svchost trojan - Expert Second Opinion

[Xmon13]

Hello I have recently sent my computer in to be repaired as the OS failed to start and Malawarebytes could not removed the detected trojan. I received it today wiped of all installed applications with some files backed up and put back on the computer such as pictures, documents, and music. The technician removed my Malawarebytes anti virus and spybot S&D and replaced them with AVG Free. I have proceeded to reinstall some basic apps (Steam, iTunes, Firefox, Chrome) and perform my own housekeeping on deleting files. He stated my cpu was fixed but was apparently puzzeled as he could not get my ATI Graphics card to function as it caused problems at startup and had to resort to using my integrated graphics card this was a blow to me as I do a lot of online gaming but a small price to pay to get my system running again. It is less than a day in and AVG has just blocked a Javascript Exploit as it calls from the file svchost.exe in my windows folder. This leads me to believe that my computer is still infected as this same file svchost.exe is one that I remember being detected when I ran Malawarebytes but upon its restart fix received a runtime error 5(if I remember correctly) and was never truly deleted as each time I scanned the trojan appeared. Please help I need an expert second opinion as I direly need my computer for a new job in the next month, and possibly the ability to salvage my graphics card which I still possess.

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by Xavier at 3:18:37 on 2012-02-12

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.7935.5143 [GMT -8:00]

.

AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\svchost.exe -k yksvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\LSI SoftModem\agr64svc.exe

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe

C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe

C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgemca.exe

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe

C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\StikyNot.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Steam\Steam.exe

C:\Program Files (x86)\Common Files\Steam\SteamService.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

-netsvcs

C:\Windows\system32\conhost.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\msiexec.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\SoftwareDistribution\Download\Install\NDP40-KB2468871-v2-x64.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\2cefc84026d9bc41b6c24ed5fa\Setup.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\MsiExec.exe

C:\Windows\syswow64\MsiExec.exe

C:\Program Files (x86)\AVG\AVG2012\avgui.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4300&r=173601094204p2329u905408717415

uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4300&r=173601094204p2329u905408717415

mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4300&r=173601094204p2329u905408717415

mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4300&r=173601094204p2329u905408717415

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

uRun: [Google Update] "C:\Users\Xavier\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe

uRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent

mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe -A

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{23A0D5B2-0E4B-4960-A8A9-8D429A269F7A} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{882E491F-8DBE-4ADA-AA24-9E4A8F412ADF} : DhcpNameServer = 192.168.1.1

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

mRun-x64: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe -A

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Xavier\AppData\Roaming\Mozilla\Firefox\Profiles\c46m8yqu.default\

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Users\Xavier\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 Greg_Service;GRegService;C:\Program Files (x86)\Gateway\Registration\GregHSRW.exe [2009-6-4 1150496]

R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [2009-8-12 62208]

R2 Updater Service;Updater Service;C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe [2009-8-21 240160]

R2 yksvc;Marvell Yukon Service;C:\Windows\System32\svchost.exe -k yksvcs [2009-7-13 20992]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 cxpl_mhd;CX23885/7 PCI-E AvStream Video Capture (PalomarMHD);C:\Windows\system32\drivers\y_cx88x.sys --> C:\Windows\system32\drivers\y_cx88x.sys [?]

R3 RTL85n64;Realtek 8180/8185 Extensible 802.11 Wireless Device Driver;C:\Windows\system32\DRIVERS\RTL85n64.sys --> C:\Windows\system32\DRIVERS\RTL85n64.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 SrvHsfPCI;SrvHsfPCI;C:\Windows\system32\DRIVERS\VSTBS26.SYS --> C:\Windows\system32\DRIVERS\VSTBS26.SYS [?]

S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]

S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-02-12 11:17:31 -------- d-----w- C:\2cefc84026d9bc41b6c24ed5fa

2012-02-12 03:31:28 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-12 03:10:31 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C31FBCC8-C699-4F58-A767-26A372E87665}\offreg.dll

2012-02-12 03:07:15 -------- d-----w- C:\Program Files (x86)\Common Files\Steam

2012-02-12 03:07:12 -------- d-----w- C:\Program Files (x86)\Steam

2012-02-12 03:06:09 -------- d-----w- C:\Users\Xavier\AppData\Local\Apple Computer

2012-02-12 03:05:45 34152 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys

2012-02-12 03:05:45 126312 ----a-w- C:\Windows\System32\GEARAspi64.dll

2012-02-12 03:05:45 107368 ----a-w- C:\Windows\SysWow64\GEARAspi.dll

2012-02-12 03:05:16 -------- d-----w- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

2012-02-12 03:05:16 -------- d-----w- C:\Program Files\iTunes

2012-02-12 03:05:16 -------- d-----w- C:\Program Files\iPod

2012-02-12 03:05:16 -------- d-----w- C:\Program Files (x86)\iTunes

2012-02-12 03:04:28 -------- d-----w- C:\Users\Xavier\AppData\Local\Apple

2012-02-12 03:04:04 -------- d-----w- C:\Program Files\Bonjour

2012-02-12 03:04:04 -------- d-----w- C:\Program Files (x86)\Bonjour

2012-02-12 02:39:04 -------- d-----w- C:\Users\Xavier\AppData\Roaming\WildTangent

2012-02-12 02:18:13 -------- d-----w- C:\Users\Xavier\AppData\Local\Mozilla

2012-02-12 01:41:46 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C31FBCC8-C699-4F58-A767-26A372E87665}\mpengine.dll

2012-02-09 08:05:05 -------- d-----w- C:\Windows\SysWow64\Wat

2012-02-09 08:05:05 -------- d-----w- C:\Windows\System32\Wat

2012-02-09 07:43:40 367104 ----a-w- C:\Windows\System32\wcncsvc.dll

2012-02-09 07:43:40 276992 ----a-w- C:\Windows\SysWow64\wcncsvc.dll

2012-02-09 07:15:21 311808 ----a-w- C:\Windows\System32\msv1_0.dll

2012-02-09 07:15:21 257024 ----a-w- C:\Windows\SysWow64\msv1_0.dll

2012-02-09 06:50:33 99176 ----a-w- C:\Windows\SysWow64\PresentationHostProxy.dll

2012-02-09 06:50:33 49472 ----a-w- C:\Windows\SysWow64\netfxperf.dll

2012-02-09 06:50:33 297808 ----a-w- C:\Windows\SysWow64\mscoree.dll

2012-02-09 06:50:33 295264 ----a-w- C:\Windows\SysWow64\PresentationHost.exe

2012-02-09 06:50:32 48960 ----a-w- C:\Windows\System32\netfxperf.dll

2012-02-09 06:50:32 444752 ----a-w- C:\Windows\System32\mscoree.dll

2012-02-09 06:50:32 320352 ----a-w- C:\Windows\System32\PresentationHost.exe

2012-02-09 06:50:32 1942856 ----a-w- C:\Windows\System32\dfshim.dll

2012-02-09 06:50:32 1130824 ----a-w- C:\Windows\SysWow64\dfshim.dll

2012-02-09 06:50:32 109912 ----a-w- C:\Windows\System32\PresentationHostProxy.dll

2012-02-09 06:42:40 -------- d-----w- C:\Users\Xavier\AppData\Local\Microsoft Help

2012-02-09 06:27:57 243712 ----a-w- C:\Windows\System32\drivers\ks.sys

2012-02-09 06:27:35 -------- d---a-w- C:\Users\Xavier\My Apps

2012-02-09 06:26:03 1975296 ----a-w- C:\Windows\System32\CertEnroll.dll

2012-02-09 06:26:03 1320960 ----a-w- C:\Windows\SysWow64\CertEnroll.dll

2012-02-09 06:24:59 356352 ----a-w- C:\Windows\System32\RMActivate.exe

2012-02-09 06:18:25 1359872 ----a-w- C:\Windows\System32\mfc42u.dll

2012-02-09 06:17:42 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll

2012-02-09 06:17:42 46080 ----a-w- C:\Windows\System32\atmlib.dll

2012-02-09 06:17:42 367104 ----a-w- C:\Windows\System32\atmfd.dll

2012-02-09 06:17:42 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll

2012-02-09 06:17:42 294912 ----a-w- C:\Windows\SysWow64\atmfd.dll

2012-02-09 06:17:42 100864 ----a-w- C:\Windows\System32\fontsub.dll

2012-02-09 06:17:40 558592 ----a-w- C:\Windows\System32\spoolsv.exe

2012-02-09 06:15:57 987136 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msado15.dll

2012-02-09 06:14:58 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2012-02-09 06:07:34 77312 ----a-w- C:\Windows\System32\packager.dll

2012-02-09 06:07:34 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2012-02-09 06:06:09 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2012-02-09 06:06:00 279656 ------w- C:\Windows\System32\MpSigStub.exe

2012-02-09 06:02:15 139264 ----a-w- C:\Windows\System32\cabview.dll

2012-02-09 06:02:15 132608 ----a-w- C:\Windows\SysWow64\cabview.dll

2012-02-09 06:01:35 220672 ----a-w- C:\Windows\System32\wintrust.dll

2012-02-09 06:01:35 172032 ----a-w- C:\Windows\SysWow64\wintrust.dll

.

