TDL3 Root?

Unread postby Confounded » January 23rd, 2012, 10:11 am

Here is a fresh TDSKiller Log.
Runs clean, but if options selected for

(x) verify driver digital signatures
(x) Detect TDFLS file system

I get (1) suspicious file, PCASp50.sys
I have no idea what this is for?

---------------------------------------------------


13:51:21.0667 5804 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
13:51:23.0700 5804 ============================================================
13:51:23.0701 5804 Current date / time: 2012/01/23 13:51:23.0700
13:51:23.0701 5804 SystemInfo:
13:51:23.0701 5804
13:51:23.0701 5804 OS Version: 6.1.7601 ServicePack: 1.0
13:51:23.0701 5804 Product type: Workstation
13:51:23.0701 5804 ComputerName: SAMSUNG-Q210
13:51:23.0709 5804 UserName: Medion
13:51:23.0709 5804 Windows directory: C:\Windows
13:51:23.0709 5804 System windows directory: C:\Windows
13:51:23.0709 5804 Processor architecture: Intel x86
13:51:23.0709 5804 Number of processors: 2
13:51:23.0709 5804 Page size: 0x1000
13:51:23.0709 5804 Boot type: Normal boot
13:51:23.0709 5804 ============================================================
13:51:26.0684 5804 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:51:26.0710 5804 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:51:26.0714 5804 Drive \Device\Harddisk2\DR2 - Size: 0x7820000 (0.12 Gb), SectorSize: 0x200, Cylinders: 0xF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:51:26.0894 5804 Initialize success
13:51:39.0532 1740 ============================================================
13:51:39.0532 1740 Scan started
13:51:39.0532 1740 Mode: Manual;
13:51:39.0532 1740 ============================================================
13:51:41.0385 1740 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:51:41.0461 1740 1394ohci - ok
13:51:41.0533 1740 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:51:41.0607 1740 ACPI - ok
13:51:41.0654 1740 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:51:41.0705 1740 AcpiPmi - ok
13:51:41.0764 1740 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:51:41.0780 1740 adp94xx - ok
13:51:41.0819 1740 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:51:41.0829 1740 adpahci - ok
13:51:41.0879 1740 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:51:41.0896 1740 adpu320 - ok
13:51:41.0967 1740 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
13:51:42.0077 1740 AFD - ok
13:51:42.0150 1740 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
13:51:42.0176 1740 AgereSoftModem - ok
13:51:42.0230 1740 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:51:42.0237 1740 agp440 - ok
13:51:42.0284 1740 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:51:42.0289 1740 aic78xx - ok
13:51:42.0334 1740 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:51:42.0341 1740 aliide - ok
13:51:42.0385 1740 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:51:42.0397 1740 amdagp - ok
13:51:42.0444 1740 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:51:42.0451 1740 amdide - ok
13:51:42.0501 1740 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:51:42.0506 1740 AmdK8 - ok
13:51:42.0552 1740 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:51:42.0558 1740 AmdPPM - ok
13:51:42.0611 1740 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
13:51:42.0730 1740 amdsata - ok
13:51:42.0903 1740 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:51:42.0950 1740 amdsbs - ok
13:51:42.0979 1740 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
13:51:43.0097 1740 amdxata - ok
13:51:43.0164 1740 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:51:43.0277 1740 AppID - ok
13:51:43.0341 1740 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:51:43.0349 1740 arc - ok
13:51:43.0403 1740 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:51:43.0417 1740 arcsas - ok
13:51:43.0466 1740 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:51:43.0475 1740 AsyncMac - ok
13:51:43.0527 1740 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:51:43.0528 1740 atapi - ok
13:51:43.0652 1740 athr (235056492f54268883ce3dea3acb9997) C:\Windows\system32\DRIVERS\athr.sys
13:51:43.0755 1740 athr - ok
13:51:43.0865 1740 avisfltr (acbd9b32206cb5d771393c8d038734ab) C:\Windows\system32\DRIVERS\avisfltr.sys
13:51:43.0930 1740 avisfltr - ok
13:51:43.0993 1740 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:51:44.0007 1740 b06bdrv - ok
13:51:44.0065 1740 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:51:44.0073 1740 b57nd60x - ok
13:51:44.0123 1740 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:51:44.0128 1740 Beep - ok
13:51:44.0191 1740 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:51:44.0204 1740 blbdrive - ok
13:51:44.0282 1740 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
13:51:44.0342 1740 bowser - ok
13:51:44.0395 1740 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:51:44.0407 1740 BrFiltLo - ok
13:51:44.0450 1740 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:51:44.0457 1740 BrFiltUp - ok
13:51:44.0514 1740 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\system32\DRIVERS\BrSerId.sys
13:51:44.0527 1740 Brserid - ok
13:51:44.0578 1740 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:51:44.0585 1740 BrSerWdm - ok
13:51:44.0626 1740 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:51:44.0629 1740 BrUsbMdm - ok
13:51:44.0697 1740 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\DRIVERS\BrUsbSer.sys
13:51:44.0703 1740 BrUsbSer - ok
13:51:44.0764 1740 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
13:51:44.0771 1740 BthEnum - ok
13:51:44.0819 1740 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:51:44.0828 1740 BTHMODEM - ok
13:51:44.0896 1740 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
13:51:44.0904 1740 BthPan - ok
13:51:44.0979 1740 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
13:51:45.0029 1740 BTHPORT - ok
13:51:45.0083 1740 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
13:51:45.0181 1740 BTHUSB - ok
13:51:45.0211 1740 btusbflt (f549c3fb145a4928e40bb1518b2034dc) C:\Windows\system32\drivers\btusbflt.sys
13:51:45.0317 1740 btusbflt - ok
13:51:45.0348 1740 btwaudio (3ea1a20dc0ca1ad23e7aa8c37a91bcd1) C:\Windows\system32\drivers\btwaudio.sys
13:51:45.0406 1740 btwaudio - ok
13:51:45.0428 1740 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
13:51:45.0536 1740 btwavdt - ok
13:51:45.0554 1740 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
13:51:45.0654 1740 btwrchid - ok
13:51:45.0714 1740 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:51:45.0722 1740 cdfs - ok
13:51:45.0773 1740 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
13:51:45.0826 1740 cdrom - ok
13:51:45.0917 1740 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
13:51:45.0985 1740 cfwids - ok
13:51:46.0032 1740 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:51:46.0040 1740 circlass - ok
13:51:46.0096 1740 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:51:46.0104 1740 CLFS - ok
13:51:46.0159 1740 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:51:46.0163 1740 CmBatt - ok
13:51:46.0210 1740 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:51:46.0214 1740 cmdide - ok
13:51:46.0285 1740 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
13:51:46.0371 1740 CNG - ok
13:51:46.0415 1740 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:51:46.0419 1740 Compbatt - ok
13:51:46.0483 1740 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
13:51:46.0549 1740 CompositeBus - ok
13:51:46.0595 1740 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:51:46.0600 1740 crcdisk - ok
13:51:46.0681 1740 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
13:51:46.0746 1740 CSC - ok
13:51:46.0808 1740 dc3d (7caaf4af453ef3582fef65dd72caa0aa) C:\Windows\system32\DRIVERS\dc3d.sys
13:51:46.0865 1740 dc3d - ok
13:51:46.0935 1740 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:51:46.0989 1740 DfsC - ok
13:51:47.0054 1740 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:51:47.0059 1740 discache - ok
13:51:47.0101 1740 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:51:47.0105 1740 Disk - ok
13:51:47.0175 1740 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
13:51:47.0186 1740 Dot4 - ok
13:51:47.0257 1740 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:51:47.0380 1740 Dot4Print - ok
13:51:47.0420 1740 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
13:51:47.0426 1740 dot4usb - ok
13:51:47.0494 1740 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:51:47.0502 1740 drmkaud - ok
13:51:47.0579 1740 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:51:47.0664 1740 DXGKrnl - ok
13:51:47.0818 1740 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:51:47.0875 1740 ebdrv - ok
13:51:48.0010 1740 ECS_Loader_220 (24b46483acc0d33783b89c7c0e4939f7) C:\Windows\system32\Drivers\ECS_Loader_220.sys
13:51:48.0138 1740 ECS_Loader_220 - ok
13:51:48.0238 1740 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:51:48.0261 1740 elxstor - ok
13:51:48.0314 1740 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:51:48.0318 1740 ErrDev - ok
13:51:48.0368 1740 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:51:48.0375 1740 exfat - ok
