Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Norton 360 Winrscmde High CPU Usage


  • Please log in to reply
19 replies to this topic

#1 badger_04

badger_04

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 01:05 AM

I have been infected with Winrscmde. My Norton 360 program keeps alerting me to high CPU usage. I have had many blue screens along with issue when booting up. I started working with a very knowledgeable support person. We got to the point where I was to run Combofix. I can copy correspondence from a different forum. That forum no longer supports malware removal. My system is running better but want to make sure that this thing is totally gone. Can some help me and pickup where the previous support professional had taken me?




System specifics:



Win 7 Professional

6 GB Ram

64 bit

Running VMware virtual machine. Norton 360 is running on the XP virtual. I just had an issue where XP installed 7 updates on shutdown and my host just shutoff.


Can someone help me with some direction?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:35 PM

Posted 13 January 2013 - 10:58 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 badger_04

badger_04
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 01:26 PM

I had run the TDSKiller and a couple other things with the previous support. Is it OK to rerun these things?

Things run so far.

Ran farbar-recovery_scan_tool
Got BCD info using FRST tool
Fixed BCD info with a text file generated by the support
Ran TDSKiller
Combofix was the next thing that we were going to do.

It has been 10 days since we left off this stuff. Although my computer has been better, I just had an unexpected shutdown yesterday. I would love to start from scratch again. I can follow the directions above if that is still the right method in light of the tasks completed thus far.

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:35 PM

Posted 13 January 2013 - 01:41 PM

Never run tools like FRST without a malware expert help.Go ahead and run those tools.

#5 badger_04

badger_04
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 03:05 PM

TDSSKiller Log to follow:

