Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

$RECYCLE.BIN problem, External hard drive gets stuck and not responding...


  • This topic is locked This topic is locked
16 replies to this topic

#1 naruto2715

naruto2715

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 24 October 2012 - 07:01 PM

microsoft windows 7 home basic, 64 bit...i have explained each and everything in detail what i did after facing the problem... sorry if i have elaborated it too much...please check below

when i first met with this problem, the first thing i did was went to folder options, clicked show hidden files,folders and drives also clicked show protected operating system files...i saw this $RECYCLE.BIN folder and system volume information everywere in C,D,F drive and EXTERNAL HARD DRIVE (320gb)...

(1) especially in my EXTERNAL HARD DRIVE which has $RECYCLE.BIN folder, i opened it, it had
- a recycle bin folder with a lock
- S-1-5-21-566146807-459689816-3130632603-1000 folder
- S-1-5-21-695743439-2845992669-431325320-1001 folder
- S-1-5-21-755617662-3353771602-1062257434-1000 folder
- S-1-5-21-797640045-2461420396-3694299848-1000 folder
- S-1-5-21-2551219980-1859055015-87672157-1000 folder
- S-1-5-21-3106398197-1369648863-2263781077-1000 folder

whenever i tried to open this " S-1-5........." folder i get a box which says " G:\$RECYCLE.BIN\S-1-5....... is not accessible ". access is denied.

(2)whenever i try to open some songs, movies folders in my external hard drive the whole drive gets stuck and on the top it says "not responding"...then iam able
to see only the background picture and iam able to do nothing ..so i shut it down and on again...

(3) but in my laptop in the c,d,f drives the $RECYCLE.BIN folder opens , but it is blank

so i immediately remove the external hard drive thinking the problem started here..so after sometime i reinstalled the whole operating system with some basic knowledge i partitioned C (1OO gb),D (220 gb) ..after all process successfully I installed the drivers and utilites in laptop...but in the my computer it is opposite C (220 gb),D (100 gb)....so i extend 100gb from C drive and name it F... since iam not used to three partitions i did something i think i deleted it ..in my computer there is no F drive... i check in disk management there is a F drive saying " 100 gb NTFS healthy (logical drive)"..so totally 100gb missing in my computer...
i checked the disk deframenter in that there were C,D,F, External hard drive and " \\?\volume{b11b8d15-18dd-11e2-8f44-806e6f6e6963}\" drive..i think all these problem because of that $RECYCLE.BIN ...

(4) so i searched in google about this $RECYCLE.BIN folder and got some details and i followed the instructions of britec who had posted in youtube... he said
download ROGUEKILLER, MALWAREBYTES ANTI MALWARE (MBAM), FARBAR SERVICE SCANNER (FSS)& HITMAN PRO 3.6...i followed his instructions correctly .. for the past
5 weeks i have been doing these scans...still the problem is not solved...still my external hard drive is slow and gets stuck...before performing the above
said scans i uninstalled the avast antivirus (free version) which i had been using....

..... I got the following reports :-

RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : rkb [Admin rights]
Mode : Remove -- Date : 10/25/2012 04:22:45

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3276GSX ATA Device +++++
--- User ---
[MBR] 4f49e084146eaaeb8ca17968fdebe6ef
[BSP] c61f049dc9e79d72c014cfcfb4dd916d : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 102299 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 209717248 | Size: 100443 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 415424512 | Size: 102400 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Seagate FreeAgent GoFlex USB Device +++++
--- User ---
[MBR] e72a227e4bd8b9c7118772a14c6fb049
[BSP] 668c5ce319e5124a195c71dafa173881 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305242 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1].txt >>
RKreport[1]


= = = = = = = = = = = = = = == = = = = = = = = = = = = = = = = = === = = = = = == = = = = = == = === = = = = = = =

after restarting the laptop...

== = = == = = = = == = = = = = = = = = = == = = = = = = = = == = = = = = = = = = = = = = = = = = = == = = = = = = = =


RogueKiller V8.2.0 [10/22/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : rkb [Admin rights]
Mode : Scan -- Date : 10/25/2012 04:25:31

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK3276GSX ATA Device +++++
--- User ---
[MBR] 4f49e084146eaaeb8ca17968fdebe6ef
[BSP] c61f049dc9e79d72c014cfcfb4dd916d : Windows 7 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 102299 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 209717248 | Size: 100443 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 415424512 | Size: 102400 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Seagate FreeAgent GoFlex USB Device +++++
--- User ---
[MBR] e72a227e4bd8b9c7118772a14c6fb049
[BSP] 668c5ce319e5124a195c71dafa173881 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305242 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt


= = = = == = = = == = = = = = = = = = = = = = = = = = = = = = = = = = = == = = = = = = = = = = = = = = = == = = = = = = =


Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org

Database version: v2012.10.24.08

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
rkb :: RKB-PC [administrator]

Protection: Enabled

10/25/2012 4:28:05 AM
mbam-log-2012-10-25 (04-28-05).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 195387
Time elapsed: 2 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


= = = = = = = = = = = = == === = = == = = = = = = = = = = = == = = = = = == = == = == = = = = = = = = == == = = = = = = = = =


Farbar Service Scanner Version: 19-10-2012
Ran by rkb (administrator) on 25-10-2012 at 04:32:16
Running from "C:\Users\rkb\Desktop"
Microsoft Windows 7 Home Basic (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-10-18 01:28] - [2011-12-28 09:29] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-10-18 01:27] - [2012-03-30 16:39] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-14 05:39] - [2009-07-14 07:11] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 05:06] - [2009-07-14 07:11] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-10-18 01:06] - [2012-06-02 10:55] - 0182272 ____A (Microsoft Corporation) BAF19B633933A9FB4883D27D66C39E9A

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****


= = = = = = = = = = = = == === = = == = = = = = = = = = = = == = = = = = == = == = == = = = = = = = = == == = = = = = = = = = = =


HitmanPro 3.6.2.171
www.hitmanpro.com

   Computer name . . . . : RKB-PC
   Windows . . . . . . . : 6.1.0.7600.X64/4
   User name . . . . . . : rkb-PC\rkb
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (27 days left)

   Scan date . . . . . . : 2012-10-25 04:34:09
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 37s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 0

   Objects scanned . . . : 1,077,367
   Files scanned . . . . : 8,746
   Remnants scanned  . . : 203,509 files / 865,112 keys


--------------------------

please help me with this issue ,i have been suffering with this problem for the past 1 week.....:( :( :( ...i hope so the issue gets solved...

Edited by hamluis, 25 October 2012 - 09:41 AM.
Moved to Am I Infected from External Hardware - Hamluis.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,545 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:47 PM

Posted 24 October 2012 - 07:49 PM

Recycle Bin...should be a folder reflected for each partition.

Recycler should be a folder reflected on each partition/drive when using Explorer view in Windows.

http://support.microsoft.com/kb/171694

Both of these are perfectly normal system files and should not be tampered with. Do not try to manually delete them or delete the contents.

If you think that your Recycle Bin is damaged...simply turn off the Recycle Bin on the desktop to remove the contents of the folders reflected on each partition. You can turn it back on the reverse way of turning it off.

http://delltech.150m.com/XP/exploring/12.htm

Louis

#3 naruto2715

naruto2715
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 25 October 2012 - 08:22 AM

i tried the link which you had posted...i tried turning off the recycle bin and delete it, but only three "s-1--5......." folders got deleted .i was not able to delete the other two ....none worked out...still the whole EXTERNAL HARD DRIVE (320 gb) gets stuck and on the top it says "not responding"....now iam not able to open any folders it is damn slow and gets stuck....also iam not able to delete that $RECYCLE.BIN folder it just shows a box saying it is deleting ,i waited for more than 20 minutes...
also what does " Error reading LL2 MBR! " mean ?????...

