Something Wrong

[Frosty]

OK OCD, looks like I will have to make a thrid post for this log.


20:01:02.0517 0x1500 SamSs - ok
20:01:02.0574 0x1500 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:01:02.0579 0x1500 sbp2port - ok
20:01:02.0618 0x1500 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:01:02.0626 0x1500 SCardSvr - ok
20:01:02.0691 0x1500 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
20:01:02.0727 0x1500 Schedule - ok
20:01:02.0766 0x1500 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
20:01:02.0768 0x1500 SCPolicySvc - ok
20:01:02.0823 0x1500 [ 4339A2585708C7D9B0C0CE5AAD3DD6FF, 1B764838EC90A4F5A8130630BA32C014C033BF39C0DE1C114298F254580F0983 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:01:02.0828 0x1500 sdbus - ok
20:01:02.0870 0x1500 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:01:02.0878 0x1500 SDRSVC - ok
20:01:02.0900 0x1500 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:01:02.0903 0x1500 secdrv - ok
20:01:02.0932 0x1500 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
20:01:02.0937 0x1500 seclogon - ok
20:01:02.0969 0x1500 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
20:01:02.0976 0x1500 SENS - ok
20:01:03.0004 0x1500 [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:01:03.0007 0x1500 Serenum - ok
20:01:03.0050 0x1500 [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:01:03.0055 0x1500 Serial - ok
20:01:03.0102 0x1500 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:01:03.0105 0x1500 sermouse - ok
20:01:03.0163 0x1500 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
20:01:03.0170 0x1500 SessionEnv - ok
20:01:03.0204 0x1500 [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:01:03.0207 0x1500 sffdisk - ok
20:01:03.0234 0x1500 [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:01:03.0238 0x1500 sffp_mmc - ok
20:01:03.0259 0x1500 [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:01:03.0261 0x1500 sffp_sd - ok
20:01:03.0279 0x1500 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:01:03.0282 0x1500 sfloppy - ok
20:01:03.0325 0x1500 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:01:03.0342 0x1500 SharedAccess - ok
20:01:03.0392 0x1500 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:01:03.0409 0x1500 ShellHWDetection - ok
20:01:03.0442 0x1500 [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:01:03.0446 0x1500 sisagp - ok
20:01:03.0471 0x1500 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:01:03.0474 0x1500 SiSRaid2 - ok
20:01:03.0506 0x1500 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:01:03.0511 0x1500 SiSRaid4 - ok
20:01:03.0683 0x1500 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
20:01:03.0824 0x1500 slsvc - ok
20:01:03.0882 0x1500 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:01:03.0889 0x1500 SLUINotify - ok
20:01:03.0922 0x1500 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:01:03.0926 0x1500 Smb - ok
20:01:04.0001 0x1500 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:01:04.0006 0x1500 SNMPTRAP - ok
20:01:04.0042 0x1500 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
20:01:04.0045 0x1500 spldr - ok
20:01:04.0098 0x1500 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
20:01:04.0106 0x1500 Spooler - ok
20:01:04.0181 0x1500 [ D2B096CD2F56FAC6EEEED9A77DDF6DC8, FD904FBB36ED60AE084F86F7196FCE48F798CF720DB1677C307059E45497E140 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:01:04.0232 0x1500 SQLBrowser - ok
20:01:04.0302 0x1500 [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:01:04.0305 0x1500 SQLWriter - ok
20:01:04.0354 0x1500 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
20:01:04.0371 0x1500 srv - ok
20:01:04.0411 0x1500 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:01:04.0418 0x1500 srv2 - ok
20:01:04.0461 0x1500 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:01:04.0466 0x1500 srvnet - ok
20:01:04.0517 0x1500 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:01:04.0526 0x1500 SSDPSRV - ok
20:01:04.0602 0x1500 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:01:04.0611 0x1500 SstpSvc - ok
20:01:04.0691 0x1500 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
20:01:04.0716 0x1500 stisvc - ok
20:01:04.0736 0x1500 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:01:04.0739 0x1500 swenum - ok
20:01:04.0809 0x1500 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
20:01:04.0824 0x1500 swprv - ok
20:01:04.0886 0x1500 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:01:04.0889 0x1500 Symc8xx - ok
20:01:04.0927 0x1500 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:01:04.0930 0x1500 Sym_hi - ok
20:01:04.0958 0x1500 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:01:04.0961 0x1500 Sym_u3 - ok
20:01:05.0024 0x1500 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
20:01:05.0049 0x1500 SysMain - ok
20:01:05.0075 0x1500 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:01:05.0082 0x1500 TabletInputService - ok
20:01:05.0127 0x1500 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:01:05.0144 0x1500 TapiSrv - ok
20:01:05.0178 0x1500 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
20:01:05.0185 0x1500 TBS - ok
20:01:05.0259 0x1500 [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:01:05.0301 0x1500 Tcpip - ok
20:01:05.0359 0x1500 [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:01:05.0380 0x1500 Tcpip6 - ok
20:01:05.0429 0x1500 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:01:05.0433 0x1500 tcpipreg - ok
20:01:05.0495 0x1500 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:01:05.0498 0x1500 TDPIPE - ok
20:01:05.0536 0x1500 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:01:05.0539 0x1500 TDTCP - ok
20:01:05.0576 0x1500 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:01:05.0580 0x1500 tdx - ok
20:01:05.0635 0x1500 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:01:05.0638 0x1500 TermDD - ok
20:01:05.0706 0x1500 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
20:01:05.0731 0x1500 TermService - ok
20:01:05.0759 0x1500 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
20:01:05.0768 0x1500 Themes - ok
20:01:05.0786 0x1500 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
20:01:05.0791 0x1500 THREADORDER - ok
20:01:05.0844 0x1500 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
20:01:05.0851 0x1500 TrkWks - ok
20:01:05.0908 0x1500 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:01:05.0912 0x1500 TrustedInstaller - ok
20:01:05.0971 0x1500 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:01:05.0974 0x1500 tssecsrv - ok
20:01:06.0014 0x1500 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:01:06.0017 0x1500 tunmp - ok
20:01:06.0056 0x1500 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:01:06.0059 0x1500 tunnel - ok
20:01:06.0141 0x1500 [ 539E1D1B453C47B1C4FD26EC5FE42DED, DF61D1601BD0A526728F05FF646EFA65A57FC9DF3C54114B21F38B4B30D62B22 ] txtidwow C:\Windows\system32\DRIVERS\txtidwow.sys
20:01:06.0147 0x1500 txtidwow - ok
20:01:06.0190 0x1500 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:01:06.0194 0x1500 uagp35 - ok
20:01:06.0241 0x1500 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:01:06.0258 0x1500 udfs - ok
20:01:06.0302 0x1500 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:01:06.0308 0x1500 UI0Detect - ok
20:01:06.0334 0x1500 [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:01:06.0338 0x1500 uliagpkx - ok
20:01:06.0369 0x1500 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:01:06.0378 0x1500 uliahci - ok
20:01:06.0400 0x1500 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:01:06.0405 0x1500 UlSata - ok
20:01:06.0439 0x1500 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:01:06.0453 0x1500 ulsata2 - ok
20:01:06.0490 0x1500 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:01:06.0493 0x1500 umbus - ok
20:01:06.0604 0x1500 [ A95B7DD484887DCABC3897FA2FE06B50, 49BB7D1C911C6732C9D5F6BDD158363FE9400F8DA534346F6504DA64C1D22ED8 ] Update Swift Browse C:\Program Files\Swift Browse\updateSwiftBrowse.exe
20:01:06.0607 0x1500 Update Swift Browse - ok
20:01:06.0660 0x1500 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
20:01:06.0672 0x1500 upnphost - ok
20:01:06.0744 0x1500 [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:01:06.0748 0x1500 usbaudio - ok
20:01:06.0822 0x1500 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:01:06.0826 0x1500 usbccgp - ok
20:01:06.0895 0x1500 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:01:06.0899 0x1500 usbcir - ok
20:01:06.0988 0x1500 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:01:06.0992 0x1500 usbehci - ok
20:01:07.0039 0x1500 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:01:07.0047 0x1500 usbhub - ok
20:01:07.0080 0x1500 [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:01:07.0083 0x1500 usbohci - ok
20:01:07.0113 0x1500 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:01:07.0116 0x1500 usbprint - ok
20:01:07.0170 0x1500 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:01:07.0174 0x1500 USBSTOR - ok
20:01:07.0214 0x1500 [ 325DBBACB8A36AF9988CCF40EAC228CC, 22FE5658A12296634FBE9D8565485BEE8CB200C47182F70DC9D2B0442E10C4AA ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:01:07.0217 0x1500 usbuhci - ok
20:01:07.0288 0x1500 [ 8D31A140B55021BBD3A608F5A7AA2E18, EBD27A50DC3C009365DB64F7E7222F3075405ECD731B82229CDF0F500617C838 ] USB_RNDIS C:\Windows\system32\DRIVERS\usb8023.sys
20:01:07.0290 0x1500 USB_RNDIS - ok
20:01:07.0380 0x1500 Util Swift Browse - ok
20:01:07.0408 0x1500 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
20:01:07.0413 0x1500 UxSms - ok
20:01:07.0503 0x1500 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
20:01:07.0519 0x1500 vds - ok
20:01:07.0612 0x1500 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:01:07.0615 0x1500 vga - ok
20:01:07.0656 0x1500 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:01:07.0660 0x1500 VgaSave - ok
20:01:07.0710 0x1500 [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:01:07.0713 0x1500 viaagp - ok
20:01:07.0736 0x1500 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:01:07.0740 0x1500 ViaC7 - ok
20:01:07.0762 0x1500 [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide C:\Windows\system32\drivers\viaide.sys
20:01:07.0765 0x1500 viaide - ok
20:01:07.0805 0x1500 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:01:07.0809 0x1500 volmgr - ok
20:01:07.0854 0x1500 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:01:07.0871 0x1500 volmgrx - ok
20:01:07.0918 0x1500 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:01:07.0935 0x1500 volsnap - ok
20:01:07.0977 0x1500 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:01:07.0983 0x1500 vsmraid - ok
20:01:08.0061 0x1500 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
20:01:08.0111 0x1500 VSS - ok
20:01:08.0161 0x1500 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
20:01:08.0178 0x1500 W32Time - ok
20:01:08.0214 0x1500 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:01:08.0218 0x1500 WacomPen - ok
20:01:08.0257 0x1500 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:01:08.0261 0x1500 Wanarp - ok
20:01:08.0282 0x1500 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:01:08.0286 0x1500 Wanarpv6 - ok
20:01:08.0317 0x1500 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:01:08.0336 0x1500 wcncsvc - ok
20:01:08.0364 0x1500 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:01:08.0371 0x1500 WcsPlugInService - ok
20:01:08.0409 0x1500 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