==================== Find3M ====================

.

2011-11-24 05:00:47 3141632 ----a-w- C:\Windows\System32\win32k.sys

2011-11-17 07:17:03 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2011-11-17 07:17:02 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2011-11-17 07:15:08 460296 ----a-w- C:\Windows\System32\drivers\cng.sys

2011-11-17 07:14:10 1739160 ----a-w- C:\Windows\System32\ntdll.dll

2011-11-17 07:12:02 395776 ----a-w- C:\Windows\System32\webio.dll

2011-11-17 07:11:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll

2011-11-17 07:11:33 136192 ----a-w- C:\Windows\System32\sspicli.dll

2011-11-17 07:11:02 28160 ----a-w- C:\Windows\System32\secur32.dll

2011-11-17 07:10:58 340992 ----a-w- C:\Windows\System32\schannel.dll

2011-11-17 07:08:18 1446912 ----a-w- C:\Windows\System32\lsasrv.dll

2011-11-17 07:05:16 31232 ----a-w- C:\Windows\System32\lsass.exe

2011-11-17 05:41:38 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll

2011-11-17 05:39:28 314368 ----a-w- C:\Windows\SysWow64\webio.dll

2011-11-17 05:39:21 224768 ----a-w- C:\Windows\SysWow64\schannel.dll

2011-11-17 05:39:21 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2011-11-17 05:35:13 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

.

============= FINISH: 3:19:59.26 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 1/8/2009 8:24:38 PM

System Uptime: 2/11/2012 5:22:05 PM (10 hours ago)

.

Motherboard: Gateway | | RS780

Processor: AMD Phenom™ 9750 Quad-Core Processor | AM2 | 2400/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 914 GiB total, 796.723 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

I: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}

Description: Standard PS/2 Keyboard

Device ID: ACPI\PNP0303\4&2A700557&0

Manufacturer: (Standard keyboards)

Name: Standard PS/2 Keyboard

PNP Device ID: ACPI\PNP0303\4&2A700557&0

Service: i8042prt

.

Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}

Description: Microsoft PS/2 Mouse

Device ID: ACPI\PNP0F03\4&2A700557&0

Manufacturer: Microsoft

Name: Microsoft PS/2 Mouse

PNP Device ID: ACPI\PNP0F03\4&2A700557&0

Service: i8042prt

.

==== System Restore Points ===================

.

RP1: 1/8/2009 8:33:14 PM - Installed DirectX

RP2: 1/8/2009 9:18:49 PM - Installed AVG 2012

RP3: 1/8/2009 9:19:48 PM - Installed AVG 2012

RP4: 1/8/2009 9:49:42 PM - Removed Norton Online Backup

RP5: 2/8/2012 9:54:24 PM - Removed eBay Worldwide

RP6: 2/8/2012 10:05:32 PM - Windows Update

RP7: 2/8/2012 10:26:29 PM - Windows Update

RP8: 2/11/2012 5:24:35 PM - Windows Update

RP9: 2/11/2012 5:40:55 PM - Windows Update

RP10: 2/11/2012 7:04:29 PM - Installed iTunes

RP11: 2/11/2012 7:06:52 PM - Installed Steam

RP12: 2/12/2012 3:00:17 AM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

2007 Microsoft Office Suite Service Pack 2 (SP2)

Acrobat.com

Adobe AIR

Adobe Flash Player 10 ActiveX

Adobe Reader 9.1 MUI

Advertising Center

Alien Swarm

Apple Application Support

Apple Software Update

ARMA 2

Backup Manager Advance

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Choice Guard

Compatibility Pack for the 2007 Office system

Counter-Strike: Source

Garry's Mod

Gateway Games

Gateway InfoCentre

Gateway MyBackup

Gateway Photo Frame 4.2.3.10

Gateway Recovery Management

Gateway Registration

Gateway ScreenSaver

Gateway Updater

Google Chrome

Identity Card

ImagXpress

Jagged Alliance - Back in Action Demo

Junk Mail filter update

Marvell Miniport Driver

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Works

Mozilla Firefox 10.0.1 (x86 en-US)

MSVCRT

Nero 9 Essentials

Nero ControlCenter

Nero DiscSpeed

Nero DiscSpeed Help

Nero DriveSpeed

Nero DriveSpeed Help

Nero Express Help

Nero InfoTool

Nero InfoTool Help

Nero Installer

Nero Online Upgrade

Nero StartSmart

Nero StartSmart Help

Nero StartSmart OEM

NeroExpress

neroxml

Portal

Realtek High Definition Audio Driver

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Shank 2 Demo

Steam

Team Fortress 2

Update for 2007 Microsoft Office System (KB2284654)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Visual Studio 2008 x64 Redistributables

Welcome Center

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

.

==== Event Viewer Messages From Past Week ========

.

2/9/2012 12:09:00 AM, Error: Service Control Manager [7023] -

2/9/2012 12:06:16 AM, Error: Service Control Manager [7034] - The Updater Service service terminated unexpectedly. It has done this 1 time(s).

2/9/2012 12:06:15 AM, Error: Service Control Manager [7034] - The NTI IScheduleSvc service terminated unexpectedly. It has done this 1 time(s).

2/9/2012 12:06:13 AM, Error: Service Control Manager [7034] - The GRegService service terminated unexpectedly. It has done this 1 time(s).

2/8/2012 11:26:56 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).

2/8/2012 11:02:12 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

2/8/2012 11:02:12 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/12/2012 3:17:29 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB973688).

2/12/2012 3:17:16 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft XML Core Services 4.0 Service Pack 2 for x64-based Systems (KB954430).

2/11/2012 7:08:10 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

2/11/2012 7:08:10 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

2/11/2012 5:23:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2632503).

2/11/2012 5:23:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Internet Explorer 8 Compatibility View List for Windows 7 for x64-based Systems (KB2598845).

2/11/2012 5:23:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 8 for Windows 7 for x64-based Systems (KB2544521).

.

==== End Of File ===========================

[LDTate]

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

[Xmon13]

I believed it was functioning fine but last night got the blue screen and windows OS not starting. Now it is working I am typing from it but do not know if at any moment it will cease working. For a second I believed it was my PSU and have ordered a newer stronger one and would like to test that hopefully nothing has been burnt out but I am not as hardware savvy as I would like I was thinking this could be why my good video card would not work but now I have no idea due to the sporratic nature of my OS functioning. I know a full reinstall of my OS was done as I had no programs and he added the old files he could save from a backup. Is it a virus in my archives? Or could it be hardware? If it was my PSU why is it working now? These are just questions I have been thinking over as I troubleshoot. MBAM is installing and I will post log immediately if all goes well.

[Xmon13]

Immediately after install MBAM blocked a svchost.exe scanning now.

[Xmon13]

Malwarebytes Anti-Malware (Trial) 1.60.1.1000

www.malwarebytes.org

Database version: v2012.02.13.06

Windows 7 x64 NTFS

Internet Explorer 9.0.8112.16421

Xavier :: XAVIER-PC [administrator]

Protection: Enabled

2/13/2012 4:16:32 PM

mbam-log-2012-02-13 (16-19-17).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 180078

Time elapsed: 2 minute(s), 31 second(s)

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 4072 -> No action taken.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> No action taken.

(end)

[Xmon13]

I did not select remove selected on the two Trojan.Agent which were detected for fear of activating what occured to my computer last time MBAM continues to block outgoing svchost.exe as indicated by pop up in bottom right. (Occuring more frequently) I will wait for further instruction before I take action.

[LDTate]

Download TDSSKiller from here and save it to your Desktop.

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
   
   
2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
   
   
3. Click the Start Scan button.
   
   
4. If a suspicious object is detected, the default action will be Skip, click on Continue.
   
   
5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
   
6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
   
   

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

[Xmon13]

I ran Tdss Killer as instructed selected cure for the malicious item detected then selected reboot computer. My computer is now frozen on the Gateway startup Logo screen with boot menu in bottom left should I restart my system or wait. I am writing this reply from my phone.

[LDTate]

The infection you have is a RootKit Infection that can mess-up the boot sector.

