Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google redirects to happili....AGAIN??? This is my work computer I need help!!!!


  • This topic is locked This topic is locked
10 replies to this topic

#1 Dork251

Dork251

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 04 April 2012 - 09:22 AM

Hello all it seems that I have had this issue before and fixed through running combofix. However I am not that smart apparently. I am running Windows7 x32 and have malwarebytes as well as vipre running on my computer. Only occasionally does this Happili redirect come up. It does not appear that I have any malware at the moment however for some reason my computer is not allowing Vipre to startup and run. Like i said this is my work computer and I need it up and running to make my living. Thanks in advance guys.

-Evan

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:40 AM

Posted 04 April 2012 - 10:02 AM

Welcome. If you are using FireFox it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Dork251

Dork251
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 04 April 2012 - 12:27 PM

Ok I accidentally disable two of my extensions at the same time. The redirect seems to have gone away. So as a test I enabled them one at a time and it still does not re-direct. How do I know if I have this problem fixed?

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:40 AM

Posted 04 April 2012 - 07:18 PM

Give it a day or so and see. If it comes back we have other routes to use.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Dork251

Dork251
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 05 April 2012 - 09:25 AM

Yah it came back, its also starting to redirect me to another site. Like i said for now It doesn't look like any applications are necessarily starting to run there "Click here to clean the threat now" scheme. But I think its only a matter of time. What should I do next?

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:40 AM

Posted 05 April 2012 - 12:28 PM

Are you on a router? Are other machines on it,if so are they redirecting?

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click on Change Parameters
  • Put a check in the box of Detect TDLFS file system
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log have a name like: TDSSKiller.Version_Date_Time_log.txt.





Please download aswMBR ( 511KB ) to your desktop.
  • Double click the aswMBR.exe icon to run it
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.


Next run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Dork251

Dork251
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 05 April 2012 - 08:48 PM

MiniToolBox by Farbar Version: 18-01-2012
Ran by espotswood (administrator) on 05-04-2012 at 18:28:20
Microsoft Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Cisco Systems VPN Adapter = Local Area Connection 3 (Disconnected)
SonicWALL NetExtender Adapter = Local Area Connection 2 (Connected)
Intel® WiFi Link 5100 AGN = Wireless Network Connection 3 (Connected)
Cisco AnyConnect VPN Virtual Miniport Adapter for Windows = Local Area Connection 4 (Hardware not present)
Intel® 82567LM Gigabit Network Connection = Local Area Connection (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
PdaNet Broadband Adapter = Local Area Connection 4 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled taskoffload=disabled
set interface interface="Local Area Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Wireless Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Bluetooth Network Connection" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 3" forwarding=disabled advertise=disabled mtu=1300 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Local Area Connection 4" forwarding=enabled advertise=enabled nud=enabled
set interface interface="Local Area Connection 4" forwarding=disabled advertise=disabled metric=1 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : los004-tech
Primary Dns Suffix . . . . . . . : controltechinc.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : controltechinc.com

Wireless LAN adapter Wireless Network Connection 3:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
Physical Address. . . . . . . . . : 00-24-D6-72-98-80
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::388f:d30:375e:b616%33(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, April 05, 2012 7:13:36 AM
Lease Expires . . . . . . . . . . : Thursday, April 05, 2012 7:13:58 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 889201878
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-E6-FD-1E-00-24-E8-C0-CC-CD
DNS Servers . . . . . . . . . . . : 68.105.28.12
68.105.29.12
68.105.28.11
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 4:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : PdaNet Broadband Adapter
Physical Address. . . . . . . . . : 00-26-37-BD-39-42
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 70-F1-A1-02-0E-6B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : 16-hvac-web02.facmon.csupomona.edu
Description . . . . . . . . . . . : Intel® 82567LM Gigabit Network Connection
Physical Address. . . . . . . . . : 00-24-E8-F9-90-E6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection* 20:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Juniper Network Connect Virtual Adapter
Physical Address. . . . . . . . . : 00-FF-98-EC-43-87
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 13:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:28ef:1dc3:3f57:fffa(Preferred)
Link-local IPv6 Address . . . . . : fe80::28ef:1dc3:3f57:fffa%17(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{0FFBF8F9-1A95-4607-9F73-F9A0092F08F6}:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.5%38(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 68.105.28.12
68.105.29.12
68.105.28.11
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{63259F7E-FCF9-4717-A62C-3023201A4E35}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BC1302DB-66EA-4492-BF32-F0091413D79C}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.16-hvac-web02.facmon.csupomona.edu:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{38943584-7A52-46BA-B9BF-7949D454B6E6}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cdns2.cox.net
Address: 68.105.28.12

Name: google.com.controltechinc.com
Address: 72.47.248.162


Pinging google.com [74.125.227.0] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 74.125.227.0:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Server: cdns2.cox.net
Address: 68.105.28.12

Name: yahoo.com.controltechinc.com
Address: 72.47.248.162


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=90ms TTL=55
Reply from 72.30.38.140: bytes=32 time=25ms TTL=55

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 25ms, Maximum = 90ms, Average = 57ms
Server: cdns2.cox.net
Address: 68.105.28.12

Name: bleepingcomputer.com.controltechinc.com
Address: 72.47.248.162


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
33...00 24 d6 72 98 80 ......Intel® WiFi Link 5100 AGN
29...00 26 37 bd 39 42 ......PdaNet Broadband Adapter
13...70 f1 a1 02 0e 6b ......Bluetooth Device (Personal Area Network)
10...00 24 e8 f9 90 e6 ......Intel® 82567LM Gigabit Network Connection
26...00 ff 98 ec 43 87 ......Juniper Network Connect Virtual Adapter
1...........................Software Loopback Interface 1
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
38...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
39...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
40...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
37...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
61...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.5 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.5 281
192.168.0.5 255.255.255.255 On-link 192.168.0.5 281
192.168.0.255 255.255.255.255 On-link 192.168.0.5 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.5 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
17 58 ::/0 On-link
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:4137:9e76:28ef:1dc3:3f57:fffa/128
On-link
33 281 fe80::/64 On-link
17 306 fe80::/64 On-link
38 281 fe80::5efe:192.168.0.5/128
On-link
17 306 fe80::28ef:1dc3:3f57:fffa/128
On-link
33 281 fe80::388f:d30:375e:b616/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
33 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 50 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 51 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 52 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 53 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 54 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 55 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 56 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 57 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 58 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 59 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 60 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 61 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 62 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 63 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (04/05/2012 01:39:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/05/2012 01:39:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (04/05/2012 01:39:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.

Error: (04/05/2012 07:55:19 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (04/05/2012 07:55:17 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (04/05/2012 07:55:15 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (04/04/2012 10:52:16 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (04/04/2012 10:52:16 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (04/04/2012 10:52:16 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (04/04/2012 10:52:16 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (04/05/2012 01:45:43 PM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain DOMAIN due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (04/05/2012 09:05:51 AM) (Source: Microsoft-Windows-GroupPolicy) (User: SYSTEM)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (04/05/2012 08:48:51 AM) (Source: Microsoft-Windows-GroupPolicy) (User: espotswood)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (04/05/2012 07:12:40 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.

Error: (04/04/2012 08:22:01 AM) (Source: Microsoft-Windows-GroupPolicy) (User: espotswood)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (04/04/2012 08:21:17 AM) (Source: Microsoft-Windows-GroupPolicy) (User: SYSTEM)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (04/04/2012 08:21:16 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
SBRE

Error: (04/04/2012 08:21:15 AM) (Source: NETLOGON) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain DOMAIN due to the following:
%%1311

This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.