13:51:48.0422 1740 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:51:48.0431 1740 fastfat - ok
13:51:48.0501 1740 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:51:48.0506 1740 fdc - ok
13:51:48.0559 1740 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:51:48.0567 1740 FileInfo - ok
13:51:48.0808 1740 FileMonitor (6ae14fa726f6f3efe8adf6eb5ef75c33) C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
13:51:48.0916 1740 FileMonitor - ok
13:51:48.0958 1740 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:51:48.0964 1740 Filetrace - ok
13:51:49.0013 1740 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:51:49.0021 1740 flpydisk - ok
13:51:49.0092 1740 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:51:49.0106 1740 FltMgr - ok
13:51:49.0172 1740 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:51:49.0177 1740 FsDepends - ok
13:51:49.0241 1740 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
13:51:49.0354 1740 fssfltr - ok
13:51:49.0398 1740 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:51:49.0402 1740 Fs_Rec - ok
13:51:49.0464 1740 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:51:49.0625 1740 fvevol - ok
13:51:49.0676 1740 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:51:49.0689 1740 gagp30kx - ok
13:51:49.0736 1740 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:51:49.0803 1740 GEARAspiWDM - ok
13:51:49.0861 1740 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:51:49.0868 1740 hcw85cir - ok
13:51:49.0926 1740 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
13:51:49.0986 1740 HDAudBus - ok
13:51:50.0002 1740 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:51:50.0009 1740 HidBatt - ok
13:51:50.0046 1740 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:51:50.0052 1740 HidBth - ok
13:51:50.0227 1740 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:51:50.0238 1740 HidIr - ok
13:51:50.0294 1740 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
13:51:50.0400 1740 HidUsb - ok
13:51:50.0476 1740 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:51:50.0481 1740 HpSAMD - ok
13:51:50.0547 1740 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:51:50.0614 1740 HTTP - ok
13:51:50.0674 1740 hugoio (7deccb2612255f4b538976ad25da0d29) C:\Windows\system32\drivers\hugoio.sys
13:51:50.0728 1740 hugoio - ok
13:51:50.0789 1740 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:51:50.0858 1740 hwpolicy - ok
13:51:50.0910 1740 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:51:50.0919 1740 i8042prt - ok
13:51:50.0979 1740 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
13:51:51.0120 1740 iaStorV - ok
13:51:51.0187 1740 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:51:51.0199 1740 iirsp - ok
13:51:51.0346 1740 IntcAzAudAddService (ffd2b3bc042596abe785d3c15f51ab46) C:\Windows\system32\drivers\RTKVHDA.sys
13:51:51.0433 1740 IntcAzAudAddService - ok
13:51:51.0494 1740 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:51:51.0498 1740 intelide - ok
13:51:51.0562 1740 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:51:51.0572 1740 intelppm - ok
13:51:51.0639 1740 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:51:51.0646 1740 IpFilterDriver - ok
13:51:51.0701 1740 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:51:51.0754 1740 IPMIDRV - ok
13:51:51.0804 1740 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:51:51.0812 1740 IPNAT - ok
13:51:51.0894 1740 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:51:51.0899 1740 IRENUM - ok
13:51:51.0951 1740 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:51:51.0961 1740 isapnp - ok
13:51:52.0020 1740 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:51:52.0092 1740 iScsiPrt - ok
13:51:52.0139 1740 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:51:52.0143 1740 kbdclass - ok
13:51:52.0196 1740 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
13:51:52.0308 1740 kbdhid - ok
13:51:52.0382 1740 KMDFMEMIO (ebc507f129df8f0e0ca270dcfc0cf87f) C:\Windows\system32\DRIVERS\kmdfmemio.sys
13:51:52.0433 1740 KMDFMEMIO - ok
13:51:52.0487 1740 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
13:51:52.0564 1740 KSecDD - ok
13:51:52.0640 1740 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
13:51:52.0769 1740 KSecPkg - ok
13:51:52.0855 1740 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:51:52.0911 1740 LHidFilt - ok
13:51:52.0978 1740 libusb0 (b716d4d759663bc4174fd0a379da8e50) C:\Windows\system32\drivers\libusb0.sys
13:51:53.0081 1740 libusb0 - ok
13:51:53.0155 1740 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:51:53.0160 1740 lltdio - ok
13:51:53.0186 1740 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:51:53.0243 1740 LMouFilt - ok
13:51:53.0287 1740 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:51:53.0296 1740 LSI_FC - ok
13:51:53.0478 1740 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:51:53.0493 1740 LSI_SAS - ok
13:51:53.0524 1740 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:51:53.0532 1740 LSI_SAS2 - ok
13:51:53.0562 1740 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:51:53.0567 1740 LSI_SCSI - ok
13:51:53.0603 1740 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:51:53.0612 1740 luafv - ok
13:51:53.0666 1740 LUsbFilt (77030525cd86a93f1af34fa9b96d33ce) C:\Windows\system32\Drivers\LUsbFilt.Sys
13:51:53.0720 1740 LUsbFilt - ok
13:51:53.0798 1740 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
13:51:53.0905 1740 MBAMProtector - ok
13:51:54.0017 1740 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:51:54.0023 1740 megasas - ok
13:51:54.0077 1740 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:51:54.0088 1740 MegaSR - ok
13:51:54.0163 1740 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
13:51:54.0229 1740 mfeapfk - ok
13:51:54.0308 1740 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
13:51:54.0371 1740 mfeavfk - ok
13:51:54.0424 1740 mfeavfk01 - ok
13:51:54.0468 1740 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
13:51:54.0524 1740 mfebopk - ok
13:51:54.0589 1740 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
13:51:54.0670 1740 mfefirek - ok
13:51:54.0755 1740 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
13:51:54.0891 1740 mfehidk - ok
13:51:54.0952 1740 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
13:51:55.0023 1740 mfenlfk - ok
13:51:55.0102 1740 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
13:51:55.0161 1740 mferkdet - ok
13:51:55.0393 1740 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
13:51:55.0478 1740 mfewfpk - ok
13:51:55.0546 1740 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:51:55.0552 1740 Modem - ok
13:51:55.0615 1740 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:51:55.0621 1740 monitor - ok
13:51:55.0689 1740 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
13:51:55.0694 1740 mouclass - ok
13:51:55.0745 1740 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:51:55.0750 1740 mouhid - ok
13:51:55.0821 1740 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:51:55.0892 1740 mountmgr - ok
13:51:55.0959 1740 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:51:56.0067 1740 mpio - ok
13:51:56.0113 1740 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:51:56.0118 1740 mpsdrv - ok
13:51:56.0177 1740 MREMP50 - ok
13:51:56.0187 1740 MREMPR5 - ok
13:51:56.0197 1740 MRENDIS5 - ok
13:51:56.0207 1740 MRESP50 - ok
13:51:56.0265 1740 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:51:56.0381 1740 MRxDAV - ok
13:51:56.0467 1740 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:51:56.0590 1740 mrxsmb - ok
13:51:56.0663 1740 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:51:56.0796 1740 mrxsmb10 - ok
13:51:56.0837 1740 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:51:56.0938 1740 mrxsmb20 - ok
13:51:56.0994 1740 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:51:57.0100 1740 msahci - ok
13:51:57.0161 1740 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:51:57.0266 1740 msdsm - ok
13:51:57.0344 1740 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:51:57.0355 1740 Msfs - ok
13:51:57.0407 1740 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:51:57.0411 1740 mshidkmdf - ok
13:51:57.0466 1740 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:51:57.0473 1740 msisadrv - ok
13:51:57.0533 1740 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:51:57.0539 1740 MSKSSRV - ok
13:51:57.0605 1740 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:51:57.0611 1740 MSPCLOCK - ok
13:51:57.0657 1740 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:51:57.0663 1740 MSPQM - ok
13:51:57.0718 1740 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:51:57.0732 1740 MsRPC - ok
13:51:57.0791 1740 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
13:51:57.0794 1740 mssmbios - ok
13:51:57.0811 1740 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:51:57.0818 1740 MSTEE - ok
13:51:57.0864 1740 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:51:57.0868 1740 MTConfig - ok
13:51:57.0899 1740 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:51:57.0904 1740 Mup - ok
13:51:57.0939 1740 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:51:57.0952 1740 NativeWifiP - ok