Yes, manually try a reboot

[Xmon13]

16:49:20.0288 6756 TDSS rootkit removing tool 2.7.12.0 Feb 11 2012 16:58:52

16:49:20.0741 6756 ============================================================

16:49:20.0741 6756 Current date / time: 2012/02/13 16:49:20.0741

16:49:20.0741 6756 SystemInfo:

16:49:20.0741 6756

16:49:20.0741 6756 OS Version: 6.1.7600 ServicePack: 0.0

16:49:20.0741 6756 Product type: Workstation

16:49:20.0741 6756 ComputerName: XAVIER-PC

16:49:20.0741 6756 UserName: Xavier

16:49:20.0741 6756 Windows directory: C:\Windows

16:49:20.0741 6756 System windows directory: C:\Windows

16:49:20.0741 6756 Running under WOW64

16:49:20.0741 6756 Processor architecture: Intel x64

16:49:20.0741 6756 Number of processors: 4

16:49:20.0741 6756 Page size: 0x1000

16:49:20.0741 6756 Boot type: Normal boot

16:49:20.0741 6756 ============================================================

16:49:21.0801 6756 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:49:21.0833 6756 \Device\Harddisk0\DR0:

16:49:21.0833 6756 MBR used

16:49:21.0833 6756 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2200800, BlocksNum 0x32000

16:49:21.0833 6756 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2232800, BlocksNum 0x724D3DB0

16:49:21.0848 6756 Initialize success

16:49:21.0848 6756 ============================================================

16:50:01.0192 6836 ============================================================

16:50:01.0192 6836 Scan started

16:50:01.0192 6836 Mode: Manual; SigCheck; TDLFS;

16:50:01.0192 6836 ============================================================

16:50:01.0707 6836 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

16:50:01.0848 6836 1394ohci - ok

16:50:02.0082 6836 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

16:50:02.0113 6836 ACPI - ok

16:50:02.0316 6836 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

16:50:02.0362 6836 AcpiPmi - ok

16:50:02.0612 6836 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

16:50:02.0643 6836 adp94xx - ok

16:50:02.0862 6836 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

16:50:02.0877 6836 adpahci - ok

16:50:03.0111 6836 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

16:50:03.0142 6836 adpu320 - ok

16:50:03.0361 6836 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

16:50:03.0408 6836 AFD - ok

16:50:03.0782 6836 AgereSoftModem (2173e070647ac68c16b8214fe5c05ec3) C:\Windows\system32\DRIVERS\agrsm64.sys

16:50:03.0876 6836 AgereSoftModem - ok

16:50:04.0094 6836 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

16:50:04.0110 6836 agp440 - ok

16:50:04.0328 6836 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

16:50:04.0344 6836 aliide - ok

16:50:04.0609 6836 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

16:50:04.0624 6836 amdide - ok

16:50:04.0827 6836 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys

16:50:04.0921 6836 amdiox64 - ok

16:50:05.0124 6836 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

16:50:05.0155 6836 AmdK8 - ok

16:50:05.0560 6836 amdkmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys

16:50:05.0888 6836 amdkmdag - ok

16:50:06.0122 6836 amdkmdap (961a81a84fdd700e361e8294528a37ba) C:\Windows\system32\DRIVERS\atikmpag.sys

16:50:06.0169 6836 amdkmdap - ok

16:50:06.0387 6836 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

16:50:06.0434 6836 AmdPPM - ok

16:50:06.0668 6836 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

16:50:06.0684 6836 amdsata - ok

16:50:06.0902 6836 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

16:50:06.0918 6836 amdsbs - ok

16:50:07.0136 6836 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

16:50:07.0152 6836 amdxata - ok

16:50:07.0214 6836 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

16:50:07.0230 6836 AODDriver4.01 - ok

16:50:07.0448 6836 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

16:50:07.0495 6836 AppID - ok

16:50:07.0744 6836 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

16:50:07.0760 6836 arc - ok

16:50:07.0963 6836 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

16:50:07.0978 6836 arcsas - ok

16:50:08.0197 6836 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

16:50:08.0275 6836 AsyncMac - ok

16:50:08.0478 6836 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

16:50:08.0493 6836 atapi - ok

16:50:08.0758 6836 AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys

16:50:08.0790 6836 AtiHDAudioService - ok

16:50:09.0039 6836 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys

16:50:09.0055 6836 AtiHdmiService - ok

16:50:09.0460 6836 atikmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys

16:50:09.0616 6836 atikmdag - ok

16:50:09.0835 6836 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys

16:50:09.0850 6836 AtiPcie - ok

16:50:10.0069 6836 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

16:50:10.0084 6836 AVGIDSDriver - ok

16:50:10.0318 6836 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

16:50:10.0318 6836 AVGIDSEH - ok

16:50:10.0521 6836 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

16:50:10.0537 6836 AVGIDSFilter - ok

16:50:10.0755 6836 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

16:50:10.0786 6836 Avgldx64 - ok

16:50:11.0005 6836 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

16:50:11.0020 6836 Avgmfx64 - ok

16:50:11.0239 6836 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

16:50:11.0254 6836 Avgrkx64 - ok

16:50:11.0457 6836 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

16:50:11.0488 6836 Avgtdia - ok

16:50:11.0722 6836 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

16:50:11.0785 6836 b06bdrv - ok

16:50:12.0003 6836 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

16:50:12.0050 6836 b57nd60a - ok

16:50:12.0268 6836 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

16:50:12.0346 6836 Beep - ok

16:50:12.0580 6836 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

16:50:12.0612 6836 blbdrive - ok

16:50:12.0861 6836 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

16:50:12.0892 6836 bowser - ok

16:50:13.0111 6836 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:50:13.0158 6836 BrFiltLo - ok

16:50:13.0360 6836 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:50:13.0392 6836 BrFiltUp - ok

16:50:13.0579 6836 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

16:50:13.0626 6836 Brserid - ok

16:50:13.0844 6836 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

16:50:13.0875 6836 BrSerWdm - ok

16:50:14.0218 6836 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

16:50:14.0265 6836 BrUsbMdm - ok

16:50:14.0468 6836 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

16:50:14.0515 6836 BrUsbSer - ok

16:50:14.0749 6836 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

16:50:14.0796 6836 BTHMODEM - ok

16:50:15.0061 6836 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

16:50:15.0123 6836 cdfs - ok

16:50:15.0342 6836 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

16:50:15.0388 6836 cdrom - ok

16:50:15.0654 6836 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

16:50:15.0700 6836 circlass - ok

16:50:15.0872 6836 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

16:50:15.0903 6836 CLFS - ok

16:50:16.0153 6836 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

16:50:16.0215 6836 CmBatt - ok

16:50:16.0418 6836 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

16:50:16.0449 6836 cmdide - ok

16:50:16.0652 6836 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

16:50:16.0699 6836 CNG - ok

16:50:16.0980 6836 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

16:50:16.0995 6836 Compbatt - ok

16:50:17.0292 6836 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

16:50:17.0354 6836 CompositeBus - ok

16:50:17.0573 6836 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

16:50:17.0588 6836 crcdisk - ok

16:50:17.0869 6836 cxpl_mhd (e3763f2e140f4841b3971fd1a3c82928) C:\Windows\system32\drivers\y_cx88x.sys

16:50:17.0916 6836 cxpl_mhd - ok

16:50:18.0181 6836 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

16:50:18.0212 6836 DfsC - ok

16:50:18.0431 6836 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

16:50:18.0509 6836 discache - ok

16:50:18.0743 6836 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

16:50:18.0743 6836 Disk - ok

16:50:19.0601 6836 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

16:50:19.0647 6836 drmkaud - ok

16:50:19.0928 6836 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

16:50:19.0944 6836 DXGKrnl - ok

16:50:20.0225 6836 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

16:50:20.0318 6836 ebdrv - ok

16:50:20.0568 6836 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

16:50:20.0599 6836 elxstor - ok

16:50:20.0817 6836 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

16:50:20.0864 6836 ErrDev - ok

16:50:21.0098 6836 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

16:50:21.0161 6836 exfat - ok

16:50:21.0363 6836 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

16:50:21.0441 6836 fastfat - ok

16:50:21.0675 6836 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

16:50:21.0722 6836 fdc - ok

16:50:21.0987 6836 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

16:50:22.0003 6836 FileInfo - ok

16:50:22.0206 6836 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

16:50:22.0299 6836 Filetrace - ok

16:50:22.0518 6836 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

16:50:22.0533 6836 flpydisk - ok

16:50:22.0752 6836 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

16:50:22.0767 6836 FltMgr - ok

16:50:23.0001 6836 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

16:50:23.0017 6836 FsDepends - ok

16:50:23.0220 6836 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

16:50:23.0251 6836 Fs_Rec - ok

16:50:23.0469 6836 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

16:50:23.0501 6836 fvevol - ok

16:50:23.0735 6836 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

16:50:23.0750 6836 gagp30kx - ok

16:50:23.0984 6836 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:50:24.0015 6836 GEARAspiWDM - ok