14:00:59.0320 8484 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:01:01.0364 8484 ============================================================
14:01:01.0364 8484 Current date / time: 2013/01/13 14:01:01.0364
14:01:01.0364 8484 SystemInfo:
14:01:01.0364 8484
14:01:01.0364 8484 OS Version: 6.1.7600 ServicePack: 0.0
14:01:01.0364 8484 Product type: Workstation
14:01:01.0364 8484 ComputerName: CETEK-BR1
14:01:01.0364 8484 UserName: BrianRashka
14:01:01.0364 8484 Windows directory: C:\Windows
14:01:01.0364 8484 System windows directory: C:\Windows
14:01:01.0364 8484 Running under WOW64
14:01:01.0364 8484 Processor architecture: Intel x64
14:01:01.0364 8484 Number of processors: 8
14:01:01.0364 8484 Page size: 0x1000
14:01:01.0364 8484 Boot type: Normal boot
14:01:01.0364 8484 ============================================================
14:01:02.0440 8484 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:01:02.0456 8484 ============================================================
14:01:02.0456 8484 \Device\Harddisk0\DR0:
14:01:02.0456 8484 MBR partitions:
14:01:02.0456 8484 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
14:01:02.0456 8484 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x38625830
14:01:02.0456 8484 ============================================================
14:01:02.0565 8484 C: <-> \Device\Harddisk0\DR0\Partition2
14:01:02.0565 8484 ============================================================
14:01:02.0565 8484 Initialize success
14:01:02.0565 8484 ============================================================
14:01:51.0861 0824 ============================================================
14:01:51.0861 0824 Scan started
14:01:51.0861 0824 Mode: Manual; TDLFS;
14:01:51.0861 0824 ============================================================
14:01:52.0906 0824 ================ Scan system memory ========================
14:01:52.0906 0824 System memory - ok
14:01:52.0906 0824 ================ Scan services =============================
14:01:53.0873 0824 [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:01:53.0873 0824 1394ohci - ok
14:01:53.0905 0824 [ AEDB94A49236F5FF060C90E09E70281F ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
14:01:53.0905 0824 Acceler - ok
14:01:53.0951 0824 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
14:01:53.0951 0824 ACPI - ok
14:01:53.0983 0824 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
14:01:53.0983 0824 AcpiPmi - ok
14:01:54.0014 0824 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:01:54.0029 0824 adp94xx - ok
14:01:54.0061 0824 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:01:54.0061 0824 adpahci - ok
14:01:54.0092 0824 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:01:54.0092 0824 adpu320 - ok
14:01:54.0123 0824 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:01:54.0139 0824 AeLookupSvc - ok
14:01:54.0263 0824 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe
14:01:54.0263 0824 AESTFilters - ok
14:01:54.0326 0824 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
14:01:54.0341 0824 AFD - ok
14:01:54.0373 0824 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
14:01:54.0373 0824 agp440 - ok
14:01:54.0404 0824 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:01:54.0404 0824 ALG - ok
14:01:54.0419 0824 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
14:01:54.0435 0824 aliide - ok
14:01:54.0451 0824 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
14:01:54.0451 0824 amdide - ok
14:01:54.0466 0824 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:01:54.0466 0824 AmdK8 - ok
14:01:54.0482 0824 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:01:54.0482 0824 AmdPPM - ok
14:01:54.0529 0824 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:01:54.0544 0824 amdsata - ok
14:01:54.0560 0824 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:01:54.0560 0824 amdsbs - ok
14:01:54.0575 0824 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:01:54.0575 0824 amdxata - ok
14:01:54.0607 0824 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
14:01:54.0622 0824 AppID - ok
14:01:54.0638 0824 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:01:54.0638 0824 AppIDSvc - ok
14:01:54.0653 0824 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
14:01:54.0653 0824 Appinfo - ok
14:01:54.0700 0824 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
14:01:54.0700 0824 AppMgmt - ok
14:01:54.0731 0824 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:01:54.0731 0824 arc - ok
14:01:54.0763 0824 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:01:54.0763 0824 arcsas - ok
14:01:54.0778 0824 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:01:54.0794 0824 AsyncMac - ok
14:01:54.0809 0824 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
14:01:54.0809 0824 atapi - ok
14:01:54.0934 0824 [ 33723D4404F3482354E6FB7512B384AC ] atashost C:\Windows\SysWOW64\atashost.exe
14:01:54.0934 0824 atashost - ok
14:01:54.0981 0824 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:01:54.0997 0824 AudioEndpointBuilder - ok
14:01:55.0028 0824 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:01:55.0043 0824 AudioSrv - ok
14:01:55.0168 0824 [ 32A5DEFDDC3562BF89D73586F5915B34 ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
14:01:55.0184 0824 Autodesk Licensing Service - ok
14:01:55.0215 0824 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:01:55.0215 0824 AxInstSV - ok
14:01:55.0262 0824 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:01:55.0277 0824 b06bdrv - ok
14:01:55.0309 0824 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:01:55.0324 0824 b57nd60a - ok
14:01:55.0387 0824 [ EB015CBA77A30E97C28ABAAD98DA19D8 ] bcm C:\Windows\system32\DRIVERS\drxvi314_64.sys
14:01:55.0402 0824 bcm - ok
14:01:55.0418 0824 [ AC4E2D84DE54CD3A013AEFF0CC56095C ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
14:01:55.0418 0824 BCM42RLY - ok
14:01:55.0527 0824 [ 8B5D16D20774FC3727F44E161BE2C0AC ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
14:01:55.0605 0824 BCM43XX - ok
14:01:55.0652 0824 [ C0A0264CC38A17455D398452551231F8 ] bcmbusctr C:\Windows\system32\DRIVERS\BcmBusCtr_64.sys
14:01:55.0652 0824 bcmbusctr - ok
14:01:55.0745 0824 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:01:55.0745 0824 BDESVC - ok
14:01:55.0808 0824 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:01:55.0808 0824 Beep - ok
14:01:55.0870 0824 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
14:01:55.0901 0824 BFE - ok
14:01:56.0057 0824 [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20130107.001\BHDrvx64.sys
14:01:56.0135 0824 BHDrvx64 - ok
14:01:56.0260 0824 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll
14:01:56.0291 0824 BITS - ok
14:01:56.0323 0824 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:01:56.0323 0824 blbdrive - ok
14:01:56.0369 0824 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:01:56.0369 0824 bowser - ok
14:01:56.0401 0824 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:01:56.0401 0824 BrFiltLo - ok
14:01:56.0416 0824 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:01:56.0416 0824 BrFiltUp - ok
14:01:56.0447 0824 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:01:56.0447 0824 BridgeMP - ok
14:01:56.0494 0824 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
14:01:56.0510 0824 Browser - ok
14:01:56.0525 0824 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:01:56.0541 0824 Brserid - ok
14:01:56.0557 0824 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:01:56.0557 0824 BrSerWdm - ok
14:01:56.0572 0824 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:01:56.0572 0824 BrUsbMdm - ok
14:01:56.0588 0824 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:01:56.0588 0824 BrUsbSer - ok
14:01:56.0635 0824 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:01:56.0635 0824 BthEnum - ok
14:01:56.0666 0824 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:01:56.0666 0824 BTHMODEM - ok
14:01:56.0697 0824 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:01:56.0697 0824 BthPan - ok
14:01:56.0759 0824 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
14:01:56.0791 0824 BTHPORT - ok
14:01:57.0134 0824 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:01:57.0134 0824 bthserv - ok
14:01:57.0149 0824 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
14:01:57.0165 0824 BTHUSB - ok
14:01:57.0181 0824 [ AF838D8029AE7C27470862D63FA54D24 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
14:01:57.0196 0824 btwaudio - ok
14:01:57.0212 0824 [ 5C849BD7C78791C5CEE9F4651D7FE38D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
14:01:57.0227 0824 btwavdt - ok
14:01:57.0321 0824 [ 8318678C71B12D6663D76473F5EC28B1 ] btwdins c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
14:01:57.0337 0824 btwdins - ok
14:01:57.0352 0824 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
14:01:57.0352 0824 btwl2cap - ok
14:01:57.0383 0824 [ 3E1991AFA851A36DC978B0A1B0535C8B ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
14:01:57.0383 0824 btwrchid - ok
14:01:57.0477 0824 [ 588A3E0CBA01ABC18A99D438D6370E94 ] CASprint C:\Program Files (x86)\Sprint\Sprint SmartView\ConAppsSvc.exe
14:01:57.0477 0824 CASprint - ok
14:01:57.0493 0824 catchme - ok
14:01:57.0571 0824 [ 248C952C82DF1E23775432774CBB20F1 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1402000.013\ccSetx64.sys
14:01:57.0586 0824 ccSet_NIS - ok
14:01:57.0602 0824 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:01:57.0602 0824 cdfs - ok
14:01:57.0664 0824 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:01:57.0680 0824 cdrom - ok
14:01:57.0711 0824 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
14:01:57.0711 0824 CertPropSvc - ok
14:01:57.0742 0824 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:01:57.0742 0824 circlass - ok
14:01:57.0758 0824 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:01:57.0773 0824 CLFS - ok
14:01:57.0836 0824 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:01:57.0867 0824 clr_optimization_v2.0.50727_32 - ok
14:01:57.0992 0824 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:01:58.0007 0824 clr_optimization_v2.0.50727_64 - ok
14:01:58.0085 0824 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:01:58.0257 0824 clr_optimization_v4.0.30319_32 - ok
14:01:58.0304 0824 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:01:58.0304 0824 clr_optimization_v4.0.30319_64 - ok
14:01:58.0351 0824 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:01:58.0351 0824 CmBatt - ok
14:01:58.0382 0824 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
14:01:58.0382 0824 cmdide - ok
14:01:58.0413 0824 [ F749E9CABB1572649715EC69BD68CA4E ] cm_net C:\Windows\system32\DRIVERS\cm_net.sys
14:01:58.0429 0824 cm_net - ok
14:01:58.0475 0824 [ E9E160FED596D6555DE17BC7A78AA424 ] cm_ser C:\Windows\system32\DRIVERS\cm_ser.sys
14:01:58.0475 0824 cm_ser - ok
14:01:58.0538 0824 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
14:01:58.0553 0824 CNG - ok
14:01:58.0585 0824 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:01:58.0585 0824 Compbatt - ok
14:01:58.0600 0824 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:01:58.0600 0824 CompositeBus - ok
14:01:58.0616 0824 COMSysApp - ok
14:01:58.0631 0824 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:01:58.0631 0824 crcdisk - ok
14:01:58.0678 0824 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:01:58.0678 0824 CryptSvc - ok
14:01:58.0725 0824 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
14:01:58.0741 0824 CSC - ok
14:01:58.0787 0824 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
14:01:58.0803 0824 CscService - ok
14:01:58.0850 0824 [ FBE228ABEAB2BE13B9C3A3A112D4D8DC ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
14:01:58.0850 0824 CtClsFlt - ok
14:01:58.0928 0824 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:01:59.0302 0824 DcomLaunch - ok
14:01:59.0318 0824 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:01:59.0333 0824 defragsvc - ok
14:01:59.0365 0824 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:01:59.0380 0824 DfsC - ok
14:01:59.0396 0824 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
14:01:59.0411 0824 Dhcp - ok
14:01:59.0427 0824 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:01:59.0427 0824 discache - ok
14:01:59.0489 0824 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:01:59.0489 0824 Disk - ok
14:01:59.0536 0824 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:01:59.0536 0824 Dnscache - ok
14:01:59.0599 0824 [ 201D48CD1C4E874E071444CE7C874813 ] dnWhoDisp C:\Program Files (x86)\Rockwell Software\RSLINX\dnwhodisp.exe
14:01:59.0599 0824 dnWhoDisp - ok
14:01:59.0630 0824 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
14:01:59.0630 0824 dot3svc - ok
14:01:59.0692 0824 [ 3AA677B6F10A0E764603AAE624F5E379 ] DpHost C:\Program Files\DigitalPersona\Bin\DpHostW.exe
14:01:59.0708 0824 DpHost - ok
14:01:59.0723 0824 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
14:01:59.0739 0824 DPS - ok
14:01:59.0755 0824 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:01:59.0770 0824 drmkaud - ok
14:01:59.0879 0824 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:01:59.0911 0824 DXGKrnl - ok
14:01:59.0926 0824 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:01:59.0942 0824 EapHost - ok
14:02:00.0145 0824 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:02:00.0238 0824 ebdrv - ok
14:02:00.0316 0824 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:02:00.0332 0824 eeCtrl - ok
14:02:00.0379 0824 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
14:02:00.0379 0824 EFS - ok
14:02:00.0425 0824 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:02:00.0457 0824 ehRecvr - ok
14:02:00.0472 0824 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:02:00.0488 0824 ehSched - ok
14:02:00.0519 0824 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:02:00.0550 0824 elxstor - ok
14:02:00.0597 0824 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:02:00.0597 0824 EraserUtilRebootDrv - ok
14:02:00.0613 0824 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
14:02:00.0628 0824 ErrDev - ok
14:02:00.0691 0824 [ 515CB9649FC4AE1BD0345449737E42FF ] EventClientMultiplexer C:\Program Files (x86)\Common Files\Rockwell\EventClientMultiplexer.exe
14:02:00.0706 0824 EventClientMultiplexer - ok
14:02:00.0722 0824 [ 914A8AA39DE70D497BAAA659F7CAB7BD ] EventServer C:\Program Files (x86)\Common Files\Rockwell\EventServer.exe