13:51:58.0016 1740 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
13:51:58.0022 1740 NDIS - ok
13:51:58.0211 1740 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:51:58.0224 1740 NdisCap - ok
13:51:58.0249 1740 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:51:58.0257 1740 NdisTapi - ok
13:51:58.0306 1740 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:51:58.0359 1740 Ndisuio - ok
13:51:58.0423 1740 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:51:58.0550 1740 NdisWan - ok
13:51:58.0619 1740 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:51:58.0690 1740 NDProxy - ok
13:51:58.0759 1740 Netaapl (1352e1648213551923a0a822e441553c) C:\Windows\system32\DRIVERS\netaapl.sys
13:51:58.0827 1740 Netaapl - ok
13:51:58.0883 1740 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:51:58.0892 1740 NetBIOS - ok
13:51:58.0957 1740 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:51:59.0065 1740 NetBT - ok
13:51:59.0239 1740 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:51:59.0251 1740 nfrd960 - ok
13:51:59.0307 1740 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:51:59.0313 1740 Npfs - ok
13:51:59.0342 1740 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:51:59.0349 1740 nsiproxy - ok
13:51:59.0435 1740 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
13:51:59.0523 1740 Ntfs - ok
13:51:59.0563 1740 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:51:59.0567 1740 Null - ok
13:51:59.0609 1740 NVHDA (8571011b62ce0207fa1dc95d88308f1d) C:\Windows\system32\drivers\nvhda32v.sys
13:51:59.0677 1740 NVHDA - ok
13:52:00.0022 1740 nvlddmkm (19f5c4949b2e4cbd2e95b8ecdfc84d25) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:52:00.0529 1740 nvlddmkm - ok
13:52:00.0690 1740 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
13:52:00.0765 1740 nvraid - ok
13:52:00.0812 1740 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
13:52:00.0920 1740 nvstor - ok
13:52:00.0968 1740 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:52:00.0974 1740 nv_agp - ok
13:52:01.0041 1740 NWDellModem (d03072d7a3e4bf86e530f7abe18309fc) C:\Windows\system32\DRIVERS\nwdelmdm.sys
13:52:01.0099 1740 NWDellModem - ok
13:52:01.0155 1740 NWDellPort (d03072d7a3e4bf86e530f7abe18309fc) C:\Windows\system32\DRIVERS\nwdelser.sys
13:52:01.0239 1740 NWDellPort - ok
13:52:01.0276 1740 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:52:01.0284 1740 ohci1394 - ok
13:52:01.0358 1740 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:52:01.0367 1740 Parport - ok
13:52:01.0431 1740 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
13:52:01.0537 1740 partmgr - ok
13:52:01.0568 1740 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:52:01.0572 1740 Parvdm - ok
13:52:01.0621 1740 PCASp50 (803c8e7f4d00fe832c1f3871514fec85) C:\Windows\system32\drivers\PCASp50.sys
13:52:01.0720 1740 PCASp50 - ok
13:52:01.0788 1740 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:52:01.0852 1740 pci - ok
13:52:01.0875 1740 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:52:01.0880 1740 pciide - ok
13:52:01.0936 1740 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:52:01.0949 1740 pcmcia - ok
13:52:02.0003 1740 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:52:02.0008 1740 pcw - ok
13:52:02.0068 1740 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:52:02.0084 1740 PEAUTH - ok
13:52:02.0211 1740 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
13:52:02.0266 1740 Point32 - ok
13:52:02.0333 1740 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:52:02.0338 1740 PptpMiniport - ok
13:52:02.0386 1740 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:52:02.0393 1740 Processor - ok
13:52:02.0459 1740 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:52:02.0461 1740 Psched - ok
13:52:02.0569 1740 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:52:02.0601 1740 ql2300 - ok
13:52:02.0648 1740 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:52:02.0654 1740 ql40xx - ok
13:52:02.0710 1740 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:52:02.0715 1740 QWAVEdrv - ok
13:52:02.0917 1740 RapportCerberus_34302 (6b6f0a77365667912360ff1d5e984f25) C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys
13:52:03.0018 1740 RapportCerberus_34302 - ok
13:52:03.0136 1740 RapportEI (ef909a5f9479517546ded3c74e1b564d) C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
13:52:03.0140 1740 RapportEI - ok
13:52:03.0284 1740 RapportIaso (dd3e4610de9252a957c5bd19bdf47ac4) c:\programdata\trusteer\rapport\store\exts\rapportms\28896\rapportiaso.sys
13:52:03.0289 1740 RapportIaso - ok
13:52:03.0434 1740 RapportKELL (11c9bfb625c22142ca76832b2e8b3d9b) C:\Windows\system32\Drivers\RapportKELL.sys
13:52:03.0541 1740 RapportKELL - ok
13:52:03.0657 1740 RapportPG (f4777db2f3b8f1de0ba18d6e3b2340ca) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
13:52:03.0662 1740 RapportPG - ok
13:52:03.0734 1740 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:52:03.0746 1740 RasAcd - ok
13:52:03.0823 1740 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:52:03.0836 1740 RasAgileVpn - ok
13:52:03.0904 1740 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:52:03.0911 1740 Rasl2tp - ok
13:52:03.0965 1740 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:52:03.0972 1740 RasPppoe - ok
13:52:04.0024 1740 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:52:04.0030 1740 RasSstp - ok
13:52:04.0106 1740 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:52:04.0215 1740 rdbss - ok
13:52:04.0259 1740 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:52:04.0263 1740 rdpbus - ok
13:52:04.0333 1740 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:52:04.0406 1740 RDPCDD - ok
13:52:04.0451 1740 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
13:52:04.0509 1740 RDPDR - ok
13:52:04.0561 1740 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:52:04.0567 1740 RDPENCDD - ok
13:52:04.0625 1740 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:52:04.0636 1740 RDPREFMP - ok
13:52:04.0700 1740 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
13:52:04.0754 1740 RdpVideoMiniport - ok
13:52:04.0806 1740 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
13:52:04.0928 1740 RDPWD - ok
13:52:04.0979 1740 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:52:05.0089 1740 rdyboost - ok
13:52:05.0206 1740 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
13:52:05.0215 1740 RFCOMM - ok
13:52:05.0288 1740 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:52:05.0295 1740 rspndr - ok
13:52:05.0348 1740 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
13:52:05.0405 1740 s3cap - ok
13:52:05.0457 1740 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:52:05.0565 1740 sbp2port - ok
13:52:05.0635 1740 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:52:05.0698 1740 scfilter - ok
13:52:05.0769 1740 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:52:05.0773 1740 secdrv - ok
13:52:05.0842 1740 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:52:05.0847 1740 Serenum - ok
13:52:05.0902 1740 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:52:05.0907 1740 Serial - ok
13:52:05.0960 1740 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:52:05.0963 1740 sermouse - ok
13:52:06.0047 1740 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:52:06.0051 1740 sffdisk - ok
13:52:06.0113 1740 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:52:06.0126 1740 sffp_mmc - ok
13:52:06.0181 1740 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
13:52:06.0233 1740 sffp_sd - ok
13:52:06.0283 1740 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:52:06.0289 1740 sfloppy - ok
13:52:06.0373 1740 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:52:06.0380 1740 sisagp - ok
13:52:06.0429 1740 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:52:06.0435 1740 SiSRaid2 - ok
13:52:06.0490 1740 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:52:06.0497 1740 SiSRaid4 - ok
13:52:06.0566 1740 SmartDefragDriver (bf302072dc8374cf4e118fd88aa817a2) C:\Windows\system32\Drivers\SmartDefragDriver.sys
13:52:06.0798 1740 SmartDefragDriver - ok
13:52:06.0904 1740 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:52:06.0912 1740 Smb - ok
13:52:07.0022 1740 snapman (bd3863c139f3380a9f44fb188feefc6e) C:\Windows\system32\DRIVERS\snapman.sys
13:52:07.0091 1740 snapman - ok
13:52:07.0225 1740 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:52:07.0231 1740 spldr - ok
13:52:07.0323 1740 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
13:52:07.0444 1740 srv - ok
13:52:07.0480 1740 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
13:52:07.0592 1740 srv2 - ok
13:52:07.0636 1740 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
13:52:07.0756 1740 srvnet - ok
13:52:07.0812 1740 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:52:07.0818 1740 stexstor - ok
13:52:07.0876 1740 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
13:52:07.0878 1740 StillCam - ok
13:52:07.0987 1740 StkCMini (ab80c9dde1f8d9f9f946365205ed55eb) C:\Windows\system32\Drivers\StkCMini.sys
13:52:08.0141 1740 StkCMini - ok