16:50:24.0249 6836 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

16:50:24.0296 6836 hcw85cir - ok

16:50:24.0530 6836 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

16:50:24.0577 6836 HdAudAddService - ok

16:50:24.0967 6836 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

16:50:25.0092 6836 HDAudBus - ok

16:50:25.0341 6836 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

16:50:25.0357 6836 HidBatt - ok

16:50:25.0575 6836 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

16:50:25.0622 6836 HidBth - ok

16:50:25.0856 6836 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

16:50:25.0903 6836 HidIr - ok

16:50:26.0137 6836 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

16:50:26.0168 6836 HidUsb - ok

16:50:26.0402 6836 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

16:50:26.0418 6836 HpSAMD - ok

16:50:26.0652 6836 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

16:50:26.0761 6836 HTTP - ok

16:50:26.0995 6836 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

16:50:27.0011 6836 hwpolicy - ok

16:50:27.0229 6836 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

16:50:27.0260 6836 i8042prt - ok

16:50:27.0479 6836 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

16:50:27.0510 6836 iaStorV - ok

16:50:27.0744 6836 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

16:50:27.0759 6836 iirsp - ok

16:50:28.0025 6836 IntcAzAudAddService (135856ac71116ccff05ed8481745241b) C:\Windows\system32\drivers\RTKVHD64.sys

16:50:28.0087 6836 IntcAzAudAddService - ok

16:50:28.0305 6836 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

16:50:28.0321 6836 intelide - ok

16:50:28.0539 6836 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

16:50:28.0586 6836 intelppm - ok

16:50:28.0805 6836 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:50:28.0867 6836 IpFilterDriver - ok

16:50:29.0101 6836 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

16:50:29.0148 6836 IPMIDRV - ok

16:50:29.0366 6836 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

16:50:29.0444 6836 IPNAT - ok

16:50:29.0694 6836 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

16:50:29.0725 6836 IRENUM - ok

16:50:29.0943 6836 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

16:50:29.0959 6836 isapnp - ok

16:50:30.0209 6836 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

16:50:30.0224 6836 iScsiPrt - ok

16:50:30.0489 6836 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

16:50:30.0521 6836 kbdclass - ok

16:50:30.0739 6836 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

16:50:30.0786 6836 kbdhid - ok

16:50:31.0004 6836 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

16:50:31.0020 6836 KSecDD - ok

16:50:31.0238 6836 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

16:50:31.0254 6836 KSecPkg - ok

16:50:31.0457 6836 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

16:50:31.0550 6836 ksthunk - ok

16:50:31.0831 6836 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys

16:50:31.0847 6836 LHidFilt - ok

16:50:32.0081 6836 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

16:50:32.0174 6836 lltdio - ok

16:50:32.0408 6836 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys

16:50:32.0424 6836 LMouFilt - ok

16:50:32.0642 6836 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

16:50:32.0673 6836 LSI_FC - ok

16:50:32.0892 6836 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

16:50:32.0907 6836 LSI_SAS - ok

16:50:33.0157 6836 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:50:33.0173 6836 LSI_SAS2 - ok

16:50:33.0407 6836 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:50:33.0438 6836 LSI_SCSI - ok

16:50:33.0625 6836 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

16:50:33.0703 6836 luafv - ok

16:50:33.0937 6836 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

16:50:33.0953 6836 MBAMProtector - ok

16:50:34.0187 6836 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

16:50:34.0202 6836 megasas - ok

16:50:34.0405 6836 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

16:50:34.0436 6836 MegaSR - ok

16:50:34.0639 6836 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

16:50:34.0717 6836 Modem - ok

16:50:34.0951 6836 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

16:50:34.0982 6836 monitor - ok

16:50:35.0216 6836 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

16:50:35.0232 6836 mouclass - ok

16:50:35.0466 6836 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

16:50:35.0513 6836 mouhid - ok

16:50:35.0731 6836 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

16:50:35.0747 6836 mountmgr - ok

16:50:35.0965 6836 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

16:50:35.0981 6836 mpio - ok

16:50:36.0199 6836 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

16:50:36.0293 6836 mpsdrv - ok

16:50:36.0511 6836 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

16:50:36.0573 6836 MRxDAV - ok

16:50:36.0792 6836 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:50:36.0854 6836 mrxsmb - ok

16:50:37.0088 6836 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:50:37.0135 6836 mrxsmb10 - ok

16:50:37.0369 6836 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:50:37.0400 6836 mrxsmb20 - ok

16:50:37.0603 6836 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

16:50:37.0619 6836 msahci - ok

16:50:37.0837 6836 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

16:50:37.0853 6836 msdsm - ok

16:50:38.0071 6836 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

16:50:38.0149 6836 Msfs - ok

16:50:38.0352 6836 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

16:50:38.0445 6836 mshidkmdf - ok

16:50:38.0664 6836 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

16:50:38.0679 6836 msisadrv - ok

16:50:38.0913 6836 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

16:50:39.0007 6836 MSKSSRV - ok

16:50:39.0241 6836 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

16:50:39.0335 6836 MSPCLOCK - ok

16:50:39.0569 6836 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

16:50:39.0631 6836 MSPQM - ok

16:50:39.0865 6836 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

16:50:39.0896 6836 MsRPC - ok

16:50:40.0099 6836 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

16:50:40.0115 6836 mssmbios - ok

16:50:40.0333 6836 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

16:50:40.0427 6836 MSTEE - ok

16:50:40.0645 6836 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

16:50:40.0692 6836 MTConfig - ok

16:50:40.0910 6836 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

16:50:40.0941 6836 Mup - ok

16:50:41.0175 6836 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

16:50:41.0238 6836 NativeWifiP - ok

16:50:41.0487 6836 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

16:50:41.0519 6836 NDIS - ok

16:50:41.0737 6836 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

16:50:41.0831 6836 NdisCap - ok

16:50:42.0065 6836 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

16:50:42.0143 6836 NdisTapi - ok

16:50:42.0377 6836 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

16:50:42.0470 6836 Ndisuio - ok

16:50:42.0689 6836 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

16:50:42.0782 6836 NdisWan - ok

16:50:43.0016 6836 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

16:50:43.0094 6836 NDProxy - ok

16:50:43.0344 6836 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

16:50:43.0422 6836 NetBIOS - ok

16:50:43.0656 6836 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

16:50:43.0749 6836 NetBT - ok

16:50:43.0999 6836 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

16:50:44.0015 6836 nfrd960 - ok

16:50:44.0249 6836 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

16:50:44.0327 6836 Npfs - ok

16:50:44.0545 6836 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

16:50:44.0639 6836 nsiproxy - ok

16:50:44.0888 6836 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

16:50:44.0951 6836 Ntfs - ok

16:50:45.0185 6836 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

16:50:45.0200 6836 NTIDrvr - ok

16:50:45.0403 6836 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

16:50:45.0481 6836 Null - ok

16:50:45.0684 6836 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

16:50:45.0699 6836 nvraid - ok

16:50:45.0918 6836 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

16:50:45.0933 6836 nvstor - ok

16:50:46.0152 6836 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

16:50:46.0167 6836 nv_agp - ok

16:50:46.0386 6836 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

16:50:46.0433 6836 ohci1394 - ok

16:50:46.0651 6836 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

16:50:46.0682 6836 Parport - ok

16:50:46.0885 6836 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

16:50:46.0901 6836 partmgr - ok

16:50:47.0119 6836 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

16:50:47.0135 6836 pci - ok

16:50:47.0337 6836 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

16:50:47.0353 6836 pciide - ok

16:50:47.0556 6836 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

16:50:47.0571 6836 pcmcia - ok

16:50:47.0774 6836 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

16:50:47.0790 6836 pcw - ok

16:50:48.0008 6836 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

16:50:48.0102 6836 PEAUTH - ok

16:50:48.0383 6836 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

16:50:48.0476 6836 PptpMiniport - ok

16:50:48.0679 6836 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

16:50:48.0726 6836 Processor - ok

16:50:48.0960 6836 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

16:50:49.0022 6836 Psched - ok

16:50:49.0241 6836 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

16:50:49.0303 6836 ql2300 - ok

16:50:49.0490 6836 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

16:50:49.0521 6836 ql40xx - ok

16:50:49.0709 6836 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

16:50:49.0771 6836 QWAVEdrv - ok

16:50:49.0974 6836 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

16:50:50.0067 6836 RasAcd - ok

16:50:50.0301 6836 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

16:50:50.0379 6836 RasAgileVpn - ok

16:50:50.0613 6836 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:50:50.0707 6836 Rasl2tp - ok

16:50:50.0957 6836 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

16:50:51.0035 6836 RasPppoe - ok

16:50:51.0269 6836 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

16:50:51.0347 6836 RasSstp - ok

16:50:51.0549 6836 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

16:50:51.0643 6836 rdbss - ok

16:50:51.0861 6836 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

16:50:51.0908 6836 rdpbus - ok

16:50:52.0127 6836 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:50:52.0236 6836 RDPCDD - ok