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,545 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:47 PM

Posted 25 October 2012 - 09:40 AM

<<Error reading LL2 MBR>>

The references that I see with this comment...all involve possible malware situations.

Based on that, I will move your topic to an appropriate forum (Am I Infected) for further action.

Louis

#5 naruto2715

naruto2715
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 25 October 2012 - 10:33 AM

ok...thanks a lot for ur help so far louis... :)...hope so the problem gets solved as soon as possible...


rmb

Edited by naruto2715, 25 October 2012 - 10:36 AM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:47 PM

Posted 02 November 2012 - 10:09 PM

Hello, sorry you were lost. If you still need help please run these next.

Your HOSTS file may be infected.
Reset the HOSTS file
As this infection also changes your Windows HOSTS file, we want to replace this file with the default version for your operating system.
Some types of malware will alter the HOSTS file as part of its infection. Please follow the instructions provided in How do I reset the hosts file back to the default?

To reset the hosts file automatically,go HERE click the Posted Image button. Then just follow the prompts in the Fix it wizard.


OR
Click Run in the File Download dialog box or save MicrosoftFixit50267.msi to your Desktop and double-click on it to run. Then just follow the prompts in the Fix it wizard.


>>>>>>>

Lets check for and confirm the MBR (Master Boot Record) rootkit.


Please download mbr.exe and save it to the root directory, usually C:\ <- (Important!).
  • Go to Start > Run and type: cmd.exe
  • press Ok.
  • At the command prompt type: c:\mbr.exe >>"C:\mbr.log"
  • press Enter.
  • The process is automatic...a black DOS window will open and quickly disappear. This is normal.
  • A log file named mbr.log will be created and saved to the root of the system drive (usually C:\).
  • Copy and paste the results of the mbr.log in your next reply.
If you have a problem using the command prompt, you can just double-click on mbr.exe to run the tool.




Please Download

TDSSkiller


Launch it. Click on change parameters-Select TDLFS file system

Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.





MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Edited by boopme, 02 November 2012 - 10:10 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 naruto2715

naruto2715
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 07 November 2012 - 09:35 AM

sorry, exams were going on ...as you told i installed microsoft fix it and clicked run, it was loading for some time and then it told to restart the computer to fix it..... is it correct ???

also what does ..When using "Reset FF Proxy Settings" option Firefox should be closed...???..iam using google chrome so i hav to do nothing regarding that right...

mbr.log, TDSSkiller log & MiniToolBox result are below.....

...............................
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 6.1.7601

device: opened successfully
user: error reading MBR
error: Read The handle is invalid.
kernel: error reading MBR

......................................................................