ADDITIONAL INFO

If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.

Error: (04/04/2012 07:43:44 AM) (Source: Microsoft-Windows-GroupPolicy) (User: espotswood)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.

Error: (04/04/2012 07:33:46 AM) (Source: Microsoft-Windows-GroupPolicy) (User: SYSTEM)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator.


Microsoft Office Sessions:
=========================
Error: (02/28/2012 07:13:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 266 seconds with 0 seconds of active time. This session ended with a crash.

Error: (02/27/2012 10:14:45 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 746 seconds with 60 seconds of active time. This session ended with a crash.

Error: (02/27/2012 07:27:38 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 467 seconds with 240 seconds of active time. This session ended with a crash.

Error: (01/13/2012 07:37:02 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 165721 seconds with 0 seconds of active time. This session ended with a crash.

Error: (01/05/2012 03:08:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4619 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/19/2011 10:13:49 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 713 seconds with 600 seconds of active time. This session ended with a crash.

Error: (10/14/2011 11:49:05 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 76 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/04/2011 07:43:38 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6214.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1042 seconds with 0 seconds of active time. This session ended with a crash.

Error: (09/23/2010 09:37:53 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6212.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 107 seconds with 0 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

2007 Microsoft Office Suite Service Pack 1 (SP1)
7-Zip 9.20
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe Acrobat 9 Pro - English, Franšais, Deutsch (Version: 9.0.0)
Adobe After Effects CS4 Third Party Content (Version: 9)
Adobe AIR (Version: 1.5.3.9120)
Adobe Anchor Service CS4 (Version: 2.0)
Adobe Bridge CS4 (Version: 3)
Adobe CMaps CS4 (Version: 2.0)
Adobe Color - Photoshop Specific CS4 (Version: 2.0)
Adobe Color EU Extra Settings CS4 (Version: 2.0)
Adobe Color JA Extra Settings CS4 (Version: 2.0)
Adobe Color NA Recommended Settings CS4 (Version: 2.0)
Adobe Color Video Profiles CS CS4 (Version: 2.0)
Adobe Creative Suite 4 Master Collection (Version: 4.0)
Adobe CS4 American English Speech Analysis Models (Version: 1)
Adobe CSI CS4 (Version: 1)
Adobe Default Language CS4 (Version: 2.0)
Adobe Device Central CS4 (Version: 2)
Adobe Dreamweaver CS4 (Version: 10.0)
Adobe Drive CS4 (Version: 1)
Adobe Dynamiclink Support (Version: 1)
Adobe Encore CS4 Codecs (Version: 4)
Adobe ExtendScript Toolkit CS4 (Version: 3.0.0)
Adobe Extension Manager CS4 (Version: 2.0)
Adobe Fireworks CS4 (Version: 10.0)
Adobe Flash CS4 (Version: 10.0)
Adobe Flash CS4 Extension - Flash Lite STI en (Version: 3.0)
Adobe Flash CS4 STI-en (Version: 10.0)
Adobe Flash Player 10 ActiveX (Version: 10.3.183.10)
Adobe Flash Player 10 Plugin (Version: 10.1.85.3)
Adobe Fonts All (Version: 2.0)
Adobe Illustrator CS4 (Version: 14.0)
Adobe InDesign CS4 (Version: 6.0)
Adobe InDesign CS4 Application Feature Set Files (Roman) (Version: 6.0)
Adobe InDesign CS4 Common Base Files (Version: 6.0)
Adobe InDesign CS4 Icon Handler (Version: 6.0)
Adobe Linguistics CS4 (Version: 4.0.0)
Adobe Media Encoder CS4 (Version: 1.0)
Adobe Media Encoder CS4 Additional Exporter (Version: 1.0)
Adobe Media Encoder CS4 Dolby (Version: 1.0)
Adobe Media Encoder CS4 Exporter (Version: 1.0)
Adobe Media Encoder CS4 Importer (Version: 1.0)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Output Module (Version: 2.0)
Adobe PDF Library Files CS4 (Version: 9.0)
Adobe Photoshop CS4 (Version: 11.0)
Adobe Photoshop CS4 Support (Version: 11.0)
Adobe Premiere Pro CS4 (Version: 4)
Adobe Premiere Pro CS4 Functional Content (Version: 4)
Adobe Premiere Pro CS4 Third Party Content (Version: 4)
Adobe Reader 9.3 (Version: 9.3.0)
Adobe Search for Help (Version: 1.0)
Adobe Service Manager Extension (Version: 1.0)
Adobe Setup (Version: 2.0)
Adobe SGM CS4 (Version: 3.0)
Adobe SING CS4 (Version: 2.0)
Adobe Soundbooth CS4 (Version: 2)
Adobe Soundbooth CS4 Codecs (Version: 2)
Adobe Type Support CS4 (Version: 9.0)
Adobe Update Manager CS4 (Version: 6.0.0)
Adobe WinSoft Linguistics Plugin (Version: 1.1)
Adobe XMP Panels CS4 (Version: 2.0)
AdobeColorCommonSetCMYK (Version: 2.0)
AdobeColorCommonSetRGB (Version: 2.0)
BioAPI Framework (Version: 1.0.1)
BlackBerry Desktop Software 6.1 (Version: 6.1.0.35)
Cisco AnyConnect VPN Client (Version: 2.5.1025)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Cisco Systems VPN Client 5.0.06.0160 (Version: 5.0.6)
Connect (Version: 1.0.0.1)
Dell ControlPoint System Manager (Version: 1.3.00000)
Dell ControlVault Host Components Installer (Version: 1.7.324.55)
Dell Security Device Driver Pack (Version: 1.3.043)
Dell Touchpad (Version: 7.2.101.230)
Dell Wireless WLAN Card Utility (Version: 5.30.21.0)
Distech Controls Actuator Configuration (BCS) (Version: 2.0.0)
Distech Controls EC-RTU-L Configuration (BCS) (Version: 2.1.7)
Distech Controls Sensor Configuration (BCS) (Version: 2.0.0)
Distech Controls EC-Display Configuration (BCS) (Version: 3.1.239)
Distech Controls EC-gfxProgram (Version: 2.2.10130)
Distech Controls EC-gfxProgram 3.0 (Version: 3.0.10169.260)
Distech Controls EC-HPU-L Configuration (BCS) (Version: 2.1.17)
Distech Controls EC-NET Support Pack (R2) (Version: 1.0.9)
Distech Controls EC-UV-L Configuration (BCS) (Version: 2.1.13)
Distech Controls EC-VAV-L Configuration (BCS) (Version: 2.1)
Distech Controls ECC-PFCU Configuration (BCS) (Version: 2.2.63)
Distech Controls ECC-VAV Configuration (BCS) (Version: 2.2)
Distech Controls FanCoil Configuration (BCS) (Version: 2.0.0)
Distech Controls Free Programming Tool (BCS) (Version: 2.5.13)
Distech Controls Productivity Enhancing Tools 1.1 (Version: 1.1.0)
Distech Controls RemoteIO Configuration (BCS) (Version: 2.0)
Distech Controls RTC Configuration (BCS) (Version: 2.1)
Distech Controls Scheduler Configuration (BCS) (Version: 2.4.14)
Distech Controls Windows Vista Compatibility Fix (Version: 1.0)
DivX Setup (Version: 2.6.0.34)
Dodge View
Echelon OpenLDV 3.4 (Version: 3.40.016)
eReg (Version: 1.20.138.34)
FileZilla Client 3.5.2 (Version: 3.5.2)
Flow Balance 3.0 (Version: 3.00.0000)
Google Chrome (Version: 18.0.1025.142)
Google Desktop (Version: 5.9.1005.12335)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.111)
I/A Series Enterprise Server 2.3e (Version: 2.301.522.v2)
I/A Series Enterprise Server 2.3f (Version: 2.301.529.v1)
IDT Audio (Version: 1.0.6227.0)
Intel® Network Connections Drivers (Version: 14.1)
Intel« Matrix Storage Manager
Java Auto Updater (Version: 2.0.5.1)
Java DB 10.5.3.0 (Version: 10.5.3.0)
Java™ 6 Update 26 (Version: 6.0.260)
Java™ SE Development Kit 6 Update 20 (Version: 1.6.0.200)
Juniper Networks Network Connect 6.2.0 (Version: 6.2.0.14085)
Juniper Networks Network Connect 6.5.0 (Version: 6.5.0.15991)
Juniper Networks Network Connect 7.0.0 (Version: 7.0.0.18107)
Juniper Networks Network Connect 7.1.0 (Version: 7.1.0.19757)
Juniper Networks, Inc. Setup Client (Version: 7.1.5.14305)
kuler (Version: 2.0)
Logitech SetPoint 6.30 (Version: 6.30.43)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6215.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6213.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Office Visio Professional 2007 (Version: 12.0.6215.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6215.1000)
Microsoft Silverlight (Version: 4.0.50917.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SUNBELT) (Version: 9.3.4035.00)
Microsoft SQL Server 2008 Management Objects (Version: 10.0.1600.22)
Microsoft SQL Server Native Client (Version: 9.00.4035.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.4035.00)
Microsoft SQL Server VSS Writer (Version: 9.00.4035.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.31117)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.31121)
Mobile Broadband Generic Drivers (Version: 2.03.09.005.14)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Niagara-3.3.22
Niagara-3.3.34
Niagara-3.4.51
Niagara-3.4.57
Niagara-3.5.25
Niagara-3.6.31
Niagara LON Tunnel
Niagara Serial Tunnel
NiagaraAX Lon Tunnel
NiagaraAX Serial Tunnel
PdaNet for Android 2.45
PDF Settings CS4 (Version: 9.0)
Photoshop Camera Raw (Version: 5.0)
Pixel Bender Toolkit (Version: 1.0)
RICOH Media Driver ver.2.07.01.01 (Version: 2.07.01.01)
SonicWALL SSL-VPN NetExtender (Version: 4.0.134)
SQL Server System CLR Types (Version: 10.0.1600.22)
Suite Shared Configuration CS4 (Version: 1.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Veetle TV (Version: 0.9.18)
Verizon Wireless USB760 Firmware Updates (Version: 1.0.0)
VIPRE Antivirus (Version: 5.0.5134)
WebEx Recorder and Player (Version: 2.8.4917)
WIDCOMM Bluetooth Software (Version: 6.2.0.9600)
Win PC DTI 7.71
Winamp (Version: 5.621 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) (Version: 01/07/2008 1.0.1.5)
Windows XP Mode (Version: 1.3.7600.16423)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR archiver
WorkPlace Tech Dispatcher (Version: 2.1.1763)
WorkPlace Tech Editor Components 5.8 (Version: 5.8.1774)
WorkPlaceTech Tool 5.8 (Version: 5.08.1774)
XPSI (Version: 4.1)