16:50:52.0470 6836 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

16:50:52.0563 6836 RDPENCDD - ok

16:50:52.0782 6836 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

16:50:52.0844 6836 RDPREFMP - ok

16:50:53.0047 6836 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

16:50:53.0141 6836 RDPWD - ok

16:50:53.0375 6836 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

16:50:53.0406 6836 rdyboost - ok

16:50:53.0640 6836 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

16:50:53.0718 6836 rspndr - ok

16:50:53.0967 6836 RTL85n64 (1eacf0a3d913ed4b80e76b478f30be4f) C:\Windows\system32\DRIVERS\RTL85n64.sys

16:50:53.0983 6836 RTL85n64 - ok

16:50:54.0186 6836 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

16:50:54.0217 6836 sbp2port - ok

16:50:54.0451 6836 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

16:50:54.0529 6836 scfilter - ok

16:50:54.0763 6836 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

16:50:54.0841 6836 secdrv - ok

16:50:55.0059 6836 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

16:50:55.0106 6836 Serenum - ok

16:50:55.0340 6836 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

16:50:55.0356 6836 Serial - ok

16:50:55.0574 6836 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

16:50:55.0605 6836 sermouse - ok

16:50:55.0839 6836 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

16:50:55.0886 6836 sffdisk - ok

16:50:56.0105 6836 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

16:50:56.0151 6836 sffp_mmc - ok

16:50:56.0370 6836 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

16:50:56.0432 6836 sffp_sd - ok

16:50:56.0635 6836 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

16:50:56.0666 6836 sfloppy - ok

16:50:56.0916 6836 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:50:56.0931 6836 SiSRaid2 - ok

16:50:57.0134 6836 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

16:50:57.0150 6836 SiSRaid4 - ok

16:50:57.0384 6836 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

16:50:57.0431 6836 Smb - ok

16:50:57.0649 6836 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

16:50:57.0665 6836 spldr - ok

16:50:57.0899 6836 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

16:50:57.0930 6836 srv - ok

16:50:58.0148 6836 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

16:50:58.0164 6836 srv2 - ok

16:50:58.0382 6836 SrvHsfPCI (93132c69394a99d992095d8cfe464801) C:\Windows\system32\DRIVERS\VSTBS26.SYS

16:50:58.0445 6836 SrvHsfPCI - ok

16:50:58.0663 6836 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

16:50:58.0741 6836 SrvHsfV92 - ok

16:50:58.0975 6836 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

16:50:59.0006 6836 SrvHsfWinac - ok

16:50:59.0225 6836 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

16:50:59.0271 6836 srvnet - ok

16:50:59.0505 6836 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

16:50:59.0521 6836 stexstor - ok

16:50:59.0755 6836 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

16:50:59.0771 6836 swenum - ok

16:51:00.0051 6836 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

16:51:00.0114 6836 Tcpip - ok

16:51:00.0379 6836 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

16:51:00.0426 6836 TCPIP6 - ok

16:51:00.0644 6836 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

16:51:00.0707 6836 tcpipreg - ok

16:51:00.0925 6836 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

16:51:01.0003 6836 TDPIPE - ok

16:51:01.0206 6836 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

16:51:01.0284 6836 TDTCP - ok

16:51:01.0518 6836 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

16:51:01.0596 6836 tdx - ok

16:51:01.0814 6836 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

16:51:01.0830 6836 TermDD - ok

16:51:02.0048 6836 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:51:02.0095 6836 tssecsrv - ok

16:51:02.0345 6836 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

16:51:02.0423 6836 tunnel - ok

16:51:02.0657 6836 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

16:51:02.0672 6836 uagp35 - ok

16:51:02.0891 6836 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

16:51:02.0891 6836 UBHelper - ok

16:51:03.0109 6836 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

16:51:03.0203 6836 udfs - ok

16:51:03.0421 6836 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

16:51:03.0437 6836 uliagpkx - ok

16:51:03.0671 6836 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

16:51:03.0717 6836 umbus - ok

16:51:03.0936 6836 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

16:51:03.0967 6836 UmPass - ok

16:51:04.0201 6836 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

16:51:04.0248 6836 usbccgp - ok

16:51:04.0466 6836 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

16:51:04.0529 6836 usbcir - ok

16:51:04.0747 6836 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys

16:51:04.0778 6836 usbehci - ok

16:51:05.0028 6836 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

16:51:05.0075 6836 usbhub - ok

16:51:05.0309 6836 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys

16:51:05.0340 6836 usbohci - ok

16:51:05.0574 6836 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

16:51:05.0621 6836 usbprint - ok

16:51:05.0823 6836 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS

16:51:05.0886 6836 USBSTOR - ok

16:51:06.0104 6836 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys

16:51:06.0120 6836 usbuhci - ok

16:51:06.0338 6836 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

16:51:06.0369 6836 vdrvroot - ok

16:51:06.0619 6836 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

16:51:06.0635 6836 vga - ok

16:51:06.0837 6836 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

16:51:06.0900 6836 VgaSave - ok

16:51:07.0118 6836 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

16:51:07.0149 6836 vhdmp - ok

16:51:07.0337 6836 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

16:51:07.0352 6836 viaide - ok

16:51:07.0555 6836 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

16:51:07.0571 6836 volmgr - ok

16:51:07.0789 6836 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

16:51:07.0820 6836 volmgrx - ok

16:51:08.0023 6836 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

16:51:08.0039 6836 volsnap - ok

16:51:08.0257 6836 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

16:51:08.0288 6836 vsmraid - ok

16:51:08.0491 6836 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

16:51:08.0538 6836 vwifibus - ok

16:51:08.0772 6836 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

16:51:08.0819 6836 WacomPen - ok

16:51:09.0037 6836 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

16:51:09.0131 6836 WANARP - ok

16:51:09.0146 6836 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

16:51:09.0193 6836 Wanarpv6 - ok

16:51:09.0427 6836 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

16:51:09.0443 6836 Wd - ok

16:51:09.0661 6836 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

16:51:09.0692 6836 Wdf01000 - ok

16:51:09.0942 6836 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

16:51:10.0004 6836 WfpLwf - ok

16:51:10.0191 6836 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

16:51:10.0207 6836 WIMMount - ok

16:51:10.0457 6836 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

16:51:10.0503 6836 WmiAcpi - ok

16:51:10.0737 6836 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

16:51:10.0815 6836 ws2ifsl - ok

16:51:11.0034 6836 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

16:51:11.0112 6836 WudfPf - ok

16:51:11.0346 6836 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:51:11.0424 6836 WUDFRd - ok

16:51:11.0705 6836 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys

16:51:11.0751 6836 yukonw7 - ok

16:51:11.0783 6836 MBR (0x1B8) (1f753b395539269a3484aecd505b79bd) \Device\Harddisk0\DR0

16:51:11.0814 6836 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected

16:51:11.0814 6836 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)

16:51:11.0845 6836 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

16:51:11.0845 6836 \Device\Harddisk0\DR0 - detected TDSS File System (1)

16:51:11.0876 6836 Boot (0x1200) (bcbfcf4cc64dad7db170877e7a705c4f) \Device\Harddisk0\DR0\Partition0

16:51:11.0876 6836 \Device\Harddisk0\DR0\Partition0 - ok

16:51:11.0907 6836 Boot (0x1200) (3960b56ab06ce2e666051714f7328195) \Device\Harddisk0\DR0\Partition1

16:51:11.0907 6836 \Device\Harddisk0\DR0\Partition1 - ok

16:51:11.0907 6836 ============================================================

16:51:11.0907 6836 Scan finished

16:51:11.0907 6836 ============================================================

16:51:11.0923 6416 Detected object count: 2

16:51:11.0923 6416 Actual detected object count: 2

16:51:31.0111 6416 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - skipped by user

16:51:31.0111 6416 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Skip

16:51:31.0111 6416 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

16:51:31.0111 6416 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

16:52:19.0471 0204 ============================================================

16:52:19.0471 0204 Scan started

16:52:19.0471 0204 Mode: Manual; SigCheck; TDLFS;

16:52:19.0471 0204 ============================================================

16:52:20.0158 0204 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys

16:52:20.0173 0204 1394ohci - ok

16:52:20.0392 0204 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys

16:52:20.0407 0204 ACPI - ok

16:52:20.0626 0204 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

16:52:20.0641 0204 AcpiPmi - ok

16:52:20.0875 0204 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

16:52:20.0891 0204 adp94xx - ok

16:52:21.0109 0204 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

16:52:21.0140 0204 adpahci - ok

16:52:21.0343 0204 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

16:52:21.0374 0204 adpu320 - ok

16:52:21.0593 0204 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

16:52:21.0624 0204 AFD - ok

16:52:21.0858 0204 AgereSoftModem (2173e070647ac68c16b8214fe5c05ec3) C:\Windows\system32\DRIVERS\agrsm64.sys