14:02:00.0737 0824 EventServer - ok
14:02:00.0769 0824 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:02:00.0784 0824 EventSystem - ok
14:02:00.0815 0824 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:02:00.0815 0824 exfat - ok
14:02:00.0831 0824 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:02:00.0831 0824 fastfat - ok
14:02:00.0878 0824 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
14:02:00.0893 0824 Fax - ok
14:02:00.0925 0824 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:02:00.0925 0824 fdc - ok
14:02:00.0940 0824 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:02:00.0940 0824 fdPHost - ok
14:02:00.0956 0824 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:02:00.0956 0824 FDResPub - ok
14:02:00.0971 0824 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:02:00.0987 0824 FileInfo - ok
14:02:00.0987 0824 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:02:00.0987 0824 Filetrace - ok
14:02:01.0065 0824 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:02:01.0081 0824 FLEXnet Licensing Service - ok
14:02:01.0127 0824 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:02:01.0159 0824 flpydisk - ok
14:02:01.0268 0824 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:02:01.0283 0824 FltMgr - ok
14:02:01.0346 0824 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
14:02:01.0393 0824 FontCache - ok
14:02:01.0424 0824 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:02:01.0439 0824 FontCache3.0.0.0 - ok
14:02:01.0455 0824 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:02:01.0455 0824 FsDepends - ok
14:02:01.0502 0824 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:02:01.0517 0824 Fs_Rec - ok
14:02:01.0580 0824 [ 7442BCA60ED46CC31C2F39728BBDD9AD ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
14:02:01.0580 0824 FTDIBUS - ok
14:02:01.0627 0824 [ 121AF3148CDDA212CFFBC4F6240699C2 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
14:02:01.0627 0824 FTSER2K - ok
14:02:01.0658 0824 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:02:01.0658 0824 fvevol - ok
14:02:01.0689 0824 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:02:01.0689 0824 gagp30kx - ok
14:02:01.0845 0824 [ 80D6EA9C46904608CEA146C4996A824A ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\822\g2aservice.exe
14:02:01.0845 0824 GoToAssist - ok
14:02:01.0876 0824 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
14:02:01.0907 0824 gpsvc - ok
14:02:01.0939 0824 [ 732CCD45411DD65FB8E442B12F3DBD7E ] Harmony C:\Program Files (x86)\Rockwell Software\RSCommon\RSOBSERV.EXE
14:02:01.0954 0824 Harmony - ok
14:02:02.0079 0824 [ D5FA01185A7D5A65724FD87B34E53F5B ] hcmon C:\Windows\system32\drivers\hcmon.sys
14:02:02.0095 0824 hcmon - ok
14:02:02.0173 0824 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:02:02.0173 0824 hcw85cir - ok
14:02:02.0204 0824 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:02:02.0204 0824 HDAudBus - ok
14:02:02.0282 0824 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:02:02.0297 0824 HECIx64 - ok
14:02:02.0313 0824 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:02:02.0313 0824 HidBatt - ok
14:02:02.0344 0824 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:02:02.0344 0824 HidBth - ok
14:02:02.0360 0824 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:02:02.0375 0824 HidIr - ok
14:02:02.0391 0824 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:02:02.0407 0824 hidserv - ok
14:02:02.0453 0824 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:02:02.0453 0824 HidUsb - ok
14:02:02.0469 0824 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:02:02.0469 0824 hkmsvc - ok
14:02:02.0500 0824 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:02:02.0516 0824 HomeGroupListener - ok
14:02:02.0531 0824 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:02:02.0547 0824 HomeGroupProvider - ok
14:02:02.0750 0824 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:02:02.0750 0824 hpqcxs08 - ok
14:02:02.0797 0824 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:02:02.0797 0824 hpqddsvc - ok
14:02:02.0828 0824 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
14:02:02.0828 0824 HpSAMD - ok
14:02:02.0937 0824 [ 7F57926169C1B8ABA9274EA7D4B70F18 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:02:02.0968 0824 HPSLPSVC - ok
14:02:03.0031 0824 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:02:03.0046 0824 HTTP - ok
14:02:03.0062 0824 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:02:03.0077 0824 hwpolicy - ok
14:02:03.0124 0824 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:02:03.0124 0824 i8042prt - ok
14:02:03.0155 0824 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:02:03.0171 0824 iaStor - ok
14:02:03.0467 0824 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:02:03.0499 0824 iaStorV - ok
14:02:03.0545 0824 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:02:03.0577 0824 idsvc - ok
14:02:03.0748 0824 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20130113.001\IDSvia64.sys
14:02:03.0764 0824 IDSVia64 - ok
14:02:03.0795 0824 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:02:03.0811 0824 iirsp - ok
14:02:03.0842 0824 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
14:02:03.0873 0824 IKEEXT - ok
14:02:03.0904 0824 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
14:02:03.0904 0824 intelide - ok
14:02:03.0935 0824 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:02:03.0935 0824 intelppm - ok
14:02:03.0967 0824 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:02:03.0967 0824 IPBusEnum - ok
14:02:03.0998 0824 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:02:03.0998 0824 IpFilterDriver - ok
14:02:04.0045 0824 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:02:04.0060 0824 iphlpsvc - ok
14:02:04.0076 0824 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:02:04.0076 0824 IPMIDRV - ok
14:02:04.0091 0824 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:02:04.0107 0824 IPNAT - ok
14:02:04.0123 0824 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:02:04.0138 0824 IRENUM - ok
14:02:04.0154 0824 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
14:02:04.0169 0824 isapnp - ok
14:02:04.0185 0824 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:02:04.0185 0824 iScsiPrt - ok
14:02:04.0201 0824 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:02:04.0201 0824 kbdclass - ok
14:02:04.0216 0824 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:02:04.0216 0824 kbdhid - ok
14:02:04.0232 0824 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
14:02:04.0232 0824 KeyIso - ok
14:02:04.0403 0824 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:02:04.0403 0824 KSecDD - ok
14:02:04.0419 0824 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:02:04.0419 0824 KSecPkg - ok
14:02:04.0435 0824 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:02:04.0435 0824 ksthunk - ok
14:02:04.0481 0824 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:02:04.0497 0824 KtmRm - ok
14:02:04.0528 0824 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:02:04.0544 0824 LanmanServer - ok
14:02:04.0575 0824 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:02:04.0575 0824 LanmanWorkstation - ok
14:02:04.0622 0824 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:02:04.0622 0824 lltdio - ok
14:02:04.0653 0824 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:02:04.0653 0824 lltdsvc - ok
14:02:04.0684 0824 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:02:04.0684 0824 lmhosts - ok
14:02:04.0731 0824 [ 5460828F8951D310B42B442877603B8D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
14:02:04.0731 0824 LMS - ok
14:02:04.0762 0824 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:02:04.0778 0824 LSI_FC - ok
14:02:04.0793 0824 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:02:04.0809 0824 LSI_SAS - ok
14:02:04.0825 0824 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:02:04.0825 0824 LSI_SAS2 - ok
14:02:04.0840 0824 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:02:04.0840 0824 LSI_SCSI - ok
14:02:04.0856 0824 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:02:04.0856 0824 luafv - ok
14:02:04.0887 0824 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:02:04.0887 0824 Mcx2Svc - ok
14:02:04.0903 0824 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:02:04.0903 0824 megasas - ok
14:02:04.0934 0824 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:02:04.0934 0824 MegaSR - ok
14:02:04.0965 0824 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:02:04.0965 0824 MMCSS - ok
14:02:04.0981 0824 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:02:04.0996 0824 Modem - ok
14:02:05.0027 0824 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:02:05.0027 0824 monitor - ok
14:02:05.0043 0824 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:02:05.0043 0824 mouclass - ok
14:02:05.0059 0824 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:02:05.0059 0824 mouhid - ok
14:02:05.0090 0824 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:02:05.0090 0824 mountmgr - ok
14:02:05.0105 0824 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
14:02:05.0121 0824 mpio - ok
14:02:05.0137 0824 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:02:05.0137 0824 mpsdrv - ok
14:02:05.0183 0824 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:02:05.0215 0824 MpsSvc - ok
14:02:05.0230 0824 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:02:05.0261 0824 MRxDAV - ok
14:02:05.0293 0824 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:02:05.0293 0824 mrxsmb - ok
14:02:05.0339 0824 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:02:05.0355 0824 mrxsmb10 - ok
14:02:05.0371 0824 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:02:05.0371 0824 mrxsmb20 - ok
14:02:05.0402 0824 [ BCCF16D5FB1109162380E3E28DC9E4E5 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
14:02:05.0402 0824 msahci - ok
14:02:05.0433 0824 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
14:02:05.0449 0824 msdsm - ok
14:02:05.0464 0824 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:02:05.0464 0824 MSDTC - ok
14:02:05.0480 0824 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:02:05.0480 0824 Msfs - ok
14:02:05.0511 0824 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:02:05.0511 0824 mshidkmdf - ok
14:02:05.0527 0824 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
14:02:05.0527 0824 msisadrv - ok
14:02:05.0558 0824 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:02:05.0558 0824 MSiSCSI - ok
14:02:05.0573 0824 msiserver - ok
14:02:05.0605 0824 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:02:05.0605 0824 MSKSSRV - ok
14:02:05.0620 0824 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:02:05.0620 0824 MSPCLOCK - ok
14:02:05.0651 0824 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:02:05.0667 0824 MSPQM - ok
14:02:05.0714 0824 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:02:05.0776 0824 MsRPC - ok
14:02:05.0870 0824 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:02:05.0870 0824 mssmbios - ok
14:02:05.0932 0824 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:02:05.0948 0824 MSTEE - ok
14:02:06.0197 0824 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:02:06.0197 0824 MTConfig - ok
14:02:06.0213 0824 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:02:06.0213 0824 Mup - ok
14:02:06.0260 0824 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
14:02:06.0291 0824 napagent - ok
14:02:06.0322 0824 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:02:06.0322 0824 NativeWifiP - ok
14:02:06.0447 0824 [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130112.007\ENG64.SYS
14:02:06.0447 0824 NAVENG - ok
14:02:06.0541 0824 [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20130112.007\EX64.SYS
14:02:06.0587 0824 NAVEX15 - ok
14:02:06.0681 0824 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
14:02:06.0697 0824 NDIS - ok
14:02:06.0712 0824 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:02:06.0728 0824 NdisCap - ok
14:02:06.0743 0824 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:02:06.0743 0824 NdisTapi - ok
14:02:06.0759 0824 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:02:06.0775 0824 Ndisuio - ok
14:02:06.0806 0824 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:02:06.0806 0824 NdisWan - ok
14:02:06.0821 0824 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:02:06.0821 0824 NDProxy - ok
14:02:06.0884 0824 [ 2C723E42FC8D7B0209492828F921FB50 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:02:06.0884 0824 Net Driver HPZ12 - ok
14:02:06.0899 0824 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:02:06.0899 0824 NetBIOS - ok
14:02:06.0915 0824 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:02:06.0931 0824 NetBT - ok
14:02:06.0946 0824 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
14:02:06.0962 0824 Netlogon - ok
14:02:06.0977 0824 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:02:06.0993 0824 Netman - ok
14:02:07.0024 0824 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:02:07.0040 0824 netprofm - ok
14:02:07.0055 0824 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:02:07.0055 0824 NetTcpPortSharing - ok
14:02:07.0071 0824 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:02:07.0087 0824 nfrd960 - ok
14:02:07.0180 0824 [ 4A9258B9597A31DB68EC9740F3A8A70B ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
14:02:07.0180 0824 NIS - ok
14:02:07.0211 0824 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:02:07.0227 0824 NlaSvc - ok
14:02:07.0258 0824 [ 63BEF46939F1BA9744AFFE5BB3591652 ] NmspHost C:\Program Files (x86)\Common Files\Rockwell\NmspHost.exe
14:02:07.0258 0824 NmspHost - ok
14:02:07.0274 0824 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:02:07.0289 0824 Npfs - ok
14:02:07.0321 0824 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:02:07.0321 0824 nsi - ok
14:02:07.0383 0824 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:02:07.0399 0824 nsiproxy - ok
14:02:07.0601 0824 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:02:07.0679 0824 Ntfs - ok
14:02:07.0695 0824 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:02:07.0695 0824 Null - ok
14:02:07.0711 0824 [ CDDD4478757288DF4BB1494BFD084259 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