21:25:14.0651 3208 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:25:15.0540 3208 ============================================================
21:25:15.0540 3208 Current date / time: 2012/11/06 21:25:15.0540
21:25:15.0540 3208 SystemInfo:
21:25:15.0540 3208
21:25:15.0540 3208 OS Version: 6.1.7601 ServicePack: 1.0
21:25:15.0540 3208 Product type: Workstation
21:25:15.0540 3208 ComputerName: RKB-PC
21:25:15.0540 3208 UserName: rkb
21:25:15.0540 3208 Windows directory: C:\Windows
21:25:15.0540 3208 System windows directory: C:\Windows
21:25:15.0540 3208 Running under WOW64
21:25:15.0540 3208 Processor architecture: Intel x64
21:25:15.0540 3208 Number of processors: 4
21:25:15.0540 3208 Page size: 0x1000
21:25:15.0540 3208 Boot type: Normal boot
21:25:15.0540 3208 ============================================================
21:25:16.0586 3208 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:25:16.0586 3208 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D55E00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:25:20.0096 3208 ============================================================
21:25:20.0096 3208 \Device\Harddisk0\DR0:
21:25:20.0111 3208 MBR partitions:
21:25:20.0111 3208 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:25:20.0111 3208 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC7CD800
21:25:20.0111 3208 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC800800, BlocksNum 0xC42D800
21:25:20.0127 3208 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x18C2E800, BlocksNum 0xC7FF000
21:25:20.0127 3208 \Device\Harddisk1\DR1:
21:25:20.0142 3208 MBR partitions:
21:25:20.0142 3208 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D6C1
21:25:20.0142 3208 ============================================================
21:25:20.0252 3208 C: <-> \Device\Harddisk0\DR0\Partition3
21:25:20.0376 3208 D: <-> \Device\Harddisk0\DR0\Partition2
21:25:20.0470 3208 G: <-> \Device\Harddisk1\DR1\Partition1
21:25:20.0470 3208 ============================================================
21:25:20.0470 3208 Initialize success
21:25:20.0470 3208 ============================================================
21:26:00.0297 3336 ============================================================
21:26:00.0297 3336 Scan started
21:26:00.0297 3336 Mode: Manual; TDLFS;
21:26:00.0297 3336 ============================================================
21:26:00.0921 3336 ================ Scan system memory ========================
21:26:00.0921 3336 System memory - ok
21:26:00.0921 3336 ================ Scan services =============================
21:26:01.0077 3336 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:26:01.0077 3336 1394ohci - ok
21:26:01.0155 3336 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:26:01.0155 3336 ACPI - ok
21:26:01.0186 3336 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:26:01.0186 3336 AcpiPmi - ok
21:26:01.0280 3336 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:26:01.0280 3336 AdobeFlashPlayerUpdateSvc - ok
21:26:01.0342 3336 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:26:01.0342 3336 adp94xx - ok
21:26:01.0373 3336 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:26:01.0373 3336 adpahci - ok
21:26:01.0373 3336 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:26:01.0389 3336 adpu320 - ok
21:26:01.0405 3336 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:26:01.0420 3336 AeLookupSvc - ok
21:26:01.0498 3336 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_35a1fb3404aa1180\AESTSr64.exe
21:26:01.0498 3336 AESTFilters - ok
21:26:01.0545 3336 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
21:26:01.0545 3336 AFD - ok
21:26:01.0576 3336 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:26:01.0592 3336 agp440 - ok
21:26:01.0623 3336 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:26:01.0623 3336 ALG - ok
21:26:01.0654 3336 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
21:26:01.0654 3336 aliide - ok
21:26:01.0701 3336 [ 388E79AF1C9E4D84A8559FA77F804CF6 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:26:01.0701 3336 AMD External Events Utility - ok
21:26:01.0748 3336 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
21:26:01.0748 3336 amdide - ok
21:26:01.0795 3336 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:26:01.0795 3336 AmdK8 - ok
21:26:01.0982 3336 [ 79A11CB10FF02A8425DABBB040249F7D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
21:26:02.0153 3336 amdkmdag - ok
21:26:02.0200 3336 [ 6F6D47246FBB0CF65619684A0F89179E ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
21:26:02.0200 3336 amdkmdap - ok
21:26:02.0231 3336 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:26:02.0231 3336 AmdPPM - ok
21:26:02.0294 3336 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:26:02.0294 3336 amdsata - ok
21:26:02.0325 3336 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:26:02.0325 3336 amdsbs - ok
21:26:02.0341 3336 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:26:02.0341 3336 amdxata - ok
21:26:02.0387 3336 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
21:26:02.0387 3336 AppID - ok
21:26:02.0419 3336 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:26:02.0419 3336 AppIDSvc - ok
21:26:02.0450 3336 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
21:26:02.0450 3336 Appinfo - ok
21:26:02.0481 3336 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:26:02.0481 3336 arc - ok
21:26:02.0497 3336 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:26:02.0497 3336 arcsas - ok
21:26:02.0528 3336 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:26:02.0528 3336 AsyncMac - ok
21:26:02.0559 3336 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
21:26:02.0559 3336 atapi - ok
21:26:02.0621 3336 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
21:26:02.0621 3336 AtiHdmiService - ok
21:26:02.0684 3336 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:26:02.0699 3336 AudioEndpointBuilder - ok
21:26:02.0715 3336 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:26:02.0715 3336 AudioSrv - ok
21:26:02.0762 3336 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:26:02.0762 3336 AxInstSV - ok
21:26:02.0809 3336 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:26:02.0824 3336 b06bdrv - ok
21:26:02.0855 3336 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:26:02.0855 3336 b57nd60a - ok
21:26:02.0918 3336 [ AC4E2D84DE54CD3A013AEFF0CC56095C ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
21:26:02.0918 3336 BCM42RLY - ok
21:26:02.0996 3336 [ 8B5D16D20774FC3727F44E161BE2C0AC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:26:03.0011 3336 BCM43XX - ok
21:26:03.0074 3336 [ D224B2E6BB543F1D8F1177D57FEC2950 ] BcmVWL C:\Windows\system32\DRIVERS\bcmvwl64.sys
21:26:03.0074 3336 BcmVWL - ok
21:26:03.0105 3336 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:26:03.0105 3336 BDESVC - ok
21:26:03.0136 3336 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:26:03.0136 3336 Beep - ok
21:26:03.0199 3336 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
21:26:03.0214 3336 BFE - ok
21:26:03.0277 3336 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
21:26:03.0292 3336 BITS - ok
21:26:03.0308 3336 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:26:03.0308 3336 blbdrive - ok
21:26:03.0355 3336 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:26:03.0355 3336 bowser - ok
21:26:03.0401 3336 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:26:03.0401 3336 BrFiltLo - ok
21:26:03.0401 3336 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:26:03.0401 3336 BrFiltUp - ok
21:26:03.0448 3336 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
21:26:03.0464 3336 Browser - ok
21:26:03.0479 3336 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:26:03.0479 3336 Brserid - ok
21:26:03.0495 3336 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:26:03.0495 3336 BrSerWdm - ok
21:26:03.0495 3336 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:26:03.0495 3336 BrUsbMdm - ok
21:26:03.0511 3336 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:26:03.0511 3336 BrUsbSer - ok
21:26:03.0557 3336 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:26:03.0557 3336 BthEnum - ok
21:26:03.0573 3336 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:26:03.0573 3336 BTHMODEM - ok
21:26:03.0604 3336 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:26:03.0604 3336 BthPan - ok
21:26:03.0635 3336 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:26:03.0651 3336 BTHPORT - ok
21:26:03.0682 3336 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:26:03.0698 3336 bthserv - ok
21:26:03.0713 3336 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:26:03.0713 3336 BTHUSB - ok
21:26:03.0760 3336 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:26:03.0760 3336 btwaudio - ok
21:26:03.0807 3336 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
21:26:03.0854 3336 btwavdt - ok
21:26:03.0979 3336 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:26:03.0994 3336 btwdins - ok
21:26:04.0025 3336 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
21:26:04.0025 3336 btwl2cap - ok
21:26:04.0057 3336 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:26:04.0057 3336 btwrchid - ok
21:26:04.0088 3336 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:26:04.0088 3336 cdfs - ok
21:26:04.0135 3336 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
21:26:04.0135 3336 cdrom - ok
21:26:04.0166 3336 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
21:26:04.0166 3336 CertPropSvc - ok
21:26:04.0181 3336 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:26:04.0181 3336 circlass - ok
21:26:04.0228 3336 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:26:04.0244 3336 CLFS - ok
21:26:04.0306 3336 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:26:04.0322 3336 clr_optimization_v2.0.50727_32 - ok
21:26:04.0353 3336 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:26:04.0353 3336 clr_optimization_v2.0.50727_64 - ok
21:26:04.0447 3336 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:26:04.0447 3336 clr_optimization_v4.0.30319_32 - ok
21:26:04.0478 3336 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:26:04.0493 3336 clr_optimization_v4.0.30319_64 - ok
21:26:04.0525 3336 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:26:04.0525 3336 CmBatt - ok
21:26:04.0556 3336 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:26:04.0556 3336 cmdide - ok
21:26:04.0603 3336 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
21:26:04.0603 3336 CNG - ok
21:26:04.0634 3336 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:26:04.0634 3336 Compbatt - ok
21:26:04.0681 3336 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
21:26:04.0681 3336 CompositeBus - ok
21:26:04.0696 3336 COMSysApp - ok
21:26:04.0727 3336 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:26:04.0727 3336 crcdisk - ok
21:26:04.0774 3336 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:26:04.0774 3336 CryptSvc - ok
21:26:04.0805 3336 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
21:26:04.0821 3336 CtClsFlt - ok
21:26:04.0883 3336 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:26:04.0899 3336 DcomLaunch - ok
21:26:04.0930 3336 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:26:04.0930 3336 defragsvc - ok
21:26:04.0993 3336 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:26:04.0993 3336 DfsC - ok
21:26:05.0039 3336 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
21:26:05.0039 3336 Dhcp - ok
21:26:05.0071 3336 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:26:05.0071 3336 discache - ok
21:26:05.0102 3336 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:26:05.0102 3336 Disk - ok
21:26:05.0133 3336 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:26:05.0133 3336 Dnscache - ok
21:26:05.0164 3336 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
21:26:05.0164 3336 dot3svc - ok
21:26:05.0195 3336 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
21:26:05.0211 3336 DPS - ok
21:26:05.0242 3336 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:26:05.0242 3336 drmkaud - ok
21:26:05.0305 3336 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:26:05.0320 3336 DXGKrnl - ok
21:26:05.0351 3336 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:26:05.0351 3336 EapHost - ok
21:26:05.0476 3336 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:26:05.0507 3336 ebdrv - ok
21:26:05.0539 3336 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
21:26:05.0539 3336 EFS - ok
21:26:05.0585 3336 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:26:05.0585 3336 elxstor - ok
21:26:05.0617 3336 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:26:05.0632 3336 ErrDev - ok
21:26:05.0679 3336 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:26:05.0679 3336 EventSystem - ok
21:26:05.0726 3336 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:26:05.0726 3336 exfat - ok
21:26:05.0741 3336 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:26:05.0741 3336 fastfat - ok
21:26:05.0788 3336 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
21:26:05.0804 3336 Fax - ok
21:26:05.0804 3336 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:26:05.0804 3336 fdc - ok
21:26:05.0835 3336 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:26:05.0835 3336 fdPHost - ok
21:26:05.0835 3336 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:26:05.0835 3336 FDResPub - ok
21:26:05.0866 3336 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:26:05.0866 3336 FileInfo - ok
21:26:05.0882 3336 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:26:05.0882 3336 Filetrace - ok
21:26:05.0913 3336 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:26:05.0913 3336 flpydisk - ok
21:26:05.0944 3336 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:26:05.0960 3336 FltMgr - ok
21:26:06.0007 3336 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
21:26:06.0022 3336 FontCache - ok
21:26:06.0085 3336 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:26:06.0085 3336 FontCache3.0.0.0 - ok
21:26:06.0116 3336 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:26:06.0116 3336 FsDepends - ok
21:26:06.0147 3336 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:26:06.0147 3336 Fs_Rec - ok
21:26:06.0194 3336 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:26:06.0209 3336 fvevol - ok
21:26:06.0225 3336 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:26:06.0225 3336 gagp30kx - ok
21:26:06.0272 3336 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
21:26:06.0287 3336 gpsvc - ok
21:26:06.0365 3336 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:26:06.0365 3336 gupdate - ok
21:26:06.0365 3336 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:26:06.0365 3336 gupdatem - ok
21:26:06.0381 3336 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:26:06.0381 3336 hcw85cir - ok
21:26:06.0443 3336 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:26:06.0443 3336 HdAudAddService - ok
21:26:06.0490 3336 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
21:26:06.0490 3336 HDAudBus - ok
21:26:06.0521 3336 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:26:06.0521 3336 HECIx64 - ok