20:01:08.0412 0x1500 Wd - ok
20:01:08.0470 0x1500 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:01:08.0537 0x1500 Wdf01000 - ok
20:01:08.0584 0x1500 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:01:08.0591 0x1500 WdiServiceHost - ok
20:01:08.0609 0x1500 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:01:08.0616 0x1500 WdiSystemHost - ok
20:01:08.0650 0x1500 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
20:01:08.0661 0x1500 WebClient - ok
20:01:08.0709 0x1500 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:01:08.0754 0x1500 Wecsvc - ok
20:01:08.0804 0x1500 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:01:08.0812 0x1500 wercplsupport - ok
20:01:08.0853 0x1500 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
20:01:08.0861 0x1500 WerSvc - ok
20:01:08.0924 0x1500 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:01:08.0933 0x1500 WinDefend - ok
20:01:08.0950 0x1500 WinHttpAutoProxySvc - ok
20:01:08.0998 0x1500 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:01:09.0005 0x1500 Winmgmt - ok
20:01:09.0113 0x1500 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
20:01:09.0404 0x1500 WinRM - ok
20:01:09.0471 0x1500 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:01:09.0491 0x1500 Wlansvc - ok
20:01:09.0519 0x1500 [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:01:09.0521 0x1500 WmiAcpi - ok
20:01:09.0572 0x1500 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:01:09.0578 0x1500 wmiApSrv - ok
20:01:09.0659 0x1500 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:01:09.0692 0x1500 WMPNetworkSvc - ok
20:01:09.0718 0x1500 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:01:09.0728 0x1500 WPCSvc - ok
20:01:09.0795 0x1500 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:01:09.0802 0x1500 WPDBusEnum - ok
20:01:09.0833 0x1500 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:01:09.0836 0x1500 WpdUsb - ok
20:01:09.0966 0x1500 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:01:10.0007 0x1500 WPFFontCache_v0400 - ok
20:01:10.0062 0x1500 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:01:10.0064 0x1500 ws2ifsl - ok
20:01:10.0101 0x1500 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
20:01:10.0108 0x1500 wscsvc - ok
20:01:10.0121 0x1500 WSearch - ok
20:01:10.0259 0x1500 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
20:01:10.0342 0x1500 wuauserv - ok
20:01:10.0428 0x1500 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:01:10.0433 0x1500 WudfPf - ok
20:01:10.0495 0x1500 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:01:10.0503 0x1500 WUDFRd - ok
20:01:10.0555 0x1500 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:01:10.0563 0x1500 wudfsvc - ok
20:01:10.0651 0x1500 [ 04E268ADFC81964C49DC0C082D520F7E, 7D2574E366636AB1D59A08FE3038268095D627C39636C6ED6BCE1D5ACB44A179 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
20:01:10.0662 0x1500 yukonwlh - ok
20:01:10.0678 0x1500 ================ Scan global ===============================
20:01:10.0712 0x1500 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
20:01:10.0781 0x1500 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:01:10.0839 0x1500 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:01:10.0899 0x1500 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
20:01:10.0915 0x1500 [ Global ] - ok
20:01:10.0920 0x1500 ================ Scan MBR ==================================
20:01:10.0936 0x1500 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:01:11.0483 0x1500 \Device\Harddisk0\DR0 - ok
20:01:11.0488 0x1500 ================ Scan VBR ==================================
20:01:11.0492 0x1500 [ 4C007A8E6CEB52BA9D6D11621D1AA8C1 ] \Device\Harddisk0\DR0\Partition1
20:01:11.0494 0x1500 \Device\Harddisk0\DR0\Partition1 - ok
20:01:11.0501 0x1500 [ 19DC5944FA745607840AE0053DBB53E9 ] \Device\Harddisk0\DR0\Partition2
20:01:11.0503 0x1500 \Device\Harddisk0\DR0\Partition2 - ok
20:01:11.0509 0x1500 Waiting for KSN requests completion. In queue: 319
20:01:12.0509 0x1500 Waiting for KSN requests completion. In queue: 319
20:01:13.0510 0x1500 Waiting for KSN requests completion. In queue: 8
20:01:14.0722 0x1500 AV detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\wmiav.exe ( 12.0.0.374 ), 0x41010 ( enabled : outofdate )
20:01:14.0812 0x1500 FW detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\wmifw.exe ( 12.0.0.374 ), 0x41010 ( enabled )
20:01:17.0291 0x1500 ============================================================
20:01:17.0291 0x1500 Scan finished
20:01:17.0291 0x1500 ============================================================
20:01:17.0306 0x1d30 Detected object count: 0
20:01:17.0306 0x1d30 Actual detected object count: 0
20:01:45.0856 0x2774 ============================================================
20:01:45.0856 0x2774 Scan started
20:01:45.0856 0x2774 Mode: Manual; TDLFS;
20:01:45.0856 0x2774 ============================================================
20:01:45.0856 0x2774 KSN ping started
20:01:59.0411 0x2774 KSN ping finished: true
20:01:59.0607 0x2774 ================ Scan system memory ========================
20:01:59.0607 0x2774 System memory - ok
20:01:59.0610 0x2774 ================ Scan services =============================
20:01:59.0860 0x2774 [ 4B56CAAFED0B0B996341D74CE0E76565, 6DE24ABA96B924DE4EBEAA189613019FB9B8B0B13756A2A43AB8163B57978C86 ] ac97intc C:\Windows\system32\drivers\ac97intc.sys
20:01:59.0863 0x2774 ac97intc - ok
20:01:59.0930 0x2774 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
20:01:59.0937 0x2774 ACPI - ok
20:02:00.0008 0x2774 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:02:00.0014 0x2774 AdobeFlashPlayerUpdateSvc - ok
20:02:00.0061 0x2774 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:02:00.0071 0x2774 adp94xx - ok
20:02:00.0107 0x2774 [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:02:00.0114 0x2774 adpahci - ok
20:02:00.0136 0x2774 [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
20:02:00.0139 0x2774 adpu160m - ok
20:02:00.0167 0x2774 [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:02:00.0171 0x2774 adpu320 - ok
20:02:00.0214 0x2774 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:02:00.0215 0x2774 AeLookupSvc - ok
20:02:00.0261 0x2774 [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD C:\Windows\system32\drivers\afd.sys
20:02:00.0268 0x2774 AFD - ok
20:02:00.0325 0x2774 [ 39E435C90C9C4F780FA0ED05CA3C3A1B, 0006CC8CBFB775CA9C4121B4DDC80560DE35CCBB276DEE7A9F5148743529758A ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
20:02:00.0326 0x2774 AgereModemAudio - ok
20:02:00.0402 0x2774 [ 35C391E40471A0B479328FC7B1B5F40F, 6854C96569440408C26A621C2C2A5B56856211AED3BD0D2860DFAF8E7D09AC5B ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
20:02:00.0429 0x2774 AgereSoftModem - ok
20:02:00.0461 0x2774 [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:02:00.0463 0x2774 agp440 - ok
20:02:00.0504 0x2774 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
20:02:00.0506 0x2774 aic78xx - ok
20:02:00.0549 0x2774 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
20:02:00.0551 0x2774 ALG - ok
20:02:00.0575 0x2774 [ 90395B64600EBB4552E26E178C94B2E4, 73095893964DC7915983B58A567184FC51949C99341E7E0D04D70CC4C4F95E37 ] aliide C:\Windows\system32\drivers\aliide.sys
20:02:00.0576 0x2774 aliide - ok
20:02:00.0593 0x2774 [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:02:00.0595 0x2774 amdagp - ok
20:02:00.0615 0x2774 [ 0577DF1D323FE75A739C787893D300EA, 079EF3CA18FB847DB7E62929071BFF007FAF390E1DBF4C59F28DAAC6B9C2DE51 ] amdide C:\Windows\system32\drivers\amdide.sys
20:02:00.0616 0x2774 amdide - ok
20:02:00.0633 0x2774 [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
20:02:00.0635 0x2774 AmdK7 - ok
20:02:00.0673 0x2774 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:02:00.0675 0x2774 AmdK8 - ok
20:02:00.0703 0x2774 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
20:02:00.0705 0x2774 Appinfo - ok
20:02:00.0730 0x2774 [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys
20:02:00.0733 0x2774 arc - ok
20:02:00.0750 0x2774 [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:02:00.0752 0x2774 arcsas - ok
20:02:00.0787 0x2774 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:02:00.0788 0x2774 AsyncMac - ok
20:02:00.0820 0x2774 [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi C:\Windows\system32\drivers\atapi.sys
20:02:00.0821 0x2774 atapi - ok
20:02:00.0865 0x2774 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:02:00.0873 0x2774 AudioEndpointBuilder - ok
20:02:00.0901 0x2774 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:02:00.0908 0x2774 Audiosrv - ok
20:02:00.0981 0x2774 [ 2718DC27571BD1E37813F5759D2DC118, 3A822C3A0003B36F212A4184FC1F49CE65AAF1A2A481EE05DAAB868B2847945F ] AVP C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
20:02:00.0986 0x2774 AVP - ok
20:02:01.0032 0x2774 [ 08015D34F6FDD0B355805BAD978497C3, AAD5F919215B8630DCCADF2AC8DC82BAA543C52B1682B476093E014532B20EBD ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
20:02:01.0034 0x2774 bcm4sbxp - ok
20:02:01.0074 0x2774 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
20:02:01.0075 0x2774 Beep - ok
20:02:01.0141 0x2774 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
20:02:01.0149 0x2774 BFE - ok
20:02:01.0209 0x2774 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
20:02:01.0229 0x2774 BITS - ok
20:02:01.0242 0x2774 blbdrive - ok
20:02:01.0280 0x2774 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:02:01.0283 0x2774 bowser - ok
20:02:01.0319 0x2774 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
20:02:01.0320 0x2774 BrFiltLo - ok
20:02:01.0345 0x2774 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
20:02:01.0345 0x2774 BrFiltUp - ok
20:02:01.0384 0x2774 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
20:02:01.0387 0x2774 Browser - ok
20:02:01.0427 0x2774 [ 2FE6D5BE0629F706197B30C0AA05DE30, 528ED3AA8129FDD6C8EF698E5ECE9BB93C0249CF0200115F13B36410A353F353 ] BrPar C:\Windows\System32\drivers\BrPar.sys
20:02:01.0428 0x2774 BrPar - ok
20:02:01.0452 0x2774 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
20:02:01.0455 0x2774 Brserid - ok
20:02:01.0486 0x2774 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
20:02:01.0488 0x2774 BrSerWdm - ok
20:02:01.0514 0x2774 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
20:02:01.0515 0x2774 BrUsbMdm - ok
20:02:01.0547 0x2774 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
20:02:01.0548 0x2774 BrUsbSer - ok
20:02:01.0573 0x2774 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:02:01.0575 0x2774 BTHMODEM - ok
20:02:01.0619 0x2774 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:02:01.0621 0x2774 cdfs - ok
20:02:01.0675 0x2774 [ 814ACB9B8A55804D9878248B3C79F862, 1A88B286C7F4472EA30DB3D911FBA89D2D63BC89C58873F2ADA6ADF95271B0ED ] Cdr4_xp C:\Windows\system32\drivers\Cdr4_xp.sys
20:02:01.0677 0x2774 Cdr4_xp - ok
20:02:01.0695 0x2774 [ BCE7213F8AA1BC9D5C08F81CB05E10A7, DAE2D78BD4304C387A56D51C0BD8D9374F34C0788C1CF99BE3E9882033930934 ] Cdralw2k C:\Windows\system32\drivers\Cdralw2k.sys
20:02:01.0697 0x2774 Cdralw2k - ok
20:02:01.0726 0x2774 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:02:01.0728 0x2774 cdrom - ok
20:02:01.0761 0x2774 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
20:02:01.0762 0x2774 CertPropSvc - ok
20:02:01.0807 0x2774 [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass C:\Windows\system32\drivers\circlass.sys
20:02:01.0808 0x2774 circlass - ok