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 1999.9 MB
Available physical RAM: 1122.11 MB
Total Pagefile: 3999.8 MB
Available Pagefile: 2774.49 MB
Total Virtual: 2047.88 MB
Available Virtual: 1935.34 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:232.78 GB) (Free:161.96 GB) NTFS

========================= Users: ========================================

User accounts for \\LOS004-TECH

Administrator Guest tridium


**** End of log ****






18:30:55.0802 5272 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
18:30:56.0364 5272 ============================================================
18:30:56.0364 5272 Current date / time: 2012/04/05 18:30:56.0364
18:30:56.0364 5272 SystemInfo:
18:30:56.0364 5272
18:30:56.0364 5272 OS Version: 6.1.7601 ServicePack: 1.0
18:30:56.0364 5272 Product type: Workstation
18:30:56.0364 5272 ComputerName: LOS004-TECH
18:30:56.0364 5272 UserName: espotswood
18:30:56.0364 5272 Windows directory: C:\Windows
18:30:56.0364 5272 System windows directory: C:\Windows
18:30:56.0364 5272 Processor architecture: Intel x86
18:30:56.0364 5272 Number of processors: 2
18:30:56.0364 5272 Page size: 0x1000
18:30:56.0364 5272 Boot type: Normal boot
18:30:56.0364 5272 ============================================================
18:30:57.0050 5272 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:30:57.0050 5272 \Device\Harddisk0\DR0:
18:30:57.0050 5272 MBR used
18:30:57.0050 5272 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x32F8E
18:30:57.0050 5272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32FCD, BlocksNum 0x1D1915B4
18:30:57.0113 5272 Initialize success
18:30:57.0113 5272 ============================================================
18:31:07.0799 5684 ============================================================
18:31:07.0799 5684 Scan started
18:31:07.0799 5684 Mode: Manual; TDLFS;
18:31:07.0799 5684 ============================================================
18:31:08.0345 5684 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:31:08.0360 5684 1394ohci - ok
18:31:08.0469 5684 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:31:08.0469 5684 ACPI - ok
18:31:08.0563 5684 acpials (79d6b28027c398b728ce7cd0570248b0) C:\Windows\system32\DRIVERS\acpials.sys
18:31:08.0563 5684 acpials - ok
18:31:08.0641 5684 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:31:08.0641 5684 AcpiPmi - ok
18:31:08.0750 5684 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
18:31:08.0750 5684 adfs - ok
18:31:08.0844 5684 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:31:08.0844 5684 adp94xx - ok
18:31:08.0906 5684 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:31:08.0906 5684 adpahci - ok
18:31:08.0984 5684 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:31:08.0984 5684 adpu320 - ok
18:31:09.0031 5684 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
18:31:09.0031 5684 AeLookupSvc - ok
18:31:09.0140 5684 AESTFilters (827dbc22c96eecf6d36a13162fabafd3) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\aestsrv.exe
18:31:09.0140 5684 AESTFilters - ok
18:31:09.0265 5684 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:31:09.0265 5684 AFD - ok
18:31:09.0359 5684 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:31:09.0359 5684 agp440 - ok
18:31:09.0421 5684 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:31:09.0421 5684 aic78xx - ok
18:31:09.0499 5684 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
18:31:09.0499 5684 ALG - ok
18:31:09.0593 5684 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:31:09.0593 5684 aliide - ok
18:31:09.0639 5684 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:31:09.0639 5684 amdagp - ok
18:31:09.0717 5684 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:31:09.0717 5684 amdide - ok
18:31:09.0780 5684 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:31:09.0780 5684 AmdK8 - ok
18:31:09.0858 5684 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:31:09.0858 5684 AmdPPM - ok
18:31:09.0967 5684 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
18:31:09.0967 5684 amdsata - ok
18:31:10.0045 5684 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:31:10.0045 5684 amdsbs - ok
18:31:10.0139 5684 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
18:31:10.0139 5684 amdxata - ok
18:31:10.0248 5684 ApfiltrService (c51ec0615ef781b00b7389521f397132) C:\Windows\system32\DRIVERS\Apfiltr.sys
18:31:10.0248 5684 ApfiltrService - ok
18:31:10.0341 5684 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:31:10.0341 5684 AppID - ok
18:31:10.0388 5684 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
18:31:10.0388 5684 AppIDSvc - ok
18:31:10.0435 5684 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
18:31:10.0435 5684 Appinfo - ok
18:31:10.0513 5684 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
18:31:10.0513 5684 AppMgmt - ok
18:31:10.0607 5684 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:31:10.0607 5684 arc - ok
18:31:10.0638 5684 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:31:10.0638 5684 arcsas - ok
18:31:10.0731 5684 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:31:10.0731 5684 AsyncMac - ok
18:31:10.0809 5684 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:31:10.0809 5684 atapi - ok
18:31:10.0887 5684 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:31:10.0887 5684 AudioEndpointBuilder - ok
18:31:10.0903 5684 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:31:10.0919 5684 Audiosrv - ok
18:31:11.0012 5684 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
18:31:11.0012 5684 AxInstSV - ok
18:31:11.0106 5684 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:31:11.0106 5684 b06bdrv - ok
18:31:11.0199 5684 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:31:11.0199 5684 b57nd60x - ok
18:31:11.0277 5684 BCM42RLY (eb4434444e2721d721a8ac8d5d2ad26b) C:\Windows\system32\drivers\BCM42RLY.sys
18:31:11.0277 5684 BCM42RLY - ok
18:31:11.0371 5684 BCM43XX (5245ebbe39ed9010240c20d21f5a26a9) C:\Windows\system32\DRIVERS\bcmwl6.sys
18:31:11.0433 5684 BCM43XX - ok
18:31:11.0527 5684 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
18:31:11.0543 5684 BDESVC - ok
18:31:11.0589 5684 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:31:11.0589 5684 Beep - ok
18:31:11.0699 5684 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
18:31:11.0699 5684 BFE - ok
18:31:11.0730 5684 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\System32\qmgr.dll
18:31:11.0745 5684 BITS - ok
18:31:11.0839 5684 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:31:11.0839 5684 blbdrive - ok
18:31:11.0901 5684 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
18:31:11.0917 5684 bowser - ok
18:31:11.0979 5684 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:31:11.0979 5684 BrFiltLo - ok
18:31:12.0026 5684 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:31:12.0026 5684 BrFiltUp - ok
18:31:12.0120 5684 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
18:31:12.0120 5684 Browser - ok
18:31:12.0167 5684 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:31:12.0182 5684 Brserid - ok