21:26:06.0553 3336 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:26:06.0553 3336 HidBatt - ok
21:26:06.0553 3336 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:26:06.0568 3336 HidBth - ok
21:26:06.0584 3336 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:26:06.0584 3336 HidIr - ok
21:26:06.0599 3336 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:26:06.0599 3336 hidserv - ok
21:26:06.0646 3336 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:26:06.0662 3336 HidUsb - ok
21:26:06.0693 3336 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:26:06.0693 3336 hkmsvc - ok
21:26:06.0724 3336 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:26:06.0740 3336 HomeGroupListener - ok
21:26:06.0771 3336 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:26:06.0787 3336 HomeGroupProvider - ok
21:26:06.0818 3336 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:26:06.0818 3336 HpSAMD - ok
21:26:06.0880 3336 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:26:06.0896 3336 HTTP - ok
21:26:06.0927 3336 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:26:06.0927 3336 hwpolicy - ok
21:26:06.0989 3336 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:26:06.0989 3336 i8042prt - ok
21:26:07.0021 3336 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:26:07.0021 3336 iaStorV - ok
21:26:07.0099 3336 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:26:07.0114 3336 idsvc - ok
21:26:07.0145 3336 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:26:07.0145 3336 iirsp - ok
21:26:07.0192 3336 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
21:26:07.0208 3336 IKEEXT - ok
21:26:07.0239 3336 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
21:26:07.0239 3336 intelide - ok
21:26:07.0270 3336 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:26:07.0270 3336 intelppm - ok
21:26:07.0301 3336 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:26:07.0301 3336 IPBusEnum - ok
21:26:07.0333 3336 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:26:07.0348 3336 IpFilterDriver - ok
21:26:07.0379 3336 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:26:07.0395 3336 iphlpsvc - ok
21:26:07.0426 3336 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:26:07.0426 3336 IPMIDRV - ok
21:26:07.0442 3336 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:26:07.0457 3336 IPNAT - ok
21:26:07.0473 3336 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:26:07.0473 3336 IRENUM - ok
21:26:07.0489 3336 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:26:07.0489 3336 isapnp - ok
21:26:07.0504 3336 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:26:07.0520 3336 iScsiPrt - ok
21:26:07.0551 3336 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:26:07.0551 3336 kbdclass - ok
21:26:07.0598 3336 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
21:26:07.0598 3336 kbdhid - ok
21:26:07.0629 3336 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
21:26:07.0629 3336 KeyIso - ok
21:26:07.0660 3336 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:26:07.0660 3336 KSecDD - ok
21:26:07.0707 3336 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:26:07.0707 3336 KSecPkg - ok
21:26:07.0754 3336 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:26:07.0754 3336 ksthunk - ok
21:26:07.0785 3336 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:26:07.0801 3336 KtmRm - ok
21:26:07.0879 3336 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:26:07.0894 3336 LanmanServer - ok
21:26:07.0941 3336 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:26:07.0941 3336 LanmanWorkstation - ok
21:26:08.0003 3336 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:26:08.0003 3336 lltdio - ok
21:26:08.0050 3336 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:26:08.0050 3336 lltdsvc - ok
21:26:08.0097 3336 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:26:08.0097 3336 lmhosts - ok
21:26:08.0128 3336 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:26:08.0128 3336 LSI_FC - ok
21:26:08.0128 3336 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:26:08.0128 3336 LSI_SAS - ok
21:26:08.0144 3336 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:26:08.0144 3336 LSI_SAS2 - ok
21:26:08.0144 3336 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:26:08.0144 3336 LSI_SCSI - ok
21:26:08.0175 3336 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:26:08.0175 3336 luafv - ok
21:26:08.0191 3336 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:26:08.0191 3336 megasas - ok
21:26:08.0206 3336 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:26:08.0206 3336 MegaSR - ok
21:26:08.0284 3336 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:26:08.0284 3336 Microsoft Office Groove Audit Service - ok
21:26:08.0315 3336 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:26:08.0315 3336 MMCSS - ok
21:26:08.0331 3336 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:26:08.0331 3336 Modem - ok
21:26:08.0362 3336 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:26:08.0362 3336 monitor - ok
21:26:08.0378 3336 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:26:08.0393 3336 mouclass - ok
21:26:08.0409 3336 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:26:08.0409 3336 mouhid - ok
21:26:08.0456 3336 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:26:08.0456 3336 mountmgr - ok
21:26:08.0471 3336 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
21:26:08.0487 3336 mpio - ok
21:26:08.0518 3336 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:26:08.0518 3336 mpsdrv - ok
21:26:08.0549 3336 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:26:08.0565 3336 MpsSvc - ok
21:26:08.0612 3336 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:26:08.0612 3336 MRxDAV - ok
21:26:08.0643 3336 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:26:08.0643 3336 mrxsmb - ok
21:26:08.0659 3336 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:26:08.0674 3336 mrxsmb10 - ok
21:26:08.0690 3336 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:26:08.0690 3336 mrxsmb20 - ok
21:26:08.0721 3336 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
21:26:08.0721 3336 msahci - ok
21:26:08.0752 3336 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:26:08.0752 3336 msdsm - ok
21:26:08.0783 3336 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:26:08.0783 3336 MSDTC - ok
21:26:08.0830 3336 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:26:08.0830 3336 Msfs - ok
21:26:08.0861 3336 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:26:08.0861 3336 mshidkmdf - ok
21:26:08.0893 3336 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:26:08.0893 3336 msisadrv - ok
21:26:08.0939 3336 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:26:08.0955 3336 MSiSCSI - ok
21:26:08.0955 3336 msiserver - ok
21:26:08.0971 3336 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:26:08.0971 3336 MSKSSRV - ok
21:26:08.0986 3336 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:26:08.0986 3336 MSPCLOCK - ok
21:26:09.0002 3336 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:26:09.0002 3336 MSPQM - ok
21:26:09.0049 3336 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:26:09.0064 3336 MsRPC - ok
21:26:09.0095 3336 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
21:26:09.0095 3336 mssmbios - ok
21:26:09.0111 3336 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:26:09.0111 3336 MSTEE - ok
21:26:09.0142 3336 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:26:09.0142 3336 MTConfig - ok
21:26:09.0158 3336 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:26:09.0158 3336 Mup - ok
21:26:09.0205 3336 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
21:26:09.0220 3336 napagent - ok
21:26:09.0267 3336 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:26:09.0267 3336 NativeWifiP - ok
21:26:09.0329 3336 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:26:09.0345 3336 NDIS - ok
21:26:09.0361 3336 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:26:09.0361 3336 NdisCap - ok
21:26:09.0376 3336 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:26:09.0376 3336 NdisTapi - ok
21:26:09.0407 3336 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:26:09.0423 3336 Ndisuio - ok
21:26:09.0454 3336 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:26:09.0454 3336 NdisWan - ok
21:26:09.0501 3336 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:26:09.0501 3336 NDProxy - ok
21:26:09.0532 3336 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:26:09.0532 3336 NetBIOS - ok
21:26:09.0579 3336 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:26:09.0579 3336 NetBT - ok
21:26:09.0610 3336 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
21:26:09.0610 3336 Netlogon - ok
21:26:09.0657 3336 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
21:26:09.0657 3336 Netman - ok
21:26:09.0673 3336 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
21:26:09.0673 3336 netprofm - ok
21:26:09.0704 3336 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:26:09.0704 3336 NetTcpPortSharing - ok
21:26:09.0751 3336 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
21:26:09.0751 3336 nfrd960 - ok
21:26:09.0782 3336 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:26:09.0797 3336 NlaSvc - ok
21:26:09.0797 3336 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:26:09.0797 3336 Npfs - ok
21:26:09.0829 3336 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
21:26:09.0829 3336 nsi - ok
21:26:09.0844 3336 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:26:09.0844 3336 nsiproxy - ok
21:26:09.0922 3336 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:26:09.0953 3336 Ntfs - ok
21:26:09.0969 3336 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
21:26:09.0969 3336 Null - ok
21:26:10.0000 3336 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:26:10.0000 3336 nvraid - ok
21:26:10.0047 3336 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:26:10.0047 3336 nvstor - ok
21:26:10.0078 3336 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:26:10.0078 3336 nv_agp - ok
21:26:10.0156 3336 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:26:10.0172 3336 odserv - ok
21:26:10.0203 3336 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:26:10.0203 3336 ohci1394 - ok
21:26:10.0234 3336 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:26:10.0234 3336 ose - ok
21:26:10.0281 3336 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:26:10.0281 3336 p2pimsvc - ok
21:26:10.0312 3336 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:26:10.0312 3336 p2psvc - ok
21:26:10.0343 3336 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:26:10.0343 3336 Parport - ok
21:26:10.0375 3336 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:26:10.0375 3336 partmgr - ok
21:26:10.0390 3336 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:26:10.0390 3336 PcaSvc - ok
21:26:10.0421 3336 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
21:26:10.0421 3336 pci - ok
21:26:10.0453 3336 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
21:26:10.0453 3336 pciide - ok
21:26:10.0484 3336 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
21:26:10.0484 3336 pcmcia - ok
21:26:10.0515 3336 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
21:26:10.0515 3336 pcw - ok
21:26:10.0531 3336 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:26:10.0531 3336 PEAUTH - ok
21:26:10.0624 3336 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:26:10.0624 3336 PerfHost - ok
21:26:10.0702 3336 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
21:26:10.0733 3336 pla - ok
21:26:10.0780 3336 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:26:10.0796 3336 PlugPlay - ok
21:26:10.0827 3336 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:26:10.0827 3336 PNRPAutoReg - ok
21:26:10.0858 3336 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:26:10.0858 3336 PNRPsvc - ok
21:26:10.0905 3336 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:26:10.0921 3336 PolicyAgent - ok
21:26:10.0952 3336 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
21:26:10.0967 3336 Power - ok
21:26:11.0014 3336 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:26:11.0014 3336 PptpMiniport - ok
21:26:11.0045 3336 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
21:26:11.0045 3336 Processor - ok
21:26:11.0092 3336 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
21:26:11.0092 3336 ProfSvc - ok
21:26:11.0108 3336 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:26:11.0108 3336 ProtectedStorage - ok
21:26:11.0155 3336 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:26:11.0155 3336 Psched - ok
21:26:11.0248 3336 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
21:26:11.0264 3336 ql2300 - ok
21:26:11.0279 3336 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
21:26:11.0279 3336 ql40xx - ok
21:26:11.0311 3336 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
21:26:11.0311 3336 QWAVE - ok
21:26:11.0342 3336 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:26:11.0342 3336 QWAVEdrv - ok
21:26:11.0342 3336 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:26:11.0342 3336 RasAcd - ok
21:26:11.0373 3336 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:26:11.0373 3336 RasAgileVpn - ok
21:26:11.0404 3336 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
21:26:11.0404 3336 RasAuto - ok
21:26:11.0451 3336 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:26:11.0451 3336 Rasl2tp - ok
21:26:11.0498 3336 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
21:26:11.0498 3336 RasMan - ok
21:26:11.0545 3336 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:26:11.0545 3336 RasPppoe - ok
21:26:11.0560 3336 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:26:11.0560 3336 RasSstp - ok
21:26:11.0591 3336 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:26:11.0591 3336 rdbss - ok
21:26:11.0607 3336 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:26:11.0607 3336 rdpbus - ok
21:26:11.0638 3336 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:26:11.0638 3336 RDPCDD - ok
21:26:11.0654 3336 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:26:11.0654 3336 RDPENCDD - ok
21:26:11.0654 3336 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:26:11.0654 3336 RDPREFMP - ok
21:26:11.0685 3336 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:26:11.0685 3336 RDPWD - ok
21:26:11.0747 3336 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:26:11.0747 3336 rdyboost - ok
21:26:11.0779 3336 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:26:11.0779 3336 RemoteAccess - ok
21:26:11.0810 3336 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:26:11.0810 3336 RemoteRegistry - ok
21:26:11.0857 3336 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:26:11.0857 3336 RFCOMM - ok
21:26:11.0872 3336 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:26:11.0872 3336 RpcEptMapper - ok
21:26:11.0903 3336 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
21:26:11.0903 3336 RpcLocator - ok
21:26:11.0935 3336 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
21:26:11.0935 3336 RpcSs - ok
21:26:11.0981 3336 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:26:11.0981 3336 rspndr - ok