20:02:01.0851 0x2774 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
20:02:01.0857 0x2774 CLFS - ok
20:02:01.0918 0x2774 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:02:01.0920 0x2774 clr_optimization_v2.0.50727_32 - ok
20:02:01.0974 0x2774 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:02:01.0978 0x2774 clr_optimization_v4.0.30319_32 - ok
20:02:02.0003 0x2774 [ 0FED59EDB4A83FF17F1778827B88AB1A, FC6E72D9EF2B6CB652B688BC604B553119679323A73E3EA6ED0024D2A25AC354 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:02:02.0004 0x2774 CmBatt - ok
20:02:02.0039 0x2774 [ 45201046C776FFDAF3FC8A0029C581C8, 68A68CF2B76598BC8610EB5B2D3FD5BDC9D51CFC6F51FB7A0B0C92A2BE910FC6 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:02:02.0040 0x2774 cmdide - ok
20:02:02.0081 0x2774 [ 7A0B457EEFEF8CBAA0CC44C8819113BD, F041B2DF7A68E9231DFF289056EF633FC4EED84C754A3D5EBD64C92FF468F3A1 ] CoachUsb C:\Windows\system32\DRIVERS\CoachUsb.sys
20:02:02.0082 0x2774 CoachUsb - ok
20:02:02.0128 0x2774 [ 614CA0BFA09861E42AD8D14B83540758, F51917D30E7A7F286231B1E0A8F6C0E2C245AF96110D64D1A37A96EA683EF559 ] CoachVc C:\Windows\system32\DRIVERS\CoachVc.sys
20:02:02.0130 0x2774 CoachVc - ok
20:02:02.0170 0x2774 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:02:02.0171 0x2774 Compbatt - ok
20:02:02.0182 0x2774 COMSysApp - ok
20:02:02.0195 0x2774 [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:02:02.0196 0x2774 crcdisk - ok
20:02:02.0229 0x2774 [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys
20:02:02.0231 0x2774 Crusoe - ok
20:02:02.0285 0x2774 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:02:02.0289 0x2774 CryptSvc - ok
20:02:02.0355 0x2774 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:02:02.0371 0x2774 DcomLaunch - ok
20:02:02.0406 0x2774 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:02:02.0408 0x2774 DfsC - ok
20:02:02.0522 0x2774 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
20:02:02.0571 0x2774 DFSR - ok
20:02:02.0614 0x2774 [ A5034F77B278F07E224FE07CF98A8B76, C670181FE028EA2E0219E9AED222D6FBAC541D548F0FFB58CAB850A2C979CD05 ] DgiVecp C:\Windows\system32\Drivers\DgiVecp.sys
20:02:02.0616 0x2774 DgiVecp - ok
20:02:02.0655 0x2774 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
20:02:02.0662 0x2774 Dhcp - ok
20:02:02.0698 0x2774 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
20:02:02.0700 0x2774 disk - ok
20:02:02.0740 0x2774 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:02:02.0744 0x2774 Dnscache - ok
20:02:02.0783 0x2774 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
20:02:02.0789 0x2774 dot3svc - ok
20:02:02.0827 0x2774 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
20:02:02.0831 0x2774 DPS - ok
20:02:02.0861 0x2774 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:02:02.0863 0x2774 drmkaud - ok
20:02:02.0940 0x2774 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:02:02.0955 0x2774 DXGKrnl - ok
20:02:02.0989 0x2774 [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:02:02.0992 0x2774 E1G60 - ok
20:02:03.0034 0x2774 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
20:02:03.0037 0x2774 EapHost - ok
20:02:03.0076 0x2774 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
20:02:03.0080 0x2774 Ecache - ok
20:02:03.0133 0x2774 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:02:03.0140 0x2774 ehRecvr - ok
20:02:03.0170 0x2774 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
20:02:03.0174 0x2774 ehSched - ok
20:02:03.0183 0x2774 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
20:02:03.0184 0x2774 ehstart - ok
20:02:03.0223 0x2774 [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:02:03.0231 0x2774 elxstor - ok
20:02:03.0294 0x2774 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
20:02:03.0309 0x2774 EMDMgmt - ok
20:02:03.0365 0x2774 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
20:02:03.0373 0x2774 EventSystem - ok
20:02:03.0413 0x2774 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
20:02:03.0416 0x2774 exfat - ok
20:02:03.0471 0x2774 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:02:03.0475 0x2774 fastfat - ok
20:02:03.0522 0x2774 [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:02:03.0523 0x2774 fdc - ok
20:02:03.0559 0x2774 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
20:02:03.0561 0x2774 fdPHost - ok
20:02:03.0592 0x2774 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
20:02:03.0594 0x2774 FDResPub - ok
20:02:03.0636 0x2774 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:02:03.0638 0x2774 FileInfo - ok
20:02:03.0665 0x2774 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:02:03.0667 0x2774 Filetrace - ok
20:02:03.0691 0x2774 [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:02:03.0692 0x2774 flpydisk - ok
20:02:03.0729 0x2774 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:02:03.0734 0x2774 FltMgr - ok
20:02:03.0798 0x2774 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
20:02:03.0817 0x2774 FontCache - ok
20:02:03.0882 0x2774 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:02:03.0884 0x2774 FontCache3.0.0.0 - ok
20:02:03.0915 0x2774 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:02:03.0916 0x2774 Fs_Rec - ok
20:02:03.0949 0x2774 [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:02:03.0951 0x2774 gagp30kx - ok
20:02:04.0008 0x2774 [ 617DC2877015270914CA3C03873560D5, A4A7673B2377C9EC1E6F98B73AE809E5E5F913732C1D4F0AD431122D16B5323F ] GameConsoleService C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
20:02:04.0012 0x2774 GameConsoleService - ok
20:02:04.0063 0x2774 [ 6542DC2E93BCE4D4289FA70A4D367DC2, 7E8E498646724437F34797EB228DD8789A5F422149003E312D60ACCFB2C2465C ] GoogleDesktopManager-061008-081103 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
20:02:04.0064 0x2774 GoogleDesktopManager-061008-081103 - ok
20:02:04.0123 0x2774 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
20:02:04.0138 0x2774 gpsvc - ok
20:02:04.0233 0x2774 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:02:04.0237 0x2774 gupdate - ok
20:02:04.0258 0x2774 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:02:04.0262 0x2774 gupdatem - ok
20:02:04.0298 0x2774 [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:02:04.0304 0x2774 HdAudAddService - ok
20:02:04.0417 0x2774 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:02:04.0432 0x2774 HDAudBus - ok
20:02:04.0501 0x2774 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:02:04.0502 0x2774 HidBth - ok
20:02:04.0544 0x2774 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
20:02:04.0545 0x2774 HidIr - ok
20:02:04.0626 0x2774 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\system32\hidserv.dll
20:02:04.0628 0x2774 hidserv - ok
20:02:04.0697 0x2774 [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:02:04.0698 0x2774 HidUsb - ok
20:02:04.0784 0x2774 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
20:02:04.0788 0x2774 hkmsvc - ok
20:02:04.0844 0x2774 [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
20:02:04.0846 0x2774 HpCISSs - ok
20:02:04.0898 0x2774 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:02:04.0910 0x2774 HTTP - ok
20:02:04.0946 0x2774 [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys
20:02:04.0947 0x2774 i2omp - ok
20:02:05.0001 0x2774 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:02:05.0003 0x2774 i8042prt - ok
20:02:05.0115 0x2774 [ 8318E04A6455CED1020BCC5039B62CFA, 56AAE6E5912A8B10F253783C49AB79C77411F84E32045F1C54E9925728006636 ] ialm C:\Windows\system32\DRIVERS\ialmnt5.sys
20:02:05.0145 0x2774 ialm - ok
20:02:05.0202 0x2774 [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
20:02:05.0208 0x2774 iaStorV - ok
20:02:05.0337 0x2774 [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:02:05.0357 0x2774 idsvc - ok
20:02:05.0389 0x2774 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:02:05.0390 0x2774 iirsp - ok
20:02:05.0451 0x2774 [ 9908D8A397B76CD8D31D0D383C5773C9, FFA6996BE9F11A81CB63C849C2400EB44A07706D1EEB7A3502D4110DAC3684A2 ] IKEEXT C:\Windows\System32\ikeext.dll
20:02:05.0463 0x2774 IKEEXT - ok
20:02:05.0581 0x2774 [ 721B1A0434647418F98D034BEBD4B4DB, FC7E466F87F57D52F288F3F4043CE9B13E5D34F60556978125B43D7C0930B786 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:02:05.0622 0x2774 IntcAzAudAddService - ok
20:02:05.0662 0x2774 [ 97469037714070E45194ED318D636401, DDB5AE39BE0BD37ECB44969A5FA740E5B1169342347D0DB3E5DF0353A6708271 ] intelide C:\Windows\system32\drivers\intelide.sys
20:02:05.0664 0x2774 intelide - ok
20:02:05.0711 0x2774 [ CE44CC04262F28216DD4341E9E36A16F, 2B316C4124DCFEAD7838B3D8FB8DBEC3F3B1EA8EA612AABB05B1275D0B230CCD ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:02:05.0712 0x2774 intelppm - ok
20:02:05.0782 0x2774 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:02:05.0786 0x2774 IPBusEnum - ok
20:02:05.0832 0x2774 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:02:05.0834 0x2774 IpFilterDriver - ok
20:02:05.0882 0x2774 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:02:05.0889 0x2774 iphlpsvc - ok
20:02:05.0903 0x2774 IpInIp - ok
20:02:05.0962 0x2774 [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
20:02:05.0964 0x2774 IPMIDRV - ok
20:02:06.0014 0x2774 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
20:02:06.0017 0x2774 IPNAT - ok
20:02:06.0068 0x2774 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:02:06.0069 0x2774 IRENUM - ok
20:02:06.0153 0x2774 [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:02:06.0155 0x2774 isapnp - ok
20:02:06.0221 0x2774 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:02:06.0226 0x2774 iScsiPrt - ok
20:02:06.0254 0x2774 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
20:02:06.0255 0x2774 iteatapi - ok
20:02:06.0284 0x2774 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
20:02:06.0285 0x2774 iteraid - ok
20:02:06.0330 0x2774 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:02:06.0332 0x2774 kbdclass - ok
20:02:06.0387 0x2774 [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:02:06.0388 0x2774 kbdhid - ok
20:02:06.0478 0x2774 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
20:02:06.0483 0x2774 KeyIso - ok
20:02:06.0562 0x2774 [ 186B54479D98E48AEE0E9ADA4B3C4D31, A8C1577876CF16186610F26D7D859F8FDA4057AAFC33E8212339F56DA6A5F874 ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
20:02:06.0565 0x2774 KL1 - ok
20:02:06.0604 0x2774 [ BF485BFBA13C0AB116701FD9C55324D0, AA08276E8534D2ED9D714C43D6968524E74EE6101913B370CABF6D52842EF6EF ] kl2 C:\Windows\system32\DRIVERS\kl2.sys
20:02:06.0605 0x2774 kl2 - ok
20:02:06.0681 0x2774 [ AF04D0CE7939324E9A605B159295706C, 1C78DA30B11B1D7EBE70846CB28E6FF899DE59F4703D01D572A253AB3EF88E40 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
20:02:06.0694 0x2774 KLIF - ok
20:02:06.0709 0x2774 [ 6295A19003F935ECC6CCBE9E2376427B, 1FBC41D7B6AD73F171FBAF65523BE688C9733D2D654B414B5AF7F2F0AE65E2B5 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
20:02:06.0711 0x2774 KLIM6 - ok
20:02:06.0774 0x2774 [ 3DE1771C135328420315E21DDE229BBA, BBF25C20C3CD30E4A0E8952E95F0E5D3C80037F0CEBFE13C90C9D0422B5608E6 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
20:02:06.0775 0x2774 klmouflt - ok
20:02:06.0840 0x2774 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:02:06.0851 0x2774 KSecDD - ok
20:02:06.0902 0x2774 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:02:06.0913 0x2774 KtmRm - ok
20:02:06.0968 0x2774 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\system32\srvsvc.dll
20:02:06.0974 0x2774 LanmanServer - ok