18:31:12.0245 5684 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:31:12.0245 5684 BrSerWdm - ok
18:31:12.0307 5684 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:31:12.0307 5684 BrUsbMdm - ok
18:31:12.0354 5684 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:31:12.0354 5684 BrUsbSer - ok
18:31:12.0447 5684 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
18:31:12.0447 5684 BthEnum - ok
18:31:12.0525 5684 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:31:12.0525 5684 BTHMODEM - ok
18:31:12.0588 5684 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
18:31:12.0588 5684 BthPan - ok
18:31:12.0697 5684 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\system32\Drivers\BTHport.sys
18:31:12.0697 5684 BTHPORT - ok
18:31:12.0775 5684 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
18:31:12.0775 5684 bthserv - ok
18:31:12.0837 5684 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\system32\Drivers\BTHUSB.sys
18:31:12.0837 5684 BTHUSB - ok
18:31:12.0915 5684 btwaudio (d57d29132efe13a83133d9bd449e0cf1) C:\Windows\system32\drivers\btwaudio.sys
18:31:12.0915 5684 btwaudio - ok
18:31:12.0962 5684 btwavdt (d282c14a69357d0e1bafaecc2ca98c3a) C:\Windows\system32\DRIVERS\btwavdt.sys
18:31:12.0962 5684 btwavdt - ok
18:31:13.0025 5684 btwdins (f7434401ae320bb97903a3c1865242fb) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:31:13.0056 5684 btwdins - ok
18:31:13.0118 5684 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\Windows\system32\DRIVERS\btwl2cap.sys
18:31:13.0118 5684 btwl2cap - ok
18:31:13.0181 5684 btwrchid (02eb4d2b05967df2d32f29c84ab1fb17) C:\Windows\system32\DRIVERS\btwrchid.sys
18:31:13.0181 5684 btwrchid - ok
18:31:13.0259 5684 buttonsvc32 (9aad3fea7c3efa529ca40057428edc9c) C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
18:31:13.0274 5684 buttonsvc32 - ok
18:31:13.0352 5684 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:31:13.0352 5684 cdfs - ok
18:31:13.0415 5684 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
18:31:13.0415 5684 cdrom - ok
18:31:13.0508 5684 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:31:13.0508 5684 CertPropSvc - ok
18:31:13.0571 5684 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:31:13.0571 5684 circlass - ok
18:31:13.0649 5684 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:31:13.0649 5684 CLFS - ok
18:31:13.0711 5684 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:31:13.0711 5684 clr_optimization_v2.0.50727_32 - ok
18:31:13.0851 5684 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:31:13.0851 5684 clr_optimization_v4.0.30319_32 - ok
18:31:13.0914 5684 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:31:13.0914 5684 CmBatt - ok
18:31:13.0992 5684 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:31:13.0992 5684 cmdide - ok
18:31:14.0085 5684 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
18:31:14.0085 5684 CNG - ok
18:31:14.0163 5684 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:31:14.0163 5684 Compbatt - ok
18:31:14.0257 5684 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
18:31:14.0257 5684 CompositeBus - ok
18:31:14.0288 5684 COMSysApp - ok
18:31:14.0366 5684 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:31:14.0366 5684 crcdisk - ok
18:31:14.0429 5684 Credential Vault Host Control Service (e5e7a3bea7033479d205ca5048fe4fe8) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
18:31:14.0444 5684 Credential Vault Host Control Service - ok
18:31:14.0460 5684 Credential Vault Host Storage (879f8314bbf09738630ed1af6bb1fc00) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
18:31:14.0460 5684 Credential Vault Host Storage - ok
18:31:14.0569 5684 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
18:31:14.0569 5684 CryptSvc - ok
18:31:14.0616 5684 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
18:31:14.0616 5684 CSC - ok
18:31:14.0709 5684 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
18:31:14.0725 5684 CscService - ok
18:31:14.0787 5684 CVirtA (b5ecadf7708960f1818c7fa015f4c239) C:\Windows\system32\DRIVERS\CVirtA.sys
18:31:14.0803 5684 CVirtA - ok
18:31:14.0897 5684 CVPND (d4a26b0926171dc4f969955d157d1311) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
18:31:14.0943 5684 CVPND - ok
18:31:15.0037 5684 CVPNDRVA (c23025ac5ae45a105d63bd6e2408edd4) C:\Windows\system32\Drivers\CVPNDRVA.sys
18:31:15.0037 5684 CVPNDRVA - ok
18:31:15.0099 5684 cvusbdrv (ee773b1806a93a86283b10facebe57db) C:\Windows\system32\Drivers\cvusbdrv.sys
18:31:15.0099 5684 cvusbdrv - ok
18:31:15.0209 5684 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:31:15.0209 5684 DcomLaunch - ok
18:31:15.0318 5684 dcpsysmgrsvc (80e05edf13f4d2f31fa53f178de3eb83) C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
18:31:15.0318 5684 dcpsysmgrsvc - ok
18:31:15.0396 5684 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
18:31:15.0411 5684 defragsvc - ok
18:31:15.0505 5684 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
18:31:15.0505 5684 DfsC - ok
18:31:15.0599 5684 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
18:31:15.0599 5684 Dhcp - ok
18:31:15.0661 5684 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:31:15.0661 5684 discache - ok
18:31:15.0723 5684 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:31:15.0723 5684 Disk - ok
18:31:15.0817 5684 DNE (b5aa5aa5ac327bd7c1aec0c58f0c1144) C:\Windows\system32\DRIVERS\dne2000.sys
18:31:15.0817 5684 DNE - ok
18:31:15.0895 5684 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
18:31:15.0895 5684 Dnscache - ok
18:31:15.0973 5684 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
18:31:15.0973 5684 dot3svc - ok
18:31:16.0051 5684 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
18:31:16.0051 5684 DPS - ok
18:31:16.0129 5684 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:31:16.0129 5684 drmkaud - ok
18:31:16.0223 5684 dsNcAdpt (e6b6dd5a355c432045219fad8512fb70) C:\Windows\system32\DRIVERS\dsNcAdpt.sys
18:31:16.0223 5684 dsNcAdpt - ok
18:31:16.0316 5684 dsNcService (ce235d0af501d4a622b0b8cfe7963b32) C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
18:31:16.0332 5684 dsNcService - ok
18:31:16.0425 5684 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
18:31:16.0472 5684 DXGKrnl - ok
18:31:16.0550 5684 e1yexpress (44a91d98d6719b49bcd649a863225b5c) C:\Windows\system32\DRIVERS\e1y6232.sys
18:31:16.0566 5684 e1yexpress - ok
18:31:16.0644 5684 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
18:31:16.0659 5684 EapHost - ok
18:31:16.0784 5684 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:31:16.0847 5684 ebdrv - ok
18:31:16.0925 5684 EFS (81951f51e318aecc2d68559e47485cc4) C:\Windows\System32\lsass.exe
18:31:16.0925 5684 EFS - ok
18:31:16.0987 5684 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
18:31:17.0018 5684 ehRecvr - ok
18:31:17.0049 5684 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
18:31:17.0049 5684 ehSched - ok
18:31:17.0127 5684 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:31:17.0143 5684 elxstor - ok
18:31:17.0237 5684 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:31:17.0237 5684 ErrDev - ok