21:26:12.0028 3336 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:26:12.0028 3336 RTL8167 - ok
21:26:12.0044 3336 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
21:26:12.0044 3336 SamSs - ok
21:26:12.0075 3336 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:26:12.0075 3336 sbp2port - ok
21:26:12.0122 3336 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:26:12.0122 3336 SCardSvr - ok
21:26:12.0153 3336 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:26:12.0153 3336 scfilter - ok
21:26:12.0215 3336 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
21:26:12.0231 3336 Schedule - ok
21:26:12.0262 3336 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
21:26:12.0262 3336 SCPolicySvc - ok
21:26:12.0293 3336 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:26:12.0293 3336 SDRSVC - ok
21:26:12.0340 3336 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:26:12.0340 3336 secdrv - ok
21:26:12.0371 3336 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
21:26:12.0371 3336 seclogon - ok
21:26:12.0418 3336 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
21:26:12.0418 3336 SENS - ok
21:26:12.0449 3336 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:26:12.0449 3336 SensrSvc - ok
21:26:12.0465 3336 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:26:12.0465 3336 Serenum - ok
21:26:12.0496 3336 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:26:12.0496 3336 Serial - ok
21:26:12.0527 3336 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
21:26:12.0527 3336 sermouse - ok
21:26:12.0574 3336 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
21:26:12.0590 3336 SessionEnv - ok
21:26:12.0621 3336 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:26:12.0621 3336 sffdisk - ok
21:26:12.0621 3336 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:26:12.0621 3336 sffp_mmc - ok
21:26:12.0637 3336 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:26:12.0637 3336 sffp_sd - ok
21:26:12.0652 3336 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
21:26:12.0668 3336 sfloppy - ok
21:26:12.0699 3336 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:26:12.0699 3336 SharedAccess - ok
21:26:12.0730 3336 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:26:12.0746 3336 ShellHWDetection - ok
21:26:12.0777 3336 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:26:12.0777 3336 SiSRaid2 - ok
21:26:12.0777 3336 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
21:26:12.0777 3336 SiSRaid4 - ok
21:26:12.0824 3336 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:26:12.0824 3336 SkypeUpdate - ok
21:26:12.0855 3336 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:26:12.0855 3336 Smb - ok
21:26:12.0917 3336 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:26:12.0933 3336 SNMPTRAP - ok
21:26:12.0949 3336 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
21:26:12.0949 3336 spldr - ok
21:26:12.0980 3336 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
21:26:12.0995 3336 Spooler - ok
21:26:13.0105 3336 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
21:26:13.0120 3336 sppsvc - ok
21:26:13.0151 3336 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:26:13.0151 3336 sppuinotify - ok
21:26:13.0183 3336 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
21:26:13.0198 3336 srv - ok
21:26:13.0214 3336 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:26:13.0229 3336 srv2 - ok
21:26:13.0245 3336 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:26:13.0245 3336 srvnet - ok
21:26:13.0292 3336 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:26:13.0292 3336 SSDPSRV - ok
21:26:13.0307 3336 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:26:13.0323 3336 SstpSvc - ok
21:26:13.0432 3336 [ DE9E765BD64FFF598E9F3AAB41874D8A ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_35a1fb3404aa1180\STacSV64.exe
21:26:13.0432 3336 STacSV - ok
21:26:13.0448 3336 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
21:26:13.0463 3336 stexstor - ok
21:26:13.0510 3336 [ 3FE584503DC68CD206143BC334C43484 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
21:26:13.0510 3336 STHDA - ok
21:26:13.0557 3336 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
21:26:13.0573 3336 stisvc - ok
21:26:13.0588 3336 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
21:26:13.0604 3336 swenum - ok
21:26:13.0635 3336 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
21:26:13.0651 3336 swprv - ok
21:26:13.0697 3336 [ 8A3FBCB3D6D4710730D27DA4392A4863 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:26:13.0697 3336 SynTP - ok
21:26:13.0775 3336 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
21:26:13.0791 3336 SysMain - ok
21:26:13.0822 3336 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:26:13.0838 3336 TabletInputService - ok
21:26:13.0869 3336 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:26:13.0885 3336 TapiSrv - ok
21:26:13.0916 3336 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
21:26:13.0916 3336 TBS - ok
21:26:13.0994 3336 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:26:14.0025 3336 Tcpip - ok
21:26:14.0072 3336 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:26:14.0087 3336 TCPIP6 - ok
21:26:14.0119 3336 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:26:14.0119 3336 tcpipreg - ok
21:26:14.0150 3336 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:26:14.0150 3336 TDPIPE - ok
21:26:14.0181 3336 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:26:14.0197 3336 TDTCP - ok
21:26:14.0212 3336 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:26:14.0212 3336 tdx - ok
21:26:14.0259 3336 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
21:26:14.0259 3336 TermDD - ok
21:26:14.0290 3336 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
21:26:14.0306 3336 TermService - ok
21:26:14.0337 3336 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
21:26:14.0337 3336 Themes - ok
21:26:14.0368 3336 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
21:26:14.0368 3336 THREADORDER - ok
21:26:14.0384 3336 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
21:26:14.0399 3336 TrkWks - ok
21:26:14.0462 3336 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:26:14.0462 3336 TrustedInstaller - ok
21:26:14.0493 3336 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:26:14.0493 3336 tssecsrv - ok
21:26:14.0555 3336 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:26:14.0555 3336 TsUsbFlt - ok
21:26:14.0602 3336 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:26:14.0618 3336 tunnel - ok
21:26:14.0633 3336 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
21:26:14.0633 3336 uagp35 - ok
21:26:14.0680 3336 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:26:14.0696 3336 udfs - ok
21:26:14.0727 3336 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:26:14.0727 3336 UI0Detect - ok
21:26:14.0758 3336 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:26:14.0758 3336 uliagpkx - ok
21:26:14.0789 3336 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
21:26:14.0789 3336 umbus - ok
21:26:14.0821 3336 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
21:26:14.0836 3336 UmPass - ok
21:26:14.0852 3336 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
21:26:14.0867 3336 upnphost - ok
21:26:14.0883 3336 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:26:14.0883 3336 usbccgp - ok
21:26:14.0899 3336 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:26:14.0899 3336 usbcir - ok
21:26:14.0930 3336 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:26:14.0930 3336 usbehci - ok
21:26:14.0961 3336 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:26:14.0977 3336 usbhub - ok
21:26:14.0992 3336 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:26:14.0992 3336 usbohci - ok
21:26:15.0023 3336 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
21:26:15.0023 3336 usbprint - ok
21:26:15.0039 3336 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
21:26:15.0039 3336 USBSTOR - ok
21:26:15.0070 3336 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:26:15.0070 3336 usbuhci - ok
21:26:15.0101 3336 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:26:15.0117 3336 usbvideo - ok
21:26:15.0133 3336 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
21:26:15.0133 3336 UxSms - ok
21:26:15.0148 3336 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
21:26:15.0148 3336 VaultSvc - ok
21:26:15.0179 3336 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:26:15.0179 3336 vdrvroot - ok
21:26:15.0273 3336 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
21:26:15.0273 3336 vds - ok
21:26:15.0320 3336 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:26:15.0320 3336 vga - ok
21:26:15.0335 3336 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
21:26:15.0335 3336 VgaSave - ok
21:26:15.0367 3336 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:26:15.0367 3336 vhdmp - ok
21:26:15.0413 3336 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
21:26:15.0413 3336 viaide - ok
21:26:15.0429 3336 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:26:15.0429 3336 volmgr - ok
21:26:15.0460 3336 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:26:15.0476 3336 volmgrx - ok
21:26:15.0491 3336 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:26:15.0491 3336 volsnap - ok
21:26:15.0538 3336 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
21:26:15.0538 3336 vsmraid - ok
21:26:15.0616 3336 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
21:26:15.0647 3336 VSS - ok
21:26:15.0663 3336 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:26:15.0663 3336 vwifibus - ok
21:26:15.0694 3336 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:26:15.0694 3336 vwififlt - ok
21:26:15.0741 3336 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
21:26:15.0741 3336 W32Time - ok
21:26:15.0772 3336 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
21:26:15.0772 3336 WacomPen - ok
21:26:15.0835 3336 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:26:15.0835 3336 WANARP - ok
21:26:15.0835 3336 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:26:15.0835 3336 Wanarpv6 - ok
21:26:15.0913 3336 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
21:26:15.0944 3336 wbengine - ok
21:26:15.0975 3336 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:26:15.0975 3336 WbioSrvc - ok
21:26:16.0022 3336 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:26:16.0022 3336 wcncsvc - ok
21:26:16.0037 3336 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:26:16.0037 3336 WcsPlugInService - ok
21:26:16.0069 3336 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
21:26:16.0069 3336 Wd - ok
21:26:16.0115 3336 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:26:16.0115 3336 Wdf01000 - ok
21:26:16.0147 3336 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:26:16.0147 3336 WdiServiceHost - ok
21:26:16.0147 3336 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:26:16.0162 3336 WdiSystemHost - ok
21:26:16.0193 3336 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
21:26:16.0209 3336 WebClient - ok
21:26:16.0225 3336 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:26:16.0225 3336 Wecsvc - ok
21:26:16.0256 3336 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:26:16.0256 3336 wercplsupport - ok
21:26:16.0287 3336 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
21:26:16.0287 3336 WerSvc - ok
21:26:16.0318 3336 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:26:16.0318 3336 WfpLwf - ok
21:26:16.0334 3336 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:26:16.0334 3336 WIMMount - ok
21:26:16.0349 3336 WinDefend - ok
21:26:16.0349 3336 WinHttpAutoProxySvc - ok
21:26:16.0412 3336 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:26:16.0412 3336 Winmgmt - ok
21:26:16.0505 3336 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
21:26:16.0537 3336 WinRM - ok
21:26:16.0599 3336 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
21:26:16.0615 3336 Wlansvc - ok
21:26:16.0677 3336 [ DE816A0624D54D68E1FB8A9028DCF81A ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
21:26:16.0677 3336 wltrysvc - ok
21:26:16.0724 3336 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:26:16.0724 3336 WmiAcpi - ok
21:26:16.0755 3336 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:26:16.0771 3336 wmiApSrv - ok
21:26:16.0786 3336 WMPNetworkSvc - ok
21:26:16.0817 3336 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:26:16.0817 3336 WPCSvc - ok
21:26:16.0849 3336 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:26:16.0864 3336 WPDBusEnum - ok
21:26:16.0895 3336 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:26:16.0895 3336 ws2ifsl - ok
21:26:16.0911 3336 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
21:26:16.0911 3336 wscsvc - ok
21:26:16.0911 3336 WSearch - ok
21:26:17.0005 3336 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
21:26:17.0036 3336 wuauserv - ok
21:26:17.0051 3336 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:26:17.0051 3336 WudfPf - ok
21:26:17.0114 3336 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:26:17.0114 3336 WUDFRd - ok
21:26:17.0145 3336 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:26:17.0161 3336 wudfsvc - ok
21:26:17.0176 3336 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
21:26:17.0192 3336 WwanSvc - ok
21:26:17.0223 3336 ================ Scan global ===============================
21:26:17.0254 3336 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:26:17.0270 3336 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:26:17.0285 3336 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
21:26:17.0317 3336 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:26:17.0348 3336 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:26:17.0363 3336 [Global] - ok
21:26:17.0363 3336 ================ Scan MBR ==================================
21:26:17.0395 3336 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:26:18.0455 3336 \Device\Harddisk0\DR0 - ok
21:26:18.0471 3336 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:26:18.0955 3336 \Device\Harddisk1\DR1 - ok
21:26:18.0955 3336 ================ Scan VBR ==================================
21:26:18.0986 3336 [ E83D5D52B2E766AE25832246E3B74779 ] \Device\Harddisk0\DR0\Partition1
21:26:18.0986 3336 \Device\Harddisk0\DR0\Partition1 - ok
21:26:19.0001 3336 [ 7F779D63294B3A14565D2741112DF206 ] \Device\Harddisk0\DR0\Partition2
21:26:19.0001 3336 \Device\Harddisk0\DR0\Partition2 - ok
21:26:19.0033 3336 [ 7830DEF78B7F6020340585B55566F939 ] \Device\Harddisk0\DR0\Partition3
21:26:19.0033 3336 \Device\Harddisk0\DR0\Partition3 - ok
21:26:19.0048 3336 [ 6AF7508EDBE7AEA29AFB94C4DAEFCF5B ] \Device\Harddisk0\DR0\Partition4
21:26:19.0064 3336 \Device\Harddisk0\DR0\Partition4 - ok
21:26:19.0064 3336 [ B6843F575E022D03449D726846265A72 ] \Device\Harddisk1\DR1\Partition1
21:26:19.0064 3336 \Device\Harddisk1\DR1\Partition1 - ok
21:26:19.0064 3336 ============================================================
21:26:19.0064 3336 Scan finished
21:26:19.0064 3336 ============================================================
21:26:19.0079 3224 Detected object count: 0
21:26:19.0079 3224 Actual detected object count: 0
21:27:10.0052 3852 Deinitialize success