[Frosty]

OK, OCD we got all here for the TDSSKiller log.
I hope I got every thing here you requested and that did not leave anything out.


20:02:07.0022 0x2774 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:02:07.0030 0x2774 LanmanWorkstation - ok
20:02:07.0074 0x2774 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:02:07.0076 0x2774 lltdio - ok
20:02:07.0145 0x2774 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:02:07.0152 0x2774 lltdsvc - ok
20:02:07.0194 0x2774 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:02:07.0197 0x2774 lmhosts - ok
20:02:07.0295 0x2774 [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:02:07.0297 0x2774 LSI_FC - ok
20:02:07.0342 0x2774 [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:02:07.0344 0x2774 LSI_SAS - ok
20:02:07.0367 0x2774 [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:02:07.0369 0x2774 LSI_SCSI - ok
20:02:07.0425 0x2774 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
20:02:07.0429 0x2774 luafv - ok
20:02:07.0475 0x2774 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:02:07.0478 0x2774 MBAMProtector - ok
20:02:07.0606 0x2774 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:02:07.0631 0x2774 MBAMScheduler - ok
20:02:07.0702 0x2774 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:02:07.0735 0x2774 MBAMService - ok
20:02:07.0783 0x2774 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:02:07.0789 0x2774 Mcx2Svc - ok
20:02:07.0834 0x2774 [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys
20:02:07.0837 0x2774 megasas - ok
20:02:07.0871 0x2774 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
20:02:07.0874 0x2774 MMCSS - ok
20:02:07.0921 0x2774 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
20:02:07.0922 0x2774 Modem - ok
20:02:07.0982 0x2774 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:02:07.0984 0x2774 monitor - ok
20:02:08.0033 0x2774 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:02:08.0036 0x2774 mouclass - ok
20:02:08.0095 0x2774 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:02:08.0097 0x2774 mouhid - ok
20:02:08.0141 0x2774 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
20:02:08.0143 0x2774 MountMgr - ok
20:02:08.0183 0x2774 [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys
20:02:08.0187 0x2774 mpio - ok
20:02:08.0226 0x2774 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:02:08.0230 0x2774 mpsdrv - ok
20:02:08.0286 0x2774 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:02:08.0298 0x2774 MpsSvc - ok
20:02:08.0322 0x2774 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
20:02:08.0329 0x2774 Mraid35x - ok
20:02:08.0356 0x2774 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:02:08.0359 0x2774 MRxDAV - ok
20:02:08.0390 0x2774 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:02:08.0409 0x2774 mrxsmb - ok
20:02:08.0452 0x2774 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:02:08.0460 0x2774 mrxsmb10 - ok
20:02:08.0478 0x2774 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:02:08.0482 0x2774 mrxsmb20 - ok
20:02:08.0552 0x2774 [ 742AED7939E734C36B7E8D6228CE26B7, 6F727144BBD42C9C5555087CA51DE8D501B5CBEFB9967866CC578733E3C5E681 ] msahci C:\Windows\system32\drivers\msahci.sys
20:02:08.0555 0x2774 msahci - ok
20:02:08.0579 0x2774 [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:02:08.0583 0x2774 msdsm - ok
20:02:08.0657 0x2774 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
20:02:08.0664 0x2774 MSDTC - ok
20:02:08.0715 0x2774 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:02:08.0717 0x2774 Msfs - ok
20:02:08.0750 0x2774 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:02:08.0752 0x2774 msisadrv - ok
20:02:08.0789 0x2774 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:02:08.0796 0x2774 MSiSCSI - ok
20:02:08.0807 0x2774 msiserver - ok
20:02:08.0847 0x2774 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:02:08.0848 0x2774 MSKSSRV - ok
20:02:08.0877 0x2774 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:02:08.0879 0x2774 MSPCLOCK - ok
20:02:08.0897 0x2774 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:02:08.0899 0x2774 MSPQM - ok
20:02:08.0949 0x2774 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:02:08.0954 0x2774 MsRPC - ok
20:02:08.0993 0x2774 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:02:08.0995 0x2774 mssmbios - ok
20:02:09.0135 0x2774 MSSQL$UPSWSDBSERVER - ok
20:02:09.0265 0x2774 [ ADAF062116B4E6D96E44D26486A87AF6, 1A2EE7C4598E8442F24A5C97FEBF7AC6A20703F7EA9097B6E48BE4A05E231D8C ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:02:09.0281 0x2774 MSSQLServerADHelper - ok
20:02:09.0351 0x2774 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:02:09.0353 0x2774 MSTEE - ok
20:02:09.0391 0x2774 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
20:02:09.0393 0x2774 Mup - ok
20:02:09.0444 0x2774 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
20:02:09.0460 0x2774 napagent - ok
20:02:09.0495 0x2774 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:02:09.0502 0x2774 NativeWifiP - ok
20:02:09.0560 0x2774 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:02:09.0586 0x2774 NDIS - ok
20:02:09.0627 0x2774 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:02:09.0630 0x2774 NdisTapi - ok
20:02:09.0663 0x2774 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:02:09.0665 0x2774 Ndisuio - ok
20:02:09.0700 0x2774 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:02:09.0706 0x2774 NdisWan - ok
20:02:09.0746 0x2774 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:02:09.0749 0x2774 NDProxy - ok
20:02:09.0764 0x2774 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:02:09.0767 0x2774 NetBIOS - ok
20:02:09.0804 0x2774 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
20:02:09.0825 0x2774 netbt - ok
20:02:09.0893 0x2774 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
20:02:09.0896 0x2774 Netlogon - ok
20:02:09.0949 0x2774 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
20:02:09.0958 0x2774 Netman - ok
20:02:10.0007 0x2774 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
20:02:10.0016 0x2774 netprofm - ok
20:02:10.0062 0x2774 [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:02:10.0067 0x2774 NetTcpPortSharing - ok
20:02:10.0209 0x2774 [ 6E9EDC1020B319E7676387B8CDF2398C, EF9B26369A845FC1E96ADD4051E52DA13CAA54158956F36CB10CBF3610D2B678 ] NETw2v32 C:\Windows\system32\DRIVERS\NETw2v32.sys
20:02:10.0306 0x2774 NETw2v32 - ok
20:02:10.0333 0x2774 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:02:10.0337 0x2774 nfrd960 - ok
20:02:10.0379 0x2774 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
20:02:10.0388 0x2774 NlaSvc - ok
20:02:10.0419 0x2774 [ 6623E51595C0076755C29C00846C4EB2, EB661942E3C552DD33B197A9A0BF6AB56CE5CB92BAC183A02B918F0CD3D80F97 ] NPF C:\Windows\system32\drivers\npf.sys
20:02:10.0422 0x2774 NPF - ok
20:02:10.0455 0x2774 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:02:10.0457 0x2774 Npfs - ok
20:02:10.0489 0x2774 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
20:02:10.0493 0x2774 nsi - ok
20:02:10.0533 0x2774 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:02:10.0535 0x2774 nsiproxy - ok
20:02:10.0640 0x2774 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:02:10.0690 0x2774 Ntfs - ok
20:02:10.0733 0x2774 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
20:02:10.0736 0x2774 ntrigdigi - ok
20:02:10.0763 0x2774 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
20:02:10.0765 0x2774 Null - ok
20:02:11.0075 0x2774 [ FF58C7A7DA6116C1F71E883CB088D598, 057DADC88BB2B8D29BE14D94CC81546826D64E76F50C6E359506DB954EAE0847 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:02:11.0347 0x2774 nvlddmkm - ok
20:02:11.0412 0x2774 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:02:11.0424 0x2774 nvraid - ok
20:02:11.0449 0x2774 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:02:11.0452 0x2774 nvstor - ok
20:02:11.0487 0x2774 [ DC5F166422BEEBF195E3E4BB8AB4EE22, C98539C12588A79ECAAA2CE50DCDDA801FB62AD401D7DA1056BE30F266F0E63B ] nvstor32 C:\Windows\system32\DRIVERS\nvstor32.sys
20:02:11.0490 0x2774 nvstor32 - ok
20:02:11.0543 0x2774 [ 56407B8616E4206EE02892A2AC712EF3, 78D44BCD0E4CF8CB1A7C3A76977A748BC23ADD925683D639CB22A131F67F89F0 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:02:11.0549 0x2774 nvsvc - ok
20:02:11.0578 0x2774 [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:02:11.0583 0x2774 nv_agp - ok
20:02:11.0596 0x2774 NwlnkFlt - ok
20:02:11.0607 0x2774 NwlnkFwd - ok
20:02:11.0647 0x2774 [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:02:11.0651 0x2774 ohci1394 - ok
20:02:11.0703 0x2774 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:02:11.0709 0x2774 ose - ok
20:02:11.0772 0x2774 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
20:02:11.0805 0x2774 p2pimsvc - ok
20:02:11.0847 0x2774 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
20:02:11.0866 0x2774 p2psvc - ok
20:02:11.0931 0x2774 [ 8A79FDF04A73428597E2CAF9D0D67850, DB438FDE5510AB2F350ED1AC4CF0E99D3CC665FE46533A438A8FDA4DAF950F93 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:02:11.0935 0x2774 Parport - ok
20:02:11.0994 0x2774 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:02:11.0997 0x2774 partmgr - ok
20:02:12.0014 0x2774 [ 6C580025C81CAF3AE9E3617C22CAD00E, 64F9061196462085E5DCD3ACB97A0D8FC67CA9A96DDD6E2103AFFF1593AE236A ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:02:12.0016 0x2774 Parvdm - ok
20:02:12.0049 0x2774 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
20:02:12.0053 0x2774 PcaSvc - ok
20:02:12.0094 0x2774 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
20:02:12.0101 0x2774 pci - ok
20:02:12.0116 0x2774 [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide C:\Windows\system32\drivers\pciide.sys
20:02:12.0120 0x2774 pciide - ok
20:02:12.0160 0x2774 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:02:12.0168 0x2774 pcmcia - ok
20:02:12.0233 0x2774 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:02:12.0274 0x2774 PEAUTH - ok
20:02:12.0386 0x2774 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
20:02:12.0448 0x2774 pla - ok
20:02:12.0492 0x2774 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:02:12.0501 0x2774 PlugPlay - ok
20:02:12.0555 0x2774 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
20:02:12.0573 0x2774 PNRPAutoReg - ok
20:02:12.0613 0x2774 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
20:02:12.0631 0x2774 PNRPsvc - ok
20:02:12.0684 0x2774 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:02:12.0694 0x2774 PolicyAgent - ok
20:02:12.0740 0x2774 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:02:12.0744 0x2774 PptpMiniport - ok
20:02:12.0780 0x2774 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
20:02:12.0783 0x2774 Processor - ok
20:02:12.0821 0x2774 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
20:02:12.0828 0x2774 ProfSvc - ok
20:02:12.0850 0x2774 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
20:02:12.0853 0x2774 ProtectedStorage - ok
20:02:12.0888 0x2774 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
20:02:12.0890 0x2774 PSched - ok
20:02:12.0960 0x2774 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:02:13.0001 0x2774 ql2300 - ok
20:02:13.0029 0x2774 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:02:13.0034 0x2774 ql40xx - ok
20:02:13.0090 0x2774 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
20:02:13.0107 0x2774 QWAVE - ok
20:02:13.0146 0x2774 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:02:13.0148 0x2774 QWAVEdrv - ok
20:02:13.0181 0x2774 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:02:13.0184 0x2774 RasAcd - ok
20:02:13.0232 0x2774 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
20:02:13.0249 0x2774 RasAuto - ok
20:02:13.0294 0x2774 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:02:13.0299 0x2774 Rasl2tp - ok
20:02:13.0339 0x2774 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
20:02:13.0357 0x2774 RasMan - ok
20:02:13.0393 0x2774 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:02:13.0396 0x2774 RasPppoe - ok
20:02:13.0430 0x2774 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:02:13.0434 0x2774 RasSstp - ok
20:02:13.0475 0x2774 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:02:13.0491 0x2774 rdbss - ok
20:02:13.0539 0x2774 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:02:13.0541 0x2774 RDPCDD - ok
20:02:13.0591 0x2774 [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
20:02:13.0608 0x2774 rdpdr - ok
20:02:13.0619 0x2774 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:02:13.0623 0x2774 RDPENCDD - ok
20:02:13.0686 0x2774 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:02:13.0703 0x2774 RDPWD - ok
20:02:13.0768 0x2774 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
20:02:13.0774 0x2774 RemoteAccess - ok
20:02:13.0812 0x2774 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:02:13.0820 0x2774 RemoteRegistry - ok
20:02:13.0858 0x2774 [ E51A8D02B4BD33EBA1F7A5B76C3766ED, A1E5747F4034356CD3E8EDC2A847EB92CF1C9F6C0E865BDE8F46D90C005A7ED8 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
20:02:13.0862 0x2774 rpcapd - ok
20:02:13.0901 0x2774 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
20:02:13.0904 0x2774 RpcLocator - ok
20:02:13.0953 0x2774 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
20:02:13.0969 0x2774 RpcSs - ok
20:02:14.0011 0x2774 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:02:14.0015 0x2774 rspndr - ok
20:02:14.0026 0x2774 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
20:02:14.0029 0x2774 SamSs - ok
20:02:14.0066 0x2774 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:02:14.0070 0x2774 sbp2port - ok
20:02:14.0110 0x2774 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:02:14.0118 0x2774 SCardSvr - ok
20:02:14.0175 0x2774 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
20:02:14.0192 0x2774 Schedule - ok
20:02:14.0233 0x2774 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
20:02:14.0235 0x2774 SCPolicySvc - ok
20:02:14.0273 0x2774 [ 4339A2585708C7D9B0C0CE5AAD3DD6FF, 1B764838EC90A4F5A8130630BA32C014C033BF39C0DE1C114298F254580F0983 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:02:14.0278 0x2774 sdbus - ok
20:02:14.0320 0x2774 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:02:14.0329 0x2774 SDRSVC - ok
20:02:14.0350 0x2774 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:02:14.0353 0x2774 secdrv - ok
20:02:14.0383 0x2774 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
20:02:14.0387 0x2774 seclogon - ok
20:02:14.0420 0x2774 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
20:02:14.0425 0x2774 SENS - ok
20:02:14.0455 0x2774 [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:02:14.0457 0x2774 Serenum - ok