14:02:07.0711 0824 NVHDA - ok
14:02:08.0350 0824 [ 056D8B45FD4869947045BDC25E8734DF ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:02:08.0553 0824 nvlddmkm - ok
14:02:08.0600 0824 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:02:08.0600 0824 nvraid - ok
14:02:08.0631 0824 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:02:08.0647 0824 nvstor - ok
14:02:08.0678 0824 [ 42948F6E17B7B27E77101926FB4B0B96 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:02:08.0693 0824 nvsvc - ok
14:02:08.0787 0824 [ 789CA049FA22B55949D8F0A7018B1E45 ] NvtlService C:\Program Files (x86)\Novatel Wireless\Novacore\Server\NvtlSrvr.exe
14:02:08.0787 0824 NvtlService - ok
14:02:08.0803 0824 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
14:02:08.0818 0824 nv_agp - ok
14:02:08.0849 0824 [ 78C1A05C2E460ADF3661BC60D115CC8D ] NWADI C:\Windows\system32\DRIVERS\NWADIenum.sys
14:02:08.0849 0824 NWADI - ok
14:02:08.0912 0824 [ CFD6C86499DDCFA795A5F312102D05AA ] NWHelper C:\Program Files (x86)\Novatel Wireless\Drivers\NWHelper.exe
14:02:08.0912 0824 NWHelper - ok
14:02:08.0943 0824 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:02:08.0943 0824 ohci1394 - ok
14:02:09.0161 0824 [ A12B32FB9E4C88998997E61DB4A07670 ] OpcEnum C:\Windows\SysWOW64\OpcEnum.exe
14:02:09.0161 0824 OpcEnum - ok
14:02:09.0208 0824 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:02:09.0208 0824 ose - ok
14:02:09.0645 0824 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:02:09.0754 0824 osppsvc - ok
14:02:09.0832 0824 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:02:09.0848 0824 p2pimsvc - ok
14:02:09.0895 0824 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:02:09.0895 0824 p2psvc - ok
14:02:09.0941 0824 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:02:09.0941 0824 Parport - ok
14:02:09.0973 0824 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:02:09.0988 0824 partmgr - ok
14:02:10.0004 0824 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:02:10.0019 0824 PcaSvc - ok
14:02:10.0082 0824 [ 7317A0B550F7AC0223B7070897670476 ] PCDSRVC{1E208CE0-FB7451FF-06020101}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
14:02:10.0097 0824 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
14:02:10.0129 0824 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
14:02:10.0129 0824 pci - ok
14:02:10.0144 0824 pcidnt - ok
14:02:10.0175 0824 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
14:02:10.0175 0824 pciide - ok
14:02:10.0207 0824 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:02:10.0222 0824 pcmcia - ok
14:02:10.0253 0824 [ B5D3C24E4EA8E6D4850E83DAD8C510D4 ] PCTINDIS5X64 C:\Windows\system32\PCTINDIS5X64.SYS
14:02:10.0253 0824 PCTINDIS5X64 - ok
14:02:10.0269 0824 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:02:10.0269 0824 pcw - ok
14:02:10.0300 0824 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:02:10.0331 0824 PEAUTH - ok
14:02:10.0378 0824 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:02:10.0441 0824 PeerDistSvc - ok
14:02:10.0472 0824 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:02:10.0472 0824 PerfHost - ok
14:02:10.0550 0824 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
14:02:10.0597 0824 pla - ok
14:02:10.0675 0824 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:02:10.0690 0824 PlugPlay - ok
14:02:10.0753 0824 [ 171E6D91A20AAC8D02172A64E82CE90B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:02:10.0753 0824 Pml Driver HPZ12 - ok
14:02:10.0768 0824 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:02:10.0768 0824 PNRPAutoReg - ok
14:02:10.0799 0824 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:02:10.0799 0824 PNRPsvc - ok
14:02:10.0846 0824 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:02:10.0877 0824 PolicyAgent - ok
14:02:10.0909 0824 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:02:10.0909 0824 Power - ok
14:02:10.0940 0824 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:02:10.0940 0824 PptpMiniport - ok
14:02:10.0955 0824 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:02:10.0971 0824 Processor - ok
14:02:11.0002 0824 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
14:02:11.0018 0824 ProfSvc - ok
14:02:11.0033 0824 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:02:11.0033 0824 ProtectedStorage - ok
14:02:11.0065 0824 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:02:11.0065 0824 Psched - ok
14:02:11.0143 0824 [ 9156ADAAD90E5982ABD97B7121D22C80 ] PSMounter C:\Windows\system32\drivers\psmounter.sys
14:02:11.0143 0824 PSMounter - ok
14:02:11.0174 0824 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:02:11.0174 0824 PxHlpa64 - ok
14:02:11.0205 0824 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:02:11.0236 0824 ql2300 - ok
14:02:11.0267 0824 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:02:11.0267 0824 ql40xx - ok
14:02:11.0283 0824 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:02:11.0299 0824 QWAVE - ok
14:02:11.0314 0824 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:02:11.0314 0824 QWAVEdrv - ok
14:02:11.0330 0824 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:02:11.0330 0824 RasAcd - ok
14:02:11.0361 0824 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:02:11.0361 0824 RasAgileVpn - ok
14:02:11.0377 0824 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:02:11.0377 0824 RasAuto - ok
14:02:11.0392 0824 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:02:11.0392 0824 Rasl2tp - ok
14:02:11.0423 0824 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
14:02:11.0439 0824 RasMan - ok
14:02:11.0455 0824 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:02:11.0455 0824 RasPppoe - ok
14:02:11.0470 0824 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:02:11.0470 0824 RasSstp - ok
14:02:11.0501 0824 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:02:11.0501 0824 rdbss - ok
14:02:11.0548 0824 [ 83B5017F5BD1E2BE91654329244EF45F ] RdcyHost C:\Program Files (x86)\Common Files\Rockwell\RdcyHost.exe
14:02:11.0548 0824 RdcyHost - ok
14:02:11.0564 0824 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:02:11.0564 0824 rdpbus - ok
14:02:11.0595 0824 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:02:11.0595 0824 RDPCDD - ok
14:02:11.0626 0824 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:02:11.0626 0824 RDPDR - ok
14:02:11.0657 0824 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:02:11.0657 0824 RDPENCDD - ok
14:02:11.0673 0824 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:02:11.0673 0824 RDPREFMP - ok
14:02:11.0704 0824 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:02:11.0704 0824 RDPWD - ok
14:02:11.0735 0824 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:02:11.0751 0824 rdyboost - ok
14:02:11.0829 0824 [ 48BFCD3997680251FFF811936E0A71E4 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
14:02:11.0845 0824 ReflectService.exe - ok
14:02:11.0860 0824 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:02:11.0876 0824 RemoteAccess - ok
14:02:11.0907 0824 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:02:11.0923 0824 RemoteRegistry - ok
14:02:11.0954 0824 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:02:11.0954 0824 RFCOMM - ok
14:02:11.0985 0824 [ E20B1907FC72A3664ECE21E3C20FC63D ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
14:02:11.0985 0824 rimspci - ok
14:02:12.0001 0824 [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9 ] risdpcie C:\Windows\system32\DRIVERS\risdpe64.sys
14:02:12.0001 0824 risdpcie - ok
14:02:12.0016 0824 [ 6A1CD4674505E6791390A1AB71DA1FBE ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
14:02:12.0032 0824 rixdpcie - ok
14:02:12.0063 0824 [ DD313735DA6029E3364D0A54091874DC ] RNADiagnosticsService C:\Program Files (x86)\Common Files\Rockwell\RNADiagnosticsSrv.exe
14:02:12.0079 0824 RNADiagnosticsService - ok
14:02:12.0094 0824 [ 18F60539E2B05A25F389765BA212EC48 ] RNADiagReceiver C:\Program Files (x86)\Common Files\Rockwell\RNADiagReceiver.exe
14:02:12.0094 0824 RNADiagReceiver - ok
14:02:12.0141 0824 [ 03FE2EF97255CAFE915E53A7E4B7E689 ] RNADirectory C:\Program Files (x86)\Common Files\Rockwell\RnaDirServer.exe
14:02:12.0172 0824 RNADirectory - ok
14:02:12.0219 0824 [ 8489BF294D33416415749656A6261ED3 ] RNADirMultiplexor C:\Program Files (x86)\Common Files\Rockwell\RNADirMultiplexor.exe
14:02:12.0250 0824 RNADirMultiplexor - ok
14:02:12.0281 0824 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:02:12.0281 0824 RpcEptMapper - ok
14:02:12.0297 0824 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:02:12.0313 0824 RpcLocator - ok
14:02:12.0328 0824 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
14:02:12.0344 0824 RpcSs - ok
14:02:12.0391 0824 RSLinx - ok
14:02:12.0406 0824 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:02:12.0422 0824 rspndr - ok
14:02:12.0453 0824 [ 8EDD7060FF6599D3EF949AEB698145A4 ] RsvcHost C:\Program Files (x86)\Common Files\Rockwell\RsvcHost.exe
14:02:12.0469 0824 RsvcHost - ok
14:02:12.0500 0824 [ 365ED58B47B46DE8B1C5FA759B6FCD6E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:02:12.0515 0824 RTL8167 - ok
14:02:12.0531 0824 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
14:02:12.0531 0824 s3cap - ok
14:02:12.0562 0824 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
14:02:12.0562 0824 SamSs - ok
14:02:12.0578 0824 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
14:02:12.0578 0824 sbp2port - ok
14:02:12.0609 0824 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:02:12.0625 0824 SCardSvr - ok
14:02:12.0640 0824 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:02:12.0640 0824 scfilter - ok
14:02:12.0687 0824 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
14:02:12.0718 0824 Schedule - ok
14:02:12.0749 0824 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:02:12.0749 0824 SCPolicySvc - ok
14:02:12.0765 0824 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:02:12.0765 0824 SDRSVC - ok
14:02:12.0796 0824 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:02:12.0796 0824 secdrv - ok
14:02:12.0812 0824 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
14:02:12.0812 0824 seclogon - ok
14:02:12.0827 0824 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:02:12.0827 0824 SENS - ok
14:02:12.0843 0824 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:02:12.0843 0824 SensrSvc - ok
14:02:12.0874 0824 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:02:12.0874 0824 Serenum - ok
14:02:12.0874 0824 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:02:12.0890 0824 Serial - ok
14:02:12.0905 0824 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:02:12.0905 0824 sermouse - ok
14:02:12.0952 0824 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
14:02:12.0952 0824 SessionEnv - ok
14:02:12.0983 0824 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
14:02:12.0983 0824 sffdisk - ok
14:02:12.0999 0824 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:02:12.0999 0824 sffp_mmc - ok
14:02:13.0015 0824 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
14:02:13.0015 0824 sffp_sd - ok
14:02:13.0030 0824 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:02:13.0030 0824 sfloppy - ok
14:02:13.0061 0824 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:02:13.0061 0824 SharedAccess - ok
14:02:13.0093 0824 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:02:13.0093 0824 ShellHWDetection - ok
14:02:13.0108 0824 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:02:13.0124 0824 SiSRaid2 - ok
14:02:13.0139 0824 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:02:13.0139 0824 SiSRaid4 - ok
14:02:13.0171 0824 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:02:13.0171 0824 Smb - ok
14:02:13.0202 0824 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:02:13.0217 0824 SNMPTRAP - ok
14:02:13.0233 0824 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:02:13.0233 0824 spldr - ok
14:02:13.0311 0824 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
14:02:13.0327 0824 Spooler - ok
14:02:13.0498 0824 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
14:02:13.0592 0824 sppsvc - ok
14:02:13.0623 0824 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:02:13.0623 0824 sppuinotify - ok
14:02:13.0732 0824 [ 53B1A7CC3CD0DAA03222AE1AEB654162 ] SprintRcAppSvc C:\Program Files (x86)\Sprint\Sprint SmartView\RcAppSvc.exe
14:02:13.0748 0824 SprintRcAppSvc - ok
14:02:13.0919 0824 [ 3510E7021D2637A67FBCB5105EAE945D ] SRTSP C:\Windows\System32\Drivers\NISx64\1402000.013\SRTSP64.SYS
14:02:13.0951 0824 SRTSP - ok
14:02:13.0982 0824 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\Windows\system32\drivers\NISx64\1402000.013\SRTSPX64.SYS
14:02:13.0982 0824 SRTSPX - ok
14:02:14.0044 0824 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:02:14.0075 0824 srv - ok
14:02:14.0107 0824 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:02:14.0107 0824 srv2 - ok
14:02:14.0138 0824 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:02:14.0138 0824 srvnet - ok
14:02:14.0169 0824 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:02:14.0169 0824 SSDPSRV - ok
14:02:14.0185 0824 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:02:14.0185 0824 SstpSvc - ok
14:02:14.0528 0824 [ DE9E765BD64FFF598E9F3AAB41874D8A ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\STacSV64.exe
14:02:14.0543 0824 STacSV - ok
14:02:14.0559 0824 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\Windows\system32\DRIVERS\stdcfltn.sys
14:02:14.0559 0824 stdcfltn - ok
14:02:14.0621 0824 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:02:14.0621 0824 stexstor - ok
14:02:14.0668 0824 [ 3FE584503DC68CD206143BC334C43484 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
14:02:14.0684 0824 STHDA - ok
14:02:14.0731 0824 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:02:14.0731 0824 StillCam - ok
14:02:14.0762 0824 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
14:02:14.0777 0824 stisvc - ok
14:02:14.0824 0824 [ E476C66713C842F58E61A95826ED1D57 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
14:02:14.0824 0824 stllssvr - ok
14:02:14.0855 0824 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
14:02:14.0855 0824 storflt - ok
14:02:14.0887 0824 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
14:02:14.0887 0824 StorSvc - ok
14:02:14.0902 0824 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
14:02:14.0902 0824 storvsc - ok