13:52:08.0212 1740 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
13:52:08.0287 1740 storflt - ok
13:52:08.0337 1740 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
13:52:08.0391 1740 storvsc - ok
13:52:08.0456 1740 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
13:52:08.0464 1740 swenum - ok
13:52:08.0526 1740 Synth3dVsc - ok
13:52:08.0592 1740 SynTP (069e5728e565bd401347cb94732c4733) C:\Windows\system32\DRIVERS\SynTP.sys
13:52:08.0674 1740 SynTP - ok
13:52:08.0801 1740 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
13:52:08.0886 1740 Tcpip - ok
13:52:08.0927 1740 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
13:52:08.0937 1740 TCPIP6 - ok
13:52:09.0008 1740 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:52:09.0125 1740 tcpipreg - ok
13:52:09.0187 1740 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:52:09.0285 1740 TDPIPE - ok
13:52:09.0335 1740 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
13:52:09.0459 1740 TDTCP - ok
13:52:09.0522 1740 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:52:09.0643 1740 tdx - ok
13:52:09.0717 1740 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
13:52:09.0807 1740 TermDD - ok
13:52:09.0925 1740 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:52:10.0040 1740 tssecsrv - ok
13:52:10.0116 1740 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:52:10.0193 1740 TsUsbFlt - ok
13:52:10.0212 1740 tsusbhub - ok
13:52:10.0277 1740 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:52:10.0336 1740 tunnel - ok
13:52:10.0388 1740 U2SP (228d8e60bc9c5238587b0bf1654ec580) C:\Windows\system32\DRIVERS\u2s2kxp.sys
13:52:10.0461 1740 U2SP - ok
13:52:10.0515 1740 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:52:10.0520 1740 uagp35 - ok
13:52:10.0584 1740 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:52:10.0642 1740 udfs - ok
13:52:10.0730 1740 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:52:10.0738 1740 uliagpkx - ok
13:52:10.0773 1740 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
13:52:10.0825 1740 umbus - ok
13:52:10.0863 1740 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:52:10.0867 1740 UmPass - ok
13:52:11.0110 1740 UrlFilter (b848f444340ab5eb8d8773b0ff4e0547) C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys
13:52:11.0230 1740 UrlFilter - ok
13:52:11.0309 1740 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
13:52:11.0408 1740 USBAAPL - ok
13:52:11.0472 1740 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
13:52:11.0526 1740 usbaudio - ok
13:52:11.0600 1740 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
13:52:11.0669 1740 usbccgp - ok
13:52:11.0736 1740 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:52:11.0742 1740 usbcir - ok
13:52:11.0796 1740 usbehci (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
13:52:11.0896 1740 usbehci - ok
13:52:11.0948 1740 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
13:52:12.0055 1740 usbhub - ok
13:52:12.0110 1740 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
13:52:12.0114 1740 usbohci - ok
13:52:12.0181 1740 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:52:12.0189 1740 usbprint - ok
13:52:12.0249 1740 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
13:52:12.0257 1740 usbscan - ok
13:52:12.0321 1740 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:52:12.0436 1740 USBSTOR - ok
13:52:12.0489 1740 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
13:52:12.0493 1740 usbuhci - ok
13:52:12.0567 1740 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
13:52:12.0581 1740 usb_rndisx - ok
13:52:12.0707 1740 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:52:12.0717 1740 vdrvroot - ok
13:52:12.0789 1740 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:52:12.0810 1740 vga - ok
13:52:12.0851 1740 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:52:12.0859 1740 VgaSave - ok
13:52:12.0879 1740 VGPU - ok
13:52:12.0930 1740 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:52:12.0998 1740 vhdmp - ok
13:52:13.0035 1740 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:52:13.0043 1740 viaagp - ok
13:52:13.0075 1740 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:52:13.0079 1740 ViaC7 - ok
13:52:13.0139 1740 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:52:13.0143 1740 viaide - ok
13:52:13.0182 1740 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
13:52:13.0244 1740 vmbus - ok
13:52:13.0278 1740 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
13:52:13.0329 1740 VMBusHID - ok
13:52:13.0365 1740 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:52:13.0419 1740 volmgr - ok
13:52:13.0462 1740 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:52:13.0474 1740 volmgrx - ok
13:52:13.0537 1740 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:52:13.0597 1740 volsnap - ok
13:52:13.0677 1740 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:52:13.0684 1740 vsmraid - ok
13:52:13.0750 1740 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
13:52:13.0754 1740 vwifibus - ok
13:52:13.0808 1740 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
13:52:13.0815 1740 vwififlt - ok
13:52:13.0866 1740 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
13:52:13.0871 1740 vwifimp - ok
13:52:13.0944 1740 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:52:13.0950 1740 WacomPen - ok
13:52:14.0016 1740 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:52:14.0123 1740 WANARP - ok
13:52:14.0135 1740 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:52:14.0137 1740 Wanarpv6 - ok
13:52:14.0240 1740 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:52:14.0244 1740 Wd - ok
13:52:14.0316 1740 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:52:14.0331 1740 Wdf01000 - ok
13:52:14.0478 1740 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:52:14.0482 1740 WfpLwf - ok
13:52:14.0503 1740 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:52:14.0508 1740 WIMMount - ok
13:52:14.0635 1740 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
13:52:14.0688 1740 WinUsb - ok
13:52:14.0749 1740 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
13:52:14.0756 1740 WmiAcpi - ok
13:52:14.0841 1740 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:52:14.0846 1740 ws2ifsl - ok
13:52:14.0892 1740 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
13:52:14.0894 1740 WSDPrintDevice - ok
13:52:14.0992 1740 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:52:15.0111 1740 WudfPf - ok
13:52:15.0149 1740 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:52:15.0253 1740 WUDFRd - ok
13:52:15.0367 1740 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys
13:52:15.0500 1740 yukonw7 - ok
13:52:15.0566 1740 ZSMC301b (1e41295eac56589efd9dc3ca14bf3fec) C:\Windows\system32\Drivers\usbVM31b.sys
13:52:15.0633 1740 ZSMC301b - ok
13:52:15.0711 1740 MBR (0x1B8) (7efe35d60f81b18be2fcd6513e1175d9) \Device\Harddisk0\DR0
13:52:16.0089 1740 \Device\Harddisk0\DR0 - ok
13:52:16.0096 1740 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
13:52:16.0103 1740 \Device\Harddisk1\DR1 - ok
13:52:16.0114 1740 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
13:52:16.0121 1740 \Device\Harddisk2\DR2 - ok
13:52:16.0127 1740 Boot (0x1200) (ed0e6fe9785adefc98170fc46b481d40) \Device\Harddisk0\DR0\Partition0
13:52:16.0128 1740 \Device\Harddisk0\DR0\Partition0 - ok
13:52:16.0159 1740 Boot (0x1200) (2102c7fb9b19041d9fa9e0b39223eeef) \Device\Harddisk0\DR0\Partition1
13:52:16.0160 1740 \Device\Harddisk0\DR0\Partition1 - ok
13:52:16.0164 1740 Boot (0x1200) (573edd1b03f7ce865e5b750bd5b49bca) \Device\Harddisk1\DR1\Partition0
13:52:16.0167 1740 \Device\Harddisk1\DR1\Partition0 - ok
13:52:16.0172 1740 Boot (0x1200) (027859e171d3a4811f1bff22a5385c06) \Device\Harddisk1\DR1\Partition1
13:52:16.0173 1740 \Device\Harddisk1\DR1\Partition1 - ok
13:52:16.0179 1740 Boot (0x1200) (8099e4443a6b096edb944fbb523a37c3) \Device\Harddisk1\DR1\Partition2
13:52:16.0180 1740 \Device\Harddisk1\DR1\Partition2 - ok
13:52:16.0186 1740 Boot (0x1200) (3e82b283fd533d18823932f656bec7f1) \Device\Harddisk1\DR1\Partition3
13:52:16.0188 1740 \Device\Harddisk1\DR1\Partition3 - ok
13:52:16.0194 1740 Boot (0x1200) (b35f307ae7de793ff4cc710a86ac446c) \Device\Harddisk2\DR2\Partition0
13:52:16.0195 1740 \Device\Harddisk2\DR2\Partition0 - ok
13:52:16.0196 1740 ============================================================
13:52:16.0196 1740 Scan finished
13:52:16.0196 1740 ============================================================
13:52:16.0212 7444 Detected object count: 0
13:52:16.0212 7444 Actual detected object count: 0
13:52:29.0735 7440 ============================================================
13:52:29.0735 7440 Scan started
13:52:29.0735 7440 Mode: Manual; SigCheck; TDLFS;
13:52:29.0735 7440 ============================================================
13:52:30.0388 7440 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
13:52:30.0538 7440 1394ohci - ok
13:52:30.0613 7440 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
13:52:30.0655 7440 ACPI - ok
13:52:30.0701 7440 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
13:52:30.0763 7440 AcpiPmi - ok
13:52:30.0822 7440 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