16:52:21.0905 0204 AgereSoftModem - ok

16:52:22.0108 0204 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

16:52:22.0123 0204 agp440 - ok

16:52:22.0326 0204 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

16:52:22.0357 0204 aliide - ok

16:52:22.0560 0204 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

16:52:22.0591 0204 amdide - ok

16:52:22.0794 0204 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys

16:52:22.0810 0204 amdiox64 - ok

16:52:23.0028 0204 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

16:52:23.0044 0204 AmdK8 - ok

16:52:23.0434 0204 amdkmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys

16:52:23.0558 0204 amdkmdag - ok

16:52:23.0792 0204 amdkmdap (961a81a84fdd700e361e8294528a37ba) C:\Windows\system32\DRIVERS\atikmpag.sys

16:52:23.0824 0204 amdkmdap - ok

16:52:24.0042 0204 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

16:52:24.0058 0204 AmdPPM - ok

16:52:24.0260 0204 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

16:52:24.0292 0204 amdsata - ok

16:52:24.0494 0204 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

16:52:24.0510 0204 amdsbs - ok

16:52:24.0713 0204 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

16:52:24.0744 0204 amdxata - ok

16:52:24.0791 0204 AODDriver4.01 (f312fad7dbd49ed21a194ac71b497832) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys

16:52:24.0806 0204 AODDriver4.01 - ok

16:52:25.0025 0204 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

16:52:25.0056 0204 AppID - ok

16:52:25.0274 0204 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

16:52:25.0290 0204 arc - ok

16:52:25.0493 0204 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

16:52:25.0508 0204 arcsas - ok

16:52:25.0727 0204 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

16:52:25.0789 0204 AsyncMac - ok

16:52:25.0992 0204 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

16:52:26.0008 0204 atapi - ok

16:52:26.0226 0204 AtiHDAudioService (230cf51113cd4b830b3bfd09b0d4c066) C:\Windows\system32\drivers\AtihdW76.sys

16:52:26.0226 0204 AtiHDAudioService - ok

16:52:26.0444 0204 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys

16:52:26.0460 0204 AtiHdmiService - ok

16:52:26.0850 0204 atikmdag (322e5c178990f116f00e3d923f4e6b1c) C:\Windows\system32\DRIVERS\atikmdag.sys

16:52:27.0022 0204 atikmdag - ok

16:52:27.0240 0204 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\DRIVERS\AtiPcie.sys

16:52:27.0256 0204 AtiPcie - ok

16:52:27.0474 0204 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys

16:52:27.0490 0204 AVGIDSDriver - ok

16:52:27.0692 0204 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys

16:52:27.0708 0204 AVGIDSEH - ok

16:52:27.0911 0204 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys

16:52:27.0926 0204 AVGIDSFilter - ok

16:52:28.0145 0204 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys

16:52:28.0160 0204 Avgldx64 - ok

16:52:28.0363 0204 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys

16:52:28.0379 0204 Avgmfx64 - ok

16:52:28.0597 0204 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys

16:52:28.0597 0204 Avgrkx64 - ok

16:52:28.0831 0204 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys

16:52:28.0847 0204 Avgtdia - ok

16:52:29.0065 0204 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

16:52:29.0081 0204 b06bdrv - ok

16:52:29.0284 0204 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

16:52:29.0315 0204 b57nd60a - ok

16:52:29.0518 0204 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

16:52:29.0596 0204 Beep - ok

16:52:29.0814 0204 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

16:52:29.0830 0204 blbdrive - ok

16:52:30.0048 0204 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

16:52:30.0064 0204 bowser - ok

16:52:30.0266 0204 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

16:52:30.0282 0204 BrFiltLo - ok

16:52:30.0485 0204 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

16:52:30.0516 0204 BrFiltUp - ok

16:52:30.0719 0204 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

16:52:30.0750 0204 Brserid - ok

16:52:30.0953 0204 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

16:52:30.0984 0204 BrSerWdm - ok

16:52:31.0187 0204 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

16:52:31.0202 0204 BrUsbMdm - ok

16:52:31.0546 0204 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

16:52:31.0561 0204 BrUsbSer - ok

16:52:31.0764 0204 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

16:52:31.0795 0204 BTHMODEM - ok

16:52:32.0014 0204 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

16:52:32.0076 0204 cdfs - ok

16:52:32.0279 0204 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

16:52:32.0310 0204 cdrom - ok

16:52:32.0513 0204 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

16:52:32.0528 0204 circlass - ok

16:52:32.0684 0204 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

16:52:32.0716 0204 CLFS - ok

16:52:32.0950 0204 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

16:52:32.0981 0204 CmBatt - ok

16:52:33.0184 0204 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

16:52:33.0199 0204 cmdide - ok

16:52:33.0418 0204 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

16:52:33.0433 0204 CNG - ok

16:52:33.0652 0204 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

16:52:33.0667 0204 Compbatt - ok

16:52:33.0870 0204 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

16:52:33.0901 0204 CompositeBus - ok

16:52:34.0104 0204 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

16:52:34.0120 0204 crcdisk - ok

16:52:34.0354 0204 cxpl_mhd (e3763f2e140f4841b3971fd1a3c82928) C:\Windows\system32\drivers\y_cx88x.sys

16:52:34.0369 0204 cxpl_mhd - ok

16:52:34.0588 0204 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

16:52:34.0619 0204 DfsC - ok

16:52:34.0822 0204 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

16:52:34.0868 0204 discache - ok

16:52:35.0071 0204 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

16:52:35.0087 0204 Disk - ok

16:52:35.0305 0204 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

16:52:35.0321 0204 drmkaud - ok

16:52:35.0555 0204 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

16:52:35.0586 0204 DXGKrnl - ok

16:52:35.0851 0204 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

16:52:35.0898 0204 ebdrv - ok

16:52:36.0132 0204 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

16:52:36.0163 0204 elxstor - ok

16:52:36.0366 0204 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

16:52:36.0382 0204 ErrDev - ok

16:52:36.0631 0204 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

16:52:36.0694 0204 exfat - ok

16:52:36.0896 0204 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

16:52:36.0943 0204 fastfat - ok

16:52:37.0162 0204 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

16:52:37.0177 0204 fdc - ok

16:52:37.0380 0204 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

16:52:37.0396 0204 FileInfo - ok

16:52:37.0598 0204 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

16:52:37.0661 0204 Filetrace - ok

16:52:37.0864 0204 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

16:52:37.0879 0204 flpydisk - ok

16:52:38.0098 0204 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

16:52:38.0113 0204 FltMgr - ok

16:52:38.0332 0204 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

16:52:38.0347 0204 FsDepends - ok

16:52:38.0550 0204 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

16:52:38.0566 0204 Fs_Rec - ok

16:52:38.0768 0204 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

16:52:38.0800 0204 fvevol - ok

16:52:39.0018 0204 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

16:52:39.0049 0204 gagp30kx - ok

16:52:39.0252 0204 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

16:52:39.0252 0204 GEARAspiWDM - ok

16:52:39.0486 0204 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

16:52:39.0502 0204 hcw85cir - ok

16:52:39.0720 0204 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

16:52:39.0751 0204 HdAudAddService - ok

16:52:39.0970 0204 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

16:52:40.0001 0204 HDAudBus - ok

16:52:40.0204 0204 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

16:52:40.0219 0204 HidBatt - ok

16:52:40.0422 0204 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

16:52:40.0453 0204 HidBth - ok

16:52:40.0656 0204 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

16:52:40.0672 0204 HidIr - ok

16:52:40.0874 0204 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

16:52:40.0906 0204 HidUsb - ok

16:52:41.0124 0204 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

16:52:41.0140 0204 HpSAMD - ok

16:52:41.0358 0204 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

16:52:41.0436 0204 HTTP - ok

16:52:41.0639 0204 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

16:52:41.0654 0204 hwpolicy - ok

16:52:41.0857 0204 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

16:52:41.0873 0204 i8042prt - ok

16:52:42.0107 0204 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

16:52:42.0122 0204 iaStorV - ok

16:52:42.0341 0204 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

16:52:42.0356 0204 iirsp - ok

16:52:42.0590 0204 IntcAzAudAddService (135856ac71116ccff05ed8481745241b) C:\Windows\system32\drivers\RTKVHD64.sys