14:02:14.0933 0824 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:02:14.0933 0824 swenum - ok
14:02:14.0980 0824 [ 19BB7EED330F5736064CC84F6B45037A ] SwiCardDetectSvc C:\Program Files (x86)\Sprint\Sprint SmartView\SwiCardDetect64.exe
14:02:14.0980 0824 SwiCardDetectSvc - ok
14:02:15.0027 0824 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:02:15.0058 0824 swprv - ok
14:02:15.0105 0824 [ 777217682DA76337E8E6EC8AC4412B9B ] SymDS C:\Windows\system32\drivers\NISx64\1402000.013\SYMDS64.SYS
14:02:15.0121 0824 SymDS - ok
14:02:15.0152 0824 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\Windows\system32\drivers\NISx64\1402000.013\SYMEFA64.SYS
14:02:15.0183 0824 SymEFA - ok
14:02:15.0214 0824 [ F5D6D3B7468C46EA2DDC1D19D2A6DA0F ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:02:15.0230 0824 SymEvent - ok
14:02:15.0277 0824 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\NISx64\1402000.013\Ironx64.SYS
14:02:15.0277 0824 SymIRON - ok
14:02:15.0323 0824 [ 1605EBD8CB86AFC4430116065995279A ] SymNetS C:\Windows\system32\drivers\NISx64\1402000.013\SYMNETS.SYS
14:02:15.0339 0824 SymNetS - ok
14:02:15.0386 0824 [ E5D73228176C9F69072D1F91CED83484 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:02:15.0386 0824 SynTP - ok
14:02:15.0448 0824 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
14:02:15.0495 0824 SysMain - ok
14:02:15.0542 0824 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:02:15.0557 0824 TabletInputService - ok
14:02:15.0573 0824 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
14:02:15.0589 0824 TapiSrv - ok
14:02:15.0604 0824 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:02:15.0604 0824 TBS - ok
14:02:15.0682 0824 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:02:15.0729 0824 Tcpip - ok
14:02:15.0807 0824 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:02:15.0823 0824 TCPIP6 - ok
14:02:15.0838 0824 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:02:15.0838 0824 tcpipreg - ok
14:02:15.0869 0824 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:02:15.0869 0824 TDPIPE - ok
14:02:15.0901 0824 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:02:15.0901 0824 TDTCP - ok
14:02:15.0916 0824 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:02:15.0932 0824 tdx - ok
14:02:15.0947 0824 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:02:15.0947 0824 TermDD - ok
14:02:15.0994 0824 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
14:02:16.0025 0824 TermService - ok
14:02:16.0057 0824 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:02:16.0057 0824 Themes - ok
14:02:16.0072 0824 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:02:16.0088 0824 THREADORDER - ok
14:02:16.0103 0824 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:02:16.0119 0824 TrkWks - ok
14:02:16.0150 0824 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:02:16.0166 0824 TrustedInstaller - ok
14:02:16.0181 0824 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:02:16.0181 0824 tssecsrv - ok
14:02:16.0213 0824 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:02:16.0213 0824 tunnel - ok
14:02:16.0244 0824 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:02:16.0244 0824 uagp35 - ok
14:02:16.0291 0824 [ 31BA4A33AFAB6A69EA092B18017F737F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:02:16.0291 0824 udfs - ok
14:02:16.0493 0824 [ 215462AE7E6A897D675E84DD1E3B3B56 ] ufad-ws60 C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe
14:02:16.0509 0824 ufad-ws60 - ok
14:02:16.0525 0824 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:02:16.0540 0824 UI0Detect - ok
14:02:16.0556 0824 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
14:02:16.0556 0824 uliagpkx - ok
14:02:16.0571 0824 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:02:16.0571 0824 umbus - ok
14:02:16.0587 0824 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:02:16.0587 0824 UmPass - ok
14:02:16.0618 0824 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
14:02:16.0634 0824 UmRdpService - ok
14:02:16.0805 0824 [ 9E89C2D6945389270DE067CE51FF7425 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
14:02:16.0883 0824 UNS - ok
14:02:17.0071 0824 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:02:17.0071 0824 upnphost - ok
14:02:17.0133 0824 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:02:17.0133 0824 usbccgp - ok
14:02:17.0164 0824 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
14:02:17.0180 0824 usbcir - ok
14:02:17.0227 0824 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:02:17.0227 0824 usbehci - ok
14:02:17.0258 0824 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:02:17.0258 0824 usbhub - ok
14:02:17.0273 0824 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:02:17.0289 0824 usbohci - ok
14:02:17.0305 0824 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:02:17.0305 0824 usbprint - ok
14:02:17.0351 0824 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:02:17.0351 0824 USBSTOR - ok
14:02:17.0383 0824 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:02:17.0383 0824 usbuhci - ok
14:02:17.0414 0824 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:02:17.0429 0824 usbvideo - ok
14:02:17.0461 0824 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:02:17.0461 0824 UxSms - ok
14:02:17.0476 0824 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
14:02:17.0476 0824 VaultSvc - ok
14:02:17.0554 0824 [ 20C2342A2B11545601FAB8A0C8026F6E ] vcsFPService C:\Windows\system32\vcsFPService.exe
14:02:17.0617 0824 vcsFPService - ok
14:02:17.0648 0824 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
14:02:17.0648 0824 vdrvroot - ok
14:02:17.0679 0824 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
14:02:17.0695 0824 vds - ok
14:02:17.0710 0824 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:02:17.0726 0824 vga - ok
14:02:17.0726 0824 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:02:17.0741 0824 VgaSave - ok
14:02:17.0757 0824 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
14:02:17.0757 0824 vhdmp - ok
14:02:17.0804 0824 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
14:02:17.0804 0824 viaide - ok
14:02:17.0819 0824 VirtualBackplane - ok
14:02:17.0882 0824 [ B6AF429E22840C8D0EA2B8D898407E1F ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
14:02:17.0882 0824 VMAuthdService - ok
14:02:17.0913 0824 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
14:02:17.0913 0824 vmbus - ok
14:02:17.0944 0824 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
14:02:17.0944 0824 VMBusHID - ok
14:02:17.0975 0824 [ 574906D355726F78DF88E232BC1884A4 ] vmci C:\Windows\system32\drivers\vmci.sys
14:02:17.0975 0824 vmci - ok
14:02:18.0007 0824 [ FFC30CAEEB2FC5FEE8568CFF74EDEAED ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
14:02:18.0007 0824 vmkbd - ok
14:02:18.0022 0824 [ 9D54F1339E78C95BF3D9939EBCB66378 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
14:02:18.0022 0824 VMnetAdapter - ok
14:02:18.0053 0824 [ FB54EF3AA613D2832FD3812E7CB2FC75 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
14:02:18.0053 0824 VMnetBridge - ok
14:02:18.0069 0824 VMnetDHCP - ok
14:02:18.0131 0824 [ 4767D40764AA5AAE75D2B37AA5659302 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
14:02:18.0131 0824 VMnetuserif - ok
14:02:18.0163 0824 [ 415B167695C4B5960A13098622EF3D80 ] vmusb C:\Windows\system32\Drivers\vmusb.sys
14:02:18.0163 0824 vmusb - ok
14:02:18.0256 0824 [ 19368F7C4DC6EF444B826249FC8A0E30 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
14:02:18.0272 0824 VMUSBArbService - ok
14:02:18.0303 0824 VMware NAT Service - ok
14:02:18.0334 0824 [ 7A973B264FE52C264C275E3975562930 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
14:02:18.0334 0824 vmx86 - ok
14:02:18.0365 0824 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
14:02:18.0365 0824 volmgr - ok
14:02:18.0397 0824 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:02:18.0397 0824 volmgrx - ok
14:02:18.0412 0824 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:02:18.0428 0824 volsnap - ok
14:02:18.0459 0824 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:02:18.0459 0824 vsmraid - ok
14:02:18.0521 0824 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
14:02:18.0584 0824 VSS - ok
14:02:18.0615 0824 [ E61C910E2DDF4797C1B1F9239636E894 ] vstor2-ws60 C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys
14:02:18.0615 0824 vstor2-ws60 - ok
14:02:18.0631 0824 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:02:18.0631 0824 vwifibus - ok
14:02:18.0662 0824 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:02:18.0662 0824 vwififlt - ok
14:02:18.0693 0824 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:02:18.0693 0824 vwifimp - ok
14:02:18.0724 0824 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:02:18.0740 0824 W32Time - ok
14:02:18.0771 0824 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:02:18.0771 0824 WacomPen - ok
14:02:18.0787 0824 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:02:18.0787 0824 WANARP - ok
14:02:18.0802 0824 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:02:18.0802 0824 Wanarpv6 - ok
14:02:18.0833 0824 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:02:18.0865 0824 WatAdminSvc - ok
14:02:18.0927 0824 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
14:02:18.0943 0824 wbengine - ok
14:02:18.0958 0824 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:02:18.0974 0824 WbioSrvc - ok
14:02:19.0036 0824 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:02:19.0052 0824 wcncsvc - ok
14:02:19.0052 0824 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:02:19.0052 0824 WcsPlugInService - ok
14:02:19.0083 0824 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:02:19.0083 0824 Wd - ok
14:02:19.0114 0824 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
14:02:19.0114 0824 WDC_SAM - ok
14:02:19.0177 0824 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:02:19.0192 0824 Wdf01000 - ok
14:02:19.0192 0824 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:02:19.0208 0824 WdiServiceHost - ok
14:02:19.0208 0824 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:02:19.0208 0824 WdiSystemHost - ok
14:02:19.0255 0824 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
14:02:19.0255 0824 WebClient - ok
14:02:19.0286 0824 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:02:19.0286 0824 Wecsvc - ok
14:02:19.0301 0824 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:02:19.0301 0824 wercplsupport - ok
14:02:19.0348 0824 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:02:19.0348 0824 WerSvc - ok
14:02:19.0364 0824 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:02:19.0364 0824 WfpLwf - ok
14:02:19.0379 0824 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:02:19.0379 0824 WIMMount - ok
14:02:19.0395 0824 WinDefend - ok
14:02:19.0395 0824 WinHttpAutoProxySvc - ok
14:02:19.0473 0824 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:02:19.0473 0824 Winmgmt - ok
14:02:19.0520 0824 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
14:02:19.0551 0824 WinRM - ok
14:02:19.0613 0824 [ 4D52C872018AF7E18D078978DCC3F6F2 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
14:02:19.0613 0824 WinUSB - ok
14:02:19.0645 0824 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:02:19.0691 0824 Wlansvc - ok
14:02:19.0769 0824 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:02:19.0769 0824 wlcrasvc - ok
14:02:19.0972 0824 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:02:20.0019 0824 wlidsvc - ok
14:02:20.0035 0824 [ DE816A0624D54D68E1FB8A9028DCF81A ] wltrysvc C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
14:02:20.0035 0824 wltrysvc - ok
14:02:20.0081 0824 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:02:20.0081 0824 WmiAcpi - ok
14:02:20.0113 0824 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:02:20.0113 0824 wmiApSrv - ok
14:02:20.0144 0824 WMPNetworkSvc - ok
14:02:20.0159 0824 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:02:20.0175 0824 WPCSvc - ok
14:02:20.0191 0824 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:02:20.0191 0824 WPDBusEnum - ok
14:02:20.0206 0824 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:02:20.0206 0824 ws2ifsl - ok
14:02:20.0253 0824 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll
14:02:20.0253 0824 wscsvc - ok
14:02:20.0300 0824 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
14:02:20.0300 0824 WSDPrintDevice - ok
14:02:20.0300 0824 WSearch - ok
14:02:20.0393 0824 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:02:20.0627 0824 wuauserv - ok
14:02:20.0705 0824 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:02:20.0705 0824 WudfPf - ok
14:02:20.0737 0824 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:02:20.0752 0824 WUDFRd - ok
14:02:20.0783 0824 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:02:20.0783 0824 wudfsvc - ok
14:02:20.0830 0824 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:02:20.0846 0824 WwanSvc - ok
14:02:20.0893 0824 ================ Scan global ===============================
14:02:20.0908 0824 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:02:20.0955 0824 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
14:02:20.0971 0824 [ 79CDA06F75AD5373DD447F57575C4400 ] C:\Windows\system32\winsrv.dll
14:02:21.0017 0824 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:02:21.0049 0824 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:02:21.0064 0824 [Global] - ok
14:02:21.0064 0824 ================ Scan MBR ==================================
14:02:21.0064 0824 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
14:02:22.0718 0824 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:02:22.0718 0824 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:02:22.0733 0824 ================ Scan VBR ==================================
14:02:22.0749 0824 [ 4C00CB6B3207DEEEF402A78D1469A072 ] \Device\Harddisk0\DR0\Partition1
14:02:22.0749 0824 \Device\Harddisk0\DR0\Partition1 - ok
14:02:22.0765 0824 [ CE3ADCFC6EB50C97858E8CC38454D754 ] \Device\Harddisk0\DR0\Partition2
14:02:22.0780 0824 \Device\Harddisk0\DR0\Partition2 - ok
14:02:22.0780 0824 ============================================================
14:02:22.0780 0824 Scan finished
14:02:22.0780 0824 ============================================================
14:02:22.0796 8928 Detected object count: 1
14:02:22.0796 8928 Actual detected object count: 1