...................................................................................


MiniToolBox by Farbar Version: 23-07-2012
Ran by rkb (administrator) on 06-11-2012 at 21:38:27
Microsoft Windows 7 Home Basic Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Connected)
Broadcom Virtual Wireless Adapter = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : rkb-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom Virtual Wireless Adapter
Physical Address. . . . . . . . . : C0-CB-38-12-E8-8B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : C0-CB-38-12-E8-8B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2419:c507:dfd5:20be%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, November 06, 2012 9:05:00 PM
Lease Expires . . . . . . . . . . : Wednesday, November 07, 2012 9:05:00 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 314624824
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-11-40-97-F0-4D-A2-89-5D-8A
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{89241970-2DC9-4538-8705-D9E166691FF1}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{DA62C475-8E7D-4DC6-A281-B2C215EEF24C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:ce4:3b6c:8a3e:956b(Preferred)
Link-local IPv6 Address . . . . . : fe80::ce4:3b6c:8a3e:956b%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 2404:6800:4007:803::1001
74.125.236.206
74.125.236.192
74.125.236.193
74.125.236.200
74.125.236.195
74.125.236.199
74.125.236.201
74.125.236.197
74.125.236.196
74.125.236.198
74.125.236.194


Pinging google.com [74.125.236.194] with 32 bytes of data:
Reply from 74.125.236.194: bytes=32 time=70ms TTL=55
Reply from 74.125.236.194: bytes=32 time=94ms TTL=55