20:02:14.0500 0x2774 [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:02:14.0503 0x2774 Serial - ok
20:02:14.0544 0x2774 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:02:14.0547 0x2774 sermouse - ok
20:02:14.0605 0x2774 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
20:02:14.0614 0x2774 SessionEnv - ok
20:02:14.0646 0x2774 [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:02:14.0649 0x2774 sffdisk - ok
20:02:14.0668 0x2774 [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:02:14.0670 0x2774 sffp_mmc - ok
20:02:14.0693 0x2774 [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:02:14.0696 0x2774 sffp_sd - ok
20:02:14.0713 0x2774 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:02:14.0716 0x2774 sfloppy - ok
20:02:14.0758 0x2774 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:02:14.0775 0x2774 SharedAccess - ok
20:02:14.0825 0x2774 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:02:14.0834 0x2774 ShellHWDetection - ok
20:02:14.0875 0x2774 [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:02:14.0877 0x2774 sisagp - ok
20:02:14.0903 0x2774 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
20:02:14.0906 0x2774 SiSRaid2 - ok
20:02:14.0931 0x2774 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:02:14.0935 0x2774 SiSRaid4 - ok
20:02:15.0094 0x2774 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
20:02:15.0176 0x2774 slsvc - ok
20:02:15.0206 0x2774 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
20:02:15.0213 0x2774 SLUINotify - ok
20:02:15.0246 0x2774 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:02:15.0248 0x2774 Smb - ok
20:02:15.0284 0x2774 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:02:15.0288 0x2774 SNMPTRAP - ok
20:02:15.0325 0x2774 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
20:02:15.0328 0x2774 spldr - ok
20:02:15.0373 0x2774 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
20:02:15.0379 0x2774 Spooler - ok
20:02:15.0422 0x2774 [ D2B096CD2F56FAC6EEEED9A77DDF6DC8, FD904FBB36ED60AE084F86F7196FCE48F798CF720DB1677C307059E45497E140 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:02:15.0431 0x2774 SQLBrowser - ok
20:02:15.0476 0x2774 [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:02:15.0480 0x2774 SQLWriter - ok
20:02:15.0528 0x2774 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
20:02:15.0536 0x2774 srv - ok
20:02:15.0586 0x2774 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:02:15.0590 0x2774 srv2 - ok
20:02:15.0611 0x2774 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:02:15.0615 0x2774 srvnet - ok
20:02:15.0650 0x2774 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:02:15.0658 0x2774 SSDPSRV - ok
20:02:15.0693 0x2774 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:02:15.0705 0x2774 SstpSvc - ok
20:02:15.0740 0x2774 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
20:02:15.0755 0x2774 stisvc - ok
20:02:15.0778 0x2774 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:02:15.0780 0x2774 swenum - ok
20:02:15.0825 0x2774 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
20:02:15.0850 0x2774 swprv - ok
20:02:15.0886 0x2774 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
20:02:15.0889 0x2774 Symc8xx - ok
20:02:15.0918 0x2774 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
20:02:15.0921 0x2774 Sym_hi - ok
20:02:15.0949 0x2774 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
20:02:15.0956 0x2774 Sym_u3 - ok
20:02:16.0015 0x2774 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
20:02:16.0032 0x2774 SysMain - ok
20:02:16.0058 0x2774 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:02:16.0064 0x2774 TabletInputService - ok
20:02:16.0110 0x2774 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:02:16.0127 0x2774 TapiSrv - ok
20:02:16.0161 0x2774 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
20:02:16.0166 0x2774 TBS - ok
20:02:16.0243 0x2774 [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:02:16.0283 0x2774 Tcpip - ok
20:02:16.0342 0x2774 [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
20:02:16.0369 0x2774 Tcpip6 - ok
20:02:16.0412 0x2774 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:02:16.0415 0x2774 tcpipreg - ok
20:02:16.0453 0x2774 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:02:16.0456 0x2774 TDPIPE - ok
20:02:16.0495 0x2774 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:02:16.0498 0x2774 TDTCP - ok
20:02:16.0542 0x2774 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:02:16.0546 0x2774 tdx - ok
20:02:16.0585 0x2774 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:02:16.0588 0x2774 TermDD - ok
20:02:16.0623 0x2774 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
20:02:16.0638 0x2774 TermService - ok
20:02:16.0667 0x2774 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
20:02:16.0676 0x2774 Themes - ok
20:02:16.0694 0x2774 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
20:02:16.0697 0x2774 THREADORDER - ok
20:02:16.0736 0x2774 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
20:02:16.0742 0x2774 TrkWks - ok
20:02:16.0791 0x2774 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:02:16.0794 0x2774 TrustedInstaller - ok
20:02:16.0854 0x2774 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:02:16.0856 0x2774 tssecsrv - ok
20:02:16.0897 0x2774 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
20:02:16.0899 0x2774 tunmp - ok
20:02:16.0939 0x2774 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:02:16.0942 0x2774 tunnel - ok
20:02:16.0983 0x2774 [ 539E1D1B453C47B1C4FD26EC5FE42DED, DF61D1601BD0A526728F05FF646EFA65A57FC9DF3C54114B21F38B4B30D62B22 ] txtidwow C:\Windows\system32\DRIVERS\txtidwow.sys
20:02:16.0986 0x2774 txtidwow - ok
20:02:17.0023 0x2774 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:02:17.0026 0x2774 uagp35 - ok
20:02:17.0074 0x2774 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:02:17.0086 0x2774 udfs - ok
20:02:17.0168 0x2774 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:02:17.0188 0x2774 UI0Detect - ok
20:02:17.0235 0x2774 [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:02:17.0239 0x2774 uliagpkx - ok
20:02:17.0269 0x2774 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
20:02:17.0285 0x2774 uliahci - ok
20:02:17.0307 0x2774 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
20:02:17.0312 0x2774 UlSata - ok
20:02:17.0339 0x2774 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
20:02:17.0344 0x2774 ulsata2 - ok
20:02:17.0381 0x2774 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:02:17.0384 0x2774 umbus - ok
20:02:17.0479 0x2774 [ A95B7DD484887DCABC3897FA2FE06B50, 49BB7D1C911C6732C9D5F6BDD158363FE9400F8DA534346F6504DA64C1D22ED8 ] Update Swift Browse C:\Program Files\Swift Browse\updateSwiftBrowse.exe
20:02:17.0481 0x2774 Update Swift Browse - ok
20:02:17.0534 0x2774 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
20:02:17.0544 0x2774 upnphost - ok
20:02:17.0594 0x2774 [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:02:17.0598 0x2774 usbaudio - ok
20:02:17.0638 0x2774 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:02:17.0642 0x2774 usbccgp - ok
20:02:17.0694 0x2774 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:02:17.0696 0x2774 usbcir - ok
20:02:17.0738 0x2774 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:02:17.0741 0x2774 usbehci - ok
20:02:17.0781 0x2774 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:02:17.0798 0x2774 usbhub - ok
20:02:17.0829 0x2774 [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:02:17.0832 0x2774 usbohci - ok
20:02:17.0863 0x2774 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:02:17.0864 0x2774 usbprint - ok
20:02:17.0886 0x2774 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:02:17.0892 0x2774 USBSTOR - ok
20:02:17.0939 0x2774 [ 325DBBACB8A36AF9988CCF40EAC228CC, 22FE5658A12296634FBE9D8565485BEE8CB200C47182F70DC9D2B0442E10C4AA ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:02:17.0942 0x2774 usbuhci - ok
20:02:17.0987 0x2774 [ 8D31A140B55021BBD3A608F5A7AA2E18, EBD27A50DC3C009365DB64F7E7222F3075405ECD731B82229CDF0F500617C838 ] USB_RNDIS C:\Windows\system32\DRIVERS\usb8023.sys
20:02:17.0989 0x2774 USB_RNDIS - ok
20:02:18.0004 0x2774 Util Swift Browse - ok
20:02:18.0041 0x2774 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
20:02:18.0046 0x2774 UxSms - ok
20:02:18.0097 0x2774 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
20:02:18.0122 0x2774 vds - ok
20:02:18.0153 0x2774 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:02:18.0156 0x2774 vga - ok
20:02:18.0189 0x2774 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:02:18.0192 0x2774 VgaSave - ok
20:02:18.0226 0x2774 [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:02:18.0230 0x2774 viaagp - ok
20:02:18.0254 0x2774 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
20:02:18.0257 0x2774 ViaC7 - ok
20:02:18.0278 0x2774 [ FD2E3175FCADA350C7AB4521DCA187EC, 1C914B184478611A27E0141F90EBC34FC63DFB2A83441DD36DFA43D945FB1C52 ] viaide C:\Windows\system32\drivers\viaide.sys
20:02:18.0281 0x2774 viaide - ok
20:02:18.0321 0x2774 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:02:18.0325 0x2774 volmgr - ok
20:02:18.0371 0x2774 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:02:18.0387 0x2774 volmgrx - ok
20:02:18.0434 0x2774 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:02:18.0451 0x2774 volsnap - ok
20:02:18.0493 0x2774 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:02:18.0503 0x2774 vsmraid - ok
20:02:18.0585 0x2774 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
20:02:18.0635 0x2774 VSS - ok
20:02:18.0677 0x2774 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
20:02:18.0688 0x2774 W32Time - ok
20:02:18.0727 0x2774 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:02:18.0729 0x2774 WacomPen - ok
20:02:18.0774 0x2774 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:02:18.0778 0x2774 Wanarp - ok
20:02:18.0799 0x2774 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:02:18.0801 0x2774 Wanarpv6 - ok
20:02:18.0833 0x2774 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:02:18.0847 0x2774 wcncsvc - ok
20:02:18.0881 0x2774 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:02:18.0887 0x2774 WcsPlugInService - ok
20:02:18.0934 0x2774 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
20:02:18.0937 0x2774 Wd - ok
20:02:18.0994 0x2774 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:02:19.0023 0x2774 Wdf01000 - ok
20:02:19.0067 0x2774 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:02:19.0073 0x2774 WdiServiceHost - ok
20:02:19.0095 0x2774 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:02:19.0101 0x2774 WdiSystemHost - ok
20:02:19.0141 0x2774 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
20:02:19.0150 0x2774 WebClient - ok
20:02:19.0192 0x2774 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:02:19.0217 0x2774 Wecsvc - ok
20:02:19.0262 0x2774 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:02:19.0270 0x2774 wercplsupport - ok
20:02:19.0312 0x2774 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
20:02:19.0319 0x2774 WerSvc - ok
20:02:19.0373 0x2774 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:02:19.0383 0x2774 WinDefend - ok
20:02:19.0400 0x2774 WinHttpAutoProxySvc - ok
20:02:19.0438 0x2774 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:02:19.0443 0x2774 Winmgmt - ok
20:02:19.0520 0x2774 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
20:02:19.0575 0x2774 WinRM - ok
20:02:19.0646 0x2774 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:02:19.0662 0x2774 Wlansvc - ok
20:02:19.0694 0x2774 [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:02:19.0696 0x2774 WmiAcpi - ok
20:02:19.0739 0x2774 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:02:19.0745 0x2774 wmiApSrv - ok
20:02:19.0825 0x2774 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:02:19.0859 0x2774 WMPNetworkSvc - ok
20:02:19.0910 0x2774 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:02:19.0919 0x2774 WPCSvc - ok
20:02:19.0961 0x2774 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:02:19.0967 0x2774 WPDBusEnum - ok
20:02:19.0991 0x2774 [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
20:02:19.0994 0x2774 WpdUsb - ok
20:02:20.0091 0x2774 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:02:20.0124 0x2774 WPFFontCache_v0400 - ok
20:02:20.0170 0x2774 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:02:20.0172 0x2774 ws2ifsl - ok
20:02:20.0209 0x2774 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
20:02:20.0216 0x2774 wscsvc - ok
20:02:20.0227 0x2774 WSearch - ok
20:02:20.0350 0x2774 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
20:02:20.0399 0x2774 wuauserv - ok
20:02:20.0461 0x2774 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:02:20.0464 0x2774 WudfPf - ok
20:02:20.0520 0x2774 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:02:20.0527 0x2774 WUDFRd - ok
20:02:20.0588 0x2774 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:02:20.0595 0x2774 wudfsvc - ok
20:02:20.0659 0x2774 [ 04E268ADFC81964C49DC0C082D520F7E, 7D2574E366636AB1D59A08FE3038268095D627C39636C6ED6BCE1D5ACB44A179 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
20:02:20.0671 0x2774 yukonwlh - ok
20:02:20.0691 0x2774 ================ Scan global ===============================
20:02:20.0721 0x2774 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
20:02:20.0789 0x2774 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:02:20.0833 0x2774 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:02:20.0890 0x2774 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
20:02:20.0900 0x2774 [ Global ] - ok
20:02:20.0905 0x2774 ================ Scan MBR ==================================
20:02:20.0919 0x2774 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
20:02:21.0542 0x2774 \Device\Harddisk0\DR0 - ok
20:02:21.0547 0x2774 ================ Scan VBR ==================================
20:02:21.0551 0x2774 [ 4C007A8E6CEB52BA9D6D11621D1AA8C1 ] \Device\Harddisk0\DR0\Partition1
20:02:21.0552 0x2774 \Device\Harddisk0\DR0\Partition1 - ok
20:02:21.0586 0x2774 [ 19DC5944FA745607840AE0053DBB53E9 ] \Device\Harddisk0\DR0\Partition2
20:02:21.0587 0x2774 \Device\Harddisk0\DR0\Partition2 - ok
20:02:21.0626 0x2774 AV detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\wmiav.exe ( 12.0.0.374 ), 0x41010 ( enabled : outofdate )
20:02:21.0629 0x2774 FW detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\wmifw.exe ( 12.0.0.374 ), 0x41010 ( enabled )
20:02:24.0179 0x2774 ============================================================
20:02:24.0179 0x2774 Scan finished
20:02:24.0179 0x2774 ============================================================
20:02:24.0193 0x2068 Detected object count: 0
20:02:24.0193 0x2068 Actual detected object count: 0
20:05:52.0231 0x3dbc Deinitialize success