#6 badger_04

badger_04
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 04:23 PM

aswMBR log results to follow. ESET should be done in about 30 minutes.

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-01-13 14:10:12
-----------------------------
14:10:12.077 OS Version: Windows x64 6.1.7600
14:10:12.077 Number of processors: 8 586 0x1E05
14:10:12.077 ComputerName: CETEK-BR1 UserName:
14:10:13.013 Initialize success
14:10:57.123 AVAST engine defs: 13011300
14:11:25.624 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:11:25.624 Disk 0 Vendor: ST950042 D005 Size: 476940MB BusType: 3
14:11:25.640 Disk 0 MBR read successfully
14:11:25.656 Disk 0 MBR scan
14:11:25.656 Disk 0 Windows VISTA default MBR code
14:11:25.671 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
14:11:25.687 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
14:11:25.702 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461899 MB offset 30801920
14:11:25.734 Disk 0 scanning C:\Windows\system32\drivers
14:11:40.413 Service scanning
14:12:06.808 Modules scanning
14:12:06.824 Disk 0 trace - called modules:
14:12:06.886 ntoskrnl.exe CLASSPNP.SYS disk.sys stdcfltn.sys ACPI.sys iaStor.sys hal.dll
14:12:06.902 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008411060]
14:12:06.918 3 CLASSPNP.SYS[fffff8800108743f] -> nt!IofCallDriver -> [0xfffffa8008284cb0]
14:12:06.918 5 stdcfltn.sys[fffff880019c8c52] -> nt!IofCallDriver -> [0xfffffa800632f9f0]
14:12:06.933 7 ACPI.sys[fffff88000eed781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8006334050]
14:12:08.400 AVAST engine scan C:\Windows
14:12:12.222 AVAST engine scan C:\Windows\system32
14:16:34.770 AVAST engine scan C:\Windows\system32\drivers
14:17:03.474 AVAST engine scan C:\Users\BrianRashka
14:22:03.525 AVAST engine scan C:\ProgramData
14:26:06.199 Scan finished successfully
14:28:11.904 Disk 0 MBR has been saved successfully to "C:\Users\BrianRashka\Desktop\MBR.dat"
14:28:11.904 The log file has been saved successfully to "C:\Users\BrianRashka\Desktop\aswMBR.txt"

#7 badger_04

badger_04
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 06:39 PM

Whew. The ESET took three hours to complete. Four files found. One file did not get resolved.