16:52:42.0653 0204 IntcAzAudAddService - ok

16:52:42.0856 0204 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

16:52:42.0871 0204 intelide - ok

16:52:43.0074 0204 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

16:52:43.0105 0204 intelppm - ok

16:52:43.0308 0204 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

16:52:43.0386 0204 IpFilterDriver - ok

16:52:43.0589 0204 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

16:52:43.0604 0204 IPMIDRV - ok

16:52:43.0807 0204 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

16:52:43.0870 0204 IPNAT - ok

16:52:44.0104 0204 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

16:52:44.0135 0204 IRENUM - ok

16:52:44.0353 0204 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

16:52:44.0369 0204 isapnp - ok

16:52:44.0572 0204 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

16:52:44.0603 0204 iScsiPrt - ok

16:52:44.0806 0204 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

16:52:44.0821 0204 kbdclass - ok

16:52:45.0055 0204 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

16:52:45.0071 0204 kbdhid - ok

16:52:45.0274 0204 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

16:52:45.0289 0204 KSecDD - ok

16:52:45.0508 0204 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

16:52:45.0523 0204 KSecPkg - ok

16:52:45.0726 0204 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

16:52:45.0804 0204 ksthunk - ok

16:52:46.0022 0204 LHidFilt (241f2648adf090e2a10095bd6d6f5dcb) C:\Windows\system32\DRIVERS\LHidFilt.Sys

16:52:46.0054 0204 LHidFilt - ok

16:52:46.0256 0204 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

16:52:46.0303 0204 lltdio - ok

16:52:46.0522 0204 LMouFilt (342ed5a4b3326014438f36d22d803737) C:\Windows\system32\DRIVERS\LMouFilt.Sys

16:52:46.0537 0204 LMouFilt - ok

16:52:46.0756 0204 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

16:52:46.0771 0204 LSI_FC - ok

16:52:46.0974 0204 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

16:52:47.0005 0204 LSI_SAS - ok

16:52:47.0208 0204 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

16:52:47.0239 0204 LSI_SAS2 - ok

16:52:47.0442 0204 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

16:52:47.0458 0204 LSI_SCSI - ok

16:52:47.0676 0204 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

16:52:47.0723 0204 luafv - ok

16:52:47.0926 0204 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

16:52:47.0941 0204 MBAMProtector - ok

16:52:48.0175 0204 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

16:52:48.0191 0204 megasas - ok

16:52:48.0394 0204 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

16:52:48.0409 0204 MegaSR - ok

16:52:48.0628 0204 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

16:52:48.0690 0204 Modem - ok

16:52:48.0893 0204 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

16:52:48.0924 0204 monitor - ok

16:52:49.0127 0204 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

16:52:49.0158 0204 mouclass - ok

16:52:49.0361 0204 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

16:52:49.0376 0204 mouhid - ok

16:52:49.0579 0204 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

16:52:49.0610 0204 mountmgr - ok

16:52:49.0813 0204 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

16:52:49.0829 0204 mpio - ok

16:52:50.0047 0204 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

16:52:50.0125 0204 mpsdrv - ok

16:52:50.0328 0204 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

16:52:50.0359 0204 MRxDAV - ok

16:52:50.0578 0204 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

16:52:50.0609 0204 mrxsmb - ok

16:52:50.0827 0204 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

16:52:50.0843 0204 mrxsmb10 - ok

16:52:51.0061 0204 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

16:52:51.0077 0204 mrxsmb20 - ok

16:52:51.0295 0204 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys

16:52:51.0311 0204 msahci - ok

16:52:51.0514 0204 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

16:52:51.0529 0204 msdsm - ok

16:52:51.0748 0204 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

16:52:51.0779 0204 Msfs - ok

16:52:51.0982 0204 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

16:52:52.0028 0204 mshidkmdf - ok

16:52:52.0247 0204 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

16:52:52.0262 0204 msisadrv - ok

16:52:52.0481 0204 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

16:52:52.0528 0204 MSKSSRV - ok

16:52:52.0730 0204 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

16:52:52.0808 0204 MSPCLOCK - ok

16:52:53.0011 0204 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

16:52:53.0074 0204 MSPQM - ok

16:52:53.0308 0204 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

16:52:53.0339 0204 MsRPC - ok

16:52:53.0542 0204 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

16:52:53.0557 0204 mssmbios - ok

16:52:53.0776 0204 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

16:52:53.0822 0204 MSTEE - ok

16:52:54.0025 0204 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

16:52:54.0056 0204 MTConfig - ok

16:52:54.0275 0204 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

16:52:54.0290 0204 Mup - ok

16:52:54.0509 0204 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

16:52:54.0540 0204 NativeWifiP - ok

16:52:54.0774 0204 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

16:52:54.0790 0204 NDIS - ok

16:52:55.0008 0204 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

16:52:55.0055 0204 NdisCap - ok

16:52:55.0289 0204 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

16:52:55.0320 0204 NdisTapi - ok

16:52:55.0523 0204 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

16:52:55.0570 0204 Ndisuio - ok

16:52:55.0772 0204 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

16:52:55.0819 0204 NdisWan - ok

16:52:56.0038 0204 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

16:52:56.0084 0204 NDProxy - ok

16:52:56.0303 0204 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

16:52:56.0350 0204 NetBIOS - ok

16:52:56.0552 0204 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

16:52:56.0615 0204 NetBT - ok

16:52:56.0833 0204 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

16:52:56.0849 0204 nfrd960 - ok

16:52:57.0067 0204 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

16:52:57.0130 0204 Npfs - ok

16:52:57.0332 0204 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

16:52:57.0410 0204 nsiproxy - ok

16:52:57.0644 0204 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

16:52:57.0691 0204 Ntfs - ok

16:52:57.0910 0204 NTIDrvr (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys

16:52:57.0925 0204 NTIDrvr - ok

16:52:58.0128 0204 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

16:52:58.0175 0204 Null - ok

16:52:58.0393 0204 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

16:52:58.0409 0204 nvraid - ok

16:52:58.0627 0204 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

16:52:58.0643 0204 nvstor - ok

16:52:58.0861 0204 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

16:52:58.0877 0204 nv_agp - ok

16:52:59.0095 0204 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

16:52:59.0111 0204 ohci1394 - ok

16:52:59.0345 0204 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

16:52:59.0376 0204 Parport - ok

16:52:59.0579 0204 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

16:52:59.0594 0204 partmgr - ok

16:52:59.0797 0204 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

16:52:59.0828 0204 pci - ok

16:53:00.0031 0204 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

16:53:00.0047 0204 pciide - ok

16:53:00.0265 0204 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

16:53:00.0281 0204 pcmcia - ok

16:53:00.0484 0204 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

16:53:00.0499 0204 pcw - ok

16:53:00.0702 0204 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

16:53:00.0764 0204 PEAUTH - ok

16:53:01.0045 0204 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

16:53:01.0092 0204 PptpMiniport - ok

16:53:01.0310 0204 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

16:53:01.0326 0204 Processor - ok

16:53:01.0529 0204 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

16:53:01.0591 0204 Psched - ok

16:53:01.0810 0204 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

16:53:01.0872 0204 ql2300 - ok

16:53:02.0075 0204 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

16:53:02.0090 0204 ql40xx - ok

16:53:02.0293 0204 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

16:53:02.0324 0204 QWAVEdrv - ok

16:53:02.0527 0204 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

16:53:02.0590 0204 RasAcd - ok

16:53:02.0808 0204 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

16:53:02.0855 0204 RasAgileVpn - ok

16:53:03.0058 0204 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

16:53:03.0136 0204 Rasl2tp - ok

16:53:03.0354 0204 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

16:53:03.0416 0204 RasPppoe - ok

16:53:03.0619 0204 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

16:53:03.0666 0204 RasSstp - ok

16:53:03.0869 0204 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

16:53:03.0931 0204 rdbss - ok

16:53:04.0134 0204 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

16:53:04.0150 0204 rdpbus - ok

16:53:04.0368 0204 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

16:53:04.0430 0204 RDPCDD - ok

16:53:04.0633 0204 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

16:53:04.0696 0204 RDPENCDD - ok

16:53:04.0914 0204 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

16:53:04.0976 0204 RDPREFMP - ok

16:53:05.0179 0204 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

16:53:05.0226 0204 RDPWD - ok

16:53:05.0444 0204 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

16:53:05.0460 0204 rdyboost - ok

16:53:05.0694 0204 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

16:53:05.0741 0204 rspndr - ok

16:53:05.0959 0204 RTL85n64 (1eacf0a3d913ed4b80e76b478f30be4f) C:\Windows\system32\DRIVERS\RTL85n64.sys