18:31:17.0299 5684 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
18:31:17.0299 5684 EventSystem - ok
18:31:17.0377 5684 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:31:17.0377 5684 exfat - ok
18:31:17.0424 5684 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:31:17.0424 5684 fastfat - ok
18:31:17.0533 5684 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
18:31:17.0533 5684 Fax - ok
18:31:17.0611 5684 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:31:17.0611 5684 fdc - ok
18:31:17.0673 5684 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
18:31:17.0673 5684 fdPHost - ok
18:31:17.0720 5684 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
18:31:17.0720 5684 FDResPub - ok
18:31:17.0783 5684 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:31:17.0783 5684 FileInfo - ok
18:31:17.0845 5684 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:31:17.0845 5684 Filetrace - ok
18:31:17.0907 5684 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:31:17.0923 5684 FLEXnet Licensing Service - ok
18:31:18.0001 5684 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:31:18.0001 5684 flpydisk - ok
18:31:18.0048 5684 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:31:18.0048 5684 FltMgr - ok
18:31:18.0141 5684 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
18:31:18.0157 5684 FontCache - ok
18:31:18.0219 5684 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:31:18.0219 5684 FontCache3.0.0.0 - ok
18:31:18.0313 5684 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:31:18.0313 5684 FsDepends - ok
18:31:18.0375 5684 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
18:31:18.0375 5684 Fs_Rec - ok
18:31:18.0453 5684 FTD2XX (f13c4d9f62324d810b279c370a7a7ffc) C:\Windows\system32\Drivers\FTD2XX.sys
18:31:18.0453 5684 FTD2XX - ok
18:31:18.0563 5684 FTDIBUS (8142d5d886829b9876cb93af59475c09) C:\Windows\system32\drivers\ftdibus.sys
18:31:18.0563 5684 FTDIBUS - ok
18:31:18.0672 5684 FTSER2K (48bfd1ba45c9c9e7ab339e25abfba1d2) C:\Windows\system32\drivers\ftser2k.sys
18:31:18.0687 5684 FTSER2K - ok
18:31:18.0781 5684 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
18:31:18.0781 5684 fvevol - ok
18:31:18.0828 5684 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:31:18.0828 5684 gagp30kx - ok
18:31:18.0937 5684 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
18:31:18.0937 5684 GoogleDesktopManager-051210-111108 - ok
18:31:19.0015 5684 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
18:31:19.0015 5684 gpsvc - ok
18:31:19.0155 5684 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
18:31:19.0155 5684 gupdate - ok
18:31:19.0187 5684 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
18:31:19.0187 5684 gupdatem - ok
18:31:19.0265 5684 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:31:19.0265 5684 hcw85cir - ok
18:31:19.0389 5684 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
18:31:19.0389 5684 HdAudAddService - ok
18:31:19.0499 5684 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
18:31:19.0499 5684 HDAudBus - ok
18:31:19.0577 5684 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:31:19.0577 5684 HidBatt - ok
18:31:19.0623 5684 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:31:19.0623 5684 HidBth - ok
18:31:19.0701 5684 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:31:19.0701 5684 HidIr - ok
18:31:19.0733 5684 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\system32\hidserv.dll
18:31:19.0748 5684 hidserv - ok
18:31:19.0857 5684 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
18:31:19.0857 5684 HidUsb - ok
18:31:19.0951 5684 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
18:31:19.0951 5684 hkmsvc - ok
18:31:20.0029 5684 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
18:31:20.0045 5684 HomeGroupListener - ok
18:31:20.0091 5684 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
18:31:20.0091 5684 HomeGroupProvider - ok
18:31:20.0185 5684 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:31:20.0185 5684 HpSAMD - ok
18:31:20.0310 5684 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
18:31:20.0325 5684 HTTP - ok
18:31:20.0403 5684 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
18:31:20.0403 5684 hwpolicy - ok
18:31:20.0513 5684 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
18:31:20.0513 5684 i8042prt - ok
18:31:20.0575 5684 IAANTMON (0e899d0db39617aa0b2f992e7e95b5eb) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
18:31:20.0575 5684 IAANTMON - ok
18:31:20.0669 5684 iaStor (01446278d4563b3013c92830ae6cbb26) C:\Windows\system32\DRIVERS\iaStor.sys
18:31:20.0669 5684 iaStor - ok
18:31:20.0747 5684 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\Windows\system32\drivers\iaStorV.sys
18:31:20.0762 5684 iaStorV - ok
18:31:20.0871 5684 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:31:20.0887 5684 idsvc - ok
18:31:21.0152 5684 igfx (dce0b53570703cce580d066f89ef58cd) C:\Windows\system32\DRIVERS\igdkmd32.sys
18:31:21.0324 5684 igfx - ok
18:31:21.0402 5684 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:31:21.0402 5684 iirsp - ok
18:31:21.0480 5684 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
18:31:21.0480 5684 IKEEXT - ok
18:31:21.0573 5684 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:31:21.0573 5684 intelide - ok
18:31:21.0667 5684 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:31:21.0667 5684 intelppm - ok
18:31:21.0698 5684 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
18:31:21.0714 5684 IPBusEnum - ok
18:31:21.0776 5684 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:31:21.0792 5684 IpFilterDriver - ok
18:31:21.0885 5684 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
18:31:21.0901 5684 iphlpsvc - ok
18:31:21.0963 5684 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
18:31:21.0963 5684 IPMIDRV - ok
18:31:22.0041 5684 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:31:22.0041 5684 IPNAT - ok
18:31:22.0135 5684 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:31:22.0135 5684 IRENUM - ok
18:31:22.0229 5684 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:31:22.0229 5684 isapnp - ok
18:31:22.0307 5684 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
18:31:22.0307 5684 iScsiPrt - ok
18:31:22.0400 5684 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:31:22.0400 5684 kbdclass - ok
18:31:22.0509 5684 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
18:31:22.0509 5684 kbdhid - ok
18:31:22.0619 5684 KeyIso (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:31:22.0619 5684 KeyIso - ok
18:31:22.0650 5684 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
18:31:22.0650 5684 KSecDD - ok
18:31:22.0743 5684 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
18:31:22.0743 5684 KSecPkg - ok
18:31:22.0790 5684 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
18:31:22.0790 5684 KtmRm - ok
18:31:22.0899 5684 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\system32\srvsvc.dll
18:31:22.0899 5684 LanmanServer - ok
18:31:22.0962 5684 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
18:31:22.0977 5684 LanmanWorkstation - ok