C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QELW2117\categories[1].htm HTML/Iframe.B.Gen virus unable to clean
C:\TDSSKiller_Quarantine\03.01.2013_00.34.31\mbr0000\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\03.01.2013_00.34.31\tdlfs0000\tsk0002.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QELW2117\categories[1].htm HTML/Iframe.B.Gen virus deleted - quarantined

#8 badger_04

badger_04
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 06:41 PM

Awaiting your next command.

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:35 PM

Posted 13 January 2013 - 08:02 PM

Run TDSSkiller and select delete for this entry

14:02:22.0718 0824 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#10 badger_04

badger_04
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 10:50 PM

Malware bytes log to follow:

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.13.09

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
BrianRashka :: CETEK-BR1 [administrator]

Protection: Enabled

1/13/2013 7:31:17 PM
mbam-log-2013-01-13 (19-31-17).txt

Scan type: Full scan (C:\|D:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 596978
Time elapsed: 2 hour(s), 15 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#11 badger_04

badger_04
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 11:10 PM

Mini Toolbox

MiniToolBox by Farbar Version:10-01-2013
Ran by BrianRashka (administrator) on 13-01-2013 at 22:04:33
Running from "C:\Users\BrianRashka\Desktop"
Windows 7 Professional (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 204.79.84.44:8080

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
VMware Virtual Ethernet Adapter for VMnet1 = VMware Network Adapter VMnet1 (Connected)
VMware Virtual Ethernet Adapter for VMnet8 = VMware Network Adapter VMnet8 (Connected)
DW1501 Wireless-N WLAN Half-Mini Card = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="VMware Network Adapter VMnet1" address=192.168.241.1


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Cetek-BR1
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 1C-65-9D-DD-BB-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : F0-4D-A2-C3-73-D9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9bc:41e6:d12c:4421%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.15.103(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 13, 2013 11:50:52 AM
Lease Expires . . . . . . . . . . : Monday, January 14, 2013 5:23:36 PM
Default Gateway . . . . . . . . . : 192.168.15.1
DHCP Server . . . . . . . . . . . : 192.168.15.1
DHCPv6 IAID . . . . . . . . . . . : 300961186
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-A7-D8-00-F0-4D-A2-C3-73-D9
DNS Servers . . . . . . . . . . . : 192.168.15.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : DW1501 Wireless-N WLAN Half-Mini Card
Physical Address. . . . . . . . . : 1C-65-9D-DD-BB-5B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter VMware Network Adapter VMnet1:

Connection-specific DNS Suffix . : localdomain
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::a85f:c67d:8b44:17d5%19(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.241.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 13, 2013 5:23:34 PM
Lease Expires . . . . . . . . . . : Sunday, January 13, 2013 10:23:34 PM
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.241.254
DHCPv6 IAID . . . . . . . . . . . : 335564886
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-A7-D8-00-F0-4D-A2-C3-73-D9
DNS Servers . . . . . . . . . . . : 192.168.241.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter VMware Network Adapter VMnet8:

Connection-specific DNS Suffix . : localdomain
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::286c:12e5:42ac:cd6b%20(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.161.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, January 13, 2013 5:23:34 PM
Lease Expires . . . . . . . . . . : Sunday, January 13, 2013 10:23:34 PM
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.161.254
DHCPv6 IAID . . . . . . . . . . . : 385896534
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-A7-D8-00-F0-4D-A2-C3-73-D9
DNS Servers . . . . . . . . . . . : 192.168.161.2
Primary WINS Server . . . . . . . : 192.168.161.2
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{0C7DCD9B-70A1-45DB-9672-E015E4B7B0E3}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5D1D4034-F030-44A6-85F2-6D702421B26D}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : localdomain
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 14:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable Microsoft 6To4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{F1FC873F-276C-49B3-9315-19D5FD09CC66}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{33345B75-F773-4B18-8490-F9980417865F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : localdomain
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{8078DC7B-DC4B-4F91-8D13-690958D55168}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #11
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.15.1

Name: google.com
Addresses: 2607:f8b0:4009:803::1002
74.125.225.36
74.125.225.37
74.125.225.38
74.125.225.39
74.125.225.40
74.125.225.41
74.125.225.46
74.125.225.32
74.125.225.33
74.125.225.34
74.125.225.35


Pinging google.com [74.125.225.36] with 32 bytes of data:
Reply from 74.125.225.36: bytes=32 time=39ms TTL=47
Reply from 74.125.225.36: bytes=32 time=40ms TTL=47

Ping statistics for 74.125.225.36:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 39ms, Maximum = 40ms, Average = 39ms
Server: UnKnown
Address: 192.168.15.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=164ms TTL=49
Reply from 72.30.38.140: bytes=32 time=83ms TTL=49

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 83ms, Maximum = 164ms, Average = 123ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128
Reply from 127.0.0.1: bytes=32 time=6ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 6ms, Maximum = 6ms, Average = 6ms
===========================================================================
Interface List
16...1c 65 9d dd bb 5b ......Microsoft Virtual WiFi Miniport Adapter
12...f0 4d a2 c3 73 d9 ......Realtek PCIe GBE Family Controller
11...1c 65 9d dd bb 5b ......DW1501 Wireless-N WLAN Half-Mini Card
19...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
20...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
1...........................Software Loopback Interface 1
35...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
36...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
27...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #5
17...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
18...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
22...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #4
21...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
32...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
33...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #11
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.15.1 192.168.15.103 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.15.0 255.255.255.0 On-link 192.168.15.103 276
192.168.15.103 255.255.255.255 On-link 192.168.15.103 276
192.168.15.255 255.255.255.255 On-link 192.168.15.103 276
192.168.161.0 255.255.255.0 On-link 192.168.161.1 276
192.168.161.1 255.255.255.255 On-link 192.168.161.1 276
192.168.161.255 255.255.255.255 On-link 192.168.161.1 276
192.168.241.0 255.255.255.0 On-link 192.168.241.1 276
192.168.241.1 255.255.255.255 On-link 192.168.241.1 276
192.168.241.255 255.255.255.255 On-link 192.168.241.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.15.103 276
224.0.0.0 240.0.0.0 On-link 192.168.161.1 276
224.0.0.0 240.0.0.0 On-link 192.168.241.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.15.103 276
255.255.255.255 255.255.255.255 On-link 192.168.161.1 276
255.255.255.255 255.255.255.255 On-link 192.168.241.1 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 276 fe80::/64 On-link
20 276 fe80::/64 On-link
19 276 fe80::/64 On-link
12 276 fe80::9bc:41e6:d12c:4421/128
On-link
20 276 fe80::286c:12e5:42ac:cd6b/128
On-link
19 276 fe80::a85f:c67d:8b44:17d5/128
On-link
1 306 ff00::/8 On-link
12 276 ff00::/8 On-link
20 276 ff00::/8 On-link
19 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [35840] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
Catalog9 13 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [46592] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 12 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [446576] (VMware, Inc.)
x64-Catalog9 13 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [446576] (VMware, Inc.)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/13/2013 03:00:12 PM) (Source: PC-Doctor) (User: )
Description: (7592) Asapi: (15:00:12:9560)(7592) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (01/13/2013 03:00:12 PM) (Source: PC-Doctor) (User: )
Description: (7592) Asapi: (15:00:12:0040)(7592) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (01/13/2013 02:28:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (01/13/2013 02:28:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (01/13/2013 00:28:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifest.

Error: (01/12/2013 03:00:03 PM) (Source: PC-Doctor) (User: )
Description: (7256) Asapi: (15:00:03:9370)(7256) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (01/12/2013 03:00:03 PM) (Source: PC-Doctor) (User: )
Description: (7256) Asapi: (15:00:03:9330)(7256) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (01/12/2013 06:53:15 AM) (Source: PC-Doctor) (User: )
Description: (3320) Asapi: (06:53:15:5360)(3320) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (01/12/2013 06:53:15 AM) (Source: PC-Doctor) (User: )
Description: (3320) Asapi: (06:53:15:4890)(3320) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (01/11/2013 11:39:17 AM) (Source: Application Error) (User: )
Description: Faulting application name: jaucheck.exe, version: 2.0.2.4, time stamp: 0x4bed9a14
Faulting module name: jaucheck.exe, version: 2.0.2.4, time stamp: 0x4bed9a14
Exception code: 0x40000015
Fault offset: 0x0001a110
Faulting process id: 0x1ee4
Faulting application start time: 0xjaucheck.exe0
Faulting application path: jaucheck.exe1
Faulting module path: jaucheck.exe2
Report Id: jaucheck.exe3


System errors:
=============
Error: (01/13/2013 10:03:00 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (01/13/2013 10:02:59 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (01/13/2013 10:02:59 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (01/13/2013 10:02:58 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR4.

Error: (01/13/2013 05:37:08 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR2.