[OCD]

Hi Frosty,

Thanks for the logs, you did perfect.

While I was in there I noticed a few other programs that I'm not sure about: Should I remove these programs?

If you don't know how they got on your system and don't have any use for them, it is up to you if you want to remove them.

= = = = = = = = = = = = = = = = = = = =

ESET Online Scanner

*Note:

• It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
• Please don't go surfing while your resident protection is disabled!
• Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.

** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".

= = = = = = = = = = = = = = = = = = = =

Go here to run ESET Online Scanner

(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)

• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
• Click Start
• Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is Checked.
• Click Scan.
• Wait for the scan to finish.
• When the scan completes, click List of found threats
• click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
• Include the contents of this report in your next reply
  
  Note - when ESET doesn't find any threats, no report will be created.
• Push the back button.
• Push Finish
• Re-enable your Antivirus software.

=========================

Re-run OTL (it should be located on your desktop).

• • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
• Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Uncheck the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open one notepad window. OTL.Txt. (No Extras.txt will be produced)
  Note:The log can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
• Please copy (Edit->Select All, Edit->Copy) the contents of the file, and post it with your next reply.

=========================

In your next post please provide the following:

• ESET's log.txt
• OTL.txt
• How's the computer running, any symptoms?

[Frosty]

Hi OCD,

Thanks for thumbs up.

I had ran into an error when running the ESET scan. I did get it done. There was no "Run as Administrator" on the short cut. Also when I went back to turn on A/V I notice that Defender must have turned itself on when I diabled the A/V. So it was running when I did the ESET Scan.

As for the system, I see improvements. seems to be running smooth. Yesterday it was running really good. Today running slower. I have no more pops asking me nicely to remove the junk from your computor. When I start up I get a light blue screen at first and then shortly the login screen loads. When I launch programs, explorer I get not responding after a short time it loads. I never notice this before.

ESET Scan File:

C:\Windows\System32\seruntxt.dll a variant of Win32/Urlbot.NAN trojan


OTL Log:

OTL logfile created on: 11/2/2013 12:30:24 PM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\EMachUser\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.76 Mb Total Physical Memory | 231.57 Mb Available Physical Memory | 25.91% Memory free
2.00 Gb Paging File | 0.75 Gb Available in Paging File | 37.34% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.22 Gb Total Space | 79.12 Gb Free Space | 56.83% Space Free | Partition Type: NTFS
Drive D: | 9.83 Gb Total Space | 4.41 Gb Free Space | 44.88% Space Free | Partition Type: NTFS

Computer Name: FRONTDESK | User Name: EMachUser | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\EMachUser\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtblfs.exe (Kaspersky Lab ZAO)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\regsvr32.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()


========== Services (SafeList) ==========

SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (GameConsoleService) -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)
SRV - (MSSQL$UPSWSDBSERVER) -- c:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)


========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (USB_RNDIS) -- C:\Windows\System32\drivers\usb8023.sys (Microsoft Corporation)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (txtidwow) -- C:\Windows\System32\drivers\txtidwow.sys ()
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (NETw2v32) -- C:\Windows\System32\drivers\NETw2v32.sys (Intel® Corporation)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (Cdralw2k) -- C:\Windows\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\Windows\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)
DRV - (BrPar) -- C:\Windows\System32\drivers\BRPAR.SYS (Brother Industries Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.h...ys=DTP&M=T5062
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.h...ys=DTP&M=T5062
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D98FBCDE-CE80-40BC-A775-1E7901C4A600}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {676FC0DB-138B-4F55-9F2F-2BE262E72B4E}
IE - HKCU\..\SearchScopes\{676FC0DB-138B-4F55-9F2F-2BE262E72B4E}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{D98FBCDE-CE80-40BC-A775-1E7901C4A600}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012/09/04 12:35:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012/09/04 12:35:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012/09/04 12:35:33 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll (Gateway Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - Startup: C:\Users\EMachUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D122C78F-1EB5-4E6F-B163-D2F3CBC3B553}: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/23 19:02:49 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 04:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{5e094961-2908-11dc-ab3e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5e094961-2908-11dc-ab3e-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SPSETUP.EXE
O33 - MountPoints2\{88f79cf2-40f8-11df-8291-001bb95f5c4b}\Shell - "" = AutoRun
O33 - MountPoints2\{88f79cf2-40f8-11df-8291-001bb95f5c4b}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/02 09:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/11/01 16:32:59 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013/11/01 16:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/11/01 16:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2013/11/01 16:30:01 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\EMachUser\Desktop\erunt-setup.exe
[2013/11/01 15:31:01 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\EMachUser\Desktop\dds.scr
[2013/11/01 15:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013/11/01 15:09:17 | 000,000,000 | ---D | C] -- C:\Users\EMachUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/11/01 13:23:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\EMachUser\Desktop\OTL.exe
[2013/11/01 13:22:51 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\EMachUser\Desktop\aswMBR.exe
[2013/11/01 09:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/01 09:22:21 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/11/01 09:19:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/01 09:19:18 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\EMachUser\Desktop\mbam-setup-1.75.0.1300.exe
[2013/11/01 09:09:09 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/01 09:06:06 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\EMachUser\Desktop\JRT.exe
[2013/11/01 08:55:37 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/31 10:34:34 | 000,000,000 | ---D | C] -- C:\564c0b1906d847d402cfc34485e17a
[2013/10/31 10:27:38 | 000,000,000 | ---D | C] -- C:\72018930be9e0dffa9df21
[2013/10/30 23:11:26 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/10/30 22:48:56 | 000,000,000 | ---D | C] -- C:\Users\EMachUser\Desktop\RK_Quarantine
[2013/10/30 09:02:07 | 000,000,000 | ---D | C] -- C:\Users\EMachUser\AppData\Roaming\Malwarebytes
[2013/10/30 09:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/30 09:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/10/11 10:44:44 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/11 10:44:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/11 10:44:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/10/11 10:44:42 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/11 10:44:41 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/11 10:44:40 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/10/11 10:44:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/10/11 10:44:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/10/10 15:45:17 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/10/10 15:45:16 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/10/10 15:45:15 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/10/10 15:45:15 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/10/10 15:45:15 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/10/10 15:45:15 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/10/10 15:45:14 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/10/10 15:45:14 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/10/10 15:45:10 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/10 15:45:09 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/10 15:45:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013/10/10 15:45:02 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 15:44:58 | 002,050,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/10/10 15:44:28 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/10/10 15:44:28 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/10/10 15:42:39 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2007/12/16 17:49:08 | 000,147,456 | ---- | C] (Info-ZIP) -- C:\Users\EMachUser\vbzip10.dll

========== Files - Modified Within 30 Days ==========

[2013/11/02 12:34:58 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/02 12:34:58 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/02 12:27:44 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/11/02 12:20:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/02 11:46:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/02 10:21:48 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/02 08:33:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/02 08:33:43 | 937,943,040 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/01 16:30:47 | 000,000,913 | ---- | M] () -- C:\Users\EMachUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/11/01 16:30:38 | 000,000,714 | ---- | M] () -- C:\Users\EMachUser\Desktop\ERUNT.lnk
[2013/11/01 16:30:06 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\EMachUser\Desktop\erunt-setup.exe
[2013/11/01 15:31:11 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\EMachUser\Desktop\dds.scr
[2013/11/01 15:17:44 | 000,000,553 | ---- | M] () -- C:\Users\EMachUser\Desktop\MBR.zip
[2013/11/01 15:10:37 | 000,002,531 | ---- | M] () -- C:\Users\EMachUser\Desktop\HiJackThis.lnk
[2013/11/01 15:07:28 | 001,402,880 | ---- | M] () -- C:\Users\EMachUser\Desktop\HijackThis.msi
[2013/11/01 14:23:25 | 000,000,512 | ---- | M] () -- C:\Users\EMachUser\Desktop\MBR.dat
[2013/11/01 13:23:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\EMachUser\Desktop\OTL.exe
[2013/11/01 13:23:14 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\EMachUser\Desktop\aswMBR.exe
[2013/11/01 13:22:33 | 000,891,184 | ---- | M] () -- C:\Users\EMachUser\Desktop\SecurityCheck.exe
[2013/11/01 09:20:10 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\EMachUser\Desktop\mbam-setup-1.75.0.1300.exe
[2013/11/01 09:06:07 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\EMachUser\Desktop\JRT.exe
[2013/11/01 08:53:44 | 001,073,262 | ---- | M] () -- C:\Users\EMachUser\Desktop\AdwCleaner.exe
[2013/10/11 11:31:11 | 000,654,114 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/10/11 11:31:11 | 000,122,868 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/10/11 11:23:40 | 000,454,072 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/10 13:49:51 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/10/10 13:49:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2013/11/01 16:30:47 | 000,000,913 | ---- | C] () -- C:\Users\EMachUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/11/01 16:30:38 | 000,000,714 | ---- | C] () -- C:\Users\EMachUser\Desktop\ERUNT.lnk
[2013/11/01 15:17:44 | 000,000,553 | ---- | C] () -- C:\Users\EMachUser\Desktop\MBR.zip
[2013/11/01 15:09:17 | 000,002,531 | ---- | C] () -- C:\Users\EMachUser\Desktop\HiJackThis.lnk
[2013/11/01 15:06:59 | 001,402,880 | ---- | C] () -- C:\Users\EMachUser\Desktop\HijackThis.msi
[2013/11/01 14:23:25 | 000,000,512 | ---- | C] () -- C:\Users\EMachUser\Desktop\MBR.dat
[2013/11/01 13:22:28 | 000,891,184 | ---- | C] () -- C:\Users\EMachUser\Desktop\SecurityCheck.exe
[2013/11/01 08:53:43 | 001,073,262 | ---- | C] () -- C:\Users\EMachUser\Desktop\AdwCleaner.exe
[2013/10/31 11:17:39 | 937,943,040 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/10 20:50:10 | 000,017,388 | ---- | C] () -- C:\Windows\System32\usboktcp.dll
[2011/11/06 18:14:51 | 000,017,408 | ---- | C] () -- C:\Users\EMachUser\AppData\Local\WebpageIcons.db
[2011/11/06 18:11:47 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011/11/06 18:11:46 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010/03/26 19:42:33 | 000,023,580 | ---- | C] () -- C:\Users\EMachUser\AppData\Roaming\UserTile.png
[2008/12/08 12:04:41 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/08/07 16:09:54 | 000,000,000 | ---- | C] () -- C:\Users\EMachUser\AppData\Roaming\wklnhst.dat
[2008/03/08 12:32:19 | 000,004,096 | -H-- | C] () -- C:\Users\EMachUser\AppData\Local\keyfile3.drm
[2008/03/08 11:46:08 | 000,007,268 | ---- | C] () -- C:\Users\EMachUser\AppData\Local\d3d9caps.dat
[2008/02/01 10:38:53 | 000,000,632 | RHS- | C] () -- C:\Users\EMachUser\ntuser.pol
[2008/01/30 01:23:12 | 000,008,017 | ---- | C] () -- C:\Users\EMachUser\ia_remove.sh
[2007/12/23 19:57:43 | 000,000,363 | ---- | C] () -- C:\ProgramData\lxdc
[2007/09/28 15:49:19 | 000,036,352 | ---- | C] () -- C:\Users\EMachUser\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2615E8F1

< End of report >

[OCD]

Hi Frosty,

Run OTL.exe

• • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
• Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
  
  
  Code:

  :OTL
  
  :Files
  C:\Windows\System32\seruntxt.dll
  
  :Services
  
  :Reg
  
  :Commands
  [purity]
  [createrestorepoint]
  [emptytemp]
  [Reboot]

• Then click the Run Fix button at the top
• Let the program run unhindered, reboot when it is done

=========================

VirusTotal

Please go to: VirusTotal

• Click the Browse button and search for the following file: C:\Windows\System32\drivers\txtidwow.sys
• Click Open
• Then click Send File
• Please be patient while the file is scanned.
• Once the scan results appear, please provide them in your next reply.

If it says already scanned -- click "reanalyze now"

=========================

AdwCleaner v3: Scan & Clean

• • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
• Click on the Scan button.
• AdwCleaner will begin to scan your computer like it did before.
• After the scan has finished...
• Click on the Clean button.
• Press OK when asked to close all programs and follow the onscreen prompts.
• Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
• After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
• Copy and paste the contents of that log file in your next reply.
• A copy of that log file will also be saved in the C:\AdwCleaner folder.

=========================

Re-run OTL (it should be located on your desktop).

• • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
• Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Uncheck the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

• When the scan completes, it will open one notepad window. OTL.Txt. (No Extras.txt will be produced)
  Note:The log can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
• Please copy (Edit->Select All, Edit->Copy) the contents of the file, and post it with your next reply.

=========================

In your next post please provide the following:

• OTL fix log
• AdwCleaner[S0].txt
• VirusTotal results
• New OTL.txt

[Frosty]

Hi OCD,

I am working on the items you asked me to do. When I went to the Virus Total my browser is blocking it saying this is not good. "Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.
We recommend that you close this webpage and do not continue to this website. "

Is this normal to see and is it ok to go there?

Also, yesterday I did remove two programs from the computer and then I remembered that you asked me not to install or uninstall any programs. sorry about that. Hope it does not cause any problems. That BIGFIX was bothering me after I saw that the last JRT log said it removed it and it was still in my programs and feature.
The two programs that I removed was 1.) BIGFIX, when I did my A/V kicked in with a red box and said his program is trying to reach outside to a password protected something. So I blocked it and removed it. 2.) Google Tool Bar.

I wanted to let you of changes that was made that you where not aware of.

[Frosty]

Hi OCD,

On the VIRUS TOTAL I got that message from my laptop. When I went to the computor we are working on I did not get that warning message. Was able to run the program. The only thing it did not give a text file so I copy and paste it.

OTL w/Code log:
All processes killed
========== OTL ==========
========== FILES ==========
C:\Windows\System32\seruntxt.dll moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== COMMANDS ==========
Restore point Set: OTL Restore Point

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: EMachUser
->Temp folder emptied: 159119 bytes
->Temporary Internet Files folder emptied: 28282742 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Marco-FD
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: mark
->Temp folder emptied: 123409 bytes
->Temporary Internet Files folder emptied: 3641770 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 926 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2152312 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 33.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 11032013_111509

Files\Folders moved on Reboot...
C:\Users\EMachUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TGVXHS92\search[2].htm moved successfully.
File\Folder C:\Windows\temp\TMP00000002559A4A9EDE7E6F55 not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


adwCleaner:
# AdwCleaner v3.011 - Report created 03/11/2013 at 12:25:40
# Updated 03/11/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : EMachUser - FRONTDESK
# Running from : C:\Users\EMachUser\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16514


*************************

AdwCleaner[R0].txt - [4587 octets] - [01/11/2013 07:55:55]
AdwCleaner[R1].txt - [773 octets] - [03/11/2013 12:24:17]
AdwCleaner[S0].txt - [4766 octets] - [01/11/2013 07:57:38]
AdwCleaner[S1].txt - [695 octets] - [03/11/2013 12:25:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [754 octets] ##########


Virus Total Results:
Agnitum ok 20131109

AhnLab-V3 ok 20131109

AntiVir ok 20131109

Antiy-AVL ok 20131107

Avast ok 20131109

AVG ok 20131109

Baidu-International ok 20131109

BitDefender ok 20131109

Bkav ok 20131109

ByteHero ok 20131105

CAT-QuickHeal ok 20131109

ClamAV ok 20131109

Commtouch ok 20131109

Comodo ok 20131109

DrWeb ok 20131109

Emsisoft ok 20131109

ESET-NOD32 ok 20131109

F-Prot ok 20131109

F-Secure ok 20131109

Fortinet ok 20131109

GData ok 20131109

Ikarus ok 20131109

Jiangmin ok 20131109

K7AntiVirus ok 20131108

K7GW ok 20131108

Kaspersky ok 20131109

Kingsoft ok 20130829

Malwarebytes ok 20131109

McAfee Spyware-eBlaster.sys 20131109

McAfee-GW-Edition Spyware-eBlaster.sys 20131109

Microsoft ok 20131109

MicroWorld-eScan ok 20131109

NANO-Antivirus ok 20131109

Norman ok 20131109

nProtect ok 20131109

Panda ok 20131109

Rising ok 20131108

Sophos ok 20131109

SUPERAntiSpyware ok 20131109

Symantec ok 20131109

TheHacker ok 20131107

TotalDefense ok 20131108

TrendMicro ok 20131109

TrendMicro-HouseCall ok 20131109

VBA32 ok 20131108

VIPRE ok 20131109

ViRobot ok 20131109

OTL Log:
OTL logfile created on: 11/3/2013 12:36:27 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\EMachUser\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

893.76 Mb Total Physical Memory | 180.50 Mb Available Physical Memory | 20.20% Memory free
2.00 Gb Paging File | 0.95 Gb Available in Paging File | 47.40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 139.22 Gb Total Space | 97.92 Gb Free Space | 70.33% Space Free | Partition Type: NTFS
Drive D: | 9.83 Gb Total Space | 4.41 Gb Free Space | 44.88% Space Free | Partition Type: NTFS

Computer Name: FRONTDESK | User Name: EMachUser | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\EMachUser\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtgui4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtsql4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtscript4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtnetwork4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtcore4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\qtdeclarative4.dll ()
MOD - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll ()


========== Services (SafeList) ==========

SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe File not found
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (GameConsoleService) -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies)
SRV - (MSSQL$UPSWSDBSERVER) -- c:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)


========== Driver Services (SafeList) ==========

DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (USB_RNDIS) -- C:\Windows\System32\drivers\usb8023.sys (Microsoft Corporation)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (txtidwow) -- C:\Windows\System32\drivers\txtidwow.sys ()
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (NETw2v32) -- C:\Windows\System32\drivers\NETw2v32.sys (Intel® Corporation)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (Cdralw2k) -- C:\Windows\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (Cdr4_xp) -- C:\Windows\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (DeviceGuys, Inc.)
DRV - (BrPar) -- C:\Windows\System32\drivers\BRPAR.SYS (Brother Industries Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.com/g/startpage.h...ys=DTP&M=T5062
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.com/g/startpage.h...ys=DTP&M=T5062
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{D98FBCDE-CE80-40BC-A775-1E7901C4A600}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {676FC0DB-138B-4F55-9F2F-2BE262E72B4E}
IE - HKCU\..\SearchScopes\{676FC0DB-138B-4F55-9F2F-2BE262E72B4E}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{D98FBCDE-CE80-40BC-A775-1E7901C4A600}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012/09/04 11:35:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012/09/04 11:35:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012/09/04 11:35:33 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 15:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\google\BAE.dll (Gateway Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - Startup: C:\Users\EMachUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.94.156.1 68.94.157.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D122C78F-1EB5-4E6F-B163-D2F3CBC3B553}: DhcpNameServer = 68.94.156.1 68.94.157.1
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/03/23 18:02:49 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 03:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\{5e094961-2908-11dc-ab3e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5e094961-2908-11dc-ab3e-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SPSETUP.EXE
O33 - MountPoints2\{88f79cf2-40f8-11df-8291-001bb95f5c4b}\Shell - "" = AutoRun
O33 - MountPoints2\{88f79cf2-40f8-11df-8291-001bb95f5c4b}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/02 08:43:27 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/11/01 15:32:59 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2013/11/01 15:30:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2013/11/01 15:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2013/11/01 15:30:01 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\EMachUser\Desktop\erunt-setup.exe
[2013/11/01 14:31:01 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\EMachUser\Desktop\dds.scr
[2013/11/01 14:09:17 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013/11/01 14:09:17 | 000,000,000 | ---D | C] -- C:\Users\EMachUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2013/11/01 12:23:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\EMachUser\Desktop\OTL.exe
[2013/11/01 12:22:51 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\EMachUser\Desktop\aswMBR.exe
[2013/11/01 08:22:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/01 08:22:21 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/11/01 08:19:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/01 08:19:18 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\EMachUser\Desktop\mbam-setup-1.75.0.1300.exe
[2013/11/01 08:09:09 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013/11/01 08:06:06 | 001,034,531 | ---- | C] (Thisisu) -- C:\Users\EMachUser\Desktop\JRT.exe
[2013/11/01 07:55:37 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/10/31 09:34:34 | 000,000,000 | ---D | C] -- C:\564c0b1906d847d402cfc34485e17a
[2013/10/31 09:27:38 | 000,000,000 | ---D | C] -- C:\72018930be9e0dffa9df21
[2013/10/30 22:11:26 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013/10/30 21:48:56 | 000,000,000 | ---D | C] -- C:\Users\EMachUser\Desktop\RK_Quarantine
[2013/10/30 08:02:07 | 000,000,000 | ---D | C] -- C:\Users\EMachUser\AppData\Roaming\Malwarebytes
[2013/10/30 08:01:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/10/30 08:00:48 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/10/11 09:44:44 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/10/11 09:44:43 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/10/11 09:44:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/10/11 09:44:42 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/10/11 09:44:41 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/10/11 09:44:40 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/10/11 09:44:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/10/11 09:44:38 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/10/10 14:45:17 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/10/10 14:45:16 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/10/10 14:45:15 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/10/10 14:45:15 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/10/10 14:45:15 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/10/10 14:45:15 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/10/10 14:45:14 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/10/10 14:45:14 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/10/10 14:45:10 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2013/10/10 14:45:09 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2013/10/10 14:45:05 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2013/10/10 14:45:02 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
[2013/10/10 14:44:58 | 002,050,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/10/10 14:44:28 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2013/10/10 14:44:28 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2013/10/10 14:42:39 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys
[2007/12/16 16:49:08 | 000,147,456 | ---- | C] (Info-ZIP) -- C:\Users\EMachUser\vbzip10.dll

========== Files - Modified Within 30 Days ==========

[2013/11/03 12:28:13 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/03 12:28:13 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/03 12:28:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/03 12:28:00 | 937,943,040 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/03 11:47:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/03 11:16:27 | 000,654,114 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/11/03 11:16:27 | 000,122,868 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/11/02 11:27:44 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2013/11/01 15:30:47 | 000,000,913 | ---- | M] () -- C:\Users\EMachUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/11/01 15:30:38 | 000,000,714 | ---- | M] () -- C:\Users\EMachUser\Desktop\ERUNT.lnk
[2013/11/01 15:30:06 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\EMachUser\Desktop\erunt-setup.exe
[2013/11/01 14:31:11 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\EMachUser\Desktop\dds.scr
[2013/11/01 14:17:44 | 000,000,553 | ---- | M] () -- C:\Users\EMachUser\Desktop\MBR.zip
[2013/11/01 14:10:37 | 000,002,531 | ---- | M] () -- C:\Users\EMachUser\Desktop\HiJackThis.lnk
[2013/11/01 14:07:28 | 001,402,880 | ---- | M] () -- C:\Users\EMachUser\Desktop\HijackThis.msi
[2013/11/01 13:23:25 | 000,000,512 | ---- | M] () -- C:\Users\EMachUser\Desktop\MBR.dat
[2013/11/01 12:23:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\EMachUser\Desktop\OTL.exe
[2013/11/01 12:23:14 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\EMachUser\Desktop\aswMBR.exe
[2013/11/01 12:22:33 | 000,891,184 | ---- | M] () -- C:\Users\EMachUser\Desktop\SecurityCheck.exe
[2013/11/01 08:20:10 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\EMachUser\Desktop\mbam-setup-1.75.0.1300.exe
[2013/11/01 08:06:07 | 001,034,531 | ---- | M] (Thisisu) -- C:\Users\EMachUser\Desktop\JRT.exe
[2013/11/01 07:53:44 | 001,073,262 | ---- | M] () -- C:\Users\EMachUser\Desktop\AdwCleaner.exe
[2013/10/11 10:23:40 | 000,454,072 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/10/10 12:49:51 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013/10/10 12:49:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2013/11/01 15:30:47 | 000,000,913 | ---- | C] () -- C:\Users\EMachUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2013/11/01 15:30:38 | 000,000,714 | ---- | C] () -- C:\Users\EMachUser\Desktop\ERUNT.lnk
[2013/11/01 14:17:44 | 000,000,553 | ---- | C] () -- C:\Users\EMachUser\Desktop\MBR.zip
[2013/11/01 14:09:17 | 000,002,531 | ---- | C] () -- C:\Users\EMachUser\Desktop\HiJackThis.lnk
[2013/11/01 14:06:59 | 001,402,880 | ---- | C] () -- C:\Users\EMachUser\Desktop\HijackThis.msi
[2013/11/01 13:23:25 | 000,000,512 | ---- | C] () -- C:\Users\EMachUser\Desktop\MBR.dat
[2013/11/01 12:22:28 | 000,891,184 | ---- | C] () -- C:\Users\EMachUser\Desktop\SecurityCheck.exe
[2013/11/01 07:53:43 | 001,073,262 | ---- | C] () -- C:\Users\EMachUser\Desktop\AdwCleaner.exe
[2013/10/31 10:17:39 | 937,943,040 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/10 19:50:10 | 000,017,388 | ---- | C] () -- C:\Windows\System32\usboktcp.dll
[2011/11/06 17:14:51 | 000,017,408 | ---- | C] () -- C:\Users\EMachUser\AppData\Local\WebpageIcons.db
[2011/11/06 17:11:47 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2011/11/06 17:11:46 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010/03/26 18:42:33 | 000,023,580 | ---- | C] () -- C:\Users\EMachUser\AppData\Roaming\UserTile.png
[2008/12/08 11:04:41 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/08/07 15:09:54 | 000,000,000 | ---- | C] () -- C:\Users\EMachUser\AppData\Roaming\wklnhst.dat
[2008/03/08 11:32:19 | 000,004,096 | -H-- | C] () -- C:\Users\EMachUser\AppData\Local\keyfile3.drm
[2008/03/08 10:46:08 | 000,007,268 | ---- | C] () -- C:\Users\EMachUser\AppData\Local\d3d9caps.dat
[2008/02/01 09:38:53 | 000,000,632 | RHS- | C] () -- C:\Users\EMachUser\ntuser.pol
[2008/01/30 00:23:12 | 000,008,017 | ---- | C] () -- C:\Users\EMachUser\ia_remove.sh
[2007/12/23 18:57:43 | 000,000,363 | ---- | C] () -- C:\ProgramData\lxdc
[2007/09/28 14:49:19 | 000,036,352 | ---- | C] () -- C:\Users\EMachUser\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 06:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 11:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 00:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 00:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2615E8F1

< End of report >

[OCD]

Hi Frosty,

1. The VirusToal warning you received is probably due to a browser setting, but The VirusTotal website is OK.
2. OTL fix went as planned
3. As far as removing those programs, that's fine.
4. VirusTotal log looks good

How is the computer running?

[Frosty]

Hi OCD,

I will look into the setting on the browser.

The computor is running good other than the start up that I mentioned. The browser locked up on twice yesterday. Out side of those thing it running good.

[OCD]

Hi Frosty,

The computor is running good other than the start up that I mentioned. The browser locked up on twice yesterday.

Can you please refresh my memory as to the start-up issue? Also, which browser is locking up?