13:52:30.0846 7440 adp94xx - ok
13:52:30.0889 7440 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
13:52:30.0910 7440 adpahci - ok
13:52:30.0959 7440 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
13:52:30.0978 7440 adpu320 - ok
13:52:31.0048 7440 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
13:52:31.0106 7440 AFD - ok
13:52:31.0197 7440 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
13:52:31.0287 7440 AgereSoftModem - ok
13:52:31.0343 7440 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
13:52:31.0375 7440 agp440 - ok
13:52:31.0452 7440 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
13:52:31.0473 7440 aic78xx - ok
13:52:31.0514 7440 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
13:52:31.0530 7440 aliide - ok
13:52:31.0575 7440 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
13:52:31.0593 7440 amdagp - ok
13:52:31.0646 7440 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
13:52:31.0675 7440 amdide - ok
13:52:31.0725 7440 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
13:52:31.0792 7440 AmdK8 - ok
13:52:31.0842 7440 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
13:52:31.0862 7440 AmdPPM - ok
13:52:31.0933 7440 amdsata (e7f4d42d8076ec60e21715cd11743a0d) C:\Windows\system32\drivers\amdsata.sys
13:52:31.0968 7440 amdsata - ok
13:52:32.0015 7440 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
13:52:32.0037 7440 amdsbs - ok
13:52:32.0081 7440 amdxata (146459d2b08bfdcbfa856d9947043c81) C:\Windows\system32\drivers\amdxata.sys
13:52:32.0097 7440 amdxata - ok
13:52:32.0167 7440 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
13:52:32.0244 7440 AppID - ok
13:52:32.0300 7440 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
13:52:32.0319 7440 arc - ok
13:52:32.0373 7440 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
13:52:32.0390 7440 arcsas - ok
13:52:32.0436 7440 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
13:52:32.0536 7440 AsyncMac - ok
13:52:32.0586 7440 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
13:52:32.0603 7440 atapi - ok
13:52:32.0730 7440 athr (235056492f54268883ce3dea3acb9997) C:\Windows\system32\DRIVERS\athr.sys
13:52:32.0855 7440 athr - ok
13:52:32.0936 7440 avisfltr (acbd9b32206cb5d771393c8d038734ab) C:\Windows\system32\DRIVERS\avisfltr.sys
13:52:32.0995 7440 avisfltr - ok
13:52:33.0063 7440 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
13:52:33.0145 7440 b06bdrv - ok
13:52:33.0202 7440 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
13:52:33.0266 7440 b57nd60x - ok
13:52:33.0314 7440 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
13:52:33.0375 7440 Beep - ok
13:52:33.0415 7440 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
13:52:33.0467 7440 blbdrive - ok
13:52:33.0539 7440 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
13:52:33.0565 7440 bowser - ok
13:52:33.0620 7440 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:52:33.0665 7440 BrFiltLo - ok
13:52:33.0708 7440 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:52:33.0783 7440 BrFiltUp - ok
13:52:33.0838 7440 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\system32\DRIVERS\BrSerId.sys
13:52:33.0866 7440 Brserid - ok
13:52:33.0913 7440 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
13:52:33.0966 7440 BrSerWdm - ok
13:52:34.0005 7440 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:52:34.0070 7440 BrUsbMdm - ok
13:52:34.0109 7440 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\DRIVERS\BrUsbSer.sys
13:52:34.0168 7440 BrUsbSer - ok
13:52:34.0220 7440 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
13:52:34.0314 7440 BthEnum - ok
13:52:34.0363 7440 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
13:52:34.0414 7440 BTHMODEM - ok
13:52:34.0473 7440 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
13:52:34.0546 7440 BthPan - ok
13:52:34.0623 7440 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
13:52:34.0684 7440 BTHPORT - ok
13:52:34.0727 7440 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
13:52:34.0775 7440 BTHUSB - ok
13:52:34.0833 7440 btusbflt (f549c3fb145a4928e40bb1518b2034dc) C:\Windows\system32\drivers\btusbflt.sys
13:52:34.0848 7440 btusbflt - ok
13:52:34.0893 7440 btwaudio (3ea1a20dc0ca1ad23e7aa8c37a91bcd1) C:\Windows\system32\drivers\btwaudio.sys
13:52:34.0919 7440 btwaudio - ok
13:52:34.0961 7440 btwavdt (195872e48a7fb01f8bc9b800f70f4054) C:\Windows\system32\drivers\btwavdt.sys
13:52:34.0976 7440 btwavdt - ok
13:52:35.0022 7440 btwrchid (0724e7d6c9b6a289eddda33fa8176e80) C:\Windows\system32\DRIVERS\btwrchid.sys
13:52:35.0036 7440 btwrchid - ok
13:52:35.0105 7440 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
13:52:35.0189 7440 cdfs - ok
13:52:35.0251 7440 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
13:52:35.0310 7440 cdrom - ok
13:52:35.0361 7440 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
13:52:35.0376 7440 cfwids - ok
13:52:35.0423 7440 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
13:52:35.0464 7440 circlass - ok
13:52:35.0519 7440 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
13:52:35.0540 7440 CLFS - ok
13:52:35.0593 7440 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
13:52:35.0638 7440 CmBatt - ok
13:52:35.0678 7440 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
13:52:35.0695 7440 cmdide - ok
13:52:35.0763 7440 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
13:52:35.0793 7440 CNG - ok
13:52:35.0827 7440 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
13:52:35.0844 7440 Compbatt - ok
13:52:35.0906 7440 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
13:52:35.0958 7440 CompositeBus - ok
13:52:35.0996 7440 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
13:52:36.0014 7440 crcdisk - ok
13:52:36.0093 7440 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
13:52:36.0134 7440 CSC - ok
13:52:36.0198 7440 dc3d (7caaf4af453ef3582fef65dd72caa0aa) C:\Windows\system32\DRIVERS\dc3d.sys
13:52:36.0268 7440 dc3d - ok
13:52:36.0337 7440 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
13:52:36.0417 7440 DfsC - ok
13:52:36.0466 7440 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
13:52:36.0548 7440 discache - ok
13:52:36.0590 7440 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
13:52:36.0609 7440 Disk - ok
13:52:36.0676 7440 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys
13:52:36.0721 7440 Dot4 - ok
13:52:36.0780 7440 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:52:36.0804 7440 Dot4Print - ok
13:52:36.0876 7440 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys
13:52:36.0929 7440 dot4usb - ok
13:52:36.0983 7440 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
13:52:37.0038 7440 drmkaud - ok
13:52:37.0111 7440 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
13:52:37.0165 7440 DXGKrnl - ok
13:52:37.0318 7440 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
13:52:37.0408 7440 ebdrv - ok
13:52:37.0587 7440 ECS_Loader_220 (24b46483acc0d33783b89c7c0e4939f7) C:\Windows\system32\Drivers\ECS_Loader_220.sys
13:52:37.0682 7440 ECS_Loader_220 - ok
13:52:37.0771 7440 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
13:52:37.0806 7440 elxstor - ok
13:52:37.0858 7440 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
13:52:37.0922 7440 ErrDev - ok
13:52:37.0989 7440 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
13:52:38.0026 7440 exfat - ok
13:52:38.0077 7440 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
13:52:38.0137 7440 fastfat - ok
13:52:38.0177 7440 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
13:52:38.0238 7440 fdc - ok
13:52:38.0280 7440 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
13:52:38.0299 7440 FileInfo - ok
13:52:38.0518 7440 FileMonitor (6ae14fa726f6f3efe8adf6eb5ef75c33) C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
13:52:38.0544 7440 FileMonitor - ok
13:52:38.0590 7440 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
13:52:38.0681 7440 Filetrace - ok
13:52:38.0723 7440 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
13:52:38.0762 7440 flpydisk - ok
13:52:38.0804 7440 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
13:52:38.0824 7440 FltMgr - ok
13:52:38.0882 7440 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
13:52:38.0900 7440 FsDepends - ok
13:52:38.0962 7440 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys
13:52:38.0991 7440 fssfltr - ok
13:52:39.0042 7440 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
13:52:39.0062 7440 Fs_Rec - ok
13:52:39.0131 7440 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
13:52:39.0175 7440 fvevol - ok
13:52:39.0221 7440 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:52:39.0240 7440 gagp30kx - ok
13:52:39.0281 7440 GEARAspiWDM (5ae3a887ece5bbb72cfab273c2fd1cfa) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:52:39.0296 7440 GEARAspiWDM - ok
13:52:39.0362 7440 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
13:52:39.0440 7440 hcw85cir - ok
13:52:39.0503 7440 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
13:52:39.0548 7440 HDAudBus - ok
13:52:39.0564 7440 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
13:52:39.0604 7440 HidBatt - ok
13:52:39.0646 7440 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