16:53:05.0990 0204 RTL85n64 - ok

16:53:06.0193 0204 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

16:53:06.0209 0204 sbp2port - ok

16:53:06.0443 0204 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

16:53:06.0490 0204 scfilter - ok

16:53:06.0708 0204 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

16:53:06.0770 0204 secdrv - ok

16:53:06.0989 0204 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

16:53:07.0020 0204 Serenum - ok

16:53:07.0223 0204 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

16:53:07.0238 0204 Serial - ok

16:53:07.0457 0204 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

16:53:07.0488 0204 sermouse - ok

16:53:07.0691 0204 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

16:53:07.0722 0204 sffdisk - ok

16:53:07.0925 0204 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

16:53:07.0956 0204 sffp_mmc - ok

16:53:08.0159 0204 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys

16:53:08.0190 0204 sffp_sd - ok

16:53:08.0424 0204 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

16:53:08.0440 0204 sfloppy - ok

16:53:08.0674 0204 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

16:53:08.0705 0204 SiSRaid2 - ok

16:53:08.0923 0204 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

16:53:08.0939 0204 SiSRaid4 - ok

16:53:09.0157 0204 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

16:53:09.0220 0204 Smb - ok

16:53:09.0438 0204 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

16:53:09.0454 0204 spldr - ok

16:53:09.0672 0204 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

16:53:09.0703 0204 srv - ok

16:53:09.0906 0204 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

16:53:09.0937 0204 srv2 - ok

16:53:10.0156 0204 SrvHsfPCI (93132c69394a99d992095d8cfe464801) C:\Windows\system32\DRIVERS\VSTBS26.SYS

16:53:10.0187 0204 SrvHsfPCI - ok

16:53:10.0405 0204 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS

16:53:10.0452 0204 SrvHsfV92 - ok

16:53:10.0655 0204 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS

16:53:10.0702 0204 SrvHsfWinac - ok

16:53:10.0904 0204 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

16:53:10.0936 0204 srvnet - ok

16:53:11.0154 0204 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

16:53:11.0170 0204 stexstor - ok

16:53:11.0372 0204 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

16:53:11.0388 0204 swenum - ok

16:53:11.0653 0204 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

16:53:11.0716 0204 Tcpip - ok

16:53:11.0965 0204 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

16:53:12.0012 0204 TCPIP6 - ok

16:53:12.0215 0204 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

16:53:12.0277 0204 tcpipreg - ok

16:53:12.0480 0204 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

16:53:12.0527 0204 TDPIPE - ok

16:53:12.0714 0204 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

16:53:12.0776 0204 TDTCP - ok

16:53:13.0104 0204 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

16:53:13.0182 0204 tdx - ok

16:53:13.0385 0204 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

16:53:13.0400 0204 TermDD - ok

16:53:13.0634 0204 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

16:53:13.0681 0204 tssecsrv - ok

16:53:13.0884 0204 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

16:53:13.0946 0204 tunnel - ok

16:53:14.0149 0204 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

16:53:14.0165 0204 uagp35 - ok

16:53:14.0368 0204 UBHelper (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys

16:53:14.0383 0204 UBHelper - ok

16:53:14.0602 0204 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys

16:53:14.0664 0204 udfs - ok

16:53:14.0867 0204 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

16:53:14.0898 0204 uliagpkx - ok

16:53:15.0101 0204 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

16:53:15.0116 0204 umbus - ok

16:53:15.0319 0204 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

16:53:15.0350 0204 UmPass - ok

16:53:15.0584 0204 usbccgp (7b6a127c93ee590e4d79a5f2a76fe46f) C:\Windows\system32\DRIVERS\usbccgp.sys

16:53:15.0600 0204 usbccgp - ok

16:53:15.0803 0204 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

16:53:15.0834 0204 usbcir - ok

16:53:16.0037 0204 usbehci (92969ba5ac44e229c55a332864f79677) C:\Windows\system32\DRIVERS\usbehci.sys

16:53:16.0052 0204 usbehci - ok

16:53:16.0286 0204 usbhub (e7df1cfd28ca86b35ef5add0735ceef3) C:\Windows\system32\DRIVERS\usbhub.sys

16:53:16.0318 0204 usbhub - ok

16:53:16.0536 0204 usbohci (f1bb1e55f1e7a65c5839ccc7b36d773e) C:\Windows\system32\DRIVERS\usbohci.sys

16:53:16.0567 0204 usbohci - ok

16:53:16.0754 0204 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

16:53:16.0786 0204 usbprint - ok

16:53:16.0988 0204 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\drivers\USBSTOR.SYS

16:53:17.0004 0204 USBSTOR - ok

16:53:17.0222 0204 usbuhci (bc3070350a491d84b518d7cca9abd36f) C:\Windows\system32\drivers\usbuhci.sys

16:53:17.0238 0204 usbuhci - ok

16:53:17.0456 0204 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

16:53:17.0472 0204 vdrvroot - ok

16:53:17.0690 0204 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

16:53:17.0706 0204 vga - ok

16:53:17.0909 0204 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

16:53:17.0971 0204 VgaSave - ok

16:53:18.0205 0204 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

16:53:18.0221 0204 vhdmp - ok

16:53:18.0408 0204 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

16:53:18.0439 0204 viaide - ok

16:53:18.0642 0204 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

16:53:18.0658 0204 volmgr - ok

16:53:18.0876 0204 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

16:53:18.0892 0204 volmgrx - ok

16:53:19.0094 0204 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

16:53:19.0110 0204 volsnap - ok

16:53:19.0313 0204 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

16:53:19.0344 0204 vsmraid - ok

16:53:19.0531 0204 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

16:53:19.0562 0204 vwifibus - ok

16:53:19.0781 0204 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

16:53:19.0796 0204 WacomPen - ok

16:53:19.0999 0204 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

16:53:20.0046 0204 WANARP - ok

16:53:20.0046 0204 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

16:53:20.0093 0204 Wanarpv6 - ok

16:53:20.0296 0204 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

16:53:20.0311 0204 Wd - ok

16:53:20.0530 0204 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

16:53:20.0561 0204 Wdf01000 - ok

16:53:20.0795 0204 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

16:53:20.0857 0204 WfpLwf - ok

16:53:21.0044 0204 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

16:53:21.0060 0204 WIMMount - ok

16:53:21.0294 0204 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

16:53:21.0310 0204 WmiAcpi - ok

16:53:21.0528 0204 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

16:53:21.0575 0204 ws2ifsl - ok

16:53:21.0809 0204 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys

16:53:21.0856 0204 WudfPf - ok

16:53:22.0058 0204 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys

16:53:22.0121 0204 WUDFRd - ok

16:53:22.0339 0204 yukonw7 (6affd75c6807b3dd3ab018e27b88ef95) C:\Windows\system32\DRIVERS\yk62x64.sys

16:53:22.0370 0204 yukonw7 - ok

16:53:22.0402 0204 MBR (0x1B8) (1f753b395539269a3484aecd505b79bd) \Device\Harddisk0\DR0

16:53:22.0433 0204 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected

16:53:22.0433 0204 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)

16:53:22.0448 0204 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

16:53:22.0448 0204 \Device\Harddisk0\DR0 - detected TDSS File System (1)

16:53:22.0495 0204 Boot (0x1200) (bcbfcf4cc64dad7db170877e7a705c4f) \Device\Harddisk0\DR0\Partition0

16:53:22.0495 0204 \Device\Harddisk0\DR0\Partition0 - ok

16:53:22.0495 0204 Boot (0x1200) (3960b56ab06ce2e666051714f7328195) \Device\Harddisk0\DR0\Partition1

16:53:22.0495 0204 \Device\Harddisk0\DR0\Partition1 - ok

16:53:22.0495 0204 ============================================================

16:53:22.0495 0204 Scan finished

16:53:22.0495 0204 ============================================================

16:53:22.0526 7080 Detected object count: 2

16:53:22.0526 7080 Actual detected object count: 2

16:53:42.0479 7080 \Device\Harddisk0\DR0\# - copied to quarantine

16:53:42.0479 7080 \Device\Harddisk0\DR0 - copied to quarantine

16:53:42.0494 7080 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

16:53:42.0494 7080 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine

16:53:42.0494 7080 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine

16:53:42.0510 7080 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine

16:53:42.0510 7080 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine

16:53:42.0510 7080 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine

16:53:42.0510 7080 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine

16:53:42.0510 7080 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine

16:53:42.0510 7080 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine

16:53:42.0510 7080 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine

16:53:42.0510 7080 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot

16:53:42.0510 7080 \Device\Harddisk0\DR0 - ok

16:53:42.0744 7080 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

16:53:42.0744 7080 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

16:53:42.0744 7080 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

16:53:46.0566 6804 Deinitialize success

[LDTate]

Now run a new MBAM scam and remove the infected file if still found

[Xmon13]

Im in class so I asked my mom to run scan she said MBAM had detected it before she ran scan and selected quarantine she told me after it was done I told her to still run scan and she says it completed with no malicious data found did quarantineing mess me up?

[Xmon13]

Thank you so much for your time are you certain this trojan is removed as it has proven very persistent as well do you believe my graphics card will function properly now or could reinserting it reinfect my system?

[LDTate]

You're more than welcome.

Glad we were able to help

Peace be with you

[LDTate]

Since this issue is resolved I will close the thread to prevent others from posting here. If you need assistance please start your own topic and someone will be happy to assist you.