18:31:23.0087 5684 LBTServ (9582504591a9f405f7505fefb4f64123) C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
18:31:23.0087 5684 LBTServ - ok
18:31:23.0196 5684 LdvxBroker (8e40c7e223c0ad78dd038a771d05165f) C:\lonworks\bin\LdvxBroker.exe
18:31:23.0196 5684 LdvxBroker - ok
18:31:23.0321 5684 LEqdUsb (0fe8fefe98626509661b50ea20ecd129) C:\Windows\system32\Drivers\LEqdUsb.Sys
18:31:23.0321 5684 LEqdUsb - ok
18:31:23.0414 5684 LHidEqd (93657522a5dd7da4c81fb347973ae01c) C:\Windows\system32\Drivers\LHidEqd.Sys
18:31:23.0414 5684 LHidEqd - ok
18:31:23.0508 5684 LHidFilt (05d6b85ecc3204931923ab7940b9596e) C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:31:23.0508 5684 LHidFilt - ok
18:31:23.0617 5684 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:31:23.0617 5684 lltdio - ok
18:31:23.0695 5684 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
18:31:23.0695 5684 lltdsvc - ok
18:31:23.0726 5684 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
18:31:23.0726 5684 lmhosts - ok
18:31:23.0820 5684 LMouFilt (053dbcc1082fdf74ab145a71917a6556) C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:31:23.0820 5684 LMouFilt - ok
18:31:23.0913 5684 LnsMtsSvc (c0cac3b2ffc272f690f39ca48834693f) C:\lonworks\bin\LnsMtsSvc.exe
18:31:23.0913 5684 LnsMtsSvc - ok
18:31:24.0007 5684 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:31:24.0007 5684 LSI_FC - ok
18:31:24.0101 5684 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:31:24.0101 5684 LSI_SAS - ok
18:31:24.0194 5684 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:31:24.0194 5684 LSI_SAS2 - ok
18:31:24.0272 5684 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:31:24.0272 5684 LSI_SCSI - ok
18:31:24.0319 5684 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:31:24.0319 5684 luafv - ok
18:31:24.0413 5684 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
18:31:24.0413 5684 Mcx2Svc - ok
18:31:24.0506 5684 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:31:24.0506 5684 megasas - ok
18:31:24.0600 5684 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:31:24.0615 5684 MegaSR - ok
18:31:24.0678 5684 Microsoft Office Groove Audit Service (033b947af4a997820e86fcb070b1f450) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
18:31:24.0678 5684 Microsoft Office Groove Audit Service - ok
18:31:24.0756 5684 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:31:24.0756 5684 MMCSS - ok
18:31:24.0803 5684 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:31:24.0803 5684 Modem - ok
18:31:24.0865 5684 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:31:24.0881 5684 monitor - ok
18:31:24.0959 5684 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
18:31:24.0959 5684 mouclass - ok
18:31:25.0068 5684 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:31:25.0068 5684 mouhid - ok
18:31:25.0161 5684 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
18:31:25.0161 5684 mountmgr - ok
18:31:25.0224 5684 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
18:31:25.0224 5684 mpio - ok
18:31:25.0317 5684 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:31:25.0317 5684 mpsdrv - ok
18:31:25.0395 5684 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
18:31:25.0411 5684 MpsSvc - ok
18:31:25.0473 5684 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
18:31:25.0473 5684 MRxDAV - ok
18:31:25.0583 5684 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:31:25.0583 5684 mrxsmb - ok
18:31:25.0614 5684 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:31:25.0629 5684 mrxsmb10 - ok
18:31:25.0707 5684 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:31:25.0707 5684 mrxsmb20 - ok
18:31:25.0785 5684 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\drivers\msahci.sys
18:31:25.0785 5684 msahci - ok
18:31:25.0848 5684 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\drivers\msdsm.sys
18:31:25.0848 5684 msdsm - ok
18:31:25.0910 5684 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
18:31:25.0926 5684 MSDTC - ok
18:31:26.0019 5684 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:31:26.0019 5684 Msfs - ok
18:31:26.0066 5684 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:31:26.0066 5684 mshidkmdf - ok
18:31:26.0144 5684 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:31:26.0144 5684 msisadrv - ok
18:31:26.0191 5684 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
18:31:26.0207 5684 MSiSCSI - ok
18:31:26.0253 5684 msiserver - ok
18:31:26.0316 5684 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:31:26.0316 5684 MSKSSRV - ok
18:31:26.0363 5684 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:31:26.0363 5684 MSPCLOCK - ok
18:31:26.0425 5684 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:31:26.0425 5684 MSPQM - ok
18:31:26.0503 5684 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:31:26.0519 5684 MsRPC - ok
18:31:26.0565 5684 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:31:26.0565 5684 mssmbios - ok
18:31:26.0690 5684 MSSQL$SUNBELT - ok
18:31:26.0815 5684 MSSQLServerADHelper (c06ea83f6fc2959e897c117255b6b1d5) C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
18:31:26.0815 5684 MSSQLServerADHelper - ok
18:31:26.0924 5684 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:31:26.0924 5684 MSTEE - ok
18:31:26.0955 5684 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:31:26.0955 5684 MTConfig - ok
18:31:27.0049 5684 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:31:27.0049 5684 Mup - ok
18:31:27.0127 5684 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
18:31:27.0143 5684 napagent - ok
18:31:27.0205 5684 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:31:27.0221 5684 NativeWifiP - ok
18:31:27.0345 5684 nBacES60 (172dd944d78b601d889c89316e19787b) C:\Windows\system32\DRIVERS\nBacES60.sys
18:31:27.0345 5684 nBacES60 - ok
18:31:27.0455 5684 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
18:31:27.0486 5684 NDIS - ok
18:31:27.0579 5684 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:31:27.0595 5684 NdisCap - ok
18:31:27.0689 5684 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:31:27.0689 5684 NdisTapi - ok
18:31:27.0782 5684 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
18:31:27.0782 5684 Ndisuio - ok
18:31:27.0860 5684 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
18:31:27.0860 5684 NdisWan - ok
18:31:27.0954 5684 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
18:31:27.0954 5684 NDProxy - ok
18:31:28.0016 5684 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:31:28.0016 5684 NetBIOS - ok
18:31:28.0110 5684 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
18:31:28.0110 5684 NetBT - ok
18:31:28.0172 5684 Netlogon (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:31:28.0172 5684 Netlogon - ok
18:31:28.0266 5684 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
18:31:28.0281 5684 Netman - ok
18:31:28.0297 5684 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
18:31:28.0313 5684 netprofm - ok
18:31:28.0406 5684 NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:31:28.0422 5684 NetTcpPortSharing - ok
18:31:28.0578 5684 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