13:52:39.0702 7440 HidBth - ok
13:52:39.0738 7440 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
13:52:39.0797 7440 HidIr - ok
13:52:39.0860 7440 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
13:52:39.0903 7440 HidUsb - ok
13:52:39.0966 7440 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
13:52:39.0984 7440 HpSAMD - ok
13:52:40.0070 7440 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
13:52:40.0133 7440 HTTP - ok
13:52:40.0185 7440 hugoio (7deccb2612255f4b538976ad25da0d29) C:\Windows\system32\drivers\hugoio.sys
13:52:40.0199 7440 hugoio - ok
13:52:40.0268 7440 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
13:52:40.0296 7440 hwpolicy - ok
13:52:40.0344 7440 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
13:52:40.0394 7440 i8042prt - ok
13:52:40.0445 7440 iaStorV (a3cae5d281db4cff7cff8233507ee5ad) C:\Windows\system32\drivers\iaStorV.sys
13:52:40.0467 7440 iaStorV - ok
13:52:40.0533 7440 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
13:52:40.0551 7440 iirsp - ok
13:52:40.0681 7440 IntcAzAudAddService (ffd2b3bc042596abe785d3c15f51ab46) C:\Windows\system32\drivers\RTKVHDA.sys
13:52:40.0741 7440 IntcAzAudAddService - ok
13:52:40.0796 7440 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
13:52:40.0827 7440 intelide - ok
13:52:40.0875 7440 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
13:52:40.0918 7440 intelppm - ok
13:52:40.0974 7440 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:52:41.0029 7440 IpFilterDriver - ok
13:52:41.0091 7440 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
13:52:41.0141 7440 IPMIDRV - ok
13:52:41.0183 7440 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
13:52:41.0239 7440 IPNAT - ok
13:52:41.0285 7440 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
13:52:41.0314 7440 IRENUM - ok
13:52:41.0385 7440 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
13:52:41.0403 7440 isapnp - ok
13:52:41.0453 7440 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
13:52:41.0488 7440 iScsiPrt - ok
13:52:41.0529 7440 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:52:41.0548 7440 kbdclass - ok
13:52:41.0597 7440 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
13:52:41.0640 7440 kbdhid - ok
13:52:41.0695 7440 KMDFMEMIO (ebc507f129df8f0e0ca270dcfc0cf87f) C:\Windows\system32\DRIVERS\kmdfmemio.sys
13:52:41.0742 7440 KMDFMEMIO - ok
13:52:41.0789 7440 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
13:52:41.0807 7440 KSecDD - ok
13:52:41.0865 7440 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
13:52:41.0887 7440 KSecPkg - ok
13:52:41.0969 7440 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:52:41.0985 7440 LHidFilt - ok
13:52:42.0048 7440 libusb0 (b716d4d759663bc4174fd0a379da8e50) C:\Windows\system32\drivers\libusb0.sys
13:52:42.0086 7440 libusb0 - ok
13:52:42.0148 7440 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
13:52:42.0212 7440 lltdio - ok
13:52:42.0239 7440 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:52:42.0254 7440 LMouFilt - ok
13:52:42.0302 7440 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:52:42.0321 7440 LSI_FC - ok
13:52:42.0504 7440 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:52:42.0536 7440 LSI_SAS - ok
13:52:42.0561 7440 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:52:42.0580 7440 LSI_SAS2 - ok
13:52:42.0610 7440 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:52:42.0628 7440 LSI_SCSI - ok
13:52:42.0661 7440 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
13:52:42.0718 7440 luafv - ok
13:52:42.0759 7440 LUsbFilt (77030525cd86a93f1af34fa9b96d33ce) C:\Windows\system32\Drivers\LUsbFilt.Sys
13:52:42.0773 7440 LUsbFilt - ok
13:52:42.0835 7440 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
13:52:42.0850 7440 MBAMProtector - ok
13:52:43.0087 7440 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
13:52:43.0114 7440 megasas - ok
13:52:43.0148 7440 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
13:52:43.0172 7440 MegaSR - ok
13:52:43.0221 7440 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
13:52:43.0241 7440 mfeapfk - ok
13:52:43.0313 7440 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
13:52:43.0344 7440 mfeavfk - ok
13:52:43.0360 7440 mfeavfk01 - ok
13:52:43.0406 7440 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
13:52:43.0421 7440 mfebopk - ok
13:52:43.0461 7440 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
13:52:43.0480 7440 mfefirek - ok
13:52:43.0526 7440 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
13:52:43.0548 7440 mfehidk - ok
13:52:43.0614 7440 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
13:52:43.0642 7440 mfenlfk - ok
13:52:43.0676 7440 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
13:52:43.0692 7440 mferkdet - ok
13:52:43.0746 7440 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
13:52:43.0762 7440 mfewfpk - ok
13:52:43.0834 7440 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
13:52:43.0905 7440 Modem - ok
13:52:44.0056 7440 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
13:52:44.0107 7440 monitor - ok
13:52:44.0175 7440 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
13:52:44.0195 7440 mouclass - ok
13:52:44.0241 7440 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
13:52:44.0304 7440 mouhid - ok
13:52:44.0362 7440 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
13:52:44.0380 7440 mountmgr - ok
13:52:44.0456 7440 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
13:52:44.0492 7440 mpio - ok
13:52:44.0543 7440 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
13:52:44.0609 7440 mpsdrv - ok
13:52:44.0662 7440 MREMP50 - ok
13:52:44.0679 7440 MREMPR5 - ok
13:52:44.0695 7440 MRENDIS5 - ok
13:52:44.0704 7440 MRESP50 - ok
13:52:44.0772 7440 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
13:52:44.0867 7440 MRxDAV - ok
13:52:44.0931 7440 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:52:44.0992 7440 mrxsmb - ok
13:52:45.0049 7440 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:52:45.0084 7440 mrxsmb10 - ok
13:52:45.0135 7440 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:52:45.0184 7440 mrxsmb20 - ok
13:52:45.0237 7440 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
13:52:45.0254 7440 msahci - ok
13:52:45.0316 7440 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
13:52:45.0352 7440 msdsm - ok
13:52:45.0432 7440 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
13:52:45.0489 7440 Msfs - ok
13:52:45.0539 7440 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
13:52:45.0609 7440 mshidkmdf - ok
13:52:45.0654 7440 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
13:52:45.0684 7440 msisadrv - ok
13:52:45.0742 7440 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
13:52:45.0801 7440 MSKSSRV - ok
13:52:45.0847 7440 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
13:52:45.0907 7440 MSPCLOCK - ok
13:52:45.0954 7440 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
13:52:45.0991 7440 MSPQM - ok
13:52:46.0048 7440 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
13:52:46.0067 7440 MsRPC - ok
13:52:46.0144 7440 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
13:52:46.0161 7440 mssmbios - ok
13:52:46.0178 7440 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
13:52:46.0227 7440 MSTEE - ok
13:52:46.0271 7440 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
13:52:46.0293 7440 MTConfig - ok
13:52:46.0340 7440 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
13:52:46.0374 7440 Mup - ok
13:52:46.0435 7440 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
13:52:46.0461 7440 NativeWifiP - ok
13:52:46.0545 7440 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
13:52:46.0581 7440 NDIS - ok
13:52:46.0629 7440 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
13:52:46.0737 7440 NdisCap - ok
13:52:46.0775 7440 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
13:52:46.0836 7440 NdisTapi - ok
13:52:46.0890 7440 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
13:52:46.0944 7440 Ndisuio - ok
13:52:47.0007 7440 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
13:52:47.0045 7440 NdisWan - ok
13:52:47.0114 7440 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
13:52:47.0158 7440 NDProxy - ok
13:52:47.0232 7440 Netaapl (1352e1648213551923a0a822e441553c) C:\Windows\system32\DRIVERS\netaapl.sys
13:52:47.0333 7440 Netaapl - ok
13:52:47.0401 7440 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
13:52:47.0465 7440 NetBIOS - ok
13:52:47.0531 7440 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
13:52:47.0614 7440 NetBT - ok
13:52:47.0702 7440 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
13:52:47.0719 7440 nfrd960 - ok
13:52:47.0759 7440 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
13:52:47.0845 7440 Npfs - ok
13:52:47.0892 7440 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
13:52:47.0955 7440 nsiproxy - ok
13:52:48.0038 7440 Ntfs (33c3093d09017cfe2e219f2472bff6eb) C:\Windows\system32\drivers\Ntfs.sys
13:52:48.0077 7440 Ntfs - ok
13:52:48.0102 7440 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
13:52:48.0160 7440 Null - ok
13:52:48.0214 7440 NVHDA (8571011b62ce0207fa1dc95d88308f1d) C:\Windows\system32\drivers\nvhda32v.sys