Ping statistics for 74.125.236.194:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 70ms, Maximum = 94ms, Average = 82ms
Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=422ms TTL=53
Reply from 72.30.38.140: bytes=32 time=454ms TTL=53

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 422ms, Maximum = 454ms, Average = 438ms
Server: UnKnown
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...c0 cb 38 12 e8 8b ......Broadcom Virtual Wireless Adapter
11...c0 cb 38 12 e8 8b ......DW1501 Wireless-N WLAN Half-Mini Card
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.2 281
192.168.1.2 255.255.255.255 On-link 192.168.1.2 281
192.168.1.255 255.255.255.255 On-link 192.168.1.2 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.2 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.2 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:9d38:6ab8:ce4:3b6c:8a3e:956b/128
On-link
11 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::ce4:3b6c:8a3e:956b/128
On-link
11 281 fe80::2419:c507:dfd5:20be/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/27/2012 02:43:41 PM) (Source: ESENT) (User: )
Description: WinMail (2008) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (10/27/2012 02:43:22 PM) (Source: ESENT) (User: )
Description: WinMail (2788) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

Error: (10/26/2012 08:53:40 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}wltrynt SENS Logon Spy Subscription

Error: (10/26/2012 04:26:46 PM) (Source: Application Hang) (User: )
Description: The program wmplayer.exe version 12.0.7600.16667 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: fa4

Start Time: 01cdb3682462e7be

Termination Time: 31280

Application Path: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Report Id: bf1767da-1f5b-11e2-ba38-e3c2a4267472

Error: (10/25/2012 09:45:34 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}wltrynt SENS Logon Spy Subscription

Error: (10/25/2012 04:16:06 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7600.16768 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 8dc