18:31:28.0671 5684 netw5v32 - ok
18:31:28.0749 5684 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:31:28.0749 5684 nfrd960 - ok
18:31:28.0843 5684 Niagara (fff37b17c9d99965bc575bc2d51ebd51) C:\niagara\r2.301.522\nre\bin\niagarad.exe
18:31:28.0843 5684 Niagara - ok
18:31:28.0905 5684 Niagara LON Tunnel (81dcb3ecbdeb967800fb68a3baab717f) C:\Windows\system32\vlonnet.exe
18:31:28.0921 5684 Niagara LON Tunnel - ok
18:31:28.0952 5684 Niagara Serial Tunnel (18b3c3a1395b39ce0ea638c7af450eaa) C:\Windows\system32\vserialnet.exe
18:31:28.0952 5684 Niagara Serial Tunnel - ok
18:31:29.0061 5684 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
18:31:29.0061 5684 NlaSvc - ok
18:31:29.0186 5684 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
18:31:29.0186 5684 NPF - ok
18:31:29.0264 5684 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:31:29.0264 5684 Npfs - ok
18:31:29.0327 5684 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
18:31:29.0327 5684 nsi - ok
18:31:29.0405 5684 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:31:29.0405 5684 nsiproxy - ok
18:31:29.0529 5684 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
18:31:29.0561 5684 Ntfs - ok
18:31:29.0654 5684 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:31:29.0654 5684 Null - ok
18:31:29.0732 5684 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
18:31:29.0732 5684 nvraid - ok
18:31:29.0779 5684 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
18:31:29.0779 5684 nvstor - ok
18:31:29.0841 5684 NvtSp50 - ok
18:31:29.0919 5684 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:31:29.0919 5684 nv_agp - ok
18:31:30.0013 5684 NWADI (fc2a8aaa0f3321f41231ede0af1968ae) C:\Windows\system32\DRIVERS\NWADIenum.sys
18:31:30.0029 5684 NWADI - ok
18:31:30.0138 5684 NWUSBCDFIL (224131778c92aee8c13afac5fbff19ca) C:\Windows\system32\DRIVERS\NwUsbCdFil.sys
18:31:30.0138 5684 NWUSBCDFIL - ok
18:31:30.0231 5684 NWUSBModem (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbmdm.sys
18:31:30.0231 5684 NWUSBModem - ok
18:31:30.0278 5684 NWUSBPort (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbser.sys
18:31:30.0294 5684 NWUSBPort - ok
18:31:30.0387 5684 NWUSBPort2 (b7112f30d7eff4b5052eba879f46228f) C:\Windows\system32\DRIVERS\nwusbser2.sys
18:31:30.0387 5684 NWUSBPort2 - ok
18:31:30.0450 5684 NxDrv (cdf2a5f20509593140f8b3b965448c5b) C:\Windows\system32\DRIVERS\NxDrv.sys
18:31:30.0450 5684 NxDrv - ok
18:31:30.0528 5684 odserv (e54aa592a65f317390eee386a8821692) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:31:30.0543 5684 odserv - ok
18:31:30.0637 5684 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:31:30.0637 5684 ohci1394 - ok
18:31:30.0715 5684 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:31:30.0715 5684 ose - ok
18:31:30.0777 5684 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:31:30.0777 5684 p2pimsvc - ok
18:31:30.0840 5684 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
18:31:30.0855 5684 p2psvc - ok
18:31:30.0949 5684 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:31:30.0949 5684 Parport - ok
18:31:31.0011 5684 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
18:31:31.0011 5684 partmgr - ok
18:31:31.0089 5684 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:31:31.0089 5684 Parvdm - ok
18:31:31.0183 5684 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\Windows\system32\DRIVERS\PBADRV.sys
18:31:31.0183 5684 PBADRV - ok
18:31:31.0277 5684 PCANDIS4 (9bd29a2b13764af7dfbb150eb5fe053f) C:\niagara\R2301~1.522\nre\bin\PCANDIS4.SYS
18:31:31.0277 5684 PCANDIS4 - ok
18:31:31.0339 5684 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
18:31:31.0355 5684 PcaSvc - ok
18:31:31.0433 5684 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
18:31:31.0433 5684 pci - ok
18:31:31.0495 5684 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:31:31.0495 5684 pciide - ok
18:31:31.0573 5684 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:31:31.0573 5684 pcmcia - ok
18:31:31.0667 5684 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:31:31.0667 5684 pcw - ok
18:31:31.0760 5684 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:31:31.0791 5684 PEAUTH - ok
18:31:31.0885 5684 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
18:31:31.0916 5684 PeerDistSvc - ok
18:31:32.0041 5684 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
18:31:32.0088 5684 pla - ok
18:31:32.0181 5684 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
18:31:32.0181 5684 PlugPlay - ok
18:31:32.0306 5684 pneteth (088335b06f75adbcbb81575c7cae6c43) C:\Windows\system32\DRIVERS\pneteth.sys
18:31:32.0306 5684 pneteth - ok
18:31:32.0415 5684 pnplon (872b9981b173c8e361bbb77928229382) C:\Windows\system32\drivers\pnplon.sys
18:31:32.0415 5684 pnplon - ok
18:31:32.0462 5684 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
18:31:32.0478 5684 PNRPAutoReg - ok
18:31:32.0743 5684 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:31:32.0759 5684 PNRPsvc - ok
18:31:32.0946 5684 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
18:31:32.0946 5684 PolicyAgent - ok
18:31:33.0149 5684 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
18:31:33.0164 5684 Power - ok
18:31:33.0351 5684 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:31:33.0367 5684 PptpMiniport - ok
18:31:33.0601 5684 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:31:33.0617 5684 Processor - ok
18:31:33.0866 5684 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
18:31:33.0866 5684 ProfSvc - ok
18:31:34.0069 5684 ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:31:34.0069 5684 ProtectedStorage - ok
18:31:34.0272 5684 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:31:34.0272 5684 Psched - ok
18:31:34.0475 5684 PTDMBus - ok
18:31:34.0631 5684 PTDMMdm - ok
18:31:34.0818 5684 PTDMVsp - ok
18:31:34.0989 5684 PTDMWFLT - ok
18:31:35.0099 5684 PTDMWWAN - ok
18:31:35.0582 5684 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:31:35.0645 5684 ql2300 - ok
18:31:35.0879 5684 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:31:35.0879 5684 ql40xx - ok
18:31:36.0097 5684 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
18:31:36.0113 5684 QWAVE - ok
18:31:36.0378 5684 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:31:36.0378 5684 QWAVEdrv - ok
18:31:36.0534 5684 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:31:36.0549 5684 RasAcd - ok
18:31:36.0768 5684 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:31:36.0768 5684 RasAgileVpn - ok
18:31:36.0955 5684 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
18:31:36.0971 5684 RasAuto - ok
18:31:37.0142 5684 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:31:37.0158 5684 Rasl2tp - ok
18:31:37.0345 5684 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
18:31:37.0361 5684 RasMan - ok
18:31:37.0673 5684 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:31:37.0673 5684 RasPppoe - ok
18:31:37.0782 5684 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:31:37.0782 5684 RasSstp - ok
18:31:37.0907 5684 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
18:31:37.0907 5684 rdbss - ok