13:52:48.0230 7440 NVHDA - ok
13:52:48.0608 7440 nvlddmkm (19f5c4949b2e4cbd2e95b8ecdfc84d25) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:52:48.0838 7440 nvlddmkm - ok
13:52:48.0997 7440 nvraid (af2eec9580c1d32fb7eaf105d9784061) C:\Windows\system32\drivers\nvraid.sys
13:52:49.0017 7440 nvraid - ok
13:52:49.0076 7440 nvstor (9283c58ebaa2618f93482eb5dabcec82) C:\Windows\system32\drivers\nvstor.sys
13:52:49.0095 7440 nvstor - ok
13:52:49.0155 7440 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
13:52:49.0175 7440 nv_agp - ok
13:52:49.0260 7440 NWDellModem (d03072d7a3e4bf86e530f7abe18309fc) C:\Windows\system32\DRIVERS\nwdelmdm.sys
13:52:49.0349 7440 NWDellModem - ok
13:52:49.0419 7440 NWDellPort (d03072d7a3e4bf86e530f7abe18309fc) C:\Windows\system32\DRIVERS\nwdelser.sys
13:52:49.0437 7440 NWDellPort - ok
13:52:49.0497 7440 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
13:52:49.0555 7440 ohci1394 - ok
13:52:49.0634 7440 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
13:52:49.0662 7440 Parport - ok
13:52:49.0728 7440 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
13:52:49.0755 7440 partmgr - ok
13:52:49.0810 7440 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
13:52:49.0854 7440 Parvdm - ok
13:52:49.0907 7440 PCASp50 (803c8e7f4d00fe832c1f3871514fec85) C:\Windows\system32\drivers\PCASp50.sys
13:52:49.0929 7440 PCASp50 ( UnsignedFile.Multi.Generic ) - warning
13:52:49.0929 7440 PCASp50 - detected UnsignedFile.Multi.Generic (1)
13:52:49.0998 7440 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
13:52:50.0019 7440 pci - ok
13:52:50.0074 7440 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
13:52:50.0092 7440 pciide - ok
13:52:50.0146 7440 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
13:52:50.0167 7440 pcmcia - ok
13:52:50.0213 7440 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
13:52:50.0233 7440 pcw - ok
13:52:50.0290 7440 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
13:52:50.0362 7440 PEAUTH - ok
13:52:50.0531 7440 Point32 (896d916de06f5502d301e8c4dc442ae8) C:\Windows\system32\DRIVERS\point32.sys
13:52:50.0548 7440 Point32 - ok
13:52:50.0631 7440 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
13:52:50.0715 7440 PptpMiniport - ok
13:52:50.0761 7440 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
13:52:50.0802 7440 Processor - ok
13:52:50.0857 7440 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
13:52:50.0925 7440 Psched - ok
13:52:51.0010 7440 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
13:52:51.0066 7440 ql2300 - ok
13:52:51.0123 7440 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
13:52:51.0144 7440 ql40xx - ok
13:52:51.0196 7440 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
13:52:51.0239 7440 QWAVEdrv - ok
13:52:51.0469 7440 RapportCerberus_34302 (6b6f0a77365667912360ff1d5e984f25) C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus32_34302.sys
13:52:51.0504 7440 RapportCerberus_34302 - ok
13:52:51.0798 7440 RapportEI (ef909a5f9479517546ded3c74e1b564d) C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
13:52:51.0830 7440 RapportEI - ok
13:52:51.0969 7440 RapportIaso (dd3e4610de9252a957c5bd19bdf47ac4) c:\programdata\trusteer\rapport\store\exts\rapportms\28896\rapportiaso.sys
13:52:51.0992 7440 RapportIaso - ok
13:52:52.0130 7440 RapportKELL (11c9bfb625c22142ca76832b2e8b3d9b) C:\Windows\system32\Drivers\RapportKELL.sys
13:52:52.0150 7440 RapportKELL - ok
13:52:52.0275 7440 RapportPG (f4777db2f3b8f1de0ba18d6e3b2340ca) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
13:52:52.0303 7440 RapportPG - ok
13:52:52.0374 7440 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
13:52:52.0440 7440 RasAcd - ok
13:52:52.0507 7440 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:52:52.0570 7440 RasAgileVpn - ok
13:52:52.0622 7440 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:52:52.0687 7440 Rasl2tp - ok
13:52:52.0737 7440 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
13:52:52.0810 7440 RasPppoe - ok
13:52:52.0851 7440 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
13:52:52.0907 7440 RasSstp - ok
13:52:52.0968 7440 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
13:52:53.0055 7440 rdbss - ok
13:52:53.0086 7440 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
13:52:53.0111 7440 rdpbus - ok
13:52:53.0171 7440 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:52:53.0255 7440 RDPCDD - ok
13:52:53.0300 7440 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
13:52:53.0390 7440 RDPDR - ok
13:52:53.0422 7440 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
13:52:53.0479 7440 RDPENCDD - ok
13:52:53.0530 7440 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
13:52:53.0564 7440 RDPREFMP - ok
13:52:53.0627 7440 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
13:52:53.0753 7440 RdpVideoMiniport - ok
13:52:53.0821 7440 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
13:52:53.0860 7440 RDPWD - ok
13:52:53.0928 7440 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
13:52:53.0947 7440 rdyboost - ok
13:52:54.0036 7440 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
13:52:54.0109 7440 RFCOMM - ok
13:52:54.0193 7440 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
13:52:54.0231 7440 rspndr - ok
13:52:54.0297 7440 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
13:52:54.0388 7440 s3cap - ok
13:52:54.0450 7440 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
13:52:54.0485 7440 sbp2port - ok
13:52:54.0573 7440 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
13:52:54.0660 7440 scfilter - ok
13:52:54.0729 7440 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:52:54.0784 7440 secdrv - ok
13:52:54.0846 7440 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
13:52:54.0868 7440 Serenum - ok
13:52:54.0917 7440 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
13:52:54.0962 7440 Serial - ok
13:52:54.0997 7440 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
13:52:55.0057 7440 sermouse - ok
13:52:55.0150 7440 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
13:52:55.0239 7440 sffdisk - ok
13:52:55.0294 7440 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
13:52:55.0319 7440 sffp_mmc - ok
13:52:55.0373 7440 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
13:52:55.0420 7440 sffp_sd - ok
13:52:55.0464 7440 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
13:52:55.0513 7440 sfloppy - ok
13:52:55.0575 7440 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
13:52:55.0594 7440 sisagp - ok
13:52:55.0643 7440 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:52:55.0674 7440 SiSRaid2 - ok
13:52:55.0725 7440 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
13:52:55.0745 7440 SiSRaid4 - ok
13:52:55.0801 7440 SmartDefragDriver (bf302072dc8374cf4e118fd88aa817a2) C:\Windows\system32\Drivers\SmartDefragDriver.sys
13:52:55.0815 7440 SmartDefragDriver - ok
13:52:55.0852 7440 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
13:52:55.0891 7440 Smb - ok
13:52:55.0971 7440 snapman (bd3863c139f3380a9f44fb188feefc6e) C:\Windows\system32\DRIVERS\snapman.sys
13:52:56.0004 7440 snapman - ok
13:52:56.0042 7440 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
13:52:56.0060 7440 spldr - ok
13:52:56.0283 7440 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
13:52:56.0373 7440 srv - ok
13:52:56.0596 7440 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
13:52:56.0654 7440 srv2 - ok
13:52:56.0850 7440 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
13:52:56.0922 7440 srvnet - ok
13:52:57.0059 7440 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
13:52:57.0089 7440 stexstor - ok
13:52:57.0399 7440 StillCam (edb05bd63148796f23ea78506404a538) C:\Windows\system32\DRIVERS\serscan.sys
13:52:57.0517 7440 StillCam - ok
13:52:57.0886 7440 StkCMini (ab80c9dde1f8d9f9f946365205ed55eb) C:\Windows\system32\Drivers\StkCMini.sys
13:52:57.0941 7440 StkCMini - ok
13:52:58.0308 7440 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
13:52:58.0342 7440 storflt - ok
13:52:58.0432 7440 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
13:52:58.0449 7440 storvsc - ok
13:52:58.0629 7440 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
13:52:58.0664 7440 swenum - ok
13:52:58.0801 7440 Synth3dVsc - ok
13:52:58.0997 7440 SynTP (069e5728e565bd401347cb94732c4733) C:\Windows\system32\DRIVERS\SynTP.sys
13:52:59.0031 7440 SynTP - ok
13:52:59.0443 7440 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
13:52:59.0489 7440 Tcpip - ok
13:52:59.0530 7440 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
13:52:59.0569 7440 TCPIP6 - ok
13:52:59.0633 7440 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
13:52:59.0738 7440 tcpipreg - ok
13:52:59.0801 7440 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
13:52:59.0862 7440 TDPIPE - ok
13:52:59.0905 7440 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
13:52:59.0961 7440 TDTCP - ok
13:53:00.0015 7440 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
13:53:00.0077 7440 tdx - ok
13:53:00.0143 7440 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
13:53:00.0161 7440 TermDD - ok
13:53:00.0274 7440 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:53:00.0332 7440 tssecsrv - ok