Error: (01/13/2013 02:18:39 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{F1FC873F-276C-49B3-9315-19D5FD09CC66}.
The backup browser is stopping.

Error: (01/13/2013 00:09:36 PM) (Source: BROWSER) (User: )
Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{F1FC873F-276C-49B3-9315-19D5FD09CC66}.
The backup browser is stopping.

Error: (01/13/2013 00:04:51 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (01/13/2013 11:52:30 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/13/2013 11:51:32 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
VirtualBackplane


Microsoft Office Sessions:
=========================
Error: (01/13/2013 03:00:12 PM) (Source: PC-Doctor)(User: )
Description: (7592) Asapi: (15:00:12:9560)(7592) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (01/13/2013 03:00:12 PM) (Source: PC-Doctor)(User: )
Description: (7592) Asapi: (15:00:12:0040)(7592) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (01/13/2013 02:28:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\BrianRashka\Desktop\esetsmartinstaller_enu.exe

Error: (01/13/2013 02:28:35 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\BrianRashka\Desktop\esetsmartinstaller_enu.exe

Error: (01/13/2013 00:28:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_fa62ad231704eab7.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd.manifestC:\Users\BrianRashka\Desktop\esetsmartinstaller_enu.exe

Error: (01/12/2013 03:00:03 PM) (Source: PC-Doctor)(User: )
Description: (7256) Asapi: (15:00:03:9370)(7256) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (01/12/2013 03:00:03 PM) (Source: PC-Doctor)(User: )
Description: (7256) Asapi: (15:00:03:9330)(7256) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (01/12/2013 06:53:15 AM) (Source: PC-Doctor)(User: )
Description: (3320) Asapi: (06:53:15:5360)(3320) Asapi.State - Error -- 123 Plugin S3LogPusher.dll failed to load.

Error: (01/12/2013 06:53:15 AM) (Source: PC-Doctor)(User: )
Description: (3320) Asapi: (06:53:15:4890)(3320) libAsapi.DynamicLoadedPlugin - Error -- 64 Unable to load library 'S3LogPusher.dll'

Error: (01/11/2013 11:39:17 AM) (Source: Application Error)(User: )
Description: jaucheck.exe2.0.2.44bed9a14jaucheck.exe2.0.2.44bed9a14400000150001a1101ee401cdf02292f4e203C:\Program Files (x86)\Common Files\Java\Java Update\jaucheck.exeC:\Program Files (x86)\Common Files\Java\Java Update\jaucheck.exed1efd966-5c15-11e2-8907-005056c00008


CodeIntegrity Errors:
===================================
Date: 2013-01-12 21:54:26.447
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-01-12 21:54:26.353
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 8.2.2)
7200 (Version: 130.0.365.000)
7200_Help (Version: 82.0.242.000)
7200Trb (Version: 82.0.242.000)
AccelerometerP11 (Version: 2.00.10.17)
Adobe Acrobat 9 Standard - English, Franšais, Deutsch (Version: 9.5.2)
Adobe Acrobat 9.5.2 - CPSID_83708
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.55)
Advanced Audio FX Engine (Version: 1.12.05)
AIO_CDB_ProductContext (Version: 130.0.365.000)
AIO_CDB_Software (Version: 130.0.365.000)
AIO_Scan (Version: 130.0.421.000)
AutoCAD LT 2007 - English (Version: 17.0.54.110)
Autodesk DWF Viewer (Version: 6.5)
Autodesk Streamline 2012.1.20.6492 (Version: 2012.1.20.6492)
Belimo SelectPro (Version: 2.0.44)
BufferChm (Version: 130.0.331.000)
Cisco Connect (Version: 1.0.10028.0)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
ControlFLASH (Version: 11.00.00)
Copy (Version: 130.0.428.000)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Backup and Recovery Manager (Version: 1.3)
Dell Edoc Viewer (Version: 1.0.0)
Dell Support Center (Version: 3.0.5621.01)
Dell Touchpad (Version: 15.0.2.0)
Dell Webcam Central (Version: 2.00.35)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DigitalPersona Fingerprint Software 5.30 (Version: 5.30.252)
DocProc (Version: 13.0.0.0)
DW WLAN Card Utility (Version: 5.60.48.35)
FactoryTalk Diagnostics 2.30 (CPR 9 SR 3) (Version: 2.30.00.0023)
FactoryTalk Services Platform 2.30 (CPR 9 SR 3) (Version: 2.30.00.0023)
Fax (Version: 130.0.418.000)
GoToAssist Corporate (Version: 10.2.0.822)
GPBaseService2 (Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (Version: 13.0)
HP Product Detection (Version: 10.7.9.0)
HP Product Detection (Version: 11.14.0004)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 4.000.011.006)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
InstallVC90Support (Version: 1.01.0000)
Intel® Management Engine Components (Version: 6.0.0.1179)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 22 (64-bit) (Version: 6.0.220)
Java™ 6 Update 22 (Version: 6.0.220)
Junk Mail filter update (Version: 15.4.3502.0922)
Macrium Reflect Free Edition (Version: 5.0.4694)
Macromedia Flash Player 8 (Version: 8)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
MarketResearch (Version: 130.0.374.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
MFCLOC (Version: 1.00.0000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MotionView OnBoard
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 130.0.572.000)
Norton Internet Security (Version: 20.2.0.19)
NVIDIA Drivers (Version: 1.10.57.35)
OBDwiz (Version: 2.9.1)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Quickset64 (Version: 1.3.3)
Redundancy Module Config Tool (Version: 6.2.10.0)
Rockwell Automation Download Manager (Version: 2.0.7.28)
Rockwell Automation Driver Package x64 (Version: 1.0.3)
Rockwell Software Hardware Maintenance Tool
Rockwell Windows Firewall Configuration Utility 1.00.05 (Version: 1.00.05.0006)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE 10.3 (Version: 10.3)
Roxio Creator DE 10.3 (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio Update Manager (Version: 6.0.0)
RSLinx Classic 2.57.00 CPR 9 SR 3 (Version: 2.57.00.14 CPR 9 SR 3)
RSNetWorx for DeviceNet 10.01.00 (CPR 9 SR 3) (Version: 10.01.00.04)
Scan (Version: 13.0.0.0)
Shop for HP Supplies (Version: 13.0)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Sprint SmartView (Version: 2.61.0038.0)
Status (Version: 130.0.469.000)
Toolbox (Version: 130.0.648.000)
tools-freebsd (Version: 8.4.6.16648)
tools-linux (Version: 8.4.6.16648)
tools-netware (Version: 8.4.6.16648)
tools-solaris (Version: 8.4.6.16648)
tools-windows (Version: 8.4.6.16648)
tools-winPre2k (Version: 8.4.6.16648)
TrayApp (Version: 130.0.422.000)
UnloadSupport (Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Validity Sensors DDK (Version: 3.1.379)
VMware Workstation (Version: 7.1.4.16648)
WebEx
WebReg (Version: 130.0.132.017)
WIDCOMM Bluetooth Software (Version: 6.2.1.900)
Windows Automated Installation Kit (Version: 2.0.0.0)
Windows Driver Package - FTDI CDM Driver Package (10/22/2009 2.06.00) (Version: 10/22/2009 2.06.00)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinZip 11.2 (Version: 11.2.8094)
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 6078.57 MB
Available physical RAM: 3128.47 MB
Total Pagefile: 12155.29 MB
Available Pagefile: 9328.82 MB
Total Virtual: 4095.88 MB
Available Virtual: 3958.77 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.07 GB) (Free:22.22 GB) NTFS
2 Drive d: (Rescue) (CDROM) (Total:0.17 GB) (Free:0 GB) CDFS
3 Drive f: (KINGSTON) (Removable) (Total:14.53 GB) (Free:14.32 GB) FAT32

========================= Users: ========================================

User accounts for \\CETEK-BR1

__vmware_user__ Administrator BrianRashka
Guest

========================= Restore Points ==================================

13-01-2013 03:43:24 ComboFix created restore point

**** End of log ****

#12 badger_04

badger_04
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 11:16 PM

Farbar Report

Farbar Service Scanner Version: 05-01-2013
Ran by BrianRashka (administrator) on 13-01-2013 at 22:11:27
Running from "C:\Users\BrianRashka\Desktop"
Windows 7 Professional (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#13 badger_04

badger_04
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 11:24 PM

adware cleaner log

# AdwCleaner v2.105 - Logfile created 01/13/2013 at 22:18:46
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Professional (64 bits)
# User : BrianRashka - CETEK-BR1
# Boot Mode : Normal
# Running from : C:\Users\BrianRashka\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

*************************

AdwCleaner[S2].txt - [625 octets] - [13/01/2013 22:18:46]

########## EOF - C:\AdwCleaner[S2].txt - [684 octets] ##########

#14 badger_04

badger_04
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 11:41 PM

junkware removal tool log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.2 (01.08.2013:1)
OS: Windows 7 Professional x64
Ran by BrianRashka on Sun 01/13/2013 at 22:25:32.86
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{02478d38-c3f9-4efb-9b51-7695eca05670}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 01/13/2013 at 22:37:30.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#15 badger_04

badger_04
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:08:35 PM

Posted 13 January 2013 - 11:44 PM

rkill log

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/13/2013 10:42:38 PM in x64 mode.
Windows Version: Windows 7 Professional

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 01/13/2013 10:43:34 PM
Execution time: 0 hours(s), 0 minute(s), and 56 seconds(s)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users