Start Time: 01cdb298eb59aa4d

Termination Time: 4586

Application Path: C:\Windows\Explorer.EXE

Report Id: cfcae9e1-1e90-11e2-9edd-d2bf3fb20419

Error: (10/25/2012 05:42:50 AM) (Source: EventSystem) (User: )
Description: 80070005{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (10/25/2012 03:08:00 AM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7600.16768 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9f8

Start Time: 01cdb1fe06fd413f

Termination Time: 60000

Application Path: C:\Windows\Explorer.EXE

Report Id: e80eb7c5-1e22-11e2-b074-83ff4601d41f

Error: (10/24/2012 09:03:06 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7600.16768 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 988

Start Time: 01cdb1f8f2b50243

Termination Time: 60000

Application Path: C:\Windows\Explorer.EXE

Report Id: ebaa14c3-1def-11e2-bb70-d3d666b4b01b

Error: (10/23/2012 00:27:41 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}wltrynt SENS Logon Spy Subscription


System errors:
=============
Error: (11/06/2012 09:19:35 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\rkb\AppData\Local\Temp\mbr.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (11/06/2012 09:19:35 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\rkb\AppData\Local\Temp\mbr.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (11/06/2012 09:13:33 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\rkb\AppData\Local\Temp\mbr.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (11/06/2012 08:56:14 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (10/28/2012 04:00:25 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:59:42 PM on ?10/?28/?2012 was unexpected.

Error: (10/26/2012 08:53:40 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/26/2012 08:42:39 PM) (Source: Microsoft-Windows-Service Pack Installer) (User: rkb-PC)
Description: The Service Pack cannot be installed when the computer is running on battery power.

Error: (10/26/2012 08:22:47 PM) (Source: Microsoft-Windows-Service Pack Installer) (User: rkb-PC)
Description: The Service Pack cannot be installed when the computer is running on battery power.

Error: (10/26/2012 06:36:20 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:38:27 PM on ?10/?26/?2012 was unexpected.

Error: (10/26/2012 04:30:07 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:29:02 PM on ?10/?26/?2012 was unexpected.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

µTorrent (Version: 3.2.2.28198)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Advanced Audio FX Engine (Version: 1.12.05)
ATI AVIVO64 Codecs (Version: 11.6.0.50601)
ATI Catalyst Install Manager (Version: 3.0.778.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2010.0601.2152.37421)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0601.2152.37421)
Catalyst Control Center InstallProxy (Version: 2010.0601.2152.37421)
Catalyst Control Center Localization All (Version: 2010.0601.2152.37421)
ccc-core-static (Version: 2010.0601.2152.37421)
ccc-utility64 (Version: 2010.0601.2152.37421)
CCC Help Chinese Standard (Version: 2010.0601.2151.37421)
CCC Help Chinese Traditional (Version: 2010.0601.2151.37421)
CCC Help Danish (Version: 2010.0601.2151.37421)
CCC Help Dutch (Version: 2010.0601.2151.37421)
CCC Help English (Version: 2010.0601.2151.37421)
CCC Help Finnish (Version: 2010.0601.2151.37421)
CCC Help French (Version: 2010.0601.2151.37421)
CCC Help German (Version: 2010.0601.2151.37421)
CCC Help Italian (Version: 2010.0601.2151.37421)
CCC Help Japanese (Version: 2010.0601.2151.37421)
CCC Help Korean (Version: 2010.0601.2151.37421)
CCC Help Norwegian (Version: 2010.0601.2151.37421)
CCC Help Portuguese (Version: 2010.0601.2151.37421)
CCC Help Russian (Version: 2010.0601.2151.37421)
CCC Help Spanish (Version: 2010.0601.2151.37421)
CCC Help Swedish (Version: 2010.0601.2151.37421)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CyberLink PowerDVD 9.5 (Version: 9.5.0.2910)
Dell Resource CD (Version: 1.00.0000)
Dell Webcam Central (Version: 1.40.05)
DW WLAN Card Utility (Version: 5.60.48.35)
Google Chrome (Version: 22.0.1229.94)
Google Update Helper (Version: 1.3.21.123)
IDT Audio (Version: 1.0.6277.0)
Live! Cam Avatar Creator (Version: 4.6.3009.1)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Quickset64 (Version: 10.5.0)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.13.112.2010)
Skype™ 5.10 (Version: 5.10.116)
Synaptics Pointing Device Driver (Version: 15.0.0.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player 2.0.4 (Version: 2.0.4)
WIDCOMM Bluetooth Software (Version: 6.2.0.9600)

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 3958.69 MB
Available physical RAM: 2895 MB
Total Pagefile: 7915.57 MB
Available Pagefile: 6654.05 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.8 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:98.09 GB) (Free:64.53 GB) NTFS
2 Drive d: (D) (Fixed) (Total:99.9 GB) (Free:97.55 GB) NTFS
4 Drive g: (Bhat) (Fixed) (Total:298.09 GB) (Free:71.92 GB) NTFS

========================= Users: ========================================

User accounts for \\RKB-PC

Administrator Guest rkb


**** End of log ****

rmb

Edited by naruto2715, 07 November 2012 - 09:37 AM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:47 PM

Posted 07 November 2012 - 02:59 PM

...as you told i installed microsoft fix it and clicked run, it was loading for some time and then it told to restart the computer to fix it..... is it correct ???

also what does ..When using "Reset FF Proxy Settings" option Firefox should be closed...???..iam using google chrome so i hav to do nothing regarding that right...


Correct on both///


I do not see an Antivirus app??

Looks like an MBR Rootkit that will require a deeper look to remove. Follow this guide and create a new topic please.
Please follow this Preparation Guide and post in a new topic.
If Gmer won't run,skip it.

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 naruto2715

naruto2715
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 07 November 2012 - 03:16 PM

actually i uninstalled avast free antivirus application before doing all the test...should i follow all the 9 steps..is it compulsory?? ...after that i should post a new topic then some one will help me or or u will help me ??...am i right???...what should the new topic name be ??? or my wish?? ...

also my external harddrive is not working and damn slow , all the problem started because of this...all are in that external harddrive only ...so how to back up or get that???...

sorry, if i hav asked too many questions...i wish that u only help me upto the end... :)

rmb

Edited by naruto2715, 07 November 2012 - 03:26 PM.


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:47 PM

Posted 07 November 2012 - 03:27 PM

I would do it as you y ill have an MBR Rootkit. Your title "possible MBR Rootkit"
Post this link back to this topic
http://www.bleepingcomputer.com/forums/topic472946.html/page__pid__2889033#top
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 naruto2715

naruto2715
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 07 November 2012 - 03:41 PM

sorry i did not understand " I would do it as you y ill have an MBR Rootkit " ?..

rmb

#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:47 PM

Posted 07 November 2012 - 03:53 PM

Title the new topic... "possible MBR Rootkit"

Please follow this Preparation Guide and post in a new topic.
If Gmer won't run,skip it.

Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 naruto2715

naruto2715
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 07 November 2012 - 03:56 PM

ok after i complete all the steps ... i shall let u know...

rmb

#14 naruto2715

naruto2715
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:03:17 AM

Posted 08 November 2012 - 12:48 PM

hi..all the steps are done... where should i create the new topic "possible MBR Rootkit" with logs ?....

rmb

#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:47 PM

Posted 08 November 2012 - 03:42 PM

Here in
Virus, Trojan, Spyware, and Malware Removal Logs

http://www.bleepingcomputer.com/forums/forum22.html
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users