13:53:00.0399 7440 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
13:53:00.0480 7440 TsUsbFlt - ok
13:53:00.0500 7440 tsusbhub - ok
13:53:00.0571 7440 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
13:53:00.0628 7440 tunnel - ok
13:53:00.0716 7440 U2SP (228d8e60bc9c5238587b0bf1654ec580) C:\Windows\system32\DRIVERS\u2s2kxp.sys
13:53:00.0783 7440 U2SP - ok
13:53:00.0832 7440 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
13:53:00.0850 7440 uagp35 - ok
13:53:00.0912 7440 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
13:53:00.0967 7440 udfs - ok
13:53:01.0047 7440 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
13:53:01.0104 7440 uliagpkx - ok
13:53:01.0155 7440 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
13:53:01.0202 7440 umbus - ok
13:53:01.0246 7440 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
13:53:01.0287 7440 UmPass - ok
13:53:01.0570 7440 UrlFilter (b848f444340ab5eb8d8773b0ff4e0547) C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys
13:53:01.0583 7440 UrlFilter - ok
13:53:01.0703 7440 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
13:53:01.0769 7440 USBAAPL - ok
13:53:01.0821 7440 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
13:53:01.0872 7440 usbaudio - ok
13:53:01.0939 7440 usbccgp (7e72e7d7e0757d59481d530fd2b0bfae) C:\Windows\system32\DRIVERS\usbccgp.sys
13:53:01.0977 7440 usbccgp - ok
13:53:02.0053 7440 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
13:53:02.0096 7440 usbcir - ok
13:53:02.0146 7440 usbehci (cfbce999c057d78979a181c9c60f208e) C:\Windows\system32\drivers\usbehci.sys
13:53:02.0168 7440 usbehci - ok
13:53:02.0231 7440 usbhub (9d22aad9ac6a07c691a1113e5f860868) C:\Windows\system32\drivers\usbhub.sys
13:53:02.0255 7440 usbhub - ok
13:53:02.0306 7440 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\drivers\usbohci.sys
13:53:02.0344 7440 usbohci - ok
13:53:02.0410 7440 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
13:53:02.0454 7440 usbprint - ok
13:53:02.0521 7440 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
13:53:02.0565 7440 usbscan - ok
13:53:02.0616 7440 USBSTOR (bf63ebfc6979fefb2bc03df7989a0c1a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:53:02.0660 7440 USBSTOR - ok
13:53:02.0707 7440 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\Windows\system32\drivers\usbuhci.sys
13:53:02.0729 7440 usbuhci - ok
13:53:02.0795 7440 usb_rndisx (d82f43d15fdaa666856c0190cb73e7c9) C:\Windows\system32\DRIVERS\usb8023x.sys
13:53:02.0867 7440 usb_rndisx - ok
13:53:02.0946 7440 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
13:53:02.0964 7440 vdrvroot - ok
13:53:03.0050 7440 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
13:53:03.0104 7440 vga - ok
13:53:03.0145 7440 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
13:53:03.0183 7440 VgaSave - ok
13:53:03.0202 7440 VGPU - ok
13:53:03.0246 7440 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
13:53:03.0266 7440 vhdmp - ok
13:53:03.0317 7440 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
13:53:03.0350 7440 viaagp - ok
13:53:03.0391 7440 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
13:53:03.0441 7440 ViaC7 - ok
13:53:03.0477 7440 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
13:53:03.0495 7440 viaide - ok
13:53:03.0553 7440 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
13:53:03.0573 7440 vmbus - ok
13:53:03.0627 7440 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
13:53:03.0664 7440 VMBusHID - ok
13:53:03.0726 7440 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
13:53:03.0743 7440 volmgr - ok
13:53:03.0800 7440 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
13:53:03.0822 7440 volmgrx - ok
13:53:03.0887 7440 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
13:53:03.0910 7440 volsnap - ok
13:53:03.0971 7440 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
13:53:03.0990 7440 vsmraid - ok
13:53:04.0056 7440 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
13:53:04.0098 7440 vwifibus - ok
13:53:04.0136 7440 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
13:53:04.0185 7440 vwififlt - ok
13:53:04.0238 7440 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
13:53:04.0262 7440 vwifimp - ok
13:53:04.0326 7440 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
13:53:04.0376 7440 WacomPen - ok
13:53:04.0443 7440 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:53:04.0487 7440 WANARP - ok
13:53:04.0498 7440 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
13:53:04.0535 7440 Wanarpv6 - ok
13:53:04.0644 7440 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
13:53:04.0672 7440 Wd - ok
13:53:04.0732 7440 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
13:53:04.0756 7440 Wdf01000 - ok
13:53:04.0872 7440 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
13:53:04.0909 7440 WfpLwf - ok
13:53:04.0933 7440 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
13:53:04.0953 7440 WIMMount - ok
13:53:05.0095 7440 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
13:53:05.0168 7440 WinUsb - ok
13:53:05.0242 7440 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
13:53:05.0283 7440 WmiAcpi - ok
13:53:05.0378 7440 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
13:53:05.0443 7440 ws2ifsl - ok
13:53:05.0506 7440 WSDPrintDevice (553f6ccd7c58eb98d4a8fbdaf283d7a9) C:\Windows\system32\DRIVERS\WSDPrint.sys
13:53:05.0551 7440 WSDPrintDevice - ok
13:53:05.0650 7440 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
13:53:05.0685 7440 WudfPf - ok
13:53:05.0730 7440 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:53:05.0783 7440 WUDFRd - ok
13:53:05.0903 7440 yukonw7 (30b73eb97218a16cbc6de535782a1b35) C:\Windows\system32\DRIVERS\yk62x86.sys
13:53:05.0975 7440 yukonw7 - ok
13:53:06.0035 7440 ZSMC301b (1e41295eac56589efd9dc3ca14bf3fec) C:\Windows\system32\Drivers\usbVM31b.sys
13:53:06.0093 7440 ZSMC301b - ok
13:53:06.0180 7440 MBR (0x1B8) (7efe35d60f81b18be2fcd6513e1175d9) \Device\Harddisk0\DR0
13:53:06.0778 7440 \Device\Harddisk0\DR0 - ok
13:53:06.0792 7440 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
13:53:06.0945 7440 \Device\Harddisk1\DR1 - ok
13:53:06.0955 7440 MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk2\DR2
13:53:07.0126 7440 \Device\Harddisk2\DR2 - ok
13:53:07.0151 7440 Boot (0x1200) (ed0e6fe9785adefc98170fc46b481d40) \Device\Harddisk0\DR0\Partition0
13:53:07.0152 7440 \Device\Harddisk0\DR0\Partition0 - ok
13:53:07.0180 7440 Boot (0x1200) (2102c7fb9b19041d9fa9e0b39223eeef) \Device\Harddisk0\DR0\Partition1
13:53:07.0182 7440 \Device\Harddisk0\DR0\Partition1 - ok
13:53:07.0187 7440 Boot (0x1200) (573edd1b03f7ce865e5b750bd5b49bca) \Device\Harddisk1\DR1\Partition0
13:53:07.0188 7440 \Device\Harddisk1\DR1\Partition0 - ok
13:53:07.0196 7440 Boot (0x1200) (027859e171d3a4811f1bff22a5385c06) \Device\Harddisk1\DR1\Partition1
13:53:07.0197 7440 \Device\Harddisk1\DR1\Partition1 - ok
13:53:07.0205 7440 Boot (0x1200) (8099e4443a6b096edb944fbb523a37c3) \Device\Harddisk1\DR1\Partition2
13:53:07.0207 7440 \Device\Harddisk1\DR1\Partition2 - ok
13:53:07.0214 7440 Boot (0x1200) (3e82b283fd533d18823932f656bec7f1) \Device\Harddisk1\DR1\Partition3
13:53:07.0217 7440 \Device\Harddisk1\DR1\Partition3 - ok
13:53:07.0224 7440 Boot (0x1200) (b35f307ae7de793ff4cc710a86ac446c) \Device\Harddisk2\DR2\Partition0
13:53:07.0225 7440 \Device\Harddisk2\DR2\Partition0 - ok
13:53:07.0226 7440 ============================================================
13:53:07.0227 7440 Scan finished
13:53:07.0227 7440 ============================================================
13:53:07.0239 1576 Detected object count: 1
13:53:07.0239 1576 Actual detected object count: 1
14:02:29.0404 1576 C:\Windows\system32\drivers\PCASp50.sys - copied to quarantine
14:02:29.0612 1576 PCASp50 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
Confounded
Active Member
 
Posts: 12
Joined: December 20th, 2011, 7:16 pm

Re: Bank Fraud! PC on Network w/ comprised PC. TDL3 Root?

Unread postby mambass » January 23rd, 2012, 5:35 pm

Hi Confounded,

I apologize for the delay in getting back to you.

Can you tell me if these computers are on an office network?

mambass
User avatar
mambass
Retired Graduate
 
Posts: 826
Joined: April 23rd, 2010, 9:26 am

Re: Bank Fraud! PC on Network w/ comprised PC. TDL3 Root?

Unread postby Confounded » January 23rd, 2012, 5:50 pm

Hi Mambass,

No its a home network, but I have one PC laptop I use for work (home office) as PC1, when here. 3 boxes. One kids, wife, and mine.

James
Confounded
Active Member
 
Posts: 12
Joined: December 20th, 2011, 7:16 pm

Re: Bank Fraud! PC on Network w/ comprised PC. TDL3 Root?

Unread postby Cypher » January 24th, 2012, 7:04 am

I see you are posting for help for a "Business" computer.

May I draw your attention to THIS topic, which you should have read before posting for help.

The section Posting for help for business machines explains why we do not offer help for such computers.

This topic is now closed
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Advertisement
Register to Remove


Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 128 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware