Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast shows Url:Mal popup addressing to sites like ciselwic.com rebtn.com


  • This topic is locked This topic is locked
15 replies to this topic

#1 wsht

wsht

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 04 September 2014 - 08:11 PM

Hi there,

I'm new to the community so hello everyone. I started this topic because I have a problem with my Windows 7 laptop.

My PC is a Packard Bell laptop with Norton Antivirus 2009 trial installed. I removed it first from Windows control panel, then i ran Norton Removal Tool, then I installed Avast Antivirus and it shows me a message every second with this URL mal problem, addressing to ciselwic.com or rebtn.com with a strange base64-like url at the end.

 

I cannot lowlevel format this laptop because it's a work laptop and I have to keep the original software, so I started windows from a restore point. But then it has Norton Antivirus 2009 trial and when I uninstall it to change the antivirus, the situation is like before

 

So I ran ComboFix and JRT before installing Avast, but the problem is still there, and I am also worried I might have done a mistake by running combofix before asking to this forum. What am I supposed to do?

 

Thanks you all! :)



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:37 AM

Posted 04 September 2014 - 08:33 PM

Hi there,

please post the Combofix log and run a FRST scan as follows.
And can you tell me what process is being blocked by avast when trying to connect to those addresses?


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 wsht

wsht
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 04 September 2014 - 08:40 PM

COMBOFIX, now i will post  FRST log.

 

 

ComboFix 14-08-31.01 - Misa 04/09/2014  23:42:12.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.39.1040.18.4091.2945 [GMT 2:00]
Eseguito da: c:\users\Misa\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((   Altre eliminazioni   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\packardbell.ico
c:\windows\Temp\log.txt
.
.
(((((((((((((((((((((((((   Files Creati Da 2014-08-04 al 2014-09-04  )))))))))))))))))))))))))))))))))))
.
.
2014-09-04 22:10 . 2014-09-04 22:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-04 21:22 . 2014-08-21 09:24 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C6F4794C-EACB-4B5E-A359-A1DC82EA6EC8}\mpengine.dll
2014-09-04 21:21 . 2014-08-25 04:53 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-09-04 21:13 . 2014-09-04 21:13 -------- d-----w- c:\windows\ERUNT
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\it-IT
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\SysWow64\XPSViewer
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\it-IT
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\SysWow64\drivers\it-IT
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\SysWow64\0410
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\SysWow64\wbem\it-IT
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\SysWow64\it
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\system32\drivers\UMDF\it-IT
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\system32\drivers\it-IT
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\system32\0410
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\system32\wbem\it-IT
2014-08-29 02:09 . 2014-08-29 02:09 -------- d-----w- c:\windows\system32\it
2014-08-29 02:08 . 2014-08-29 02:08 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\it-IT\LXKPTPRC.DLL.mui
2014-08-29 02:02 . 2014-08-29 02:02 -------- d-----w- c:\windows\Lan
2014-08-29 02:02 . 2014-08-29 02:02 -------- d-----w- C:\acer
2014-08-29 02:01 . 2009-08-11 06:00 382976 ----a-w- c:\windows\WisGAPasx64.exe
2014-08-29 02:01 . 2009-05-25 18:27 335872 ----a-w- c:\windows\ParseModule_X64.exe
2014-08-29 02:01 . 2009-08-11 06:00 322048 ----a-w- c:\windows\WisGAPas.exe
2014-08-29 02:01 . 2009-05-25 18:27 225280 ----a-w- c:\windows\ParseModule_X86.exe
2014-08-29 02:01 . 2014-08-29 02:01 -------- d-----w- C:\Patch
2014-08-28 16:55 . 2014-08-28 16:55 -------- d-----w- c:\program files (x86)\VideoLAN
2014-08-28 16:50 . 2014-08-28 16:52 -------- d-----w- c:\programdata\WinZip
2014-08-28 16:47 . 2014-08-28 16:48 -------- d-----w- c:\program files (x86)\Windows Live
2014-08-28 16:47 . 2014-08-28 16:47 -------- d-----w- c:\program files\Windows Live
2014-08-28 16:44 . 2010-05-23 10:11 196608 ----a-w- c:\windows\SysWow64\mfreadwrite.dll
2014-08-28 16:44 . 2010-05-23 08:35 257024 ----a-w- c:\windows\system32\mfreadwrite.dll
2014-08-28 16:44 . 2010-05-23 08:35 206848 ----a-w- c:\windows\system32\mfps.dll
2014-08-28 16:44 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2014-08-28 16:44 . 2010-05-23 08:37 1888256 ----a-w- c:\windows\system32\WMVDECOD.DLL
2014-08-28 16:44 . 2010-05-23 08:35 4068864 ----a-w- c:\windows\system32\mf.dll
2014-08-28 16:44 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\SysWow64\mf.dll
2014-08-28 16:43 . 2014-08-28 16:43 -------- d-----w- c:\program files (x86)\Common Files\Windows Live
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-29 02:08 . 2014-08-29 02:08 2560 ----a-w- c:\windows\SysWow64\drivers\it-IT\qwavedrv.sys.mui
2014-08-29 02:08 . 2014-08-29 02:08 49152 ----a-w- c:\windows\SysWow64\drivers\it-IT\tcpip.sys.mui
2014-08-29 02:08 . 2014-08-29 02:08 30720 ----a-w- c:\windows\SysWow64\drivers\it-IT\bfe.dll.mui
2014-08-29 02:08 . 2014-08-29 02:08 16384 ----a-w- c:\windows\SysWow64\drivers\it-IT\pacer.sys.mui
2014-08-29 02:08 . 2014-08-29 02:08 2560 ----a-w- c:\windows\SysWow64\drivers\it-IT\scfilter.sys.mui
2014-08-29 02:08 . 2014-08-29 02:08 6144 ----a-w- c:\windows\SysWow64\drivers\it-IT\ndiscap.sys.mui
2014-08-28 16:46 . 2011-03-28 16:36 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((((((   Punti Reg Caricati   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* i valori vuoti & legittimi/default non sono visualizzati.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe" [2009-08-21 262912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe;c:\program files (x86)\Packard Bell\Registration\GregHSRW.exe [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 netw5v64;Driver scheda Intel® Wireless WiFi Link serie 5000 per Windows Vista a 64 bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
S4 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1007000.01E\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\NISx64\1007000.01E\SYMEFA64.SYS [x]
.
.
--- Altri Servizi/Drivers In Memoria ---
.
*Deregistered* - BHDrvx64
*Deregistered* - ccHP
*Deregistered* - IDSVia64
*Deregistered* - NAVENG
*Deregistered* - NAVEX15
*Deregistered* - SRTSPX
*Deregistered* - SymEvent
*Deregistered* - SymIM
*Deregistered* - SYMNDISV
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-28 16:41 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.94\Installer\chrmstp.exe
.
Contenuto della cartella 'Scheduled Tasks'
.
2014-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28 16:32]
.
2014-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28 16:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
.
------- Scansione supplementare -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&sporta in Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
.
--------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
.
[HKEY_USERS\S-1-5-21-1247506488-3279531404-2361721617-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1247506488-3279531404-2361721617-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Ora fine scansione: 2014-09-05  00:31:26
ComboFix-quarantined-files.txt  2014-09-04 22:31
.
Pre-Run: 280.189.841.408 byte disponibili
Post-Run: 279.181.471.744 byte disponibili
.
- - End Of File - - EC6F7A08B7BBE2E75E4056C0F18CE2DA
5C616939100B85E558DA92B899A0FC36
 



#4 wsht

wsht
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 04 September 2014 - 08:47 PM

ADDITION

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02
Ran by Misa at 2014-09-05 03:47:06
Running from C:\Users\Misa\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Italian) 2007 (Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 2.0.40115.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Nero 9 Essentials (HKLM-x32\...\{8ed5c8a6-2aee-40dd-8df4-26cd57921222}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.22 - NewTech Infosystems)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3002 - Acer Incorporated)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.02.3004 - Packard Bell)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Packard Bell)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version:  - Oberon Media)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.00.3005 - Packard Bell)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinZip 15.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C2}) (Version: 15.5.9468 - WinZip Computing, S.L. )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1247506488-3279531404-2361721617-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Misa\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1247506488-3279531404-2361721617-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Misa\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1247506488-3279531404-2361721617-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Misa\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1247506488-3279531404-2361721617-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Misa\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

28-08-2014 16:33:00 Installed Microsoft Office Enterprise 2007
28-08-2014 16:43:57 Windows Live Essentials
28-08-2014 16:44:35 Windows Update
28-08-2014 16:46:25 WLSetup
28-08-2014 16:50:27 Installed WinZip 15.5
04-09-2014 21:02:35 Windows Update
04-09-2014 21:04:24 Removed Norton Online Backup
04-09-2014 21:21:46 Windows Update
04-09-2014 23:46:09 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-09-05 00:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B773F42-CF5C-40BC-9169-0AAEEAC80253} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {99E11A94-0C53-4148-AD4F-A2821E5EC9CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28] (Google Inc.)
Task: {EBCCA103-5772-4866-A054-AD10957EFCF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-28] (Google Inc.)
Task: {F07C3359-CB2A-4695-AD4A-BC03583B980B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-09-05] (AVAST Software)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\ACE.dll
2014-09-05 01:47 - 2014-09-05 01:47 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-05 01:47 - 2014-09-05 01:47 - 02844672 _____ () C:\Program Files\AVAST Software\Avast\defs\14090401\algo.dll
2014-09-05 01:47 - 2014-09-05 01:47 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-05 00:45 - 2014-08-30 04:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-05 00:45 - 2014-08-30 04:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-05 00:45 - 2014-08-30 04:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (09/05/2014 03:24:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: iexplore.exe, versione: 8.0.7600.16385, timestamp: 0x4a5bc69e
Nome del modulo che ha generato l'errore: IEFRAME.dll, versione: 8.0.7600.16385, timestamp: 0x4a5bda08
Codice eccezione: 0xc0000005
Offset errore 0x0024c0e7
ID processo che ha generato l'errore: 0xc50
Ora di avvio dell'applicazione che ha generato l'errore: 0xiexplore.exe0
Percorso dell'applicazione che ha generato l'errore: iexplore.exe1
Percorso del modulo che ha generato l'errore: iexplore.exe2
ID segnalazione: iexplore.exe3

Error: (09/05/2014 01:51:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: svchost.exe_Dnscache, versione: 6.1.7600.16385, timestamp: 0x4a5bc3c1
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7600.16385, timestamp: 0x4a5be02b
Codice eccezione: 0xc0000005
Offset errore 0x0000000000001fe8
ID processo che ha generato l'errore: 0xcbc
Ora di avvio dell'applicazione che ha generato l'errore: 0xsvchost.exe_Dnscache0
Percorso dell'applicazione che ha generato l'errore: svchost.exe_Dnscache1
Percorso del modulo che ha generato l'errore: svchost.exe_Dnscache2
ID segnalazione: svchost.exe_Dnscache3

Error: (09/05/2014 01:47:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: svchost.exe_Dnscache, versione: 6.1.7600.16385, timestamp: 0x4a5bc3c1
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7600.16385, timestamp: 0x4a5be02b
Codice eccezione: 0xc0000005
Offset errore 0x0000000000001fe8
ID processo che ha generato l'errore: 0x138
Ora di avvio dell'applicazione che ha generato l'errore: 0xsvchost.exe_Dnscache0
Percorso dell'applicazione che ha generato l'errore: svchost.exe_Dnscache1
Percorso del modulo che ha generato l'errore: svchost.exe_Dnscache2
ID segnalazione: svchost.exe_Dnscache3

Error: (09/05/2014 01:46:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: svchost.exe_Dnscache, versione: 6.1.7600.16385, timestamp: 0x4a5bc3c1
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7600.16385, timestamp: 0x4a5be02b
Codice eccezione: 0xc0000005
Offset errore 0x0000000000001fe8
ID processo che ha generato l'errore: 0x320
Ora di avvio dell'applicazione che ha generato l'errore: 0xsvchost.exe_Dnscache0
Percorso dell'applicazione che ha generato l'errore: svchost.exe_Dnscache1
Percorso del modulo che ha generato l'errore: svchost.exe_Dnscache2
ID segnalazione: svchost.exe_Dnscache3

Error: (09/05/2014 01:45:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: svchost.exe_Dnscache, versione: 6.1.7600.16385, timestamp: 0x4a5bc3c1
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7600.16385, timestamp: 0x4a5be02b
Codice eccezione: 0xc0000005
Offset errore 0x0000000000001fe8
ID processo che ha generato l'errore: 0x9ec
Ora di avvio dell'applicazione che ha generato l'errore: 0xsvchost.exe_Dnscache0
Percorso dell'applicazione che ha generato l'errore: svchost.exe_Dnscache1
Percorso del modulo che ha generato l'errore: svchost.exe_Dnscache2
ID segnalazione: svchost.exe_Dnscache3

Error: (09/05/2014 01:44:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: svchost.exe_Dnscache, versione: 6.1.7600.16385, timestamp: 0x4a5bc3c1
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7600.16385, timestamp: 0x4a5be02b
Codice eccezione: 0xc0000005
Offset errore 0x0000000000001fe8
ID processo che ha generato l'errore: 0x384
Ora di avvio dell'applicazione che ha generato l'errore: 0xsvchost.exe_Dnscache0
Percorso dell'applicazione che ha generato l'errore: svchost.exe_Dnscache1
Percorso del modulo che ha generato l'errore: svchost.exe_Dnscache2
ID segnalazione: svchost.exe_Dnscache3

Error: (09/05/2014 00:30:05 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generazione del contesto di attivazione non riuscita per "assemblyIdentity1". Errore nel file manifesto o dei criteri "assemblyIdentity2", riga assemblyIdentity3.
Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" dell'attributo "version" nell'elemento "assemblyIdentity" non è valido.

Error: (09/05/2014 00:17:48 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Generazione del contesto di attivazione non riuscita per "assemblyIdentity1". Errore nel file manifesto o dei criteri "assemblyIdentity2", riga assemblyIdentity3.
Il valore "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" dell'attributo "version" nell'elemento "assemblyIdentity" non è valido.

Error: (09/04/2014 11:12:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: svchost.exe_Dnscache, versione: 6.1.7600.16385, timestamp: 0x4a5bc3c1
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7600.16385, timestamp: 0x4a5be02b
Codice eccezione: 0xc0000005
Offset errore 0x0000000000001fe8
ID processo che ha generato l'errore: 0xd58
Ora di avvio dell'applicazione che ha generato l'errore: 0xsvchost.exe_Dnscache0
Percorso dell'applicazione che ha generato l'errore: svchost.exe_Dnscache1
Percorso del modulo che ha generato l'errore: svchost.exe_Dnscache2
ID segnalazione: svchost.exe_Dnscache3

Error: (09/04/2014 11:06:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome dell'applicazione che ha generato l'errore: svchost.exe_Dnscache, versione: 6.1.7600.16385, timestamp: 0x4a5bc3c1
Nome del modulo che ha generato l'errore: ntdll.dll, versione: 6.1.7600.16385, timestamp: 0x4a5be02b
Codice eccezione: 0xc0000005
Offset errore 0x0000000000001fe8
ID processo che ha generato l'errore: 0x7f8
Ora di avvio dell'applicazione che ha generato l'errore: 0xsvchost.exe_Dnscache0
Percorso dell'applicazione che ha generato l'errore: svchost.exe_Dnscache1
Percorso del modulo che ha generato l'errore: svchost.exe_Dnscache2
ID segnalazione: svchost.exe_Dnscache3

System errors:
=============
Error: (09/05/2014 01:51:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Workstation. Questo evento si è già verificato 3 volta(e).

Error: (09/05/2014 01:51:21 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Client DNS. Questo evento si è già verificato 5 volta(e).

Error: (09/05/2014 01:47:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Telefonia è stato arrestato in modo imprevisto. Questo problema si è verificato 2 volta/e. Le seguenti azioni di correzione saranno eseguite tra 300000 millisecondi: Riavvia il servizio.

Error: (09/05/2014 01:47:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Client DNS. Questo evento si è già verificato 4 volta(e).

Error: (09/05/2014 01:46:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Riconoscimento presenza in rete. Questo evento si è già verificato 3 volta(e).

Error: (09/05/2014 01:46:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Workstation è stato arrestato in modo imprevisto. Questo problema si è verificato 2 volta/e. Le seguenti azioni di correzione saranno eseguite tra 120000 millisecondi: Riavvia il servizio.

Error: (09/05/2014 01:46:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Client DNS. Questo evento si è già verificato 3 volta(e).

Error: (09/05/2014 01:46:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Arresto imprevista del servizio Servizi di crittografia. Questo evento si è già verificato 2 volta(e).

Error: (09/05/2014 01:45:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Riconoscimento presenza in rete è stato arrestato in modo imprevisto. Questo problema si è verificato 2 volta/e. Le seguenti azioni di correzione saranno eseguite tra 100 millisecondi: Riavvia il servizio.

Error: (09/05/2014 01:45:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Il servizio Client DNS è stato arrestato in modo imprevisto. Questo problema si è verificato 2 volta/e. Le seguenti azioni di correzione saranno eseguite tra 300000 millisecondi: Riavvia il servizio.

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-09-05 00:09:10.261
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

  Date: 2014-09-05 00:09:10.261
  Description: Impossibile verificare l'integrità dell'immagine del file \Device\HarddiskVolume3\ComboFix\catchme.sys. Impossibile trovare l'hash del file nel sistema. Causa possibile: installazione di un file danneggiato o con firma non corretta in seguito a una modifica hardware o software o malware di origine sconosciuta.

==================== Memory info ===========================

Processor: Intel® Core™2 Duo CPU T6600 @ 2.20GHz
Percentage of memory in use: 35%
Total physical RAM: 4090.91 MB
Available physical RAM: 2622.04 MB
Total Pagefile: 8179.97 MB
Available Pagefile: 6665.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:286.27 GB) (Free:257.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 22792279)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================


FRST

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Misa (administrator) on MISA-PC on 05-09-2014 03:46:14
Running from C:\Users\Misa\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: Italiano (Italia)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [262912 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-09-05] (AVAST Software)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x53CB00E1A7C8CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_itIT603
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW_itIT603
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Guida per l'accesso a Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-05]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.it/
CHR StartupUrls: Default -> "hxxp://www.google.it/"
CHR DefaultSearchKeyword: Default -> 3D1502EA9963309365DA23A2C784F0D28339E962DE22B730F12CE04DB9EB4E0A
CHR DefaultSearchProvider: Default -> EFD8631DEF7361408B6468B4C11900873F987B1B1503E20789F3F2930EA5F161
CHR DefaultSearchURL: Default -> AF5BB695BE2D26DCE58B5F43E21242B47915CF3BFDCC140B4AB1A1239CED13DA
CHR Profile: C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentazioni Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-08-28]
CHR Extension: (Documenti Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-28]
CHR Extension: (Google Drive) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-28]
CHR Extension: (YouTube) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-28]
CHR Extension: (Ricerca Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-28]
CHR Extension: (Fogli Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-28]
CHR Extension: (avast! Online Security) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-05]
CHR Extension: (Google Wallet) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-28]
CHR Extension: (Gmail) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

ATTENTION: => Could not perform signature verification. Cryptographic Service is not running.

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-05] (AVAST Software)
S4 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [62720 2009-08-21] (NewTech Infosystems, Inc.)
S4 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-05] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-05] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-05 03:46 - 2014-09-05 03:46 - 00010185 _____ () C:\Users\Misa\Downloads\FRST.txt
2014-09-05 03:45 - 2014-09-05 03:46 - 00000000 ____D () C:\FRST
2014-09-05 03:45 - 2014-09-05 03:45 - 01096704 _____ (Farbar) C:\Users\Misa\Downloads\FRST.exe
2014-09-05 03:43 - 2014-09-05 03:44 - 02104832 _____ (Farbar) C:\Users\Misa\Downloads\FRST64.exe
2014-09-05 02:14 - 2014-09-05 02:18 - 00000000 ____D () C:\Users\Misa\AppData\Local\{F57DA835-9839-4490-96D3-718B26B1E78E}
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Windows Live Writer
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\Windows Live Writer
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\{A6C910DA-A45A-4A5B-AFD5-456AC8423918}
2014-09-05 02:13 - 2014-09-05 02:13 - 00000243 _____ () C:\Windows\wininit.ini
2014-09-05 02:13 - 2014-09-05 02:13 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-05 02:13 - 2014-09-05 02:13 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\DropboxMaster
2014-09-05 02:12 - 2014-09-05 02:13 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Dropbox
2014-09-05 02:11 - 2014-09-05 02:11 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\AVAST Software
2014-09-05 01:47 - 2014-09-05 02:11 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-05 01:47 - 2014-09-05 01:47 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1409874465093
2014-09-05 01:47 - 2014-09-05 01:47 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-05 01:47 - 2014-09-05 01:47 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-05 01:47 - 2014-09-05 01:47 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00001978 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-05 01:47 - 2014-09-05 01:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-05 01:46 - 2014-09-05 01:46 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-05 01:45 - 2014-09-05 01:46 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-05 01:44 - 2014-09-05 01:44 - 00271096 _____ () C:\Windows\Minidump\090514-29608-01.dmp
2014-09-05 01:44 - 2014-09-05 01:44 - 00000000 ____D () C:\Windows\Minidump
2014-09-05 01:43 - 2014-09-05 01:45 - 00000000 ____D () C:\32788R22FWJFW
2014-09-05 01:43 - 2014-09-05 01:43 - 441164448 _____ () C:\Windows\MEMORY.DMP
2014-09-05 00:31 - 2014-09-05 00:31 - 00012483 _____ () C:\ComboFix.txt
2014-09-04 23:34 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-04 23:34 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-04 23:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-04 23:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-04 23:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-04 23:34 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-04 23:34 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-04 23:34 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-04 23:33 - 2014-09-05 00:32 - 00000000 ____D () C:\ComboFix
2014-09-04 23:32 - 2014-09-05 00:32 - 00000000 ____D () C:\Qoobox
2014-09-04 23:31 - 2014-09-05 00:17 - 00000000 ____D () C:\Windows\erdnt
2014-09-04 23:21 - 2014-08-25 06:53 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-04 23:13 - 2014-09-04 23:14 - 04862664 _____ (AVAST Software) C:\Users\Misa\Downloads\avast_free_antivirus_setup_online.exe
2014-09-04 23:13 - 2014-09-04 23:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-04 23:07 - 2014-09-04 23:07 - 05576326 ____R (Swearware) C:\Users\Misa\Downloads\ComboFix.exe
2014-09-04 23:05 - 2014-09-04 23:06 - 01016261 _____ (Thisisu) C:\Users\Misa\Downloads\JRT.exe
2014-09-04 23:02 - 2014-09-04 23:02 - 00869456 _____ () C:\Users\Misa\Downloads\Norton_Removal_Tool.exe
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\it
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\0410
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\system32\it
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\system32\0410
2014-08-29 04:09 - 2014-08-29 04:08 - 00335478 _____ () C:\Windows\system32\perfi010.dat
2014-08-29 04:09 - 2014-08-29 04:08 - 00037534 _____ () C:\Windows\system32\perfd010.dat
2014-08-29 04:09 - 2014-08-28 18:32 - 00689472 _____ () C:\Windows\system32\perfh010.dat
2014-08-29 04:09 - 2014-08-28 18:32 - 00124626 _____ () C:\Windows\system32\perfc010.dat
2014-08-29 04:03 - 2014-08-29 04:12 - 00000486 _____ () C:\Windows\Patch.log
2014-08-29 04:03 - 2014-08-29 04:03 - 00000000 ____D () C:\acersw
2014-08-29 04:02 - 2014-08-29 04:03 - 00007060 _____ () C:\Windows\WisGAPas.log
2014-08-29 04:02 - 2014-08-29 04:02 - 00000896 _____ () C:\Windows\MOD01SET74000N0006.XML
2014-08-29 04:02 - 2014-08-29 04:02 - 00000000 ____D () C:\Windows\Lan
2014-08-29 04:02 - 2014-08-29 04:02 - 00000000 ____D () C:\acer
2014-08-29 04:01 - 2014-08-29 04:01 - 00000708 _____ () C:\Windows\CapsuleDll.log
2014-08-29 04:01 - 2014-08-29 04:01 - 00000000 ____D () C:\Patch
2014-08-29 04:01 - 2009-08-11 08:00 - 00382976 _____ (Wistron Corp.) C:\Windows\WisGAPasx64.exe
2014-08-29 04:01 - 2009-08-11 08:00 - 00322048 _____ (Wistron Corp.) C:\Windows\WisGAPas.exe
2014-08-29 04:01 - 2009-05-25 20:27 - 00335872 _____ (Acer Inc.) C:\Windows\ParseModule_X64.exe
2014-08-29 04:01 - 2009-05-25 20:27 - 00225280 _____ (Acer Inc.) C:\Windows\ParseModule_X86.exe
2014-08-29 03:50 - 2014-08-29 04:12 - 00001662 _____ () C:\Windows\WPatchProgress.ini
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\vlc
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-28 18:54 - 2014-08-28 18:55 - 24743106 _____ () C:\Users\Misa\Downloads\vlc-2.1.5-win32.exe
2014-08-28 18:51 - 2014-08-28 18:51 - 00002265 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-08-28 18:51 - 2014-08-28 18:51 - 00000000 ____D () C:\Users\Misa\AppData\Local\WinZip
2014-08-28 18:51 - 2014-08-28 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-08-28 18:50 - 2014-08-28 18:52 - 00000000 ____D () C:\ProgramData\WinZip
2014-08-28 18:50 - 2014-08-28 18:50 - 00000000 ____D () C:\Program Files (x86)\WinZip
2014-08-28 18:47 - 2014-08-28 18:48 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-28 18:47 - 2014-08-28 18:47 - 00001196 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-08-28 18:47 - 2014-08-28 18:47 - 00000000 ____D () C:\Program Files\Windows Live
2014-08-28 18:44 - 2010-05-23 12:15 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-08-28 18:44 - 2010-05-23 12:11 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-08-28 18:44 - 2010-05-23 12:11 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-08-28 18:44 - 2010-05-23 10:37 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-08-28 18:44 - 2010-05-23 10:35 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-08-28 18:44 - 2010-05-23 10:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-08-28 18:44 - 2010-05-23 10:35 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-08-28 18:43 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\Windows Live
2014-08-28 18:41 - 2014-08-28 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 18:40 - 2014-08-28 18:41 - 00000000 ____D () C:\Users\Misa\AppData\Local\Deployment
2014-08-28 18:40 - 2014-08-28 18:40 - 00000000 ____D () C:\Users\Misa\AppData\Local\Apps\2.0
2014-08-28 18:39 - 2014-08-28 18:39 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Macromedia
2014-08-28 18:39 - 2014-08-28 18:39 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Adobe
2014-08-28 18:35 - 2014-08-28 18:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-08-28 18:33 - 2014-08-28 18:33 - 00000000 ____D () C:\Users\Misa\AppData\Local\Microsoft Help
2014-08-28 18:32 - 2014-09-05 03:42 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 18:32 - 2014-09-05 01:44 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 18:32 - 2014-08-28 18:37 - 00004146 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 18:32 - 2014-08-28 18:37 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 18:31 - 2014-09-04 23:08 - 00000000 ____D () C:\Users\Misa\AppData\Local\Google
2014-08-28 18:31 - 2014-08-28 18:31 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Google
2014-08-28 18:30 - 2014-08-28 18:40 - 00108840 _____ () C:\Users\Misa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-28 18:21 - 2014-09-05 03:00 - 00050999 _____ () C:\Windows\WindowsUpdate.log
2014-08-28 18:21 - 2014-08-28 18:21 - 00001439 _____ () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-28 18:21 - 2014-08-28 18:21 - 00001405 _____ () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-08-28 18:20 - 2014-08-28 18:20 - 00000000 ____D () C:\Users\Misa\AppData\Local\VirtualStore
2014-08-28 18:19 - 2014-08-28 18:21 - 00000000 ____D () C:\Users\Misa
2014-08-28 18:19 - 2014-08-28 18:19 - 00000020 ___SH () C:\Users\Misa\ntuser.ini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Risorse di stampa
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Risorse di rete
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Recenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Impostazioni locali
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Risorse di stampa
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Risorse di rete
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Recenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Impostazioni locali
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Preferiti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Program Files\File comuni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 ____D () C:\Recovery
2014-08-28 18:19 - 2009-08-22 09:52 - 00000000 ___RD () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-28 18:19 - 2009-08-22 09:52 - 00000000 ___RD () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-05 03:46 - 2014-09-05 03:46 - 00010185 _____ () C:\Users\Misa\Downloads\FRST.txt
2014-09-05 03:46 - 2014-09-05 03:45 - 00000000 ____D () C:\FRST
2014-09-05 03:45 - 2014-09-05 03:45 - 01096704 _____ (Farbar) C:\Users\Misa\Downloads\FRST.exe
2014-09-05 03:44 - 2014-09-05 03:43 - 02104832 _____ (Farbar) C:\Users\Misa\Downloads\FRST64.exe
2014-09-05 03:42 - 2014-08-28 18:32 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-05 03:00 - 2014-08-28 18:21 - 00050999 _____ () C:\Windows\WindowsUpdate.log
2014-09-05 02:18 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\{F57DA835-9839-4490-96D3-718B26B1E78E}
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Windows Live Writer
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\Windows Live Writer
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\{A6C910DA-A45A-4A5B-AFD5-456AC8423918}
2014-09-05 02:14 - 2014-08-28 18:43 - 00000000 ____D () C:\Users\Misa\AppData\Local\Windows Live
2014-09-05 02:13 - 2014-09-05 02:13 - 00000243 _____ () C:\Windows\wininit.ini
2014-09-05 02:13 - 2014-09-05 02:13 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-05 02:13 - 2014-09-05 02:13 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\DropboxMaster
2014-09-05 02:13 - 2014-09-05 02:12 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Dropbox
2014-09-05 02:11 - 2014-09-05 02:11 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\AVAST Software
2014-09-05 02:11 - 2014-09-05 01:47 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-05 01:51 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-05 01:51 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-05 01:47 - 2014-09-05 01:47 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00426848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1409874465093
2014-09-05 01:47 - 2014-09-05 01:47 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-05 01:47 - 2014-09-05 01:47 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-05 01:47 - 2014-09-05 01:47 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00001978 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-05 01:47 - 2014-09-05 01:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-05 01:46 - 2014-09-05 01:46 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-05 01:46 - 2014-09-05 01:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-05 01:45 - 2014-09-05 01:43 - 00000000 ____D () C:\32788R22FWJFW
2014-09-05 01:44 - 2014-09-05 01:44 - 00271096 _____ () C:\Windows\Minidump\090514-29608-01.dmp
2014-09-05 01:44 - 2014-09-05 01:44 - 00000000 ____D () C:\Windows\Minidump
2014-09-05 01:44 - 2014-08-28 18:32 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-05 01:44 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-05 01:44 - 2009-07-14 06:51 - 00043813 _____ () C:\Windows\setupact.log
2014-09-05 01:43 - 2014-09-05 01:43 - 441164448 _____ () C:\Windows\MEMORY.DMP
2014-09-05 01:43 - 2009-08-22 08:21 - 00197652 _____ () C:\Windows\PFRO.log
2014-09-05 01:43 - 2009-08-22 08:20 - 00000000 ____D () C:\ProgramData\Partner
2014-09-05 01:43 - 2009-08-22 08:20 - 00000000 ____D () C:\Program Files\Google
2014-09-05 01:43 - 2009-08-22 08:20 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-05 00:32 - 2014-09-04 23:33 - 00000000 ____D () C:\ComboFix
2014-09-05 00:32 - 2014-09-04 23:32 - 00000000 ____D () C:\Qoobox
2014-09-05 00:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-05 00:31 - 2014-09-05 00:31 - 00012483 _____ () C:\ComboFix.txt
2014-09-05 00:17 - 2014-09-04 23:31 - 00000000 ____D () C:\Windows\erdnt
2014-09-05 00:13 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-04 23:14 - 2014-09-04 23:13 - 04862664 _____ (AVAST Software) C:\Users\Misa\Downloads\avast_free_antivirus_setup_online.exe
2014-09-04 23:13 - 2014-09-04 23:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-04 23:11 - 2009-08-22 08:07 - 00000000 ____D () C:\Program Files (x86)\Packard Bell GameZone
2014-09-04 23:10 - 2009-08-22 08:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell GameZone
2014-09-04 23:10 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-04 23:08 - 2014-08-28 18:31 - 00000000 ____D () C:\Users\Misa\AppData\Local\Google
2014-09-04 23:08 - 2009-08-22 08:20 - 00000000 ____D () C:\ProgramData\Google
2014-09-04 23:07 - 2014-09-04 23:07 - 05576326 ____R (Swearware) C:\Users\Misa\Downloads\ComboFix.exe
2014-09-04 23:07 - 2009-08-16 07:54 - 00000000 ____D () C:\ProgramData\Norton
2014-09-04 23:06 - 2014-09-04 23:05 - 01016261 _____ (Thisisu) C:\Users\Misa\Downloads\JRT.exe
2014-09-04 23:02 - 2014-09-04 23:02 - 00869456 _____ () C:\Users\Misa\Downloads\Norton_Removal_Tool.exe
2014-09-04 23:00 - 2009-07-14 06:45 - 00416872 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 04:12 - 2014-08-29 04:03 - 00000486 _____ () C:\Windows\Patch.log
2014-08-29 04:12 - 2014-08-29 03:50 - 00001662 _____ () C:\Windows\WPatchProgress.ini
2014-08-29 04:12 - 2009-08-16 08:27 - 00000189 __RSH () C:\Preload.rev
2014-08-29 04:12 - 2009-08-16 08:27 - 00000117 _____ () C:\Windows\WisLangCode.ini
2014-08-29 04:12 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\winrm
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\WCN
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\slmgr
2014-08-29 04:12 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-08-29 04:12 - 2009-03-12 11:30 - 00000000 ____D () C:\Windows\LP
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\it
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\0410
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\system32\it
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\system32\0410
2014-08-29 04:09 - 2009-08-16 08:31 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-29 04:09 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-08-29 04:09 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-08-29 04:09 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-29 04:08 - 2014-08-29 04:09 - 00335478 _____ () C:\Windows\system32\perfi010.dat
2014-08-29 04:08 - 2014-08-29 04:09 - 00037534 _____ () C:\Windows\system32\perfd010.dat
2014-08-29 04:03 - 2014-08-29 04:03 - 00000000 ____D () C:\acersw
2014-08-29 04:03 - 2014-08-29 04:02 - 00007060 _____ () C:\Windows\WisGAPas.log
2014-08-29 04:03 - 2009-08-16 08:29 - 00000000 ____D () C:\oem
2014-08-29 04:03 - 2009-08-16 08:27 - 00002104 _____ () C:\Windows\Factory.xml
2014-08-29 04:02 - 2014-08-29 04:02 - 00000896 _____ () C:\Windows\MOD01SET74000N0006.XML
2014-08-29 04:02 - 2014-08-29 04:02 - 00000000 ____D () C:\Windows\Lan
2014-08-29 04:02 - 2014-08-29 04:02 - 00000000 ____D () C:\acer
2014-08-29 04:02 - 2009-08-16 08:27 - 00049895 _____ () C:\Windows\PLaunch.log
2014-08-29 04:02 - 2009-07-27 22:26 - 00000000 ___DC () C:\elements
2014-08-29 04:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-08-29 04:01 - 2014-08-29 04:01 - 00000708 _____ () C:\Windows\CapsuleDll.log
2014-08-29 04:01 - 2014-08-29 04:01 - 00000000 ____D () C:\Patch
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\vlc
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-28 18:55 - 2014-08-28 18:54 - 24743106 _____ () C:\Users\Misa\Downloads\vlc-2.1.5-win32.exe
2014-08-28 18:52 - 2014-08-28 18:50 - 00000000 ____D () C:\ProgramData\WinZip
2014-08-28 18:51 - 2014-08-28 18:51 - 00002265 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-08-28 18:51 - 2014-08-28 18:51 - 00000000 ____D () C:\Users\Misa\AppData\Local\WinZip
2014-08-28 18:51 - 2014-08-28 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-08-28 18:50 - 2014-08-28 18:50 - 00000000 ____D () C:\Program Files (x86)\WinZip
2014-08-28 18:48 - 2014-08-28 18:47 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-28 18:47 - 2014-08-28 18:47 - 00001196 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-08-28 18:47 - 2014-08-28 18:47 - 00000000 ____D () C:\Program Files\Windows Live
2014-08-28 18:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-28 18:41 - 2014-08-28 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 18:41 - 2014-08-28 18:40 - 00000000 ____D () C:\Users\Misa\AppData\Local\Deployment
2014-08-28 18:40 - 2014-08-28 18:40 - 00000000 ____D () C:\Users\Misa\AppData\Local\Apps\2.0
2014-08-28 18:40 - 2014-08-28 18:30 - 00108840 _____ () C:\Users\Misa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-28 18:39 - 2014-08-28 18:39 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Macromedia
2014-08-28 18:39 - 2014-08-28 18:39 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Adobe
2014-08-28 18:38 - 2009-08-22 08:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-28 18:37 - 2014-08-28 18:32 - 00004146 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 18:37 - 2014-08-28 18:32 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 18:36 - 2009-08-22 07:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-28 18:35 - 2014-08-28 18:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-08-28 18:35 - 2009-08-22 07:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-28 18:35 - 2009-08-16 08:31 - 00000000 ____D () C:\Windows\ShellNew
2014-08-28 18:33 - 2014-08-28 18:33 - 00000000 ____D () C:\Users\Misa\AppData\Local\Microsoft Help
2014-08-28 18:33 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-08-28 18:32 - 2014-08-29 04:09 - 00689472 _____ () C:\Windows\system32\perfh010.dat
2014-08-28 18:32 - 2014-08-29 04:09 - 00124626 _____ () C:\Windows\system32\perfc010.dat
2014-08-28 18:32 - 2009-07-14 07:13 - 01516554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-28 18:31 - 2014-08-28 18:31 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Google
2014-08-28 18:21 - 2014-08-28 18:21 - 00001439 _____ () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-28 18:21 - 2014-08-28 18:21 - 00001405 _____ () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-08-28 18:21 - 2014-08-28 18:19 - 00000000 ____D () C:\Users\Misa
2014-08-28 18:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-28 18:20 - 2014-08-28 18:20 - 00000000 ____D () C:\Users\Misa\AppData\Local\VirtualStore
2014-08-28 18:19 - 2014-08-28 18:19 - 00000020 ___SH () C:\Users\Misa\ntuser.ini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Risorse di stampa
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Risorse di rete
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Recenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Impostazioni locali
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Risorse di stampa
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Risorse di rete
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Recenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Impostazioni locali
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Preferiti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Program Files\File comuni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 ____D () C:\Recovery
2014-08-28 18:19 - 2009-07-27 22:41 - 00000000 ____D () C:\Windows\Panther
2014-08-28 18:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-08-28 18:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-08-28 18:16 - 2009-07-27 21:43 - 00005767 _____ () C:\Windows\TSSysprep.log
2014-08-28 18:16 - 2009-07-14 06:46 - 00004059 _____ () C:\Windows\DtcInstall.log
2014-08-25 06:53 - 2014-09-04 23:21 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Misa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptmok9g.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-09-05 00:17

==================== End Of Log ============================



#5 wsht

wsht
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 04 September 2014 - 09:02 PM

And can you tell me what process is being blocked by avast when trying to connect to those addresses?

 

The processes come from different places.

 

C:\Windows\explorer.exe

iexplore.exe

chrome.exe

 

For instance:

 

hxxp://rebtn.com/?wVCdUNGSqDOoMAq3sTyUnK3G3DIS/lzSZPnnGnAf5Ntm2muiwb1LxzToBZZ/TmzfRdDi7powZ/j  R/ZnH1TirkRiCY4jAQs9Ds/q7jkiOXikJTMJB/Bmxx3TarY szm9rxFRT0dBzFQfGi3daHP8jWGIBz4Dw==

 

URL:Mal

 

Maybe it is a Keylogger, trying to steal some infos? This popup pops very often. Combofix put in quarantine catchme.sys and other reg files 


Edited by wsht, 04 September 2014 - 09:05 PM.


#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:37 AM

Posted 05 September 2014 - 05:22 AM

Ciao,

I don't know yet what causes these outbound connections that get blocked.
Combofix hasn't deleted anything relevant - catchme ist part of Combofix itself.


Please download TDSSKiller and save it to your Desktop.
  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters.
  • Make sure that all available options (except "Loaded modules") are checked and click OK.
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.


#7 wsht

wsht
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 05 September 2014 - 06:03 AM

TADA! 1 Rootkit found
 
 
13:00:36.0534 0x0f58  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:00:42.0275 0x0f58  ============================================================
13:00:42.0275 0x0f58  Current date / time: 2014/09/05 13:00:42.0275
13:00:42.0275 0x0f58  SystemInfo:
13:00:42.0275 0x0f58  
13:00:42.0275 0x0f58  OS Version: 6.1.7600 ServicePack: 0.0
13:00:42.0275 0x0f58  Product type: Workstation
13:00:42.0275 0x0f58  ComputerName: MISA-PC
13:00:42.0275 0x0f58  UserName: Misa
13:00:42.0275 0x0f58  Windows directory: C:\Windows
13:00:42.0275 0x0f58  System windows directory: C:\Windows
13:00:42.0275 0x0f58  Running under WOW64
13:00:42.0275 0x0f58  Processor architecture: Intel x64
13:00:42.0275 0x0f58  Number of processors: 2
13:00:42.0275 0x0f58  Page size: 0x1000
13:00:42.0275 0x0f58  Boot type: Normal boot
13:00:42.0275 0x0f58  ============================================================
13:00:42.0681 0x0f58  KLMD registered as C:\Windows\system32\drivers\52000348.sys
13:00:43.0242 0x0f58  System UUID: {A3FCC608-E535-0397-7FD6-6E658059A908}
13:00:43.0960 0x0f58  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:00:43.0960 0x0f58  Drive \Device\Harddisk1\DR1 - Size: 0x77700000 ( 1.87 Gb ), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:00:43.0960 0x0f58  ============================================================
13:00:43.0960 0x0f58  \Device\Harddisk0\DR0:
13:00:43.0960 0x0f58  MBR partitions:
13:00:43.0960 0x0f58  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
13:00:43.0960 0x0f58  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x23C8BAB0
13:00:43.0960 0x0f58  \Device\Harddisk1\DR1:
13:00:43.0960 0x0f58  MBR partitions:
13:00:43.0960 0x0f58  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0x3BB000
13:00:43.0960 0x0f58  ============================================================
13:00:43.0991 0x0f58  C: <-> \Device\Harddisk0\DR0\Partition2
13:00:43.0991 0x0f58  ============================================================
13:00:43.0991 0x0f58  Initialize success
13:00:43.0991 0x0f58  ============================================================
13:01:03.0554 0x0a68  ============================================================
13:01:03.0554 0x0a68  Scan started
13:01:03.0554 0x0a68  Mode: Manual; SigCheck; TDLFS; 
13:01:03.0554 0x0a68  ============================================================
13:01:03.0554 0x0a68  KSN ping started
13:01:06.0066 0x0a68  KSN ping finished: true
13:01:08.0406 0x0a68  ================ Scan system memory ========================
13:01:08.0406 0x0a68  System memory - ok
13:01:08.0406 0x0a68  ================ Scan services =============================
13:01:08.0827 0x0a68  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:01:08.0936 0x0a68  1394ohci - ok
13:01:09.0014 0x0a68  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
13:01:09.0061 0x0a68  ACPI - ok
13:01:09.0108 0x0a68  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
13:01:09.0155 0x0a68  AcpiPmi - ok
13:01:09.0233 0x0a68  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:01:09.0279 0x0a68  adp94xx - ok
13:01:09.0326 0x0a68  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:01:09.0342 0x0a68  adpahci - ok
13:01:09.0389 0x0a68  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:01:09.0404 0x0a68  adpu320 - ok
13:01:09.0467 0x0a68  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:01:09.0529 0x0a68  AeLookupSvc - ok
13:01:09.0638 0x0a68  [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD             C:\Windows\system32\drivers\afd.sys
13:01:09.0810 0x0a68  AFD - ok
13:01:09.0841 0x0a68  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
13:01:09.0857 0x0a68  agp440 - ok
13:01:09.0888 0x0a68  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:01:09.0919 0x0a68  ALG - ok
13:01:09.0950 0x0a68  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
13:01:09.0966 0x0a68  aliide - ok
13:01:09.0981 0x0a68  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
13:01:09.0997 0x0a68  amdide - ok
13:01:10.0013 0x0a68  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:01:10.0059 0x0a68  AmdK8 - ok
13:01:10.0075 0x0a68  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:01:10.0106 0x0a68  AmdPPM - ok
13:01:10.0137 0x0a68  [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
13:01:10.0153 0x0a68  amdsata - ok
13:01:10.0184 0x0a68  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:01:10.0200 0x0a68  amdsbs - ok
13:01:10.0200 0x0a68  [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
13:01:10.0215 0x0a68  amdxata - ok
13:01:10.0262 0x0a68  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
13:01:10.0309 0x0a68  AppID - ok
13:01:10.0340 0x0a68  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:01:10.0403 0x0a68  AppIDSvc - ok
13:01:10.0418 0x0a68  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
13:01:10.0465 0x0a68  Appinfo - ok
13:01:10.0496 0x0a68  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:01:10.0512 0x0a68  arc - ok
13:01:10.0527 0x0a68  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:01:10.0543 0x0a68  arcsas - ok
13:01:10.0605 0x0a68  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
13:01:10.0668 0x0a68  aswHwid - ok
13:01:10.0699 0x0a68  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:01:10.0715 0x0a68  aswMonFlt - ok
13:01:10.0746 0x0a68  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
13:01:10.0761 0x0a68  aswRdr - ok
13:01:10.0777 0x0a68  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
13:01:10.0793 0x0a68  aswRvrt - ok
13:01:10.0839 0x0a68  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:01:10.0871 0x0a68  aswSnx - ok
13:01:10.0917 0x0a68  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:01:10.0949 0x0a68  aswSP - ok
13:01:10.0964 0x0a68  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
13:01:10.0980 0x0a68  aswStm - ok
13:01:10.0980 0x0a68  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
13:01:10.0995 0x0a68  aswVmm - ok
13:01:11.0042 0x0a68  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:01:11.0136 0x0a68  AsyncMac - ok
13:01:11.0183 0x0a68  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
13:01:11.0198 0x0a68  atapi - ok
13:01:11.0261 0x0a68  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:01:11.0370 0x0a68  AudioEndpointBuilder - ok
13:01:11.0401 0x0a68  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:01:11.0463 0x0a68  AudioSrv - ok
13:01:11.0557 0x0a68  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:01:11.0573 0x0a68  avast! Antivirus - ok
13:01:11.0619 0x0a68  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:01:11.0651 0x0a68  AxInstSV - ok
13:01:11.0713 0x0a68  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:01:11.0791 0x0a68  b06bdrv - ok
13:01:11.0838 0x0a68  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:01:11.0885 0x0a68  b57nd60a - ok
13:01:11.0994 0x0a68  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
13:01:12.0134 0x0a68  BCM43XX - ok
13:01:12.0181 0x0a68  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:01:12.0212 0x0a68  BDESVC - ok
13:01:12.0275 0x0a68  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:01:12.0353 0x0a68  Beep - ok
13:01:12.0415 0x0a68  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
13:01:12.0555 0x0a68  BFE - ok
13:01:12.0711 0x0a68  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\system32\qmgr.dll
13:01:12.0883 0x0a68  BITS - ok
13:01:12.0914 0x0a68  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:01:12.0961 0x0a68  blbdrive - ok
13:01:12.0977 0x0a68  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:01:13.0055 0x0a68  bowser - ok
13:01:13.0086 0x0a68  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:01:13.0133 0x0a68  BrFiltLo - ok
13:01:13.0148 0x0a68  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:01:13.0164 0x0a68  BrFiltUp - ok
13:01:13.0195 0x0a68  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:01:13.0257 0x0a68  BridgeMP - ok
13:01:13.0289 0x0a68  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
13:01:13.0351 0x0a68  Browser - ok
13:01:13.0382 0x0a68  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:01:13.0413 0x0a68  Brserid - ok
13:01:13.0413 0x0a68  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:01:13.0460 0x0a68  BrSerWdm - ok
13:01:13.0460 0x0a68  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:01:13.0491 0x0a68  BrUsbMdm - ok
13:01:13.0507 0x0a68  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:01:13.0523 0x0a68  BrUsbSer - ok
13:01:13.0538 0x0a68  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:01:13.0585 0x0a68  BTHMODEM - ok
13:01:13.0616 0x0a68  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:01:13.0663 0x0a68  bthserv - ok
13:01:13.0694 0x0a68  catchme - ok
13:01:13.0725 0x0a68  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:01:13.0772 0x0a68  cdfs - ok
13:01:13.0819 0x0a68  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:01:13.0835 0x0a68  cdrom - ok
13:01:13.0881 0x0a68  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:01:13.0959 0x0a68  CertPropSvc - ok
13:01:13.0959 0x0a68  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:01:13.0991 0x0a68  circlass - ok
13:01:14.0022 0x0a68  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:01:14.0053 0x0a68  CLFS - ok
13:01:14.0100 0x0a68  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:01:14.0147 0x0a68  clr_optimization_v2.0.50727_32 - ok
13:01:14.0193 0x0a68  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:01:14.0240 0x0a68  clr_optimization_v2.0.50727_64 - ok
13:01:14.0287 0x0a68  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:01:14.0303 0x0a68  CmBatt - ok
13:01:14.0334 0x0a68  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
13:01:14.0334 0x0a68  cmdide - ok
13:01:14.0365 0x0a68  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:01:14.0412 0x0a68  CNG - ok
13:01:14.0427 0x0a68  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:01:14.0443 0x0a68  Compbatt - ok
13:01:14.0474 0x0a68  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:01:14.0490 0x0a68  CompositeBus - ok
13:01:14.0505 0x0a68  COMSysApp - ok
13:01:14.0521 0x0a68  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:01:14.0537 0x0a68  crcdisk - ok
13:01:14.0568 0x0a68  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:01:14.0630 0x0a68  CryptSvc - ok
13:01:14.0677 0x0a68  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:01:14.0755 0x0a68  DcomLaunch - ok
13:01:14.0786 0x0a68  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:01:14.0849 0x0a68  defragsvc - ok
13:01:14.0880 0x0a68  [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:01:14.0927 0x0a68  DfsC - ok
13:01:14.0989 0x0a68  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:01:15.0051 0x0a68  Dhcp - ok
13:01:15.0067 0x0a68  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:01:15.0114 0x0a68  discache - ok
13:01:15.0114 0x0a68  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:01:15.0129 0x0a68  Disk - ok
13:01:15.0161 0x0a68  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:01:15.0223 0x0a68  Dnscache - ok
13:01:15.0239 0x0a68  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:01:15.0301 0x0a68  dot3svc - ok
13:01:15.0332 0x0a68  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
13:01:15.0395 0x0a68  DPS - ok
13:01:15.0426 0x0a68  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:01:15.0441 0x0a68  drmkaud - ok
13:01:15.0504 0x0a68  [ 7CB7D2B73813CE05C7BC0F5F95D27CEC, F80AD7E946B8C8C27A0EB8A99B3A61C3F09E5442372D64EB4886D86B8D0AFCFD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:01:15.0613 0x0a68  DXGKrnl - ok
13:01:15.0629 0x0a68  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:01:15.0691 0x0a68  EapHost - ok
13:01:15.0847 0x0a68  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:01:16.0034 0x0a68  ebdrv - ok
13:01:16.0081 0x0a68  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
13:01:16.0097 0x0a68  EFS - ok
13:01:16.0159 0x0a68  [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:01:16.0221 0x0a68  ehRecvr - ok
13:01:16.0237 0x0a68  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:01:16.0268 0x0a68  ehSched - ok
13:01:16.0299 0x0a68  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:01:16.0346 0x0a68  elxstor - ok
13:01:16.0377 0x0a68  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
13:01:16.0409 0x0a68  ErrDev - ok
13:01:16.0487 0x0a68  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:01:16.0565 0x0a68  EventSystem - ok
13:01:16.0596 0x0a68  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:01:16.0658 0x0a68  exfat - ok
13:01:16.0689 0x0a68  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:01:16.0736 0x0a68  fastfat - ok
13:01:16.0783 0x0a68  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
13:01:16.0861 0x0a68  Fax - ok
13:01:16.0877 0x0a68  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:01:16.0908 0x0a68  fdc - ok
13:01:16.0908 0x0a68  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:01:16.0955 0x0a68  fdPHost - ok
13:01:16.0955 0x0a68  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:01:17.0001 0x0a68  FDResPub - ok
13:01:17.0033 0x0a68  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:01:17.0048 0x0a68  FileInfo - ok
13:01:17.0064 0x0a68  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:01:17.0126 0x0a68  Filetrace - ok
13:01:17.0126 0x0a68  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:01:17.0142 0x0a68  flpydisk - ok
13:01:17.0189 0x0a68  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:01:17.0220 0x0a68  FltMgr - ok
13:01:17.0282 0x0a68  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache       C:\Windows\system32\FntCache.dll
13:01:17.0392 0x0a68  FontCache - ok
13:01:17.0454 0x0a68  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:01:17.0470 0x0a68  FontCache3.0.0.0 - ok
13:01:17.0485 0x0a68  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:01:17.0501 0x0a68  FsDepends - ok
13:01:17.0501 0x0a68  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:01:17.0516 0x0a68  Fs_Rec - ok
13:01:17.0563 0x0a68  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:01:17.0579 0x0a68  fvevol - ok
13:01:17.0594 0x0a68  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:01:17.0610 0x0a68  gagp30kx - ok
13:01:17.0672 0x0a68  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:01:17.0766 0x0a68  gpsvc - ok
13:01:17.0984 0x0a68  [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service    C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
13:01:18.0047 0x0a68  Greg_Service - ok
13:01:18.0421 0x0a68  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:01:18.0452 0x0a68  gupdate - ok
13:01:18.0484 0x0a68  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:01:18.0499 0x0a68  gupdatem - ok
13:01:18.0546 0x0a68  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:01:18.0593 0x0a68  hcw85cir - ok
13:01:18.0624 0x0a68  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:01:18.0671 0x0a68  HdAudAddService - ok
13:01:18.0702 0x0a68  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:01:18.0733 0x0a68  HDAudBus - ok
13:01:18.0749 0x0a68  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:01:18.0780 0x0a68  HidBatt - ok
13:01:18.0780 0x0a68  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:01:18.0811 0x0a68  HidBth - ok
13:01:18.0842 0x0a68  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:01:18.0874 0x0a68  HidIr - ok
13:01:18.0905 0x0a68  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
13:01:18.0952 0x0a68  hidserv - ok
13:01:18.0983 0x0a68  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:01:19.0030 0x0a68  HidUsb - ok
13:01:19.0045 0x0a68  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:01:19.0108 0x0a68  hkmsvc - ok
13:01:19.0139 0x0a68  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:01:19.0186 0x0a68  HomeGroupListener - ok
13:01:19.0264 0x0a68  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:01:19.0295 0x0a68  HomeGroupProvider - ok
13:01:19.0310 0x0a68  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
13:01:19.0326 0x0a68  HpSAMD - ok
13:01:19.0373 0x0a68  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:01:19.0482 0x0a68  HTTP - ok
13:01:19.0498 0x0a68  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:01:19.0513 0x0a68  hwpolicy - ok
13:01:19.0560 0x0a68  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:01:19.0576 0x0a68  i8042prt - ok
13:01:19.0638 0x0a68  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
13:01:19.0669 0x0a68  IAANTMON - ok
13:01:19.0700 0x0a68  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:01:19.0716 0x0a68  iaStor - ok
13:01:19.0763 0x0a68  [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
13:01:19.0794 0x0a68  iaStorV - ok
13:01:19.0981 0x0a68  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:01:20.0028 0x0a68  idsvc - ok
13:01:20.0496 0x0a68  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:01:20.0870 0x0a68  igfx - ok
13:01:20.0902 0x0a68  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:01:20.0917 0x0a68  iirsp - ok
13:01:20.0980 0x0a68  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
13:01:21.0104 0x0a68  IKEEXT - ok
13:01:21.0120 0x0a68  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:01:21.0136 0x0a68  intelide - ok
13:01:21.0167 0x0a68  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:01:21.0182 0x0a68  intelppm - ok
13:01:21.0214 0x0a68  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:01:21.0276 0x0a68  IPBusEnum - ok
13:01:21.0292 0x0a68  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:01:21.0338 0x0a68  IpFilterDriver - ok
13:01:21.0370 0x0a68  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:01:21.0463 0x0a68  iphlpsvc - ok
13:01:21.0479 0x0a68  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:01:21.0526 0x0a68  IPMIDRV - ok
13:01:21.0526 0x0a68  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:01:21.0588 0x0a68  IPNAT - ok
13:01:21.0619 0x0a68  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:01:21.0635 0x0a68  IRENUM - ok
13:01:21.0650 0x0a68  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
13:01:21.0666 0x0a68  isapnp - ok
13:01:21.0697 0x0a68  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:01:21.0713 0x0a68  iScsiPrt - ok
13:01:21.0760 0x0a68  [ 249EE2D26CB1530F3BEDE0AC8B9E3099, 6EBF72DCCDC1EFCD9FE712B895D61359F46C2AF41F1EC47A3C486E79AA1BC026 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
13:01:21.0775 0x0a68  k57nd60a - ok
13:01:21.0806 0x0a68  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:01:21.0822 0x0a68  kbdclass - ok
13:01:21.0838 0x0a68  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:01:21.0853 0x0a68  kbdhid - ok
13:01:21.0884 0x0a68  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
13:01:21.0900 0x0a68  KeyIso - ok
13:01:21.0900 0x0a68  [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:01:21.0916 0x0a68  KSecDD - ok
13:01:21.0931 0x0a68  [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:01:21.0947 0x0a68  KSecPkg - ok
13:01:21.0947 0x0a68  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:01:21.0994 0x0a68  ksthunk - ok
13:01:22.0259 0x0a68  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:01:22.0430 0x0a68  KtmRm - ok
13:01:22.0462 0x0a68  [ 2AC603C3188C704CFCE353659AA7AD71, 0DAC2E8858221145FA35883BAE0D6484E60EB624158DE9F063FF209951CD1CDF ] L1E             C:\Windows\system32\DRIVERS\L1E62x64.sys
13:01:22.0508 0x0a68  L1E - ok
13:01:22.0555 0x0a68  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:01:22.0633 0x0a68  LanmanServer - ok
13:01:22.0852 0x0a68  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:01:22.0930 0x0a68  LanmanWorkstation - ok
13:01:23.0101 0x0a68  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:01:23.0164 0x0a68  lltdio - ok
13:01:23.0304 0x0a68  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:01:23.0398 0x0a68  lltdsvc - ok
13:01:23.0429 0x0a68  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:01:23.0507 0x0a68  lmhosts - ok
13:01:23.0538 0x0a68  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:01:23.0569 0x0a68  LSI_FC - ok
13:01:23.0585 0x0a68  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:01:23.0600 0x0a68  LSI_SAS - ok
13:01:23.0616 0x0a68  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:01:23.0632 0x0a68  LSI_SAS2 - ok
13:01:23.0647 0x0a68  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:01:23.0663 0x0a68  LSI_SCSI - ok
13:01:23.0694 0x0a68  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:01:23.0741 0x0a68  luafv - ok
13:01:23.0772 0x0a68  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:01:23.0819 0x0a68  Mcx2Svc - ok
13:01:23.0834 0x0a68  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:01:23.0850 0x0a68  megasas - ok
13:01:23.0866 0x0a68  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:01:23.0897 0x0a68  MegaSR - ok
13:01:23.0928 0x0a68  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:01:23.0990 0x0a68  MMCSS - ok
13:01:24.0022 0x0a68  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:01:24.0084 0x0a68  Modem - ok
13:01:24.0131 0x0a68  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:01:24.0162 0x0a68  monitor - ok
13:01:24.0178 0x0a68  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:01:24.0193 0x0a68  mouclass - ok
13:01:24.0193 0x0a68  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:01:24.0209 0x0a68  mouhid - ok
13:01:24.0224 0x0a68  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:01:24.0240 0x0a68  mountmgr - ok
13:01:24.0240 0x0a68  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
13:01:24.0271 0x0a68  mpio - ok
13:01:24.0271 0x0a68  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:01:24.0318 0x0a68  mpsdrv - ok
13:01:24.0396 0x0a68  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:01:24.0490 0x0a68  MpsSvc - ok
13:01:24.0521 0x0a68  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:01:24.0568 0x0a68  MRxDAV - ok
13:01:24.0583 0x0a68  [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:01:24.0630 0x0a68  mrxsmb - ok
13:01:24.0646 0x0a68  [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:01:24.0708 0x0a68  mrxsmb10 - ok
13:01:24.0724 0x0a68  [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:01:24.0770 0x0a68  mrxsmb20 - ok
13:01:24.0786 0x0a68  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
13:01:24.0802 0x0a68  msahci - ok
13:01:24.0817 0x0a68  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
13:01:24.0833 0x0a68  msdsm - ok
13:01:24.0864 0x0a68  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:01:24.0895 0x0a68  MSDTC - ok
13:01:24.0895 0x0a68  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:01:24.0942 0x0a68  Msfs - ok
13:01:24.0958 0x0a68  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:01:25.0051 0x0a68  mshidkmdf - ok
13:01:25.0067 0x0a68  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
13:01:25.0082 0x0a68  msisadrv - ok
13:01:25.0114 0x0a68  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:01:25.0160 0x0a68  MSiSCSI - ok
13:01:25.0176 0x0a68  msiserver - ok
13:01:25.0192 0x0a68  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:01:25.0238 0x0a68  MSKSSRV - ok
13:01:25.0254 0x0a68  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:01:25.0316 0x0a68  MSPCLOCK - ok
13:01:25.0348 0x0a68  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:01:25.0394 0x0a68  MSPQM - ok
13:01:25.0410 0x0a68  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:01:25.0457 0x0a68  MsRPC - ok
13:01:25.0472 0x0a68  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:01:25.0488 0x0a68  mssmbios - ok
13:01:25.0488 0x0a68  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:01:25.0550 0x0a68  MSTEE - ok
13:01:25.0566 0x0a68  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:01:25.0597 0x0a68  MTConfig - ok
13:01:25.0628 0x0a68  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:01:25.0644 0x0a68  Mup - ok
13:01:25.0691 0x0a68  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
13:01:25.0769 0x0a68  napagent - ok
13:01:25.0831 0x0a68  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:01:25.0878 0x0a68  NativeWifiP - ok
13:01:25.0925 0x0a68  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:01:26.0003 0x0a68  NDIS - ok
13:01:26.0018 0x0a68  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:01:26.0050 0x0a68  NdisCap - ok
13:01:26.0081 0x0a68  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:01:26.0143 0x0a68  NdisTapi - ok
13:01:26.0159 0x0a68  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:01:26.0206 0x0a68  Ndisuio - ok
13:01:26.0221 0x0a68  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:01:26.0268 0x0a68  NdisWan - ok
13:01:26.0284 0x0a68  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:01:26.0330 0x0a68  NDProxy - ok
13:01:26.0518 0x0a68  [ B90E093E7A7250906F1054418B5339C0, F9A0BAC5B4B29F14B5CACA1047F8928A495EFD56E485492BF71C856B296476D6 ] Nero BackItUp Scheduler 4.0 c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
13:01:26.0596 0x0a68  Nero BackItUp Scheduler 4.0 - ok
13:01:26.0642 0x0a68  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:01:26.0689 0x0a68  NetBIOS - ok
13:01:26.0720 0x0a68  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:01:26.0767 0x0a68  NetBT - ok
13:01:26.0798 0x0a68  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
13:01:26.0814 0x0a68  Netlogon - ok
13:01:26.0861 0x0a68  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:01:26.0954 0x0a68  Netman - ok
13:01:26.0986 0x0a68  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:01:27.0064 0x0a68  netprofm - ok
13:01:27.0095 0x0a68  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:01:27.0110 0x0a68  NetTcpPortSharing - ok
13:01:27.0344 0x0a68  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
13:01:27.0703 0x0a68  netw5v64 - ok
13:01:27.0766 0x0a68  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:01:27.0781 0x0a68  nfrd960 - ok
13:01:27.0844 0x0a68  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:01:27.0937 0x0a68  NlaSvc - ok
13:01:27.0937 0x0a68  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:01:27.0984 0x0a68  Npfs - ok
13:01:28.0000 0x0a68  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:01:28.0062 0x0a68  nsi - ok
13:01:28.0109 0x0a68  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:01:28.0156 0x0a68  nsiproxy - ok
13:01:28.0265 0x0a68  [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:01:28.0421 0x0a68  Ntfs - ok
13:01:28.0514 0x0a68  [ 70E3EB0CEF795D348F05E5A9B115F491, F62FF02A34416E027BDE57DD54C436CE29CB83758B9DAB24BD6E042BB6A335B8 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
13:01:28.0530 0x0a68  NTI IScheduleSvc - ok
13:01:28.0561 0x0a68  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
13:01:28.0561 0x0a68  NTIDrvr - ok
13:01:28.0733 0x0a68  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:01:28.0795 0x0a68  Null - ok
13:01:28.0826 0x0a68  [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
13:01:28.0842 0x0a68  nvraid - ok
13:01:28.0858 0x0a68  [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
13:01:28.0889 0x0a68  nvstor - ok
13:01:28.0920 0x0a68  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
13:01:28.0936 0x0a68  nv_agp - ok
13:01:29.0060 0x0a68  [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:01:29.0123 0x0a68  odserv - ok
13:01:29.0154 0x0a68  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:01:29.0201 0x0a68  ohci1394 - ok
13:01:29.0232 0x0a68  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:01:29.0248 0x0a68  ose - ok
13:01:29.0279 0x0a68  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:01:29.0326 0x0a68  p2pimsvc - ok
13:01:29.0357 0x0a68  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:01:29.0419 0x0a68  p2psvc - ok
13:01:29.0450 0x0a68  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:01:29.0482 0x0a68  Parport - ok
13:01:29.0497 0x0a68  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:01:29.0513 0x0a68  partmgr - ok
13:01:29.0528 0x0a68  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:01:29.0575 0x0a68  PcaSvc - ok
13:01:29.0591 0x0a68  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
13:01:29.0606 0x0a68  pci - ok
13:01:29.0622 0x0a68  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
13:01:29.0638 0x0a68  pciide - ok
13:01:29.0669 0x0a68  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:01:29.0700 0x0a68  pcmcia - ok
13:01:29.0700 0x0a68  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:01:29.0716 0x0a68  pcw - ok
13:01:29.0762 0x0a68  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:01:29.0856 0x0a68  PEAUTH - ok
13:01:29.0934 0x0a68  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:01:29.0996 0x0a68  PerfHost - ok
13:01:30.0074 0x0a68  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
13:01:30.0215 0x0a68  pla - ok
13:01:30.0262 0x0a68  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:01:30.0340 0x0a68  PlugPlay - ok
13:01:30.0355 0x0a68  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:01:30.0371 0x0a68  PNRPAutoReg - ok
13:01:30.0402 0x0a68  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:01:30.0433 0x0a68  PNRPsvc - ok
13:01:30.0480 0x0a68  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:01:30.0558 0x0a68  PolicyAgent - ok
13:01:30.0589 0x0a68  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:01:30.0652 0x0a68  Power - ok
13:01:30.0683 0x0a68  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:01:30.0730 0x0a68  PptpMiniport - ok
13:01:30.0761 0x0a68  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:01:30.0792 0x0a68  Processor - ok
13:01:30.0823 0x0a68  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
13:01:30.0901 0x0a68  ProfSvc - ok
13:01:30.0917 0x0a68  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:01:30.0932 0x0a68  ProtectedStorage - ok
13:01:30.0964 0x0a68  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:01:31.0010 0x0a68  Psched - ok
13:01:31.0104 0x0a68  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:01:31.0213 0x0a68  ql2300 - ok
13:01:31.0229 0x0a68  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:01:31.0244 0x0a68  ql40xx - ok
13:01:31.0276 0x0a68  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:01:31.0307 0x0a68  QWAVE - ok
13:01:31.0307 0x0a68  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:01:31.0338 0x0a68  QWAVEdrv - ok
13:01:31.0354 0x0a68  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:01:31.0432 0x0a68  RasAcd - ok
13:01:31.0447 0x0a68  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:01:31.0494 0x0a68  RasAgileVpn - ok
13:01:31.0525 0x0a68  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:01:31.0572 0x0a68  RasAuto - ok
13:01:31.0588 0x0a68  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:01:31.0650 0x0a68  Rasl2tp - ok
13:01:31.0681 0x0a68  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
13:01:31.0744 0x0a68  RasMan - ok
13:01:31.0759 0x0a68  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:01:31.0806 0x0a68  RasPppoe - ok
13:01:31.0822 0x0a68  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:01:31.0868 0x0a68  RasSstp - ok
13:01:31.0900 0x0a68  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:01:31.0978 0x0a68  rdbss - ok
13:01:31.0993 0x0a68  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:01:32.0009 0x0a68  rdpbus - ok
13:01:32.0024 0x0a68  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:01:32.0071 0x0a68  RDPCDD - ok
13:01:32.0102 0x0a68  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:01:32.0134 0x0a68  RDPENCDD - ok
13:01:32.0165 0x0a68  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:01:32.0212 0x0a68  RDPREFMP - ok
13:01:32.0227 0x0a68  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:01:32.0290 0x0a68  RDPWD - ok
13:01:32.0305 0x0a68  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:01:32.0321 0x0a68  rdyboost - ok
13:01:32.0352 0x0a68  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:01:32.0399 0x0a68  RemoteAccess - ok
13:01:32.0446 0x0a68  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:01:32.0492 0x0a68  RemoteRegistry - ok
13:01:32.0524 0x0a68  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:01:32.0586 0x0a68  RpcEptMapper - ok
13:01:32.0617 0x0a68  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:01:32.0633 0x0a68  RpcLocator - ok
13:01:32.0680 0x0a68  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
13:01:32.0742 0x0a68  RpcSs - ok
13:01:32.0773 0x0a68  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:01:32.0836 0x0a68  rspndr - ok
13:01:32.0898 0x0a68  [ 2DB8116D52B19216812C4E6D5D837810, 00A524FF80DE69B6B6CA767C90723E833891C006AB43E65A1F6F14C38B8F2427 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
13:01:32.0929 0x0a68  RSUSBSTOR - ok
13:01:32.0929 0x0a68  RtsUIR - ok
13:01:32.0945 0x0a68  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
13:01:32.0976 0x0a68  SamSs - ok
13:01:32.0976 0x0a68  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
13:01:32.0992 0x0a68  sbp2port - ok
13:01:33.0023 0x0a68  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:01:33.0085 0x0a68  SCardSvr - ok
13:01:33.0101 0x0a68  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:01:33.0148 0x0a68  scfilter - ok
13:01:33.0210 0x0a68  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule        C:\Windows\system32\schedsvc.dll
13:01:33.0335 0x0a68  Schedule - ok
13:01:33.0366 0x0a68  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:01:33.0413 0x0a68  SCPolicySvc - ok
13:01:33.0428 0x0a68  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:01:33.0460 0x0a68  SDRSVC - ok
13:01:33.0506 0x0a68  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:01:33.0553 0x0a68  secdrv - ok
13:01:33.0584 0x0a68  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
13:01:33.0647 0x0a68  seclogon - ok
13:01:33.0678 0x0a68  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
13:01:33.0740 0x0a68  SENS - ok
13:01:33.0756 0x0a68  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:01:33.0772 0x0a68  SensrSvc - ok
13:01:33.0818 0x0a68  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:01:33.0850 0x0a68  Serenum - ok
13:01:33.0881 0x0a68  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:01:33.0912 0x0a68  Serial - ok
13:01:33.0912 0x0a68  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:01:33.0943 0x0a68  sermouse - ok
13:01:33.0974 0x0a68  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:01:34.0068 0x0a68  SessionEnv - ok
13:01:34.0099 0x0a68  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
13:01:34.0146 0x0a68  sffdisk - ok
13:01:34.0146 0x0a68  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:01:34.0193 0x0a68  sffp_mmc - ok
13:01:34.0193 0x0a68  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
13:01:34.0224 0x0a68  sffp_sd - ok
13:01:34.0224 0x0a68  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:01:34.0255 0x0a68  sfloppy - ok
13:01:34.0302 0x0a68  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:01:34.0349 0x0a68  SharedAccess - ok
13:01:34.0380 0x0a68  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:01:34.0427 0x0a68  ShellHWDetection - ok
13:01:34.0442 0x0a68  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:01:34.0458 0x0a68  SiSRaid2 - ok
13:01:34.0489 0x0a68  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:01:34.0505 0x0a68  SiSRaid4 - ok
13:01:34.0520 0x0a68  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:01:34.0583 0x0a68  Smb - ok
13:01:34.0614 0x0a68  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:01:34.0645 0x0a68  SNMPTRAP - ok
13:01:34.0661 0x0a68  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:01:34.0661 0x0a68  spldr - ok
13:01:34.0708 0x0a68  [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler         C:\Windows\System32\spoolsv.exe
13:01:34.0770 0x0a68  Spooler - ok
13:01:34.0926 0x0a68  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
13:01:35.0144 0x0a68  sppsvc - ok
13:01:35.0160 0x0a68  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:01:35.0207 0x0a68  sppuinotify - ok
13:01:35.0269 0x0a68  [ DE6F5658DA951C4BC8E498570B5B0D5F, 85A0B72F8B871EF768CD898B53D6AD83C334CC65F00736F2828C472DBA4C67D6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:01:35.0347 0x0a68  srv - ok
13:01:35.0394 0x0a68  [ 4D33D59C0B930C523D29F9BD40CDA9D2, CF8BB6BD4F3C4A707D059EA43E56C65590CF022DB699B0213E8E99F47467ED77 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:01:35.0472 0x0a68  srv2 - ok
13:01:35.0503 0x0a68  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:01:35.0534 0x0a68  SrvHsfHDA - ok
13:01:35.0644 0x0a68  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:01:35.0753 0x0a68  SrvHsfV92 - ok
13:01:35.0815 0x0a68  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:01:35.0862 0x0a68  SrvHsfWinac - ok
13:01:35.0893 0x0a68  [ 5A663FD67049267BC5C3F3279E631FFB, ED1DD8829C082126B971242BCCA55073B2EC2895307EA5581798DE1CBF43FC5D ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:01:35.0924 0x0a68  srvnet - ok
13:01:35.0971 0x0a68  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:01:36.0034 0x0a68  SSDPSRV - ok
13:01:36.0049 0x0a68  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:01:36.0096 0x0a68  SstpSvc - ok
13:01:36.0377 0x0a68  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:01:36.0408 0x0a68  stexstor - ok
13:01:36.0470 0x0a68  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
13:01:36.0548 0x0a68  stisvc - ok
13:01:36.0564 0x0a68  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:01:36.0580 0x0a68  swenum - ok
13:01:36.0626 0x0a68  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:01:36.0720 0x0a68  swprv - ok
13:01:36.0798 0x0a68  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
13:01:36.0923 0x0a68  SysMain - ok
13:01:36.0970 0x0a68  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:01:37.0016 0x0a68  TabletInputService - ok
13:01:37.0032 0x0a68  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:01:37.0079 0x0a68  TapiSrv - ok
13:01:37.0094 0x0a68  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:01:37.0141 0x0a68  TBS - ok
13:01:37.0266 0x0a68  [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:01:37.0391 0x0a68  Tcpip - ok
13:01:37.0500 0x0a68  [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:01:37.0578 0x0a68  TCPIP6 - ok
13:01:37.0672 0x0a68  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:01:37.0703 0x0a68  tcpipreg - ok
13:01:37.0734 0x0a68  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:01:37.0796 0x0a68  TDPIPE - ok
13:01:37.0812 0x0a68  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:01:37.0859 0x0a68  TDTCP - ok
13:01:37.0874 0x0a68  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:01:37.0937 0x0a68  tdx - ok
13:01:37.0937 0x0a68  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:01:37.0952 0x0a68  TermDD - ok
13:01:38.0015 0x0a68  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
13:01:38.0108 0x0a68  TermService - ok
13:01:38.0140 0x0a68  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:01:38.0171 0x0a68  Themes - ok
13:01:38.0171 0x0a68  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:01:38.0218 0x0a68  THREADORDER - ok
13:01:38.0233 0x0a68  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:01:38.0280 0x0a68  TrkWks - ok
13:01:38.0342 0x0a68  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:01:38.0389 0x0a68  TrustedInstaller - ok
13:01:38.0405 0x0a68  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:01:38.0467 0x0a68  tssecsrv - ok
13:01:38.0514 0x0a68  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:01:38.0576 0x0a68  tunnel - ok
13:01:38.0608 0x0a68  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:01:38.0623 0x0a68  uagp35 - ok
13:01:38.0670 0x0a68  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
13:01:38.0670 0x0a68  UBHelper - ok
13:01:38.0701 0x0a68  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:01:38.0779 0x0a68  udfs - ok
13:01:38.0826 0x0a68  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:01:38.0873 0x0a68  UI0Detect - ok
13:01:38.0873 0x0a68  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
13:01:38.0888 0x0a68  uliagpkx - ok
13:01:38.0920 0x0a68  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:01:38.0935 0x0a68  umbus - ok
13:01:38.0951 0x0a68  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:01:38.0982 0x0a68  UmPass - ok
13:01:39.0060 0x0a68  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
13:01:39.0076 0x0a68  Updater Service - ok
13:01:39.0107 0x0a68  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:01:39.0185 0x0a68  upnphost - ok
13:01:39.0200 0x0a68  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:01:39.0232 0x0a68  usbccgp - ok
13:01:39.0247 0x0a68  USBCCID - ok
13:01:39.0278 0x0a68  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
13:01:39.0294 0x0a68  usbcir - ok
13:01:39.0310 0x0a68  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:01:39.0356 0x0a68  usbehci - ok
13:01:39.0388 0x0a68  [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:01:39.0434 0x0a68  usbhub - ok
13:01:39.0466 0x0a68  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:01:39.0481 0x0a68  usbohci - ok
13:01:39.0497 0x0a68  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:01:39.0512 0x0a68  usbprint - ok
13:01:39.0528 0x0a68  [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:01:39.0544 0x0a68  USBSTOR - ok
13:01:39.0559 0x0a68  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:01:39.0590 0x0a68  usbuhci - ok
13:01:39.0606 0x0a68  [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
13:01:39.0622 0x0a68  usbvideo - ok
13:01:39.0653 0x0a68  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:01:39.0715 0x0a68  UxSms - ok
13:01:39.0715 0x0a68  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
13:01:39.0746 0x0a68  VaultSvc - ok
13:01:39.0762 0x0a68  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
13:01:39.0778 0x0a68  vdrvroot - ok
13:01:39.0824 0x0a68  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
13:01:39.0887 0x0a68  vds - ok
13:01:39.0887 0x0a68  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:01:39.0918 0x0a68  vga - ok
13:01:39.0918 0x0a68  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:01:39.0980 0x0a68  VgaSave - ok
13:01:40.0012 0x0a68  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
13:01:40.0043 0x0a68  vhdmp - ok
13:01:40.0043 0x0a68  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
13:01:40.0058 0x0a68  viaide - ok
13:01:40.0074 0x0a68  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
13:01:40.0090 0x0a68  volmgr - ok
13:01:40.0121 0x0a68  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:01:40.0136 0x0a68  volmgrx - ok
13:01:40.0152 0x0a68  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
13:01:40.0168 0x0a68  volsnap - ok
13:01:40.0183 0x0a68  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:01:40.0199 0x0a68  vsmraid - ok
13:01:40.0292 0x0a68  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
13:01:40.0386 0x0a68  VSS - ok
13:01:40.0417 0x0a68  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:01:40.0433 0x0a68  vwifibus - ok
13:01:40.0448 0x0a68  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:01:40.0480 0x0a68  vwififlt - ok
13:01:40.0495 0x0a68  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:01:40.0558 0x0a68  W32Time - ok
13:01:40.0573 0x0a68  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:01:40.0589 0x0a68  WacomPen - ok
13:01:40.0620 0x0a68  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:01:40.0667 0x0a68  WANARP - ok
13:01:40.0667 0x0a68  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:01:40.0729 0x0a68  Wanarpv6 - ok
13:01:40.0792 0x0a68  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
13:01:40.0901 0x0a68  wbengine - ok
13:01:40.0932 0x0a68  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:01:40.0963 0x0a68  WbioSrvc - ok
13:01:40.0979 0x0a68  [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:01:41.0026 0x0a68  wcncsvc - ok
13:01:41.0041 0x0a68  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:01:41.0072 0x0a68  WcsPlugInService - ok
13:01:41.0072 0x0a68  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:01:41.0088 0x0a68  Wd - ok
13:01:41.0119 0x0a68  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:01:41.0150 0x0a68  Wdf01000 - ok
13:01:41.0182 0x0a68  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:01:41.0228 0x0a68  WdiServiceHost - ok
13:01:41.0244 0x0a68  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:01:41.0275 0x0a68  WdiSystemHost - ok
13:01:41.0306 0x0a68  [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient       C:\Windows\System32\webclnt.dll
13:01:41.0369 0x0a68  WebClient - ok
13:01:41.0400 0x0a68  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:01:41.0494 0x0a68  Wecsvc - ok
13:01:41.0509 0x0a68  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:01:41.0572 0x0a68  wercplsupport - ok
13:01:41.0587 0x0a68  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:01:41.0634 0x0a68  WerSvc - ok
13:01:41.0665 0x0a68  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:01:41.0712 0x0a68  WfpLwf - ok
13:01:41.0728 0x0a68  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:01:41.0743 0x0a68  WIMMount - ok
13:01:41.0774 0x0a68  WinDefend - ok
13:01:41.0790 0x0a68  WinHttpAutoProxySvc - ok
13:01:41.0837 0x0a68  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:01:41.0899 0x0a68  Winmgmt - ok
13:01:41.0993 0x0a68  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:01:42.0164 0x0a68  WinRM - ok
13:01:42.0242 0x0a68  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:01:42.0336 0x0a68  Wlansvc - ok
13:01:42.0492 0x0a68  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:01:42.0648 0x0a68  wlidsvc - ok
13:01:42.0679 0x0a68  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:01:42.0695 0x0a68  WmiAcpi - ok
13:01:42.0742 0x0a68  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:01:42.0773 0x0a68  wmiApSrv - ok
13:01:42.0788 0x0a68  WMPNetworkSvc - ok
13:01:42.0820 0x0a68  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:01:42.0944 0x0a68  WPCSvc - ok
13:01:43.0038 0x0a68  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:01:43.0069 0x0a68  WPDBusEnum - ok
13:01:43.0069 0x0a68  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:01:43.0116 0x0a68  ws2ifsl - ok
13:01:43.0147 0x0a68  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
13:01:43.0163 0x0a68  wscsvc - ok
13:01:43.0178 0x0a68  WSearch - ok
13:01:43.0303 0x0a68  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:01:43.0459 0x0a68  wuauserv - ok
13:01:43.0475 0x0a68  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:01:43.0522 0x0a68  WudfPf - ok
13:01:43.0568 0x0a68  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:01:43.0646 0x0a68  WUDFRd - ok
13:01:43.0662 0x0a68  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:01:43.0724 0x0a68  wudfsvc - ok
13:01:43.0756 0x0a68  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:01:43.0802 0x0a68  WwanSvc - ok
13:01:43.0834 0x0a68  ================ Scan global ===============================
13:01:43.0865 0x0a68  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:01:43.0912 0x0a68  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:01:43.0927 0x0a68  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:01:43.0974 0x0a68  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:01:44.0005 0x0a68  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:01:44.0036 0x0a68  [ Global ] - ok
13:01:44.0036 0x0a68  ================ Scan MBR ==================================
13:01:44.0052 0x0a68  [ 6F9A1D528242BC09104B85E0BECF5554 ] \Device\Harddisk0\DR0
13:01:44.0052 0x0a68  Suspicious mbr (Forged): \Device\Harddisk0\DR0
13:01:44.0068 0x0a68  \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a ( 0 )
13:01:44.0068 0x0a68  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
13:01:46.0610 0x0a68  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
13:01:46.0610 0x0a68  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:01:49.0200 0x0a68  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:01:49.0340 0x0a68  \Device\Harddisk1\DR1 - ok
13:01:49.0340 0x0a68  ================ Scan VBR ==================================
13:01:49.0356 0x0a68  [ B174AFC39A623B210D60097C7612F662 ] \Device\Harddisk0\DR0\Partition1
13:01:49.0356 0x0a68  \Device\Harddisk0\DR0\Partition1 - ok
13:01:49.0372 0x0a68  [ 18C0B26F5F38EF7B395DCB1150BF9A01 ] \Device\Harddisk0\DR0\Partition2
13:01:49.0372 0x0a68  \Device\Harddisk0\DR0\Partition2 - ok
13:01:49.0387 0x0a68  [ 870DA5D95E16834F062A693B3420387A ] \Device\Harddisk1\DR1\Partition1
13:01:49.0387 0x0a68  \Device\Harddisk1\DR1\Partition1 - ok
13:01:49.0387 0x0a68  ================ Scan generic autorun ======================
13:01:49.0450 0x0a68  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
13:01:49.0465 0x0a68  IAAnotif - ok
13:01:49.0528 0x0a68  [ 452FA961163EF4AEE4815796A13AB2CF, 14DC422082F96F5C21C41A5E5F6E8445547CC4B02B18F0A86A34669CA2CE18A7 ] c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
13:01:49.0528 0x0a68  Adobe Reader Speed Launcher - ok
13:01:49.0590 0x0a68  [ 5AEA1DB5490429EEB0989A0CE2A52D5E, E854757921398BFDE6F2E1F4359CBDFCEEE36B645F435D4D039DF73669E488BF ] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
13:01:49.0606 0x0a68  BackupManagerTray - ok
13:01:49.0855 0x0a68  [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
13:01:50.0058 0x0a68  AvastUI.exe - ok
13:01:50.0058 0x0a68  Waiting for KSN requests completion. In queue: 4
13:01:51.0072 0x0a68  Waiting for KSN requests completion. In queue: 4
13:01:52.0086 0x0a68  Waiting for KSN requests completion. In queue: 4
13:01:53.0162 0x0a68  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
13:01:53.0209 0x0a68  Win FW state via NFP2: enabled
13:01:55.0674 0x0a68  ============================================================
13:01:55.0674 0x0a68  Scan finished
13:01:55.0674 0x0a68  ============================================================
13:01:55.0690 0x0fc4  Detected object count: 2
13:01:55.0690 0x0fc4  Actual detected object count: 2
13:02:13.0175 0x0fc4  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - skipped by user
13:02:13.0175 0x0fc4  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Skip 
13:02:13.0175 0x0fc4  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:02:13.0175 0x0fc4  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 


#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:37 AM

Posted 05 September 2014 - 06:13 AM

Yes it seems that we have found the culprit. :)


Start TDSSKiller.exe again with administrator privileges.
  • Set the parameters like in the first scan and click on Start scan.
  • This time select for the threat Rootkit.Boot.SST.a (and only for that) the option Cure (or Delete).
  • Click on Continue and allow the reboot.
  • Copy and paste the log file (C:\TDSSKiller.<version_date_time>_log.txt) of this run in your next reply.


#9 wsht

wsht
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 05 September 2014 - 06:23 AM

there are two files and now a popup window of kaspersky asking me to start scan. what i have to do?
 
log from 13.16.23 (before rebooting)
 
13:16:23.0007 0x0ffc  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:16:25.0315 0x0ffc  ============================================================
13:16:25.0315 0x0ffc  Current date / time: 2014/09/05 13:16:25.0315
13:16:25.0315 0x0ffc  SystemInfo:
13:16:25.0315 0x0ffc  
13:16:25.0315 0x0ffc  OS Version: 6.1.7600 ServicePack: 0.0
13:16:25.0315 0x0ffc  Product type: Workstation
13:16:25.0315 0x0ffc  ComputerName: MISA-PC
13:16:25.0315 0x0ffc  UserName: Misa
13:16:25.0315 0x0ffc  Windows directory: C:\Windows
13:16:25.0315 0x0ffc  System windows directory: C:\Windows
13:16:25.0315 0x0ffc  Running under WOW64
13:16:25.0315 0x0ffc  Processor architecture: Intel x64
13:16:25.0315 0x0ffc  Number of processors: 2
13:16:25.0315 0x0ffc  Page size: 0x1000
13:16:25.0315 0x0ffc  Boot type: Normal boot
13:16:25.0315 0x0ffc  ============================================================
13:16:25.0409 0x0ffc  KLMD registered as C:\Windows\system32\drivers\24042111.sys
13:16:25.0799 0x0ffc  System UUID: {A3FCC608-E535-0397-7FD6-6E658059A908}
13:16:26.0485 0x0ffc  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:16:26.0485 0x0ffc  ============================================================
13:16:26.0485 0x0ffc  \Device\Harddisk0\DR0:
13:16:26.0485 0x0ffc  MBR partitions:
13:16:26.0485 0x0ffc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
13:16:26.0485 0x0ffc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x23C8BAB0
13:16:26.0485 0x0ffc  ============================================================
13:16:26.0517 0x0ffc  C: <-> \Device\Harddisk0\DR0\Partition2
13:16:26.0517 0x0ffc  ============================================================
13:16:26.0517 0x0ffc  Initialize success
13:16:26.0517 0x0ffc  ============================================================
13:16:35.0799 0x02b4  ============================================================
13:16:35.0799 0x02b4  Scan started
13:16:35.0799 0x02b4  Mode: Manual; SigCheck; TDLFS; 
13:16:35.0799 0x02b4  ============================================================
13:16:35.0799 0x02b4  KSN ping started
13:16:38.0544 0x02b4  KSN ping finished: true
13:16:38.0981 0x02b4  ================ Scan system memory ========================
13:16:38.0981 0x02b4  System memory - ok
13:16:38.0981 0x02b4  ================ Scan services =============================
13:16:39.0184 0x02b4  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:16:39.0278 0x02b4  1394ohci - ok
13:16:39.0324 0x02b4  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
13:16:39.0356 0x02b4  ACPI - ok
13:16:39.0371 0x02b4  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
13:16:39.0387 0x02b4  AcpiPmi - ok
13:16:39.0418 0x02b4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:16:39.0434 0x02b4  adp94xx - ok
13:16:39.0465 0x02b4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:16:39.0480 0x02b4  adpahci - ok
13:16:39.0496 0x02b4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:16:39.0512 0x02b4  adpu320 - ok
13:16:39.0558 0x02b4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:16:39.0605 0x02b4  AeLookupSvc - ok
13:16:39.0636 0x02b4  [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD             C:\Windows\system32\drivers\afd.sys
13:16:39.0699 0x02b4  AFD - ok
13:16:39.0714 0x02b4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
13:16:39.0730 0x02b4  agp440 - ok
13:16:39.0761 0x02b4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:16:39.0777 0x02b4  ALG - ok
13:16:39.0792 0x02b4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
13:16:39.0808 0x02b4  aliide - ok
13:16:39.0808 0x02b4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
13:16:39.0824 0x02b4  amdide - ok
13:16:39.0839 0x02b4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:16:39.0855 0x02b4  AmdK8 - ok
13:16:39.0855 0x02b4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:16:39.0870 0x02b4  AmdPPM - ok
13:16:39.0902 0x02b4  [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
13:16:39.0917 0x02b4  amdsata - ok
13:16:39.0948 0x02b4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:16:39.0964 0x02b4  amdsbs - ok
13:16:39.0964 0x02b4  [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
13:16:39.0980 0x02b4  amdxata - ok
13:16:40.0011 0x02b4  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
13:16:40.0026 0x02b4  AppID - ok
13:16:40.0058 0x02b4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:16:40.0089 0x02b4  AppIDSvc - ok
13:16:40.0104 0x02b4  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
13:16:40.0151 0x02b4  Appinfo - ok
13:16:40.0167 0x02b4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:16:40.0182 0x02b4  arc - ok
13:16:40.0182 0x02b4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:16:40.0198 0x02b4  arcsas - ok
13:16:40.0292 0x02b4  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
13:16:40.0323 0x02b4  aswHwid - ok
13:16:40.0354 0x02b4  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:16:40.0370 0x02b4  aswMonFlt - ok
13:16:40.0385 0x02b4  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
13:16:40.0401 0x02b4  aswRdr - ok
13:16:40.0416 0x02b4  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
13:16:40.0432 0x02b4  aswRvrt - ok
13:16:40.0494 0x02b4  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:16:40.0541 0x02b4  aswSnx - ok
13:16:40.0588 0x02b4  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:16:40.0619 0x02b4  aswSP - ok
13:16:40.0635 0x02b4  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
13:16:40.0650 0x02b4  aswStm - ok
13:16:40.0650 0x02b4  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
13:16:40.0666 0x02b4  aswVmm - ok
13:16:40.0697 0x02b4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:16:40.0744 0x02b4  AsyncMac - ok
13:16:40.0775 0x02b4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
13:16:40.0791 0x02b4  atapi - ok
13:16:40.0853 0x02b4  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:16:40.0916 0x02b4  AudioEndpointBuilder - ok
13:16:40.0962 0x02b4  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:16:41.0025 0x02b4  AudioSrv - ok
13:16:41.0118 0x02b4  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:16:41.0118 0x02b4  avast! Antivirus - ok
13:16:41.0165 0x02b4  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:16:41.0196 0x02b4  AxInstSV - ok
13:16:41.0274 0x02b4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:16:41.0306 0x02b4  b06bdrv - ok
13:16:41.0337 0x02b4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:16:41.0368 0x02b4  b57nd60a - ok
13:16:41.0477 0x02b4  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
13:16:41.0540 0x02b4  BCM43XX - ok
13:16:41.0555 0x02b4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:16:41.0586 0x02b4  BDESVC - ok
13:16:41.0586 0x02b4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:16:41.0633 0x02b4  Beep - ok
13:16:41.0680 0x02b4  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
13:16:41.0742 0x02b4  BFE - ok
13:16:41.0820 0x02b4  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\system32\qmgr.dll
13:16:41.0883 0x02b4  BITS - ok
13:16:41.0914 0x02b4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:16:41.0930 0x02b4  blbdrive - ok
13:16:41.0945 0x02b4  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:16:41.0992 0x02b4  bowser - ok
13:16:42.0008 0x02b4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:16:42.0023 0x02b4  BrFiltLo - ok
13:16:42.0023 0x02b4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:16:42.0054 0x02b4  BrFiltUp - ok
13:16:42.0070 0x02b4  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:16:42.0117 0x02b4  BridgeMP - ok
13:16:42.0117 0x02b4  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
13:16:42.0164 0x02b4  Browser - ok
13:16:42.0179 0x02b4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:16:42.0210 0x02b4  Brserid - ok
13:16:42.0210 0x02b4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:16:42.0226 0x02b4  BrSerWdm - ok
13:16:42.0242 0x02b4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:16:42.0257 0x02b4  BrUsbMdm - ok
13:16:42.0257 0x02b4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:16:42.0273 0x02b4  BrUsbSer - ok
13:16:42.0288 0x02b4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:16:42.0320 0x02b4  BTHMODEM - ok
13:16:42.0335 0x02b4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:16:42.0366 0x02b4  bthserv - ok
13:16:42.0398 0x02b4  catchme - ok
13:16:42.0429 0x02b4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:16:42.0476 0x02b4  cdfs - ok
13:16:42.0507 0x02b4  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:16:42.0522 0x02b4  cdrom - ok
13:16:42.0554 0x02b4  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:16:42.0585 0x02b4  CertPropSvc - ok
13:16:42.0616 0x02b4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:16:42.0632 0x02b4  circlass - ok
13:16:42.0678 0x02b4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:16:42.0694 0x02b4  CLFS - ok
13:16:42.0756 0x02b4  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:16:42.0772 0x02b4  clr_optimization_v2.0.50727_32 - ok
13:16:42.0819 0x02b4  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:16:42.0834 0x02b4  clr_optimization_v2.0.50727_64 - ok
13:16:42.0866 0x02b4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:16:42.0897 0x02b4  CmBatt - ok
13:16:42.0912 0x02b4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
13:16:42.0928 0x02b4  cmdide - ok
13:16:42.0959 0x02b4  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:16:42.0975 0x02b4  CNG - ok
13:16:43.0006 0x02b4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:16:43.0006 0x02b4  Compbatt - ok
13:16:43.0022 0x02b4  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:16:43.0053 0x02b4  CompositeBus - ok
13:16:43.0068 0x02b4  COMSysApp - ok
13:16:43.0084 0x02b4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:16:43.0100 0x02b4  crcdisk - ok
13:16:43.0146 0x02b4  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:16:43.0193 0x02b4  CryptSvc - ok
13:16:43.0271 0x02b4  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:16:43.0334 0x02b4  DcomLaunch - ok
13:16:43.0380 0x02b4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:16:43.0443 0x02b4  defragsvc - ok
13:16:43.0505 0x02b4  [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:16:43.0552 0x02b4  DfsC - ok
13:16:43.0614 0x02b4  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:16:43.0646 0x02b4  Dhcp - ok
13:16:43.0661 0x02b4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:16:43.0692 0x02b4  discache - ok
13:16:43.0724 0x02b4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:16:43.0739 0x02b4  Disk - ok
13:16:43.0770 0x02b4  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:16:43.0802 0x02b4  Dnscache - ok
13:16:43.0817 0x02b4  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:16:43.0864 0x02b4  dot3svc - ok
13:16:43.0895 0x02b4  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
13:16:43.0942 0x02b4  DPS - ok
13:16:44.0004 0x02b4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:16:44.0051 0x02b4  drmkaud - ok
13:16:44.0114 0x02b4  [ 7CB7D2B73813CE05C7BC0F5F95D27CEC, F80AD7E946B8C8C27A0EB8A99B3A61C3F09E5442372D64EB4886D86B8D0AFCFD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:16:44.0176 0x02b4  DXGKrnl - ok
13:16:44.0223 0x02b4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:16:44.0285 0x02b4  EapHost - ok
13:16:44.0457 0x02b4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:16:44.0550 0x02b4  ebdrv - ok
13:16:44.0628 0x02b4  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
13:16:44.0644 0x02b4  EFS - ok
13:16:44.0706 0x02b4  [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:16:44.0738 0x02b4  ehRecvr - ok
13:16:44.0753 0x02b4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:16:44.0784 0x02b4  ehSched - ok
13:16:44.0800 0x02b4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:16:44.0831 0x02b4  elxstor - ok
13:16:44.0847 0x02b4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
13:16:44.0862 0x02b4  ErrDev - ok
13:16:44.0956 0x02b4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:16:45.0018 0x02b4  EventSystem - ok
13:16:45.0050 0x02b4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:16:45.0096 0x02b4  exfat - ok
13:16:45.0096 0x02b4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:16:45.0143 0x02b4  fastfat - ok
13:16:45.0174 0x02b4  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
13:16:45.0221 0x02b4  Fax - ok
13:16:45.0237 0x02b4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:16:45.0252 0x02b4  fdc - ok
13:16:45.0268 0x02b4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:16:45.0315 0x02b4  fdPHost - ok
13:16:45.0315 0x02b4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:16:45.0362 0x02b4  FDResPub - ok
13:16:45.0377 0x02b4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:16:45.0393 0x02b4  FileInfo - ok
13:16:45.0393 0x02b4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:16:45.0440 0x02b4  Filetrace - ok
13:16:45.0440 0x02b4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:16:45.0455 0x02b4  flpydisk - ok
13:16:45.0471 0x02b4  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:16:45.0486 0x02b4  FltMgr - ok
13:16:45.0580 0x02b4  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache       C:\Windows\system32\FntCache.dll
13:16:45.0658 0x02b4  FontCache - ok
13:16:45.0705 0x02b4  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:16:45.0720 0x02b4  FontCache3.0.0.0 - ok
13:16:45.0736 0x02b4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:16:45.0752 0x02b4  FsDepends - ok
13:16:45.0752 0x02b4  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:16:45.0783 0x02b4  Fs_Rec - ok
13:16:45.0814 0x02b4  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:16:45.0845 0x02b4  fvevol - ok
13:16:45.0876 0x02b4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:16:45.0892 0x02b4  gagp30kx - ok
13:16:45.0954 0x02b4  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:16:46.0017 0x02b4  gpsvc - ok
13:16:46.0173 0x02b4  [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service    C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
13:16:46.0204 0x02b4  Greg_Service - ok
13:16:46.0266 0x02b4  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:16:46.0282 0x02b4  gupdate - ok
13:16:46.0313 0x02b4  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:16:46.0329 0x02b4  gupdatem - ok
13:16:46.0360 0x02b4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:16:46.0391 0x02b4  hcw85cir - ok
13:16:46.0438 0x02b4  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:16:46.0469 0x02b4  HdAudAddService - ok
13:16:46.0485 0x02b4  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:16:46.0500 0x02b4  HDAudBus - ok
13:16:46.0532 0x02b4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:16:46.0547 0x02b4  HidBatt - ok
13:16:46.0547 0x02b4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:16:46.0563 0x02b4  HidBth - ok
13:16:46.0578 0x02b4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:16:46.0594 0x02b4  HidIr - ok
13:16:46.0625 0x02b4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
13:16:46.0656 0x02b4  hidserv - ok
13:16:46.0719 0x02b4  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:16:46.0750 0x02b4  HidUsb - ok
13:16:46.0812 0x02b4  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:16:46.0890 0x02b4  hkmsvc - ok
13:16:46.0906 0x02b4  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:16:46.0937 0x02b4  HomeGroupListener - ok
13:16:47.0000 0x02b4  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:16:47.0015 0x02b4  HomeGroupProvider - ok
13:16:47.0015 0x02b4  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
13:16:47.0031 0x02b4  HpSAMD - ok
13:16:47.0140 0x02b4  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:16:47.0234 0x02b4  HTTP - ok
13:16:47.0234 0x02b4  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:16:47.0249 0x02b4  hwpolicy - ok
13:16:47.0265 0x02b4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:16:47.0280 0x02b4  i8042prt - ok
13:16:47.0358 0x02b4  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
13:16:47.0374 0x02b4  IAANTMON - ok
13:16:47.0405 0x02b4  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:16:47.0421 0x02b4  iaStor - ok
13:16:47.0452 0x02b4  [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
13:16:47.0468 0x02b4  iaStorV - ok
13:16:47.0561 0x02b4  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:16:47.0592 0x02b4  idsvc - ok
13:16:47.0858 0x02b4  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:16:48.0045 0x02b4  igfx - ok
13:16:48.0123 0x02b4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:16:48.0138 0x02b4  iirsp - ok
13:16:48.0201 0x02b4  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
13:16:48.0263 0x02b4  IKEEXT - ok
13:16:48.0279 0x02b4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:16:48.0294 0x02b4  intelide - ok
13:16:48.0310 0x02b4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:16:48.0326 0x02b4  intelppm - ok
13:16:48.0341 0x02b4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:16:48.0372 0x02b4  IPBusEnum - ok
13:16:48.0388 0x02b4  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:16:48.0419 0x02b4  IpFilterDriver - ok
13:16:48.0450 0x02b4  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:16:48.0513 0x02b4  iphlpsvc - ok
13:16:48.0513 0x02b4  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:16:48.0528 0x02b4  IPMIDRV - ok
13:16:48.0544 0x02b4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:16:48.0591 0x02b4  IPNAT - ok
13:16:48.0622 0x02b4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:16:48.0669 0x02b4  IRENUM - ok
13:16:48.0669 0x02b4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
13:16:48.0684 0x02b4  isapnp - ok
13:16:48.0747 0x02b4  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:16:48.0778 0x02b4  iScsiPrt - ok
13:16:48.0840 0x02b4  [ 249EE2D26CB1530F3BEDE0AC8B9E3099, 6EBF72DCCDC1EFCD9FE712B895D61359F46C2AF41F1EC47A3C486E79AA1BC026 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
13:16:48.0872 0x02b4  k57nd60a - ok
13:16:48.0887 0x02b4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:16:48.0903 0x02b4  kbdclass - ok
13:16:48.0934 0x02b4  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:16:48.0950 0x02b4  kbdhid - ok
13:16:48.0965 0x02b4  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
13:16:48.0981 0x02b4  KeyIso - ok
13:16:48.0981 0x02b4  [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:16:48.0996 0x02b4  KSecDD - ok
13:16:49.0012 0x02b4  [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:16:49.0012 0x02b4  KSecPkg - ok
13:16:49.0043 0x02b4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:16:49.0074 0x02b4  ksthunk - ok
13:16:49.0137 0x02b4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:16:49.0199 0x02b4  KtmRm - ok
13:16:49.0246 0x02b4  [ 2AC603C3188C704CFCE353659AA7AD71, 0DAC2E8858221145FA35883BAE0D6484E60EB624158DE9F063FF209951CD1CDF ] L1E             C:\Windows\system32\DRIVERS\L1E62x64.sys
13:16:49.0262 0x02b4  L1E - ok
13:16:49.0293 0x02b4  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:16:49.0308 0x02b4  LanmanServer - ok
13:16:49.0355 0x02b4  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:16:49.0418 0x02b4  LanmanWorkstation - ok
13:16:49.0449 0x02b4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:16:49.0480 0x02b4  lltdio - ok
13:16:49.0574 0x02b4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:16:49.0636 0x02b4  lltdsvc - ok
13:16:49.0667 0x02b4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:16:49.0698 0x02b4  lmhosts - ok
13:16:49.0745 0x02b4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:16:49.0761 0x02b4  LSI_FC - ok
13:16:49.0776 0x02b4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:16:49.0792 0x02b4  LSI_SAS - ok
13:16:49.0792 0x02b4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:16:49.0808 0x02b4  LSI_SAS2 - ok
13:16:49.0823 0x02b4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:16:49.0839 0x02b4  LSI_SCSI - ok
13:16:49.0854 0x02b4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:16:49.0901 0x02b4  luafv - ok
13:16:49.0964 0x02b4  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:16:49.0995 0x02b4  Mcx2Svc - ok
13:16:49.0995 0x02b4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:16:50.0010 0x02b4  megasas - ok
13:16:50.0026 0x02b4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:16:50.0042 0x02b4  MegaSR - ok
13:16:50.0057 0x02b4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:16:50.0104 0x02b4  MMCSS - ok
13:16:50.0135 0x02b4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:16:50.0166 0x02b4  Modem - ok
13:16:50.0182 0x02b4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:16:50.0213 0x02b4  monitor - ok
13:16:50.0276 0x02b4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:16:50.0291 0x02b4  mouclass - ok
13:16:50.0307 0x02b4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:16:50.0322 0x02b4  mouhid - ok
13:16:50.0338 0x02b4  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:16:50.0354 0x02b4  mountmgr - ok
13:16:50.0369 0x02b4  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
13:16:50.0385 0x02b4  mpio - ok
13:16:50.0400 0x02b4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:16:50.0432 0x02b4  mpsdrv - ok
13:16:50.0494 0x02b4  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:16:50.0556 0x02b4  MpsSvc - ok
13:16:50.0572 0x02b4  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:16:50.0588 0x02b4  MRxDAV - ok
13:16:50.0619 0x02b4  [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:16:50.0650 0x02b4  mrxsmb - ok
13:16:50.0666 0x02b4  [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:16:50.0712 0x02b4  mrxsmb10 - ok
13:16:50.0744 0x02b4  [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:16:50.0806 0x02b4  mrxsmb20 - ok
13:16:50.0806 0x02b4  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
13:16:50.0822 0x02b4  msahci - ok
13:16:50.0822 0x02b4  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
13:16:50.0837 0x02b4  msdsm - ok
13:16:50.0868 0x02b4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:16:50.0884 0x02b4  MSDTC - ok
13:16:50.0900 0x02b4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:16:50.0931 0x02b4  Msfs - ok
13:16:50.0962 0x02b4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:16:50.0993 0x02b4  mshidkmdf - ok
13:16:51.0009 0x02b4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
13:16:51.0009 0x02b4  msisadrv - ok
13:16:51.0071 0x02b4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:16:51.0134 0x02b4  MSiSCSI - ok
13:16:51.0134 0x02b4  msiserver - ok
13:16:51.0165 0x02b4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:16:51.0212 0x02b4  MSKSSRV - ok
13:16:51.0227 0x02b4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:16:51.0258 0x02b4  MSPCLOCK - ok
13:16:51.0305 0x02b4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:16:51.0368 0x02b4  MSPQM - ok
13:16:51.0383 0x02b4  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:16:51.0399 0x02b4  MsRPC - ok
13:16:51.0414 0x02b4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:16:51.0430 0x02b4  mssmbios - ok
13:16:51.0430 0x02b4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:16:51.0461 0x02b4  MSTEE - ok
13:16:51.0492 0x02b4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:16:51.0492 0x02b4  MTConfig - ok
13:16:51.0524 0x02b4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:16:51.0524 0x02b4  Mup - ok
13:16:51.0586 0x02b4  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
13:16:51.0633 0x02b4  napagent - ok
13:16:51.0680 0x02b4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:16:51.0695 0x02b4  NativeWifiP - ok
13:16:51.0773 0x02b4  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:16:51.0804 0x02b4  NDIS - ok
13:16:51.0820 0x02b4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:16:51.0867 0x02b4  NdisCap - ok
13:16:51.0882 0x02b4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:16:51.0914 0x02b4  NdisTapi - ok
13:16:51.0929 0x02b4  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:16:51.0960 0x02b4  Ndisuio - ok
13:16:51.0976 0x02b4  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:16:52.0023 0x02b4  NdisWan - ok
13:16:52.0023 0x02b4  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:16:52.0054 0x02b4  NDProxy - ok
13:16:52.0241 0x02b4  [ B90E093E7A7250906F1054418B5339C0, F9A0BAC5B4B29F14B5CACA1047F8928A495EFD56E485492BF71C856B296476D6 ] Nero BackItUp Scheduler 4.0 c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
13:16:52.0272 0x02b4  Nero BackItUp Scheduler 4.0 - ok
13:16:52.0319 0x02b4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:16:52.0382 0x02b4  NetBIOS - ok
13:16:52.0413 0x02b4  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:16:52.0460 0x02b4  NetBT - ok
13:16:52.0475 0x02b4  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
13:16:52.0506 0x02b4  Netlogon - ok
13:16:52.0538 0x02b4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:16:52.0584 0x02b4  Netman - ok
13:16:52.0600 0x02b4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:16:52.0662 0x02b4  netprofm - ok
13:16:52.0678 0x02b4  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:16:52.0694 0x02b4  NetTcpPortSharing - ok
13:16:52.0943 0x02b4  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
13:16:53.0115 0x02b4  netw5v64 - ok
13:16:53.0130 0x02b4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:16:53.0146 0x02b4  nfrd960 - ok
13:16:53.0208 0x02b4  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:16:53.0286 0x02b4  NlaSvc - ok
13:16:53.0286 0x02b4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:16:53.0333 0x02b4  Npfs - ok
13:16:53.0364 0x02b4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:16:53.0427 0x02b4  nsi - ok
13:16:53.0442 0x02b4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:16:53.0474 0x02b4  nsiproxy - ok
13:16:53.0552 0x02b4  [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:16:53.0614 0x02b4  Ntfs - ok
13:16:53.0676 0x02b4  [ 70E3EB0CEF795D348F05E5A9B115F491, F62FF02A34416E027BDE57DD54C436CE29CB83758B9DAB24BD6E042BB6A335B8 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
13:16:53.0692 0x02b4  NTI IScheduleSvc - ok
13:16:53.0708 0x02b4  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
13:16:53.0723 0x02b4  NTIDrvr - ok
13:16:53.0739 0x02b4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:16:53.0770 0x02b4  Null - ok
13:16:53.0786 0x02b4  [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
13:16:53.0801 0x02b4  nvraid - ok
13:16:53.0801 0x02b4  [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
13:16:53.0817 0x02b4  nvstor - ok
13:16:53.0848 0x02b4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
13:16:53.0864 0x02b4  nv_agp - ok
13:16:53.0957 0x02b4  [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:16:53.0988 0x02b4  odserv - ok
13:16:54.0004 0x02b4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:16:54.0020 0x02b4  ohci1394 - ok
13:16:54.0066 0x02b4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:16:54.0082 0x02b4  ose - ok
13:16:54.0129 0x02b4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:16:54.0176 0x02b4  p2pimsvc - ok
13:16:54.0207 0x02b4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:16:54.0238 0x02b4  p2psvc - ok
13:16:54.0254 0x02b4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:16:54.0269 0x02b4  Parport - ok
13:16:54.0300 0x02b4  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:16:54.0300 0x02b4  partmgr - ok
13:16:54.0316 0x02b4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:16:54.0347 0x02b4  PcaSvc - ok
13:16:54.0363 0x02b4  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
13:16:54.0378 0x02b4  pci - ok
13:16:54.0378 0x02b4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
13:16:54.0394 0x02b4  pciide - ok
13:16:54.0410 0x02b4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:16:54.0425 0x02b4  pcmcia - ok
13:16:54.0441 0x02b4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:16:54.0456 0x02b4  pcw - ok
13:16:54.0488 0x02b4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:16:54.0550 0x02b4  PEAUTH - ok
13:16:54.0612 0x02b4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:16:54.0644 0x02b4  PerfHost - ok
13:16:54.0722 0x02b4  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
13:16:54.0800 0x02b4  pla - ok
13:16:54.0846 0x02b4  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:16:54.0909 0x02b4  PlugPlay - ok
13:16:54.0924 0x02b4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:16:54.0940 0x02b4  PNRPAutoReg - ok
13:16:54.0956 0x02b4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:16:54.0987 0x02b4  PNRPsvc - ok
13:16:55.0034 0x02b4  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:16:55.0096 0x02b4  PolicyAgent - ok
13:16:55.0096 0x02b4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:16:55.0143 0x02b4  Power - ok
13:16:55.0190 0x02b4  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:16:55.0221 0x02b4  PptpMiniport - ok
13:16:55.0252 0x02b4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:16:55.0268 0x02b4  Processor - ok
13:16:55.0299 0x02b4  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
13:16:55.0346 0x02b4  ProfSvc - ok
13:16:55.0361 0x02b4  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:16:55.0377 0x02b4  ProtectedStorage - ok
13:16:55.0408 0x02b4  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:16:55.0439 0x02b4  Psched - ok
13:16:55.0533 0x02b4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:16:55.0580 0x02b4  ql2300 - ok
13:16:55.0595 0x02b4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:16:55.0611 0x02b4  ql40xx - ok
13:16:55.0642 0x02b4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:16:55.0658 0x02b4  QWAVE - ok
13:16:55.0673 0x02b4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:16:55.0689 0x02b4  QWAVEdrv - ok
13:16:55.0704 0x02b4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:16:55.0736 0x02b4  RasAcd - ok
13:16:55.0767 0x02b4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:16:55.0798 0x02b4  RasAgileVpn - ok
13:16:55.0814 0x02b4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:16:55.0860 0x02b4  RasAuto - ok
13:16:55.0876 0x02b4  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:16:55.0907 0x02b4  Rasl2tp - ok
13:16:55.0938 0x02b4  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
13:16:55.0985 0x02b4  RasMan - ok
13:16:56.0001 0x02b4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:16:56.0048 0x02b4  RasPppoe - ok
13:16:56.0048 0x02b4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:16:56.0094 0x02b4  RasSstp - ok
13:16:56.0110 0x02b4  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:16:56.0157 0x02b4  rdbss - ok
13:16:56.0172 0x02b4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:16:56.0188 0x02b4  rdpbus - ok
13:16:56.0204 0x02b4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:16:56.0235 0x02b4  RDPCDD - ok
13:16:56.0266 0x02b4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:16:56.0313 0x02b4  RDPENCDD - ok
13:16:56.0313 0x02b4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:16:56.0360 0x02b4  RDPREFMP - ok
13:16:56.0360 0x02b4  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:16:56.0406 0x02b4  RDPWD - ok
13:16:56.0422 0x02b4  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:16:56.0438 0x02b4  rdyboost - ok
13:16:56.0469 0x02b4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:16:56.0500 0x02b4  RemoteAccess - ok
13:16:56.0531 0x02b4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:16:56.0594 0x02b4  RemoteRegistry - ok
13:16:56.0609 0x02b4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:16:56.0640 0x02b4  RpcEptMapper - ok
13:16:56.0672 0x02b4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:16:56.0687 0x02b4  RpcLocator - ok
13:16:56.0718 0x02b4  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
13:16:56.0781 0x02b4  RpcSs - ok
13:16:56.0781 0x02b4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:16:56.0828 0x02b4  rspndr - ok
13:16:56.0874 0x02b4  [ 2DB8116D52B19216812C4E6D5D837810, 00A524FF80DE69B6B6CA767C90723E833891C006AB43E65A1F6F14C38B8F2427 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
13:16:56.0906 0x02b4  RSUSBSTOR - ok
13:16:56.0921 0x02b4  RtsUIR - ok
13:16:56.0937 0x02b4  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
13:16:56.0952 0x02b4  SamSs - ok
13:16:56.0968 0x02b4  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
13:16:56.0984 0x02b4  sbp2port - ok
13:16:56.0999 0x02b4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:16:57.0046 0x02b4  SCardSvr - ok
13:16:57.0046 0x02b4  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:16:57.0093 0x02b4  scfilter - ok
13:16:57.0140 0x02b4  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule        C:\Windows\system32\schedsvc.dll
13:16:57.0218 0x02b4  Schedule - ok
13:16:57.0249 0x02b4  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:16:57.0280 0x02b4  SCPolicySvc - ok
13:16:57.0311 0x02b4  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:16:57.0327 0x02b4  SDRSVC - ok
13:16:57.0342 0x02b4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:16:57.0389 0x02b4  secdrv - ok
13:16:57.0405 0x02b4  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
13:16:57.0452 0x02b4  seclogon - ok
13:16:57.0467 0x02b4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
13:16:57.0514 0x02b4  SENS - ok
13:16:57.0530 0x02b4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:16:57.0545 0x02b4  SensrSvc - ok
13:16:57.0576 0x02b4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:16:57.0576 0x02b4  Serenum - ok
13:16:57.0608 0x02b4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:16:57.0623 0x02b4  Serial - ok
13:16:57.0639 0x02b4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:16:57.0654 0x02b4  sermouse - ok
13:16:57.0670 0x02b4  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:16:57.0717 0x02b4  SessionEnv - ok
13:16:57.0717 0x02b4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
13:16:57.0732 0x02b4  sffdisk - ok
13:16:57.0732 0x02b4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:16:57.0748 0x02b4  sffp_mmc - ok
13:16:57.0764 0x02b4  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
13:16:57.0779 0x02b4  sffp_sd - ok
13:16:57.0779 0x02b4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:16:57.0795 0x02b4  sfloppy - ok
13:16:57.0826 0x02b4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:16:57.0873 0x02b4  SharedAccess - ok
13:16:57.0904 0x02b4  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:16:57.0935 0x02b4  ShellHWDetection - ok
13:16:57.0951 0x02b4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:16:57.0966 0x02b4  SiSRaid2 - ok
13:16:57.0966 0x02b4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:16:57.0982 0x02b4  SiSRaid4 - ok
13:16:58.0013 0x02b4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:16:58.0044 0x02b4  Smb - ok
13:16:58.0076 0x02b4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:16:58.0091 0x02b4  SNMPTRAP - ok
13:16:58.0091 0x02b4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:16:58.0107 0x02b4  spldr - ok
13:16:58.0169 0x02b4  [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler         C:\Windows\System32\spoolsv.exe
13:16:58.0216 0x02b4  Spooler - ok
13:16:58.0388 0x02b4  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
13:16:58.0512 0x02b4  sppsvc - ok
13:16:58.0528 0x02b4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:16:58.0559 0x02b4  sppuinotify - ok
13:16:58.0622 0x02b4  [ DE6F5658DA951C4BC8E498570B5B0D5F, 85A0B72F8B871EF768CD898B53D6AD83C334CC65F00736F2828C472DBA4C67D6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:16:58.0653 0x02b4  srv - ok
13:16:58.0700 0x02b4  [ 4D33D59C0B930C523D29F9BD40CDA9D2, CF8BB6BD4F3C4A707D059EA43E56C65590CF022DB699B0213E8E99F47467ED77 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:16:58.0731 0x02b4  srv2 - ok
13:16:58.0762 0x02b4  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:16:58.0793 0x02b4  SrvHsfHDA - ok
13:16:58.0918 0x02b4  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:16:58.0965 0x02b4  SrvHsfV92 - ok
13:16:58.0996 0x02b4  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:16:59.0043 0x02b4  SrvHsfWinac - ok
13:16:59.0058 0x02b4  [ 5A663FD67049267BC5C3F3279E631FFB, ED1DD8829C082126B971242BCCA55073B2EC2895307EA5581798DE1CBF43FC5D ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:16:59.0074 0x02b4  srvnet - ok
13:16:59.0105 0x02b4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:16:59.0136 0x02b4  SSDPSRV - ok
13:16:59.0152 0x02b4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:16:59.0199 0x02b4  SstpSvc - ok
13:16:59.0214 0x02b4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:16:59.0230 0x02b4  stexstor - ok
13:16:59.0277 0x02b4  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
13:16:59.0324 0x02b4  stisvc - ok
13:16:59.0339 0x02b4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:16:59.0339 0x02b4  swenum - ok
13:16:59.0370 0x02b4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:16:59.0433 0x02b4  swprv - ok
13:16:59.0511 0x02b4  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
13:16:59.0573 0x02b4  SysMain - ok
13:16:59.0604 0x02b4  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:16:59.0620 0x02b4  TabletInputService - ok
13:16:59.0636 0x02b4  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:16:59.0682 0x02b4  TapiSrv - ok
13:16:59.0698 0x02b4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:16:59.0745 0x02b4  TBS - ok
13:16:59.0854 0x02b4  [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:16:59.0901 0x02b4  Tcpip - ok
13:17:00.0026 0x02b4  [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:17:00.0088 0x02b4  TCPIP6 - ok
13:17:00.0104 0x02b4  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:17:00.0150 0x02b4  tcpipreg - ok
13:17:00.0166 0x02b4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:17:00.0213 0x02b4  TDPIPE - ok
13:17:00.0213 0x02b4  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:17:00.0244 0x02b4  TDTCP - ok
13:17:00.0275 0x02b4  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:17:00.0306 0x02b4  tdx - ok
13:17:00.0322 0x02b4  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:17:00.0322 0x02b4  TermDD - ok
13:17:00.0369 0x02b4  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
13:17:00.0431 0x02b4  TermService - ok
13:17:00.0431 0x02b4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:17:00.0447 0x02b4  Themes - ok
13:17:00.0462 0x02b4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:17:00.0509 0x02b4  THREADORDER - ok
13:17:00.0525 0x02b4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:17:00.0572 0x02b4  TrkWks - ok
13:17:00.0618 0x02b4  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:17:00.0650 0x02b4  TrustedInstaller - ok
13:17:00.0665 0x02b4  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:17:00.0712 0x02b4  tssecsrv - ok
13:17:00.0743 0x02b4  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:17:00.0790 0x02b4  tunnel - ok
13:17:00.0806 0x02b4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:17:00.0821 0x02b4  uagp35 - ok
13:17:00.0852 0x02b4  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
13:17:00.0868 0x02b4  UBHelper - ok
13:17:00.0884 0x02b4  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:17:00.0930 0x02b4  udfs - ok
13:17:00.0977 0x02b4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:17:00.0993 0x02b4  UI0Detect - ok
13:17:01.0008 0x02b4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
13:17:01.0024 0x02b4  uliagpkx - ok
13:17:01.0040 0x02b4  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:17:01.0055 0x02b4  umbus - ok
13:17:01.0071 0x02b4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:17:01.0086 0x02b4  UmPass - ok
13:17:01.0180 0x02b4  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
13:17:01.0196 0x02b4  Updater Service - ok
13:17:01.0242 0x02b4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:17:01.0305 0x02b4  upnphost - ok
13:17:01.0320 0x02b4  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:17:01.0336 0x02b4  usbccgp - ok
13:17:01.0352 0x02b4  USBCCID - ok
13:17:01.0383 0x02b4  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
13:17:01.0398 0x02b4  usbcir - ok
13:17:01.0414 0x02b4  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:17:01.0430 0x02b4  usbehci - ok
13:17:01.0461 0x02b4  [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:17:01.0476 0x02b4  usbhub - ok
13:17:01.0508 0x02b4  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:17:01.0523 0x02b4  usbohci - ok
13:17:01.0539 0x02b4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:17:01.0554 0x02b4  usbprint - ok
13:17:01.0570 0x02b4  [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:17:01.0586 0x02b4  USBSTOR - ok
13:17:01.0586 0x02b4  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:17:01.0601 0x02b4  usbuhci - ok
13:17:01.0632 0x02b4  [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
13:17:01.0648 0x02b4  usbvideo - ok
13:17:01.0679 0x02b4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:17:01.0726 0x02b4  UxSms - ok
13:17:01.0726 0x02b4  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
13:17:01.0742 0x02b4  VaultSvc - ok
13:17:01.0773 0x02b4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
13:17:01.0773 0x02b4  vdrvroot - ok
13:17:01.0804 0x02b4  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
13:17:01.0835 0x02b4  vds - ok
13:17:01.0851 0x02b4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:17:01.0866 0x02b4  vga - ok
13:17:01.0866 0x02b4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:17:01.0913 0x02b4  VgaSave - ok
13:17:01.0929 0x02b4  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
13:17:01.0944 0x02b4  vhdmp - ok
13:17:01.0944 0x02b4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
13:17:01.0960 0x02b4  viaide - ok
13:17:01.0976 0x02b4  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
13:17:01.0976 0x02b4  volmgr - ok
13:17:01.0991 0x02b4  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:17:02.0007 0x02b4  volmgrx - ok
13:17:02.0054 0x02b4  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
13:17:02.0069 0x02b4  volsnap - ok
13:17:02.0085 0x02b4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:17:02.0085 0x02b4  vsmraid - ok
13:17:02.0194 0x02b4  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
13:17:02.0272 0x02b4  VSS - ok
13:17:02.0288 0x02b4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:17:02.0303 0x02b4  vwifibus - ok
13:17:02.0303 0x02b4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:17:02.0319 0x02b4  vwififlt - ok
13:17:02.0334 0x02b4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:17:02.0381 0x02b4  W32Time - ok
13:17:02.0397 0x02b4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:17:02.0412 0x02b4  WacomPen - ok
13:17:02.0412 0x02b4  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:17:02.0459 0x02b4  WANARP - ok
13:17:02.0459 0x02b4  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:17:02.0506 0x02b4  Wanarpv6 - ok
13:17:02.0568 0x02b4  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
13:17:02.0631 0x02b4  wbengine - ok
13:17:02.0646 0x02b4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:17:02.0678 0x02b4  WbioSrvc - ok
13:17:02.0693 0x02b4  [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:17:02.0724 0x02b4  wcncsvc - ok
13:17:02.0724 0x02b4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:17:02.0740 0x02b4  WcsPlugInService - ok
13:17:02.0756 0x02b4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:17:02.0756 0x02b4  Wd - ok
13:17:02.0802 0x02b4  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:17:02.0818 0x02b4  Wdf01000 - ok
13:17:02.0849 0x02b4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:17:02.0880 0x02b4  WdiServiceHost - ok
13:17:02.0880 0x02b4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:17:02.0896 0x02b4  WdiSystemHost - ok
13:17:02.0927 0x02b4  [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient       C:\Windows\System32\webclnt.dll
13:17:02.0958 0x02b4  WebClient - ok
13:17:02.0974 0x02b4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:17:03.0021 0x02b4  Wecsvc - ok
13:17:03.0036 0x02b4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:17:03.0083 0x02b4  wercplsupport - ok
13:17:03.0083 0x02b4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:17:03.0130 0x02b4  WerSvc - ok
13:17:03.0146 0x02b4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:17:03.0177 0x02b4  WfpLwf - ok
13:17:03.0192 0x02b4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:17:03.0208 0x02b4  WIMMount - ok
13:17:03.0239 0x02b4  WinDefend - ok
13:17:03.0239 0x02b4  WinHttpAutoProxySvc - ok
13:17:03.0286 0x02b4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:17:03.0333 0x02b4  Winmgmt - ok
13:17:03.0411 0x02b4  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:17:03.0504 0x02b4  WinRM - ok
13:17:03.0582 0x02b4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:17:03.0629 0x02b4  Wlansvc - ok
13:17:03.0754 0x02b4  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:17:03.0832 0x02b4  wlidsvc - ok
13:17:03.0848 0x02b4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:17:03.0863 0x02b4  WmiAcpi - ok
13:17:03.0894 0x02b4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:17:03.0926 0x02b4  wmiApSrv - ok
13:17:03.0941 0x02b4  WMPNetworkSvc - ok
13:17:03.0941 0x02b4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:17:03.0957 0x02b4  WPCSvc - ok
13:17:03.0972 0x02b4  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:17:04.0004 0x02b4  WPDBusEnum - ok
13:17:04.0004 0x02b4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:17:04.0035 0x02b4  ws2ifsl - ok
13:17:04.0066 0x02b4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
13:17:04.0082 0x02b4  wscsvc - ok
13:17:04.0097 0x02b4  WSearch - ok
13:17:04.0222 0x02b4  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:17:04.0300 0x02b4  wuauserv - ok
13:17:04.0300 0x02b4  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:17:04.0347 0x02b4  WudfPf - ok
13:17:04.0394 0x02b4  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:17:04.0425 0x02b4  WUDFRd - ok
13:17:04.0440 0x02b4  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:17:04.0487 0x02b4  wudfsvc - ok
13:17:04.0518 0x02b4  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:17:04.0534 0x02b4  WwanSvc - ok
13:17:04.0565 0x02b4  ================ Scan global ===============================
13:17:04.0596 0x02b4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:17:04.0612 0x02b4  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:17:04.0643 0x02b4  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:17:04.0690 0x02b4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:17:04.0737 0x02b4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:17:04.0752 0x02b4  [ Global ] - ok
13:17:04.0752 0x02b4  ================ Scan MBR ==================================
13:17:04.0768 0x02b4  [ 6F9A1D528242BC09104B85E0BECF5554 ] \Device\Harddisk0\DR0
13:17:04.0768 0x02b4  Suspicious mbr (Forged): \Device\Harddisk0\DR0
13:17:04.0799 0x02b4  \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a ( 0 )
13:17:04.0799 0x02b4  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
13:17:07.0342 0x02b4  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
13:17:07.0342 0x02b4  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:17:09.0807 0x02b4  ================ Scan VBR ==================================
13:17:09.0854 0x02b4  [ B174AFC39A623B210D60097C7612F662 ] \Device\Harddisk0\DR0\Partition1
13:17:09.0854 0x02b4  \Device\Harddisk0\DR0\Partition1 - ok
13:17:09.0869 0x02b4  [ 18C0B26F5F38EF7B395DCB1150BF9A01 ] \Device\Harddisk0\DR0\Partition2
13:17:09.0869 0x02b4  \Device\Harddisk0\DR0\Partition2 - ok
13:17:09.0869 0x02b4  ================ Scan generic autorun ======================
13:17:09.0932 0x02b4  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
13:17:09.0947 0x02b4  IAAnotif - ok
13:17:10.0010 0x02b4  [ 452FA961163EF4AEE4815796A13AB2CF, 14DC422082F96F5C21C41A5E5F6E8445547CC4B02B18F0A86A34669CA2CE18A7 ] c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
13:17:10.0010 0x02b4  Adobe Reader Speed Launcher - ok
13:17:10.0056 0x02b4  [ 5AEA1DB5490429EEB0989A0CE2A52D5E, E854757921398BFDE6F2E1F4359CBDFCEEE36B645F435D4D039DF73669E488BF ] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
13:17:10.0088 0x02b4  BackupManagerTray - ok
13:17:10.0306 0x02b4  [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
13:17:10.0415 0x02b4  AvastUI.exe - ok
13:17:10.0431 0x02b4  Waiting for KSN requests completion. In queue: 313
13:17:11.0445 0x02b4  Waiting for KSN requests completion. In queue: 4
13:17:12.0459 0x02b4  Waiting for KSN requests completion. In queue: 4
13:17:13.0488 0x02b4  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
13:17:13.0504 0x02b4  Win FW state via NFP2: enabled
13:17:18.0980 0x02b4  ============================================================
13:17:18.0980 0x02b4  Scan finished
13:17:18.0980 0x02b4  ============================================================
13:17:18.0980 0x0ec4  Detected object count: 2
13:17:18.0980 0x0ec4  Actual detected object count: 2
13:17:38.0074 0x0ec4  \Device\Harddisk0\DR0\# - copied to quarantine
13:17:38.0090 0x0ec4  \Device\Harddisk0\DR0 - copied to quarantine
13:17:38.0121 0x0ec4  \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
13:17:38.0121 0x0ec4  \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
13:17:38.0136 0x0ec4  \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
13:17:38.0136 0x0ec4  \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
13:17:38.0136 0x0ec4  \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
13:17:41.0834 0x0ec4  \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
13:17:41.0885 0x0ec4  \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
13:17:41.0916 0x0ec4  \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
13:17:41.0959 0x0ec4  \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
13:17:41.0999 0x0ec4  \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
13:17:42.0078 0x0ec4  \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
13:17:42.0129 0x0ec4  \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
13:17:42.0161 0x0ec4  \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
13:17:42.0171 0x0ec4  \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
13:17:42.0171 0x0ec4  \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
13:17:42.0197 0x0ec4  \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
13:17:42.0220 0x0ec4  \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
13:17:42.0222 0x0ec4  \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
13:17:42.0464 0x0ec4  \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
13:17:42.0504 0x0ec4  \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
13:17:42.0604 0x0ec4  \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
13:17:42.0688 0x0ec4  \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
13:17:42.0772 0x0ec4  \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
13:17:42.0805 0x0ec4  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - will be cured on reboot
13:17:42.0835 0x0ec4  \Device\Harddisk0\DR0 - ok
13:17:43.0045 0x0ec4  \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure 
13:17:43.0045 0x0ec4  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:17:43.0045 0x0ec4  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
13:17:43.0115 0x0ec4  KLMD registered as C:\Windows\system32\drivers\89189726.sys
13:18:29.0632 0x0938  Deinitialize success
 
 
log of 13.19 after rebooting
 
13:19:46.0758 0x0b50  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:19:48.0770 0x0b50  ============================================================
13:19:48.0770 0x0b50  Current date / time: 2014/09/05 13:19:48.0770
13:19:48.0770 0x0b50  SystemInfo:
13:19:48.0770 0x0b50  
13:19:48.0770 0x0b50  OS Version: 6.1.7600 ServicePack: 0.0
13:19:48.0770 0x0b50  Product type: Workstation
13:19:48.0770 0x0b50  ComputerName: MISA-PC
13:19:48.0770 0x0b50  UserName: Misa
13:19:48.0770 0x0b50  Windows directory: C:\Windows
13:19:48.0770 0x0b50  System windows directory: C:\Windows
13:19:48.0770 0x0b50  Running under WOW64
13:19:48.0770 0x0b50  Processor architecture: Intel x64
13:19:48.0770 0x0b50  Number of processors: 2
13:19:48.0770 0x0b50  Page size: 0x1000
13:19:48.0770 0x0b50  Boot type: Normal boot
13:19:48.0770 0x0b50  ============================================================
13:19:48.0770 0x0b50  BG loaded
13:19:49.0129 0x0b50  System UUID: {A3FCC608-E535-0397-7FD6-6E658059A908}
13:19:50.0377 0x0b50  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:19:50.0393 0x0b50  ============================================================
13:19:50.0393 0x0b50  \Device\Harddisk0\DR0:
13:19:50.0393 0x0b50  MBR partitions:
13:19:50.0393 0x0b50  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
13:19:50.0393 0x0b50  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x23C8BAB0
13:19:50.0393 0x0b50  ============================================================
13:19:50.0564 0x0b50  C: <-> \Device\Harddisk0\DR0\Partition2
13:19:50.0564 0x0b50  ============================================================
13:19:50.0564 0x0b50  Initialize success
13:19:50.0564 0x0b50  ============================================================
 
 


#10 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:37 AM

Posted 05 September 2014 - 06:27 AM

a popup window of kaspersky asking me to start scan.

Start the scan and post the resulting log file.

#11 wsht

wsht
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 05 September 2014 - 06:30 AM

no threats found. 

 

13:19:46.0758 0x0b50  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
13:19:48.0770 0x0b50  ============================================================
13:19:48.0770 0x0b50  Current date / time: 2014/09/05 13:19:48.0770
13:19:48.0770 0x0b50  SystemInfo:
13:19:48.0770 0x0b50  
13:19:48.0770 0x0b50  OS Version: 6.1.7600 ServicePack: 0.0
13:19:48.0770 0x0b50  Product type: Workstation
13:19:48.0770 0x0b50  ComputerName: MISA-PC
13:19:48.0770 0x0b50  UserName: Misa
13:19:48.0770 0x0b50  Windows directory: C:\Windows
13:19:48.0770 0x0b50  System windows directory: C:\Windows
13:19:48.0770 0x0b50  Running under WOW64
13:19:48.0770 0x0b50  Processor architecture: Intel x64
13:19:48.0770 0x0b50  Number of processors: 2
13:19:48.0770 0x0b50  Page size: 0x1000
13:19:48.0770 0x0b50  Boot type: Normal boot
13:19:48.0770 0x0b50  ============================================================
13:19:48.0770 0x0b50  BG loaded
13:19:49.0129 0x0b50  System UUID: {A3FCC608-E535-0397-7FD6-6E658059A908}
13:19:50.0377 0x0b50  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:19:50.0393 0x0b50  ============================================================
13:19:50.0393 0x0b50  \Device\Harddisk0\DR0:
13:19:50.0393 0x0b50  MBR partitions:
13:19:50.0393 0x0b50  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x32000
13:19:50.0393 0x0b50  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17A2800, BlocksNum 0x23C8BAB0
13:19:50.0393 0x0b50  ============================================================
13:19:50.0564 0x0b50  C: <-> \Device\Harddisk0\DR0\Partition2
13:19:50.0564 0x0b50  ============================================================
13:19:50.0564 0x0b50  Initialize success
13:19:50.0564 0x0b50  ============================================================
13:28:44.0924 0x09c0  ============================================================
13:28:44.0924 0x09c0  Scan started
13:28:44.0924 0x09c0  Mode: Manual; 
13:28:44.0924 0x09c0  ============================================================
13:28:44.0924 0x09c0  KSN ping started
13:28:47.0669 0x09c0  KSN ping finished: true
13:28:48.0340 0x09c0  ================ Scan system memory ========================
13:28:48.0340 0x09c0  System memory - ok
13:28:48.0340 0x09c0  ================ Scan services =============================
13:28:48.0543 0x09c0  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:28:48.0559 0x09c0  1394ohci - ok
13:28:48.0637 0x09c0  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
13:28:48.0668 0x09c0  ACPI - ok
13:28:48.0699 0x09c0  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
13:28:48.0699 0x09c0  AcpiPmi - ok
13:28:48.0761 0x09c0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:28:48.0777 0x09c0  adp94xx - ok
13:28:48.0808 0x09c0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:28:48.0824 0x09c0  adpahci - ok
13:28:48.0855 0x09c0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:28:48.0871 0x09c0  adpu320 - ok
13:28:48.0917 0x09c0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:28:48.0917 0x09c0  AeLookupSvc - ok
13:28:48.0949 0x09c0  [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD             C:\Windows\system32\drivers\afd.sys
13:28:48.0964 0x09c0  AFD - ok
13:28:48.0995 0x09c0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
13:28:48.0995 0x09c0  agp440 - ok
13:28:49.0027 0x09c0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:28:49.0027 0x09c0  ALG - ok
13:28:49.0042 0x09c0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
13:28:49.0042 0x09c0  aliide - ok
13:28:49.0042 0x09c0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
13:28:49.0042 0x09c0  amdide - ok
13:28:49.0058 0x09c0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:28:49.0058 0x09c0  AmdK8 - ok
13:28:49.0073 0x09c0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:28:49.0073 0x09c0  AmdPPM - ok
13:28:49.0105 0x09c0  [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
13:28:49.0105 0x09c0  amdsata - ok
13:28:49.0151 0x09c0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:28:49.0167 0x09c0  amdsbs - ok
13:28:49.0183 0x09c0  [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
13:28:49.0183 0x09c0  amdxata - ok
13:28:49.0229 0x09c0  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
13:28:49.0229 0x09c0  AppID - ok
13:28:49.0245 0x09c0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:28:49.0261 0x09c0  AppIDSvc - ok
13:28:49.0276 0x09c0  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
13:28:49.0276 0x09c0  Appinfo - ok
13:28:49.0323 0x09c0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:28:49.0323 0x09c0  arc - ok
13:28:49.0339 0x09c0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:28:49.0339 0x09c0  arcsas - ok
13:28:49.0417 0x09c0  [ D95E64416A4A3ED6986E0F474DA934BD, DBB4A0DED0DABE1F8FF0DB8C0E9EC4EC906A85A45DC0AEC013A8744F9BF5D40E ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
13:28:49.0432 0x09c0  aswHwid - ok
13:28:49.0448 0x09c0  [ FF1E537A3632CBB9A0BF72B9FD0878D5, B26E6A1F6E6FA5280A12861EFAD44D8F49353F47B21843EBA73E149CF613DCBC ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:28:49.0463 0x09c0  aswMonFlt - ok
13:28:49.0479 0x09c0  [ A5757DE5F9C83AB40667A53D5126EA40, 58B72B1B126CF641188703CE82E26BEB0C41AD7587CFFCCCE9E3C64CC7AACC90 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
13:28:49.0479 0x09c0  aswRdr - ok
13:28:49.0495 0x09c0  [ 645D97385F3F284FB5604F9B970F4D24, 15A9D7F0F4C1062210E4E744A9069B8645177D19F35B8740D74022639DC05F2E ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
13:28:49.0495 0x09c0  aswRvrt - ok
13:28:49.0573 0x09c0  [ B8FDEDE963B82CFD23B3A53A3084666D, 3537E5B684FB6F0AA589A5FA7CD111E1744DF384AB1A266D4114100F104ED11B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:28:49.0588 0x09c0  aswSnx - ok
13:28:49.0651 0x09c0  [ 0DEDC041DF594AEC2C3BD00417CFAF60, 0D3A8924503986546EE256D185225C0B080FDB6B0C8B0BED7516B07A7334371B ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:28:49.0666 0x09c0  aswSP - ok
13:28:49.0697 0x09c0  [ 48DED912CDE54FC0923B9858512366E1, 9B216B934408A7CB3CE2B41240B7EF01EAA3BC066211B784064FF8AC97A29B4E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
13:28:49.0697 0x09c0  aswStm - ok
13:28:49.0713 0x09c0  [ 471A311745848B80339436688A8286E6, E51C57236CEC19AC38E85D115DB97875517D837811188AD2E53FA49055B53890 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
13:28:49.0729 0x09c0  aswVmm - ok
13:28:49.0760 0x09c0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:28:49.0760 0x09c0  AsyncMac - ok
13:28:49.0791 0x09c0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
13:28:49.0791 0x09c0  atapi - ok
13:28:49.0869 0x09c0  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:28:49.0885 0x09c0  AudioEndpointBuilder - ok
13:28:49.0931 0x09c0  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:28:49.0947 0x09c0  AudioSrv - ok
13:28:50.0041 0x09c0  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:28:50.0056 0x09c0  avast! Antivirus - ok
13:28:50.0087 0x09c0  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:28:50.0087 0x09c0  AxInstSV - ok
13:28:50.0150 0x09c0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:28:50.0181 0x09c0  b06bdrv - ok
13:28:50.0228 0x09c0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:28:50.0243 0x09c0  b57nd60a - ok
13:28:50.0353 0x09c0  [ 9E84A931DBEE0292E38ED672F6293A99, 2945EAF0AC091709E0C5508B45EC343EDE507AC2B08A2D7D64F286D38424CBC4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
13:28:50.0446 0x09c0  BCM43XX - ok
13:28:50.0477 0x09c0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:28:50.0493 0x09c0  BDESVC - ok
13:28:50.0509 0x09c0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:28:50.0509 0x09c0  Beep - ok
13:28:50.0571 0x09c0  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
13:28:50.0587 0x09c0  BFE - ok
13:28:50.0680 0x09c0  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\system32\qmgr.dll
13:28:50.0696 0x09c0  BITS - ok
13:28:50.0727 0x09c0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:28:50.0727 0x09c0  blbdrive - ok
13:28:50.0743 0x09c0  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:28:50.0758 0x09c0  bowser - ok
13:28:50.0774 0x09c0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:28:50.0774 0x09c0  BrFiltLo - ok
13:28:50.0789 0x09c0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:28:50.0789 0x09c0  BrFiltUp - ok
13:28:50.0805 0x09c0  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:28:50.0805 0x09c0  BridgeMP - ok
13:28:50.0821 0x09c0  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
13:28:50.0836 0x09c0  Browser - ok
13:28:50.0867 0x09c0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:28:50.0883 0x09c0  Brserid - ok
13:28:50.0899 0x09c0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:28:50.0899 0x09c0  BrSerWdm - ok
13:28:50.0899 0x09c0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:28:50.0914 0x09c0  BrUsbMdm - ok
13:28:50.0914 0x09c0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:28:50.0914 0x09c0  BrUsbSer - ok
13:28:50.0930 0x09c0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:28:50.0930 0x09c0  BTHMODEM - ok
13:28:50.0961 0x09c0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:28:50.0961 0x09c0  bthserv - ok
13:28:50.0992 0x09c0  catchme - ok
13:28:51.0008 0x09c0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:28:51.0023 0x09c0  cdfs - ok
13:28:51.0070 0x09c0  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:28:51.0070 0x09c0  cdrom - ok
13:28:51.0086 0x09c0  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:28:51.0101 0x09c0  CertPropSvc - ok
13:28:51.0117 0x09c0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:28:51.0117 0x09c0  circlass - ok
13:28:51.0164 0x09c0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:28:51.0195 0x09c0  CLFS - ok
13:28:51.0257 0x09c0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:28:51.0257 0x09c0  clr_optimization_v2.0.50727_32 - ok
13:28:51.0304 0x09c0  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:28:51.0320 0x09c0  clr_optimization_v2.0.50727_64 - ok
13:28:51.0335 0x09c0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:28:51.0335 0x09c0  CmBatt - ok
13:28:51.0367 0x09c0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
13:28:51.0367 0x09c0  cmdide - ok
13:28:51.0398 0x09c0  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:28:51.0413 0x09c0  CNG - ok
13:28:51.0429 0x09c0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:28:51.0429 0x09c0  Compbatt - ok
13:28:51.0445 0x09c0  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:28:51.0445 0x09c0  CompositeBus - ok
13:28:51.0460 0x09c0  COMSysApp - ok
13:28:51.0476 0x09c0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:28:51.0491 0x09c0  crcdisk - ok
13:28:51.0523 0x09c0  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:28:51.0523 0x09c0  CryptSvc - ok
13:28:51.0585 0x09c0  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:28:51.0601 0x09c0  DcomLaunch - ok
13:28:51.0632 0x09c0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:28:51.0647 0x09c0  defragsvc - ok
13:28:51.0663 0x09c0  [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:28:51.0663 0x09c0  DfsC - ok
13:28:51.0710 0x09c0  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:28:51.0725 0x09c0  Dhcp - ok
13:28:51.0741 0x09c0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:28:51.0741 0x09c0  discache - ok
13:28:51.0772 0x09c0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:28:51.0772 0x09c0  Disk - ok
13:28:51.0819 0x09c0  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:28:51.0819 0x09c0  Dnscache - ok
13:28:51.0835 0x09c0  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:28:51.0850 0x09c0  dot3svc - ok
13:28:51.0866 0x09c0  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
13:28:51.0881 0x09c0  DPS - ok
13:28:51.0897 0x09c0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:28:51.0897 0x09c0  drmkaud - ok
13:28:51.0959 0x09c0  [ 7CB7D2B73813CE05C7BC0F5F95D27CEC, F80AD7E946B8C8C27A0EB8A99B3A61C3F09E5442372D64EB4886D86B8D0AFCFD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:28:52.0022 0x09c0  DXGKrnl - ok
13:28:52.0037 0x09c0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:28:52.0037 0x09c0  EapHost - ok
13:28:52.0193 0x09c0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:28:52.0334 0x09c0  ebdrv - ok
13:28:52.0365 0x09c0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
13:28:52.0365 0x09c0  EFS - ok
13:28:52.0427 0x09c0  [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:28:52.0490 0x09c0  ehRecvr - ok
13:28:52.0521 0x09c0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:28:52.0521 0x09c0  ehSched - ok
13:28:52.0568 0x09c0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:28:52.0615 0x09c0  elxstor - ok
13:28:52.0630 0x09c0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
13:28:52.0630 0x09c0  ErrDev - ok
13:28:52.0724 0x09c0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:28:52.0739 0x09c0  EventSystem - ok
13:28:52.0755 0x09c0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:28:52.0771 0x09c0  exfat - ok
13:28:52.0786 0x09c0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:28:52.0802 0x09c0  fastfat - ok
13:28:52.0849 0x09c0  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
13:28:52.0864 0x09c0  Fax - ok
13:28:52.0880 0x09c0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:28:52.0880 0x09c0  fdc - ok
13:28:52.0895 0x09c0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:28:52.0911 0x09c0  fdPHost - ok
13:28:52.0911 0x09c0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:28:52.0927 0x09c0  FDResPub - ok
13:28:52.0927 0x09c0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:28:52.0942 0x09c0  FileInfo - ok
13:28:52.0942 0x09c0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:28:52.0942 0x09c0  Filetrace - ok
13:28:52.0942 0x09c0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:28:52.0958 0x09c0  flpydisk - ok
13:28:52.0958 0x09c0  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:28:52.0973 0x09c0  FltMgr - ok
13:28:53.0036 0x09c0  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache       C:\Windows\system32\FntCache.dll
13:28:53.0129 0x09c0  FontCache - ok
13:28:53.0192 0x09c0  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:28:53.0192 0x09c0  FontCache3.0.0.0 - ok
13:28:53.0207 0x09c0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:28:53.0207 0x09c0  FsDepends - ok
13:28:53.0223 0x09c0  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:28:53.0223 0x09c0  Fs_Rec - ok
13:28:53.0254 0x09c0  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:28:53.0270 0x09c0  fvevol - ok
13:28:53.0301 0x09c0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:28:53.0301 0x09c0  gagp30kx - ok
13:28:53.0379 0x09c0  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:28:53.0395 0x09c0  gpsvc - ok
13:28:53.0535 0x09c0  [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service    C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
13:28:53.0613 0x09c0  Greg_Service - ok
13:28:53.0691 0x09c0  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:28:53.0691 0x09c0  gupdate - ok
13:28:53.0707 0x09c0  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:28:53.0707 0x09c0  gupdatem - ok
13:28:53.0738 0x09c0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:28:53.0753 0x09c0  hcw85cir - ok
13:28:53.0800 0x09c0  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:28:53.0816 0x09c0  HdAudAddService - ok
13:28:53.0831 0x09c0  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:28:53.0831 0x09c0  HDAudBus - ok
13:28:53.0863 0x09c0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:28:53.0863 0x09c0  HidBatt - ok
13:28:53.0878 0x09c0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:28:53.0878 0x09c0  HidBth - ok
13:28:53.0894 0x09c0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:28:53.0894 0x09c0  HidIr - ok
13:28:53.0925 0x09c0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
13:28:53.0925 0x09c0  hidserv - ok
13:28:53.0956 0x09c0  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:28:53.0956 0x09c0  HidUsb - ok
13:28:53.0972 0x09c0  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:28:53.0987 0x09c0  hkmsvc - ok
13:28:54.0019 0x09c0  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:28:54.0034 0x09c0  HomeGroupListener - ok
13:28:54.0065 0x09c0  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:28:54.0081 0x09c0  HomeGroupProvider - ok
13:28:54.0081 0x09c0  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
13:28:54.0097 0x09c0  HpSAMD - ok
13:28:54.0143 0x09c0  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:28:54.0159 0x09c0  HTTP - ok
13:28:54.0159 0x09c0  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:28:54.0175 0x09c0  hwpolicy - ok
13:28:54.0190 0x09c0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:28:54.0190 0x09c0  i8042prt - ok
13:28:54.0268 0x09c0  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
13:28:54.0284 0x09c0  IAANTMON - ok
13:28:54.0346 0x09c0  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:28:54.0362 0x09c0  iaStor - ok
13:28:54.0409 0x09c0  [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
13:28:54.0424 0x09c0  iaStorV - ok
13:28:54.0502 0x09c0  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:28:54.0565 0x09c0  idsvc - ok
13:28:54.0830 0x09c0  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:28:55.0126 0x09c0  igfx - ok
13:28:55.0157 0x09c0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:28:55.0157 0x09c0  iirsp - ok
13:28:55.0220 0x09c0  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
13:28:55.0235 0x09c0  IKEEXT - ok
13:28:55.0251 0x09c0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:28:55.0251 0x09c0  intelide - ok
13:28:55.0267 0x09c0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:28:55.0267 0x09c0  intelppm - ok
13:28:55.0282 0x09c0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:28:55.0298 0x09c0  IPBusEnum - ok
13:28:55.0298 0x09c0  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:28:55.0298 0x09c0  IpFilterDriver - ok
13:28:55.0329 0x09c0  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:28:55.0345 0x09c0  iphlpsvc - ok
13:28:55.0345 0x09c0  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:28:55.0360 0x09c0  IPMIDRV - ok
13:28:55.0360 0x09c0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:28:55.0360 0x09c0  IPNAT - ok
13:28:55.0376 0x09c0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:28:55.0376 0x09c0  IRENUM - ok
13:28:55.0391 0x09c0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
13:28:55.0391 0x09c0  isapnp - ok
13:28:55.0423 0x09c0  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:28:55.0423 0x09c0  iScsiPrt - ok
13:28:55.0501 0x09c0  [ 249EE2D26CB1530F3BEDE0AC8B9E3099, 6EBF72DCCDC1EFCD9FE712B895D61359F46C2AF41F1EC47A3C486E79AA1BC026 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
13:28:55.0501 0x09c0  k57nd60a - ok
13:28:55.0532 0x09c0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:28:55.0532 0x09c0  kbdclass - ok
13:28:55.0563 0x09c0  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:28:55.0563 0x09c0  kbdhid - ok
13:28:55.0579 0x09c0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
13:28:55.0579 0x09c0  KeyIso - ok
13:28:55.0594 0x09c0  [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:28:55.0594 0x09c0  KSecDD - ok
13:28:55.0610 0x09c0  [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:28:55.0625 0x09c0  KSecPkg - ok
13:28:55.0641 0x09c0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:28:55.0641 0x09c0  ksthunk - ok
13:28:55.0688 0x09c0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:28:55.0719 0x09c0  KtmRm - ok
13:28:55.0735 0x09c0  [ 2AC603C3188C704CFCE353659AA7AD71, 0DAC2E8858221145FA35883BAE0D6484E60EB624158DE9F063FF209951CD1CDF ] L1E             C:\Windows\system32\DRIVERS\L1E62x64.sys
13:28:55.0735 0x09c0  L1E - ok
13:28:55.0766 0x09c0  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:28:55.0781 0x09c0  LanmanServer - ok
13:28:55.0813 0x09c0  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:28:55.0828 0x09c0  LanmanWorkstation - ok
13:28:55.0859 0x09c0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:28:55.0875 0x09c0  lltdio - ok
13:28:55.0906 0x09c0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:28:55.0922 0x09c0  lltdsvc - ok
13:28:55.0953 0x09c0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:28:55.0953 0x09c0  lmhosts - ok
13:28:55.0969 0x09c0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:28:55.0984 0x09c0  LSI_FC - ok
13:28:55.0984 0x09c0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:28:56.0000 0x09c0  LSI_SAS - ok
13:28:56.0000 0x09c0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:28:56.0015 0x09c0  LSI_SAS2 - ok
13:28:56.0015 0x09c0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:28:56.0031 0x09c0  LSI_SCSI - ok
13:28:56.0062 0x09c0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:28:56.0062 0x09c0  luafv - ok
13:28:56.0093 0x09c0  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:28:56.0109 0x09c0  Mcx2Svc - ok
13:28:56.0125 0x09c0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:28:56.0125 0x09c0  megasas - ok
13:28:56.0140 0x09c0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:28:56.0156 0x09c0  MegaSR - ok
13:28:56.0187 0x09c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:28:56.0187 0x09c0  MMCSS - ok
13:28:56.0203 0x09c0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:28:56.0203 0x09c0  Modem - ok
13:28:56.0218 0x09c0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:28:56.0218 0x09c0  monitor - ok
13:28:56.0234 0x09c0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:28:56.0234 0x09c0  mouclass - ok
13:28:56.0249 0x09c0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:28:56.0249 0x09c0  mouhid - ok
13:28:56.0265 0x09c0  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:28:56.0265 0x09c0  mountmgr - ok
13:28:56.0281 0x09c0  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
13:28:56.0281 0x09c0  mpio - ok
13:28:56.0296 0x09c0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:28:56.0296 0x09c0  mpsdrv - ok
13:28:56.0343 0x09c0  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:28:56.0359 0x09c0  MpsSvc - ok
13:28:56.0374 0x09c0  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:28:56.0390 0x09c0  MRxDAV - ok
13:28:56.0405 0x09c0  [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:28:56.0405 0x09c0  mrxsmb - ok
13:28:56.0421 0x09c0  [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:28:56.0437 0x09c0  mrxsmb10 - ok
13:28:56.0437 0x09c0  [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:28:56.0452 0x09c0  mrxsmb20 - ok
13:28:56.0452 0x09c0  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
13:28:56.0452 0x09c0  msahci - ok
13:28:56.0468 0x09c0  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
13:28:56.0468 0x09c0  msdsm - ok
13:28:56.0483 0x09c0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:28:56.0499 0x09c0  MSDTC - ok
13:28:56.0499 0x09c0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:28:56.0499 0x09c0  Msfs - ok
13:28:56.0530 0x09c0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:28:56.0530 0x09c0  mshidkmdf - ok
13:28:56.0530 0x09c0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
13:28:56.0530 0x09c0  msisadrv - ok
13:28:56.0577 0x09c0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:28:56.0593 0x09c0  MSiSCSI - ok
13:28:56.0593 0x09c0  msiserver - ok
13:28:56.0624 0x09c0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:28:56.0624 0x09c0  MSKSSRV - ok
13:28:56.0639 0x09c0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:28:56.0639 0x09c0  MSPCLOCK - ok
13:28:56.0655 0x09c0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:28:56.0671 0x09c0  MSPQM - ok
13:28:56.0702 0x09c0  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:28:56.0717 0x09c0  MsRPC - ok
13:28:56.0733 0x09c0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:28:56.0733 0x09c0  mssmbios - ok
13:28:56.0733 0x09c0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:28:56.0749 0x09c0  MSTEE - ok
13:28:56.0764 0x09c0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:28:56.0764 0x09c0  MTConfig - ok
13:28:56.0780 0x09c0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:28:56.0780 0x09c0  Mup - ok
13:28:56.0842 0x09c0  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
13:28:56.0858 0x09c0  napagent - ok
13:28:56.0905 0x09c0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:28:56.0920 0x09c0  NativeWifiP - ok
13:28:56.0983 0x09c0  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:28:57.0061 0x09c0  NDIS - ok
13:28:57.0076 0x09c0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:28:57.0076 0x09c0  NdisCap - ok
13:28:57.0092 0x09c0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:28:57.0092 0x09c0  NdisTapi - ok
13:28:57.0107 0x09c0  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:28:57.0107 0x09c0  Ndisuio - ok
13:28:57.0123 0x09c0  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:28:57.0123 0x09c0  NdisWan - ok
13:28:57.0139 0x09c0  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:28:57.0139 0x09c0  NDProxy - ok
13:28:57.0295 0x09c0  [ B90E093E7A7250906F1054418B5339C0, F9A0BAC5B4B29F14B5CACA1047F8928A495EFD56E485492BF71C856B296476D6 ] Nero BackItUp Scheduler 4.0 c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
13:28:57.0357 0x09c0  Nero BackItUp Scheduler 4.0 - ok
13:28:57.0357 0x09c0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:28:57.0373 0x09c0  NetBIOS - ok
13:28:57.0388 0x09c0  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:28:57.0404 0x09c0  NetBT - ok
13:28:57.0419 0x09c0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
13:28:57.0419 0x09c0  Netlogon - ok
13:28:57.0482 0x09c0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:28:57.0497 0x09c0  Netman - ok
13:28:57.0529 0x09c0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:28:57.0544 0x09c0  netprofm - ok
13:28:57.0575 0x09c0  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:28:57.0591 0x09c0  NetTcpPortSharing - ok
13:28:57.0825 0x09c0  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
13:28:57.0934 0x09c0  netw5v64 - ok
13:28:57.0950 0x09c0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:28:57.0950 0x09c0  nfrd960 - ok
13:28:58.0012 0x09c0  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:28:58.0028 0x09c0  NlaSvc - ok
13:28:58.0043 0x09c0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:28:58.0043 0x09c0  Npfs - ok
13:28:58.0075 0x09c0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:28:58.0090 0x09c0  nsi - ok
13:28:58.0106 0x09c0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:28:58.0106 0x09c0  nsiproxy - ok
13:28:58.0184 0x09c0  [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:28:58.0262 0x09c0  Ntfs - ok
13:28:58.0324 0x09c0  [ 70E3EB0CEF795D348F05E5A9B115F491, F62FF02A34416E027BDE57DD54C436CE29CB83758B9DAB24BD6E042BB6A335B8 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
13:28:58.0324 0x09c0  NTI IScheduleSvc - ok
13:28:58.0355 0x09c0  [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
13:28:58.0355 0x09c0  NTIDrvr - ok
13:28:58.0371 0x09c0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:28:58.0371 0x09c0  Null - ok
13:28:58.0402 0x09c0  [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
13:28:58.0402 0x09c0  nvraid - ok
13:28:58.0418 0x09c0  [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
13:28:58.0433 0x09c0  nvstor - ok
13:28:58.0449 0x09c0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
13:28:58.0449 0x09c0  nv_agp - ok
13:28:58.0543 0x09c0  [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:28:58.0574 0x09c0  odserv - ok
13:28:58.0589 0x09c0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:28:58.0589 0x09c0  ohci1394 - ok
13:28:58.0636 0x09c0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:28:58.0652 0x09c0  ose - ok
13:28:58.0699 0x09c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:28:58.0730 0x09c0  p2pimsvc - ok
13:28:58.0761 0x09c0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:28:58.0808 0x09c0  p2psvc - ok
13:28:58.0823 0x09c0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:28:58.0839 0x09c0  Parport - ok
13:28:58.0855 0x09c0  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:28:58.0855 0x09c0  partmgr - ok
13:28:58.0886 0x09c0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:28:58.0901 0x09c0  PcaSvc - ok
13:28:58.0917 0x09c0  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
13:28:58.0917 0x09c0  pci - ok
13:28:58.0933 0x09c0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
13:28:58.0933 0x09c0  pciide - ok
13:28:58.0964 0x09c0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:28:58.0979 0x09c0  pcmcia - ok
13:28:59.0011 0x09c0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:28:59.0011 0x09c0  pcw - ok
13:28:59.0057 0x09c0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:28:59.0089 0x09c0  PEAUTH - ok
13:28:59.0151 0x09c0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:28:59.0167 0x09c0  PerfHost - ok
13:28:59.0276 0x09c0  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
13:28:59.0354 0x09c0  pla - ok
13:28:59.0401 0x09c0  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:28:59.0401 0x09c0  PlugPlay - ok
13:28:59.0432 0x09c0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:28:59.0432 0x09c0  PNRPAutoReg - ok
13:28:59.0463 0x09c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:28:59.0463 0x09c0  PNRPsvc - ok
13:28:59.0525 0x09c0  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:28:59.0541 0x09c0  PolicyAgent - ok
13:28:59.0557 0x09c0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:28:59.0557 0x09c0  Power - ok
13:28:59.0588 0x09c0  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:28:59.0603 0x09c0  PptpMiniport - ok
13:28:59.0619 0x09c0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:28:59.0619 0x09c0  Processor - ok
13:28:59.0666 0x09c0  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
13:28:59.0666 0x09c0  ProfSvc - ok
13:28:59.0697 0x09c0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:28:59.0697 0x09c0  ProtectedStorage - ok
13:28:59.0728 0x09c0  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:28:59.0728 0x09c0  Psched - ok
13:28:59.0822 0x09c0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:28:59.0900 0x09c0  ql2300 - ok
13:28:59.0915 0x09c0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:28:59.0931 0x09c0  ql40xx - ok
13:28:59.0962 0x09c0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:28:59.0978 0x09c0  QWAVE - ok
13:28:59.0993 0x09c0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:28:59.0993 0x09c0  QWAVEdrv - ok
13:29:00.0009 0x09c0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:29:00.0025 0x09c0  RasAcd - ok
13:29:00.0056 0x09c0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:29:00.0071 0x09c0  RasAgileVpn - ok
13:29:00.0087 0x09c0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:29:00.0087 0x09c0  RasAuto - ok
13:29:00.0103 0x09c0  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:29:00.0118 0x09c0  Rasl2tp - ok
13:29:00.0149 0x09c0  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
13:29:00.0165 0x09c0  RasMan - ok
13:29:00.0181 0x09c0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:29:00.0181 0x09c0  RasPppoe - ok
13:29:00.0196 0x09c0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:29:00.0196 0x09c0  RasSstp - ok
13:29:00.0227 0x09c0  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:29:00.0227 0x09c0  rdbss - ok
13:29:00.0243 0x09c0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:29:00.0259 0x09c0  rdpbus - ok
13:29:00.0274 0x09c0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:29:00.0274 0x09c0  RDPCDD - ok
13:29:00.0305 0x09c0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:29:00.0305 0x09c0  RDPENCDD - ok
13:29:00.0321 0x09c0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:29:00.0321 0x09c0  RDPREFMP - ok
13:29:00.0321 0x09c0  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:29:00.0337 0x09c0  RDPWD - ok
13:29:00.0337 0x09c0  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:29:00.0352 0x09c0  rdyboost - ok
13:29:00.0383 0x09c0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:29:00.0383 0x09c0  RemoteAccess - ok
13:29:00.0430 0x09c0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:29:00.0461 0x09c0  RemoteRegistry - ok
13:29:00.0508 0x09c0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:29:00.0508 0x09c0  RpcEptMapper - ok
13:29:00.0539 0x09c0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:29:00.0539 0x09c0  RpcLocator - ok
13:29:00.0586 0x09c0  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
13:29:00.0602 0x09c0  RpcSs - ok
13:29:00.0633 0x09c0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:29:00.0633 0x09c0  rspndr - ok
13:29:00.0680 0x09c0  [ 2DB8116D52B19216812C4E6D5D837810, 00A524FF80DE69B6B6CA767C90723E833891C006AB43E65A1F6F14C38B8F2427 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
13:29:00.0695 0x09c0  RSUSBSTOR - ok
13:29:00.0711 0x09c0  RtsUIR - ok
13:29:00.0742 0x09c0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
13:29:00.0742 0x09c0  SamSs - ok
13:29:00.0758 0x09c0  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
13:29:00.0758 0x09c0  sbp2port - ok
13:29:00.0789 0x09c0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:29:00.0805 0x09c0  SCardSvr - ok
13:29:00.0820 0x09c0  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:29:00.0820 0x09c0  scfilter - ok
13:29:00.0883 0x09c0  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule        C:\Windows\system32\schedsvc.dll
13:29:00.0914 0x09c0  Schedule - ok
13:29:00.0945 0x09c0  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:29:00.0945 0x09c0  SCPolicySvc - ok
13:29:00.0961 0x09c0  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:29:00.0976 0x09c0  SDRSVC - ok
13:29:00.0992 0x09c0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:29:00.0992 0x09c0  secdrv - ok
13:29:01.0023 0x09c0  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
13:29:01.0039 0x09c0  seclogon - ok
13:29:01.0039 0x09c0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
13:29:01.0054 0x09c0  SENS - ok
13:29:01.0070 0x09c0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:29:01.0070 0x09c0  SensrSvc - ok
13:29:01.0101 0x09c0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:29:01.0101 0x09c0  Serenum - ok
13:29:01.0132 0x09c0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:29:01.0132 0x09c0  Serial - ok
13:29:01.0148 0x09c0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:29:01.0148 0x09c0  sermouse - ok
13:29:01.0179 0x09c0  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:29:01.0179 0x09c0  SessionEnv - ok
13:29:01.0195 0x09c0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
13:29:01.0195 0x09c0  sffdisk - ok
13:29:01.0210 0x09c0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:29:01.0210 0x09c0  sffp_mmc - ok
13:29:01.0210 0x09c0  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
13:29:01.0210 0x09c0  sffp_sd - ok
13:29:01.0226 0x09c0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:29:01.0226 0x09c0  sfloppy - ok
13:29:01.0257 0x09c0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:29:01.0273 0x09c0  SharedAccess - ok
13:29:01.0304 0x09c0  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:29:01.0335 0x09c0  ShellHWDetection - ok
13:29:01.0351 0x09c0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:29:01.0351 0x09c0  SiSRaid2 - ok
13:29:01.0351 0x09c0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:29:01.0366 0x09c0  SiSRaid4 - ok
13:29:01.0382 0x09c0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:29:01.0382 0x09c0  Smb - ok
13:29:01.0413 0x09c0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:29:01.0413 0x09c0  SNMPTRAP - ok
13:29:01.0429 0x09c0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:29:01.0429 0x09c0  spldr - ok
13:29:01.0460 0x09c0  [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler         C:\Windows\System32\spoolsv.exe
13:29:01.0475 0x09c0  Spooler - ok
13:29:01.0647 0x09c0  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
13:29:01.0725 0x09c0  sppsvc - ok
13:29:01.0756 0x09c0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:29:01.0756 0x09c0  sppuinotify - ok
13:29:01.0850 0x09c0  [ DE6F5658DA951C4BC8E498570B5B0D5F, 85A0B72F8B871EF768CD898B53D6AD83C334CC65F00736F2828C472DBA4C67D6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:29:01.0865 0x09c0  srv - ok
13:29:01.0928 0x09c0  [ 4D33D59C0B930C523D29F9BD40CDA9D2, CF8BB6BD4F3C4A707D059EA43E56C65590CF022DB699B0213E8E99F47467ED77 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:29:01.0928 0x09c0  srv2 - ok
13:29:01.0975 0x09c0  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
13:29:02.0006 0x09c0  SrvHsfHDA - ok
13:29:02.0115 0x09c0  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
13:29:02.0193 0x09c0  SrvHsfV92 - ok
13:29:02.0240 0x09c0  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
13:29:02.0271 0x09c0  SrvHsfWinac - ok
13:29:02.0287 0x09c0  [ 5A663FD67049267BC5C3F3279E631FFB, ED1DD8829C082126B971242BCCA55073B2EC2895307EA5581798DE1CBF43FC5D ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:29:02.0287 0x09c0  srvnet - ok
13:29:02.0333 0x09c0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:29:02.0349 0x09c0  SSDPSRV - ok
13:29:02.0349 0x09c0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:29:02.0365 0x09c0  SstpSvc - ok
13:29:02.0396 0x09c0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:29:02.0396 0x09c0  stexstor - ok
13:29:02.0443 0x09c0  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
13:29:02.0489 0x09c0  stisvc - ok
13:29:02.0505 0x09c0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:29:02.0505 0x09c0  swenum - ok
13:29:02.0536 0x09c0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:29:02.0567 0x09c0  swprv - ok
13:29:02.0661 0x09c0  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
13:29:02.0708 0x09c0  SysMain - ok
13:29:02.0739 0x09c0  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:29:02.0755 0x09c0  TabletInputService - ok
13:29:02.0770 0x09c0  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:29:02.0786 0x09c0  TapiSrv - ok
13:29:02.0801 0x09c0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:29:02.0817 0x09c0  TBS - ok
13:29:02.0926 0x09c0  [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:29:03.0020 0x09c0  Tcpip - ok
13:29:03.0129 0x09c0  [ 624C5B3AA4C99B3184BB922D9ECE3FF0, DF9527CBA335A51513FBFFD95DAF3FA79A19F2B417C533EE384D397FB1E0889E ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:29:03.0176 0x09c0  TCPIP6 - ok
13:29:03.0223 0x09c0  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:29:03.0223 0x09c0  tcpipreg - ok
13:29:03.0238 0x09c0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:29:03.0238 0x09c0  TDPIPE - ok
13:29:03.0254 0x09c0  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:29:03.0254 0x09c0  TDTCP - ok
13:29:03.0285 0x09c0  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:29:03.0285 0x09c0  tdx - ok
13:29:03.0285 0x09c0  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:29:03.0285 0x09c0  TermDD - ok
13:29:03.0347 0x09c0  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
13:29:03.0410 0x09c0  TermService - ok
13:29:03.0425 0x09c0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:29:03.0425 0x09c0  Themes - ok
13:29:03.0441 0x09c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:29:03.0441 0x09c0  THREADORDER - ok
13:29:03.0472 0x09c0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:29:03.0472 0x09c0  TrkWks - ok
13:29:03.0535 0x09c0  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:29:03.0535 0x09c0  TrustedInstaller - ok
13:29:03.0566 0x09c0  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:29:03.0566 0x09c0  tssecsrv - ok
13:29:03.0613 0x09c0  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:29:03.0613 0x09c0  tunnel - ok
13:29:03.0628 0x09c0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:29:03.0644 0x09c0  uagp35 - ok
13:29:03.0659 0x09c0  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
13:29:03.0659 0x09c0  UBHelper - ok
13:29:03.0691 0x09c0  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:29:03.0722 0x09c0  udfs - ok
13:29:03.0753 0x09c0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:29:03.0769 0x09c0  UI0Detect - ok
13:29:03.0769 0x09c0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
13:29:03.0784 0x09c0  uliagpkx - ok
13:29:03.0784 0x09c0  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:29:03.0784 0x09c0  umbus - ok
13:29:03.0815 0x09c0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:29:03.0815 0x09c0  UmPass - ok
13:29:03.0909 0x09c0  [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
13:29:03.0925 0x09c0  Updater Service - ok
13:29:03.0956 0x09c0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:29:03.0987 0x09c0  upnphost - ok
13:29:04.0003 0x09c0  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:29:04.0003 0x09c0  usbccgp - ok
13:29:04.0018 0x09c0  USBCCID - ok
13:29:04.0049 0x09c0  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
13:29:04.0049 0x09c0  usbcir - ok
13:29:04.0049 0x09c0  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:29:04.0049 0x09c0  usbehci - ok
13:29:04.0112 0x09c0  [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:29:04.0112 0x09c0  usbhub - ok
13:29:04.0127 0x09c0  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:29:04.0143 0x09c0  usbohci - ok
13:29:04.0159 0x09c0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:29:04.0159 0x09c0  usbprint - ok
13:29:04.0174 0x09c0  [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:29:04.0174 0x09c0  USBSTOR - ok
13:29:04.0190 0x09c0  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:29:04.0190 0x09c0  usbuhci - ok
13:29:04.0221 0x09c0  [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
13:29:04.0221 0x09c0  usbvideo - ok
13:29:04.0252 0x09c0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:29:04.0268 0x09c0  UxSms - ok
13:29:04.0283 0x09c0  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
13:29:04.0283 0x09c0  VaultSvc - ok
13:29:04.0299 0x09c0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
13:29:04.0299 0x09c0  vdrvroot - ok
13:29:04.0346 0x09c0  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
13:29:04.0393 0x09c0  vds - ok
13:29:04.0424 0x09c0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:29:04.0424 0x09c0  vga - ok
13:29:04.0439 0x09c0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:29:04.0439 0x09c0  VgaSave - ok
13:29:04.0455 0x09c0  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
13:29:04.0486 0x09c0  vhdmp - ok
13:29:04.0486 0x09c0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
13:29:04.0486 0x09c0  viaide - ok
13:29:04.0502 0x09c0  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
13:29:04.0502 0x09c0  volmgr - ok
13:29:04.0533 0x09c0  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:29:04.0549 0x09c0  volmgrx - ok
13:29:04.0580 0x09c0  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
13:29:04.0611 0x09c0  volsnap - ok
13:29:04.0627 0x09c0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:29:04.0627 0x09c0  vsmraid - ok
13:29:04.0736 0x09c0  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
13:29:04.0829 0x09c0  VSS - ok
13:29:04.0845 0x09c0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:29:04.0861 0x09c0  vwifibus - ok
13:29:04.0861 0x09c0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:29:04.0861 0x09c0  vwififlt - ok
13:29:04.0876 0x09c0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:29:04.0892 0x09c0  W32Time - ok
13:29:04.0907 0x09c0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:29:04.0907 0x09c0  WacomPen - ok
13:29:04.0923 0x09c0  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:29:04.0923 0x09c0  WANARP - ok
13:29:04.0923 0x09c0  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:29:04.0923 0x09c0  Wanarpv6 - ok
13:29:05.0017 0x09c0  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
13:29:05.0126 0x09c0  wbengine - ok
13:29:05.0141 0x09c0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:29:05.0157 0x09c0  WbioSrvc - ok
13:29:05.0173 0x09c0  [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:29:05.0188 0x09c0  wcncsvc - ok
13:29:05.0188 0x09c0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:29:05.0188 0x09c0  WcsPlugInService - ok
13:29:05.0204 0x09c0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:29:05.0204 0x09c0  Wd - ok
13:29:05.0235 0x09c0  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:29:05.0266 0x09c0  Wdf01000 - ok
13:29:05.0297 0x09c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:29:05.0297 0x09c0  WdiServiceHost - ok
13:29:05.0313 0x09c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:29:05.0313 0x09c0  WdiSystemHost - ok
13:29:05.0344 0x09c0  [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient       C:\Windows\System32\webclnt.dll
13:29:05.0360 0x09c0  WebClient - ok
13:29:05.0375 0x09c0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:29:05.0407 0x09c0  Wecsvc - ok
13:29:05.0422 0x09c0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:29:05.0422 0x09c0  wercplsupport - ok
13:29:05.0438 0x09c0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:29:05.0438 0x09c0  WerSvc - ok
13:29:05.0453 0x09c0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:29:05.0453 0x09c0  WfpLwf - ok
13:29:05.0469 0x09c0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:29:05.0469 0x09c0  WIMMount - ok
13:29:05.0500 0x09c0  WinDefend - ok
13:29:05.0500 0x09c0  WinHttpAutoProxySvc - ok
13:29:05.0547 0x09c0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:29:05.0563 0x09c0  Winmgmt - ok
13:29:05.0672 0x09c0  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:29:05.0781 0x09c0  WinRM - ok
13:29:05.0859 0x09c0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:29:05.0890 0x09c0  Wlansvc - ok
13:29:06.0031 0x09c0  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:29:06.0077 0x09c0  wlidsvc - ok
13:29:06.0109 0x09c0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:29:06.0109 0x09c0  WmiAcpi - ok
13:29:06.0140 0x09c0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:29:06.0140 0x09c0  wmiApSrv - ok
13:29:06.0171 0x09c0  WMPNetworkSvc - ok
13:29:06.0187 0x09c0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:29:06.0187 0x09c0  WPCSvc - ok
13:29:06.0202 0x09c0  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:29:06.0218 0x09c0  WPDBusEnum - ok
13:29:06.0218 0x09c0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:29:06.0218 0x09c0  ws2ifsl - ok
13:29:06.0233 0x09c0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
13:29:06.0249 0x09c0  wscsvc - ok
13:29:06.0249 0x09c0  WSearch - ok
13:29:06.0374 0x09c0  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:29:06.0421 0x09c0  wuauserv - ok
13:29:06.0436 0x09c0  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:29:06.0436 0x09c0  WudfPf - ok
13:29:06.0483 0x09c0  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:29:06.0483 0x09c0  WUDFRd - ok
13:29:06.0499 0x09c0  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:29:06.0514 0x09c0  wudfsvc - ok
13:29:06.0545 0x09c0  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:29:06.0561 0x09c0  WwanSvc - ok
13:29:06.0592 0x09c0  ================ Scan global ===============================
13:29:06.0623 0x09c0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:29:06.0639 0x09c0  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:29:06.0670 0x09c0  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:29:06.0701 0x09c0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:29:06.0748 0x09c0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:29:06.0764 0x09c0  [ Global ] - ok
13:29:06.0764 0x09c0  ================ Scan MBR ==================================
13:29:06.0779 0x09c0  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:29:07.0076 0x09c0  \Device\Harddisk0\DR0 - ok
13:29:07.0076 0x09c0  ================ Scan VBR ==================================
13:29:07.0091 0x09c0  [ B174AFC39A623B210D60097C7612F662 ] \Device\Harddisk0\DR0\Partition1
13:29:07.0091 0x09c0  \Device\Harddisk0\DR0\Partition1 - ok
13:29:07.0091 0x09c0  [ 18C0B26F5F38EF7B395DCB1150BF9A01 ] \Device\Harddisk0\DR0\Partition2
13:29:07.0091 0x09c0  \Device\Harddisk0\DR0\Partition2 - ok
13:29:07.0107 0x09c0  ================ Scan generic autorun ======================
13:29:07.0169 0x09c0  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
13:29:07.0169 0x09c0  IAAnotif - ok
13:29:07.0232 0x09c0  [ 452FA961163EF4AEE4815796A13AB2CF, 14DC422082F96F5C21C41A5E5F6E8445547CC4B02B18F0A86A34669CA2CE18A7 ] c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
13:29:07.0232 0x09c0  Adobe Reader Speed Launcher - ok
13:29:07.0279 0x09c0  [ 5AEA1DB5490429EEB0989A0CE2A52D5E, E854757921398BFDE6F2E1F4359CBDFCEEE36B645F435D4D039DF73669E488BF ] C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
13:29:07.0279 0x09c0  BackupManagerTray - ok
13:29:07.0513 0x09c0  [ 26B558B2D31C7425B455B00E562EAD93, B64D128A2F1FC42BA4376F8EB08D70F4B705745CB983D0631DB45851BF34BBDF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
13:29:07.0591 0x09c0  AvastUI.exe - ok
13:29:07.0606 0x09c0  Waiting for KSN requests completion. In queue: 342
13:29:08.0620 0x09c0  Waiting for KSN requests completion. In queue: 32
13:29:09.0634 0x09c0  Waiting for KSN requests completion. In queue: 32
13:29:10.0648 0x09c0  Waiting for KSN requests completion. In queue: 32
13:29:11.0662 0x09c0  Waiting for KSN requests completion. In queue: 32
13:29:12.0676 0x09c0  Waiting for KSN requests completion. In queue: 32
13:29:13.0737 0x09c0  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
13:29:13.0784 0x09c0  Win FW state via NFP2: enabled
13:29:19.0244 0x09c0  ============================================================
13:29:19.0244 0x09c0  Scan finished
13:29:19.0244 0x09c0  ============================================================
13:29:19.0244 0x0288  Detected object count: 0
13:29:19.0244 0x0288  Actual detected object count: 0
13:29:23.0206 0x0b24  Deinitialize success


#12 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:37 AM

Posted 05 September 2014 - 06:46 AM

Very good. Now run TDSSKiller again with the same options as in the first scan ("Make sure that all available options (except "Loaded modules") are checked") and also delete the TDSS File System.
How is your computer running now? What problems or symptoms still persist?


Step 1

Start TDSSKiller.exe again with administrator privileges.
  • Set the parameters like in the first scan and click on Start scan.
  • This time select for the threat TDSS File System (and only for that) the option Cure (or Delete).
  • Click on Continue and allow the reboot.
  • Copy and paste the log file (C:\TDSSKiller.<version_date_time>_log.txt) of this run in your next reply.


Step 2

Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!



Step 3

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#13 wsht

wsht
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 05 September 2014 - 07:52 AM

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Misa (administrator) on MISA-PC on 05-09-2014 14:46:29
Running from C:\Users\Misa\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: Italiano (Italia)
Internet Explorer Version 8
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [262912 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-05] (AVAST Software)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x53CB00E1A7C8CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/?ocid=iehp
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Guida per l'accesso a Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\2.0.40115.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-09-05]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.it/
CHR StartupUrls: Default -> "hxxp://www.google.it/"
CHR DefaultSearchKeyword: Default -> 3D1502EA9963309365DA23A2C784F0D28339E962DE22B730F12CE04DB9EB4E0A
CHR DefaultSearchProvider: Default -> EFD8631DEF7361408B6468B4C11900873F987B1B1503E20789F3F2930EA5F161
CHR DefaultSearchURL: Default -> AF5BB695BE2D26DCE58B5F43E21242B47915CF3BFDCC140B4AB1A1239CED13DA
CHR Profile: C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Presentazioni Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-08-28]
CHR Extension: (Documenti Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-28]
CHR Extension: (Google Drive) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-28]
CHR Extension: (YouTube) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-28]
CHR Extension: (Ricerca Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-28]
CHR Extension: (Fogli Google) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-28]
CHR Extension: (avast! Online Security) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-09-05]
CHR Extension: (Google Wallet) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-28]
CHR Extension: (Gmail) - C:\Users\Misa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-09-05]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-05] (AVAST Software)
S4 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [62720 2009-08-21] (NewTech Infosystems, Inc.)
S4 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-09-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-09-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-09-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-09-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-09-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-09-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-09-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-09-05] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-05 14:02 - 2014-09-05 14:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-05 14:01 - 2014-09-05 13:57 - 02347384 _____ (ESET) C:\Users\Misa\Desktop\esetsmartinstaller_enu.exe
2014-09-05 13:17 - 2014-09-05 14:00 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-05 04:15 - 2012-03-30 13:09 - 01895280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-05 04:15 - 2010-08-27 08:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-09-05 04:15 - 2010-08-27 07:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-09-05 04:15 - 2010-08-27 05:38 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-09-05 04:15 - 2010-08-27 05:37 - 00402944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-09-05 04:15 - 2010-08-27 05:37 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-09-05 04:03 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-05 04:03 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-05 04:03 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-05 04:03 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-05 03:47 - 2014-09-05 03:47 - 00026652 _____ () C:\Users\Misa\Downloads\Addition.txt
2014-09-05 03:46 - 2014-09-05 14:46 - 00010185 _____ () C:\Users\Misa\Downloads\FRST.txt
2014-09-05 03:45 - 2014-09-05 14:46 - 00000000 ____D () C:\FRST
2014-09-05 03:45 - 2014-09-05 03:45 - 01096704 _____ (Farbar) C:\Users\Misa\Downloads\FRST.exe
2014-09-05 03:43 - 2014-09-05 03:44 - 02104832 _____ (Farbar) C:\Users\Misa\Downloads\FRST64.exe
2014-09-05 02:14 - 2014-09-05 02:18 - 00000000 ____D () C:\Users\Misa\AppData\Local\{F57DA835-9839-4490-96D3-718B26B1E78E}
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Windows Live Writer
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\Windows Live Writer
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\{A6C910DA-A45A-4A5B-AFD5-456AC8423918}
2014-09-05 02:13 - 2014-09-05 02:13 - 00000243 _____ () C:\Windows\wininit.ini
2014-09-05 02:13 - 2014-09-05 02:13 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-05 02:13 - 2014-09-05 02:13 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\DropboxMaster
2014-09-05 02:12 - 2014-09-05 02:13 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Dropbox
2014-09-05 02:11 - 2014-09-05 02:11 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\AVAST Software
2014-09-05 01:47 - 2014-09-05 12:59 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-05 01:47 - 2014-09-05 01:47 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-05 01:47 - 2014-09-05 01:47 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-05 01:47 - 2014-09-05 01:47 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-05 01:46 - 2014-09-05 01:46 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-05 01:45 - 2014-09-05 01:46 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-05 01:44 - 2014-09-05 01:44 - 00271096 _____ () C:\Windows\Minidump\090514-29608-01.dmp
2014-09-05 01:44 - 2014-09-05 01:44 - 00000000 ____D () C:\Windows\Minidump
2014-09-05 01:43 - 2014-09-05 01:45 - 00000000 ____D () C:\32788R22FWJFW
2014-09-05 01:43 - 2014-09-05 01:43 - 441164448 _____ () C:\Windows\MEMORY.DMP
2014-09-05 00:31 - 2014-09-05 00:31 - 00012483 _____ () C:\ComboFix.txt
2014-09-04 23:34 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-04 23:34 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-04 23:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-04 23:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-04 23:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-04 23:34 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-04 23:34 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-04 23:34 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-04 23:33 - 2014-09-05 00:32 - 00000000 ____D () C:\ComboFix
2014-09-04 23:32 - 2014-09-05 00:32 - 00000000 ____D () C:\Qoobox
2014-09-04 23:31 - 2014-09-05 00:17 - 00000000 ____D () C:\Windows\erdnt
2014-09-04 23:21 - 2014-08-25 06:53 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-04 23:13 - 2014-09-04 23:14 - 04862664 _____ (AVAST Software) C:\Users\Misa\Downloads\avast_free_antivirus_setup_online.exe
2014-09-04 23:13 - 2014-09-04 23:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-04 23:07 - 2014-09-04 23:07 - 05576326 ____R (Swearware) C:\Users\Misa\Downloads\ComboFix.exe
2014-09-04 23:05 - 2014-09-04 23:06 - 01016261 _____ (Thisisu) C:\Users\Misa\Downloads\JRT.exe
2014-09-04 23:02 - 2014-09-04 23:02 - 00869456 _____ () C:\Users\Misa\Downloads\Norton_Removal_Tool.exe
2014-09-04 23:02 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-04 23:02 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-29 04:09 - 2014-09-05 13:02 - 00689472 _____ () C:\Windows\system32\perfh010.dat
2014-08-29 04:09 - 2014-09-05 13:02 - 00124626 _____ () C:\Windows\system32\perfc010.dat
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\it
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\0410
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\system32\it
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\system32\0410
2014-08-29 04:09 - 2014-08-29 04:08 - 00335478 _____ () C:\Windows\system32\perfi010.dat
2014-08-29 04:09 - 2014-08-29 04:08 - 00037534 _____ () C:\Windows\system32\perfd010.dat
2014-08-29 04:03 - 2014-08-29 04:12 - 00000486 _____ () C:\Windows\Patch.log
2014-08-29 04:03 - 2014-08-29 04:03 - 00000000 ____D () C:\acersw
2014-08-29 04:02 - 2014-08-29 04:03 - 00007060 _____ () C:\Windows\WisGAPas.log
2014-08-29 04:02 - 2014-08-29 04:02 - 00000896 _____ () C:\Windows\MOD01SET74000N0006.XML
2014-08-29 04:02 - 2014-08-29 04:02 - 00000000 ____D () C:\Windows\Lan
2014-08-29 04:02 - 2014-08-29 04:02 - 00000000 ____D () C:\acer
2014-08-29 04:01 - 2014-08-29 04:01 - 00000708 _____ () C:\Windows\CapsuleDll.log
2014-08-29 04:01 - 2014-08-29 04:01 - 00000000 ____D () C:\Patch
2014-08-29 04:01 - 2009-08-11 08:00 - 00382976 _____ (Wistron Corp.) C:\Windows\WisGAPasx64.exe
2014-08-29 04:01 - 2009-08-11 08:00 - 00322048 _____ (Wistron Corp.) C:\Windows\WisGAPas.exe
2014-08-29 04:01 - 2009-05-25 20:27 - 00335872 _____ (Acer Inc.) C:\Windows\ParseModule_X64.exe
2014-08-29 04:01 - 2009-05-25 20:27 - 00225280 _____ (Acer Inc.) C:\Windows\ParseModule_X86.exe
2014-08-29 03:50 - 2014-08-29 04:12 - 00001662 _____ () C:\Windows\WPatchProgress.ini
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\vlc
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-28 18:54 - 2014-08-28 18:55 - 24743106 _____ () C:\Users\Misa\Downloads\vlc-2.1.5-win32.exe
2014-08-28 18:51 - 2014-08-28 18:51 - 00002265 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-08-28 18:51 - 2014-08-28 18:51 - 00000000 ____D () C:\Users\Misa\AppData\Local\WinZip
2014-08-28 18:51 - 2014-08-28 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-08-28 18:50 - 2014-08-28 18:52 - 00000000 ____D () C:\ProgramData\WinZip
2014-08-28 18:50 - 2014-08-28 18:50 - 00000000 ____D () C:\Program Files (x86)\WinZip
2014-08-28 18:47 - 2014-08-28 18:48 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-28 18:47 - 2014-08-28 18:47 - 00001196 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-08-28 18:47 - 2014-08-28 18:47 - 00000000 ____D () C:\Program Files\Windows Live
2014-08-28 18:44 - 2010-05-23 12:15 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-08-28 18:44 - 2010-05-23 12:11 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-08-28 18:44 - 2010-05-23 12:11 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-08-28 18:44 - 2010-05-23 10:37 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-08-28 18:44 - 2010-05-23 10:35 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-08-28 18:44 - 2010-05-23 10:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-08-28 18:44 - 2010-05-23 10:35 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-08-28 18:43 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\Windows Live
2014-08-28 18:41 - 2014-08-28 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 18:40 - 2014-08-28 18:41 - 00000000 ____D () C:\Users\Misa\AppData\Local\Deployment
2014-08-28 18:40 - 2014-08-28 18:40 - 00000000 ____D () C:\Users\Misa\AppData\Local\Apps\2.0
2014-08-28 18:39 - 2014-08-28 18:39 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Macromedia
2014-08-28 18:39 - 2014-08-28 18:39 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Adobe
2014-08-28 18:35 - 2014-08-28 18:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-08-28 18:33 - 2014-08-28 18:33 - 00000000 ____D () C:\Users\Misa\AppData\Local\Microsoft Help
2014-08-28 18:32 - 2014-09-05 14:42 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 18:32 - 2014-09-05 13:58 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 18:32 - 2014-08-28 18:37 - 00004146 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 18:32 - 2014-08-28 18:37 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 18:31 - 2014-09-04 23:08 - 00000000 ____D () C:\Users\Misa\AppData\Local\Google
2014-08-28 18:31 - 2014-08-28 18:31 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Google
2014-08-28 18:30 - 2014-08-28 18:40 - 00108840 _____ () C:\Users\Misa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-28 18:21 - 2014-09-05 14:19 - 01127280 _____ () C:\Windows\WindowsUpdate.log
2014-08-28 18:21 - 2014-08-28 18:21 - 00001439 _____ () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-28 18:21 - 2014-08-28 18:21 - 00001405 _____ () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-08-28 18:20 - 2014-08-28 18:20 - 00000000 ____D () C:\Users\Misa\AppData\Local\VirtualStore
2014-08-28 18:19 - 2014-08-28 18:21 - 00000000 ____D () C:\Users\Misa
2014-08-28 18:19 - 2014-08-28 18:19 - 00000020 ___SH () C:\Users\Misa\ntuser.ini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Risorse di stampa
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Risorse di rete
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Recenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Impostazioni locali
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Risorse di stampa
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Risorse di rete
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Recenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Impostazioni locali
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Preferiti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Program Files\File comuni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 ____D () C:\Recovery
2014-08-28 18:19 - 2009-08-22 09:52 - 00000000 ___RD () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-28 18:19 - 2009-08-22 09:52 - 00000000 ___RD () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-05 14:46 - 2014-09-05 03:46 - 00010185 _____ () C:\Users\Misa\Downloads\FRST.txt
2014-09-05 14:46 - 2014-09-05 03:45 - 00000000 ____D () C:\FRST
2014-09-05 14:42 - 2014-08-28 18:32 - 00001150 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-05 14:19 - 2014-08-28 18:21 - 01127280 _____ () C:\Windows\WindowsUpdate.log
2014-09-05 14:05 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-05 14:05 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-05 14:02 - 2014-09-05 14:02 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-05 14:00 - 2014-09-05 13:17 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-05 13:58 - 2014-08-28 18:32 - 00001146 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-05 13:57 - 2014-09-05 14:01 - 02347384 _____ (ESET) C:\Users\Misa\Desktop\esetsmartinstaller_enu.exe
2014-09-05 13:57 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-05 13:57 - 2009-07-14 06:51 - 00044816 _____ () C:\Windows\setupact.log
2014-09-05 13:02 - 2014-08-29 04:09 - 00689472 _____ () C:\Windows\system32\perfh010.dat
2014-09-05 13:02 - 2014-08-29 04:09 - 00124626 _____ () C:\Windows\system32\perfc010.dat
2014-09-05 13:02 - 2009-07-14 07:13 - 01516554 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-05 12:59 - 2014-09-05 01:47 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-05 08:20 - 2009-08-22 08:21 - 00199064 _____ () C:\Windows\PFRO.log
2014-09-05 04:17 - 2009-08-22 07:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-05 03:47 - 2014-09-05 03:47 - 00026652 _____ () C:\Users\Misa\Downloads\Addition.txt
2014-09-05 03:45 - 2014-09-05 03:45 - 01096704 _____ (Farbar) C:\Users\Misa\Downloads\FRST.exe
2014-09-05 03:44 - 2014-09-05 03:43 - 02104832 _____ (Farbar) C:\Users\Misa\Downloads\FRST64.exe
2014-09-05 02:18 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\{F57DA835-9839-4490-96D3-718B26B1E78E}
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Windows Live Writer
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\Windows Live Writer
2014-09-05 02:14 - 2014-09-05 02:14 - 00000000 ____D () C:\Users\Misa\AppData\Local\{A6C910DA-A45A-4A5B-AFD5-456AC8423918}
2014-09-05 02:14 - 2014-08-28 18:43 - 00000000 ____D () C:\Users\Misa\AppData\Local\Windows Live
2014-09-05 02:13 - 2014-09-05 02:13 - 00000243 _____ () C:\Windows\wininit.ini
2014-09-05 02:13 - 2014-09-05 02:13 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-05 02:13 - 2014-09-05 02:13 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\DropboxMaster
2014-09-05 02:13 - 2014-09-05 02:12 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Dropbox
2014-09-05 02:11 - 2014-09-05 02:11 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\AVAST Software
2014-09-05 01:47 - 2014-09-05 01:47 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-09-05 01:47 - 2014-09-05 01:47 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-09-05 01:47 - 2014-09-05 01:47 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-09-05 01:47 - 2014-09-05 01:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-09-05 01:46 - 2014-09-05 01:46 - 00000000 ____D () C:\Program Files\AVAST Software
2014-09-05 01:46 - 2014-09-05 01:45 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-09-05 01:45 - 2014-09-05 01:43 - 00000000 ____D () C:\32788R22FWJFW
2014-09-05 01:44 - 2014-09-05 01:44 - 00271096 _____ () C:\Windows\Minidump\090514-29608-01.dmp
2014-09-05 01:44 - 2014-09-05 01:44 - 00000000 ____D () C:\Windows\Minidump
2014-09-05 01:43 - 2014-09-05 01:43 - 441164448 _____ () C:\Windows\MEMORY.DMP
2014-09-05 01:43 - 2009-08-22 08:20 - 00000000 ____D () C:\ProgramData\Partner
2014-09-05 01:43 - 2009-08-22 08:20 - 00000000 ____D () C:\Program Files\Google
2014-09-05 01:43 - 2009-08-22 08:20 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-05 00:32 - 2014-09-04 23:33 - 00000000 ____D () C:\ComboFix
2014-09-05 00:32 - 2014-09-04 23:32 - 00000000 ____D () C:\Qoobox
2014-09-05 00:32 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-05 00:31 - 2014-09-05 00:31 - 00012483 _____ () C:\ComboFix.txt
2014-09-05 00:17 - 2014-09-04 23:31 - 00000000 ____D () C:\Windows\erdnt
2014-09-05 00:13 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-04 23:14 - 2014-09-04 23:13 - 04862664 _____ (AVAST Software) C:\Users\Misa\Downloads\avast_free_antivirus_setup_online.exe
2014-09-04 23:13 - 2014-09-04 23:13 - 00000000 ____D () C:\Windows\ERUNT
2014-09-04 23:11 - 2009-08-22 08:07 - 00000000 ____D () C:\Program Files (x86)\Packard Bell GameZone
2014-09-04 23:10 - 2009-08-22 08:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell GameZone
2014-09-04 23:10 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-04 23:08 - 2014-08-28 18:31 - 00000000 ____D () C:\Users\Misa\AppData\Local\Google
2014-09-04 23:08 - 2009-08-22 08:20 - 00000000 ____D () C:\ProgramData\Google
2014-09-04 23:07 - 2014-09-04 23:07 - 05576326 ____R (Swearware) C:\Users\Misa\Downloads\ComboFix.exe
2014-09-04 23:07 - 2009-08-16 07:54 - 00000000 ____D () C:\ProgramData\Norton
2014-09-04 23:06 - 2014-09-04 23:05 - 01016261 _____ (Thisisu) C:\Users\Misa\Downloads\JRT.exe
2014-09-04 23:02 - 2014-09-04 23:02 - 00869456 _____ () C:\Users\Misa\Downloads\Norton_Removal_Tool.exe
2014-09-04 23:00 - 2009-07-14 06:45 - 00416872 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 04:12 - 2014-08-29 04:03 - 00000486 _____ () C:\Windows\Patch.log
2014-08-29 04:12 - 2014-08-29 03:50 - 00001662 _____ () C:\Windows\WPatchProgress.ini
2014-08-29 04:12 - 2009-08-16 08:27 - 00000189 __RSH () C:\Preload.rev
2014-08-29 04:12 - 2009-08-16 08:27 - 00000117 _____ () C:\Windows\WisLangCode.ini
2014-08-29 04:12 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\winrm
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\WCN
2014-08-29 04:12 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\slmgr
2014-08-29 04:12 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-08-29 04:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2014-08-29 04:12 - 2009-03-12 11:30 - 00000000 ____D () C:\Windows\LP
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\it
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\SysWOW64\0410
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\system32\it
2014-08-29 04:09 - 2014-08-29 04:09 - 00000000 ____D () C:\Windows\system32\0410
2014-08-29 04:09 - 2009-08-16 08:31 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-29 04:09 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-08-29 04:09 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2014-08-29 04:09 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-08-29 04:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2014-08-29 04:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-08-29 04:08 - 2014-08-29 04:09 - 00335478 _____ () C:\Windows\system32\perfi010.dat
2014-08-29 04:08 - 2014-08-29 04:09 - 00037534 _____ () C:\Windows\system32\perfd010.dat
2014-08-29 04:03 - 2014-08-29 04:03 - 00000000 ____D () C:\acersw
2014-08-29 04:03 - 2014-08-29 04:02 - 00007060 _____ () C:\Windows\WisGAPas.log
2014-08-29 04:03 - 2009-08-16 08:29 - 00000000 ____D () C:\oem
2014-08-29 04:03 - 2009-08-16 08:27 - 00002104 _____ () C:\Windows\Factory.xml
2014-08-29 04:02 - 2014-08-29 04:02 - 00000896 _____ () C:\Windows\MOD01SET74000N0006.XML
2014-08-29 04:02 - 2014-08-29 04:02 - 00000000 ____D () C:\Windows\Lan
2014-08-29 04:02 - 2014-08-29 04:02 - 00000000 ____D () C:\acer
2014-08-29 04:02 - 2009-08-16 08:27 - 00049895 _____ () C:\Windows\PLaunch.log
2014-08-29 04:02 - 2009-07-27 22:26 - 00000000 ___DC () C:\elements
2014-08-29 04:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-08-29 04:01 - 2014-08-29 04:01 - 00000708 _____ () C:\Windows\CapsuleDll.log
2014-08-29 04:01 - 2014-08-29 04:01 - 00000000 ____D () C:\Patch
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\vlc
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-28 18:55 - 2014-08-28 18:55 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-28 18:55 - 2014-08-28 18:54 - 24743106 _____ () C:\Users\Misa\Downloads\vlc-2.1.5-win32.exe
2014-08-28 18:52 - 2014-08-28 18:50 - 00000000 ____D () C:\ProgramData\WinZip
2014-08-28 18:51 - 2014-08-28 18:51 - 00002265 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-08-28 18:51 - 2014-08-28 18:51 - 00000000 ____D () C:\Users\Misa\AppData\Local\WinZip
2014-08-28 18:51 - 2014-08-28 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-08-28 18:50 - 2014-08-28 18:50 - 00000000 ____D () C:\Program Files (x86)\WinZip
2014-08-28 18:48 - 2014-08-28 18:47 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-08-28 18:47 - 2014-08-28 18:47 - 00001196 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2014-08-28 18:47 - 2014-08-28 18:47 - 00000000 ____D () C:\Program Files\Windows Live
2014-08-28 18:46 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-08-28 18:41 - 2014-08-28 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 18:41 - 2014-08-28 18:40 - 00000000 ____D () C:\Users\Misa\AppData\Local\Deployment
2014-08-28 18:40 - 2014-08-28 18:40 - 00000000 ____D () C:\Users\Misa\AppData\Local\Apps\2.0
2014-08-28 18:40 - 2014-08-28 18:30 - 00108840 _____ () C:\Users\Misa\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-28 18:39 - 2014-08-28 18:39 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Macromedia
2014-08-28 18:39 - 2014-08-28 18:39 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Adobe
2014-08-28 18:38 - 2009-08-22 08:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-08-28 18:37 - 2014-08-28 18:32 - 00004146 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 18:37 - 2014-08-28 18:32 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 18:35 - 2014-08-28 18:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-08-28 18:35 - 2009-08-22 07:59 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-08-28 18:35 - 2009-08-16 08:31 - 00000000 ____D () C:\Windows\ShellNew
2014-08-28 18:33 - 2014-08-28 18:33 - 00000000 ____D () C:\Users\Misa\AppData\Local\Microsoft Help
2014-08-28 18:33 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-08-28 18:31 - 2014-08-28 18:31 - 00000000 ____D () C:\Users\Misa\AppData\Roaming\Google
2014-08-28 18:21 - 2014-08-28 18:21 - 00001439 _____ () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-28 18:21 - 2014-08-28 18:21 - 00001405 _____ () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-08-28 18:21 - 2014-08-28 18:19 - 00000000 ____D () C:\Users\Misa
2014-08-28 18:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-28 18:20 - 2014-08-28 18:20 - 00000000 ____D () C:\Users\Misa\AppData\Local\VirtualStore
2014-08-28 18:19 - 2014-08-28 18:19 - 00000020 ___SH () C:\Users\Misa\ntuser.ini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Public\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Risorse di stampa
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Risorse di rete
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Recenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Impostazioni locali
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Misa\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Risorse di stampa
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Risorse di rete
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Recenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Impostazioni locali
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Video
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Musica
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\Documents\Immagini
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Cronologia
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Preferiti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Modelli
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programmi
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Menu Avvio
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Documenti
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\ProgramData\Dati applicazioni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 _SHDL () C:\Program Files\File comuni
2014-08-28 18:19 - 2014-08-28 18:19 - 00000000 ____D () C:\Recovery
2014-08-28 18:19 - 2009-07-27 22:41 - 00000000 ____D () C:\Windows\Panther
2014-08-28 18:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-08-28 18:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-08-28 18:16 - 2009-07-27 21:43 - 00005767 _____ () C:\Windows\TSSysprep.log
2014-08-28 18:16 - 2009-07-14 06:46 - 00004059 _____ () C:\Windows\DtcInstall.log
2014-08-25 06:53 - 2014-09-04 23:21 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
Some content of TEMP:
====================
C:\Users\Misa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptmok9g.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-05 00:17
 
==================== End Of Log ============================
 
 
ESET
 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=bb3a5884bb581047ababaeb189dfad9b
# engine=20016
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-05 12:43:48
# local_time=2014-09-05 02:43:48 (+0100, ora legale Europa occidentale)
# country="Italy"
# lang=1033
# osver=6.1.7600 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 95 23034 6119313 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 55305 161550878 0 0
# scanned=95325
# found=2
# cleaned=0
# scan_time=2370
sh=1AC7CC4E448C7255E8BFB50A93D5E871843A74DE ft=1 fh=7d0b0119850d9534 vn="Win64/Olmasco.AB trojan" ac=I fn="C:\TDSSKiller_Quarantine\05.09.2014_13.16.25\mbr0000\tdlfs0000\tsk0011.dta"
sh=1AC7CC4E448C7255E8BFB50A93D5E871843A74DE ft=1 fh=7d0b0119850d9534 vn="Win64/Olmasco.AB trojan" ac=I fn="C:\TDSSKiller_Quarantine\05.09.2014_13.59.15\tdlfs0000\tsk0011.dta"
 
 
 


#14 wsht

wsht
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:03:37 AM

Posted 05 September 2014 - 07:55 AM

post too long

Attached Files



#15 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:37 AM

Posted 05 September 2014 - 08:15 AM

Great.

That's it! Your logs look clean to me at the moment.
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!



Clean Up

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:
  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Rename Combofix.exe in Uninstall.exe and execute it with a double click. (Beware that file extensions might be hidden. So don't add a double extension Uninstall.exe.exe.)
  • Download DelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.


Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:

Internet Explorer Version 8
Adobe Flash Player 10 ActiveX
Adobe Reader 9.1 MUI

Also: Download and install Service Pack 1 for Windows 7.
Afterwards go to the Control Panel, open Windows Updates and download and install all updates that are provided. Repeat this until everything is up-to-date and enable automatic updates afterwards.



Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users