18:31:38.0016 5684 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:31:38.0016 5684 rdpbus - ok
18:31:38.0125 5684 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:31:38.0125 5684 RDPCDD - ok
18:31:38.0234 5684 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
18:31:38.0234 5684 RDPDR - ok
18:31:38.0328 5684 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:31:38.0328 5684 RDPENCDD - ok
18:31:38.0406 5684 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:31:38.0421 5684 RDPREFMP - ok
18:31:38.0499 5684 RDPWD (244c83332f44589ae98fc347f11b2693) C:\Windows\system32\drivers\RDPWD.sys
18:31:38.0499 5684 RDPWD - ok
18:31:38.0609 5684 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
18:31:38.0624 5684 rdyboost - ok
18:31:38.0702 5684 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
18:31:38.0702 5684 RemoteAccess - ok
18:31:38.0796 5684 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
18:31:38.0796 5684 RemoteRegistry - ok
18:31:38.0921 5684 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
18:31:38.0936 5684 RFCOMM - ok
18:31:39.0014 5684 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
18:31:39.0014 5684 rimmptsk - ok
18:31:39.0123 5684 RimUsb (616eac1b0e48b236a5a9b8ae07fdb81c) C:\Windows\system32\Drivers\RimUsb.sys
18:31:39.0123 5684 RimUsb - ok
18:31:39.0342 5684 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
18:31:39.0342 5684 RimVSerPort - ok
18:31:39.0435 5684 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
18:31:39.0435 5684 ROOTMODEM - ok
18:31:39.0498 5684 rpcapd (b60f58f175de20a6739194e85b035178) C:\Program Files\WinPcap\rpcapd.exe
18:31:39.0498 5684 rpcapd - ok
18:31:39.0576 5684 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
18:31:39.0576 5684 RpcEptMapper - ok
18:31:39.0654 5684 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
18:31:39.0654 5684 RpcLocator - ok
18:31:39.0747 5684 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:31:39.0763 5684 RpcSs - ok
18:31:39.0841 5684 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:31:39.0841 5684 rspndr - ok
18:31:39.0935 5684 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
18:31:39.0935 5684 s3cap - ok
18:31:40.0028 5684 SamSs (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:31:40.0028 5684 SamSs - ok
18:31:40.0184 5684 SBAMSvc (2977a3760a2780b467e92ffa6c92d426) C:\Program Files\GFI Software\VIPRE\SBAMSvc.exe
18:31:40.0262 5684 SBAMSvc - ok
18:31:40.0340 5684 sbapifs (3fff8cda4d2f29ca06f1557e85163c30) C:\Windows\system32\DRIVERS\sbapifs.sys
18:31:40.0340 5684 sbapifs - ok
18:31:40.0449 5684 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
18:31:40.0449 5684 sbp2port - ok
18:31:40.0543 5684 SBPIMSvc (7d7652fb094a4632b0314641de976855) C:\Program Files\GFI Software\VIPRE\SBPIMSvc.exe
18:31:40.0543 5684 SBPIMSvc - ok
18:31:40.0683 5684 SBRE (1fd538c4feb36b793d2121f20bbdc16f) C:\Windows\system32\drivers\SBREdrv.sys
18:31:40.0699 5684 SBRE - ok
18:31:40.0793 5684 sbwtis (2d3e2c3222a4de4b64e5de9dcc3253b1) C:\Windows\system32\DRIVERS\sbwtis.sys
18:31:40.0793 5684 sbwtis - ok
18:31:40.0871 5684 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
18:31:40.0886 5684 SCardSvr - ok
18:31:40.0980 5684 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
18:31:40.0980 5684 scfilter - ok
18:31:41.0073 5684 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
18:31:41.0073 5684 Schedule - ok
18:31:41.0167 5684 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:31:41.0167 5684 SCPolicySvc - ok
18:31:41.0276 5684 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
18:31:41.0276 5684 sdbus - ok
18:31:41.0354 5684 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
18:31:41.0370 5684 SDRSVC - ok
18:31:41.0448 5684 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:31:41.0448 5684 secdrv - ok
18:31:41.0526 5684 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
18:31:41.0541 5684 seclogon - ok
18:31:41.0604 5684 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\System32\sens.dll
18:31:41.0619 5684 SENS - ok
18:31:41.0682 5684 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
18:31:41.0682 5684 SensrSvc - ok
18:31:41.0760 5684 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:31:41.0760 5684 Serenum - ok
18:31:41.0838 5684 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:31:41.0838 5684 Serial - ok
18:31:41.0931 5684 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:31:41.0931 5684 sermouse - ok
18:31:42.0041 5684 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
18:31:42.0041 5684 SessionEnv - ok
18:31:42.0119 5684 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys
18:31:42.0134 5684 sffdisk - ok
18:31:42.0212 5684 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:31:42.0228 5684 sffp_mmc - ok
18:31:42.0321 5684 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\DRIVERS\sffp_sd.sys
18:31:42.0321 5684 sffp_sd - ok
18:31:42.0399 5684 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:31:42.0399 5684 sfloppy - ok
18:31:42.0493 5684 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
18:31:42.0493 5684 SharedAccess - ok
18:31:42.0587 5684 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
18:31:42.0587 5684 ShellHWDetection - ok
18:31:42.0696 5684 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:31:42.0696 5684 sisagp - ok
18:31:42.0774 5684 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:31:42.0774 5684 SiSRaid2 - ok
18:31:42.0867 5684 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:31:42.0867 5684 SiSRaid4 - ok
18:31:42.0961 5684 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:31:42.0961 5684 Smb - ok
18:31:43.0055 5684 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
18:31:43.0055 5684 SNMPTRAP - ok
18:31:43.0133 5684 SONICWALL_NetExtender (3245f421338c30c78fc1c00faab88f72) C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe
18:31:43.0133 5684 SONICWALL_NetExtender - ok
18:31:43.0195 5684 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:31:43.0211 5684 spldr - ok
18:31:43.0335 5684 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
18:31:43.0335 5684 Spooler - ok
18:31:43.0491 5684 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
18:31:43.0616 5684 sppsvc - ok
18:31:43.0757 5684 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
18:31:43.0772 5684 sppuinotify - ok
18:31:43.0959 5684 SQLBrowser (b2ec3e1deac5f0a764bd3486d213a0af) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:31:43.0975 5684 SQLBrowser - ok
18:31:44.0193 5684 SQLWriter (d2f4f32b59440011174b4f8137af4e0c) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:31:44.0193 5684 SQLWriter - ok
18:31:44.0287 5684 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
18:31:44.0287 5684 srv - ok
18:31:44.0412 5684 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
18:31:44.0412 5684 srv2 - ok
18:31:44.0505 5684 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
18:31:44.0505 5684 srvnet - ok
18:31:44.0599 5684 ssadbus (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\Windows\system32\DRIVERS\ssadbus.sys
18:31:44.0599 5684 ssadbus - ok
18:31:44.0693 5684 ssadserd (1a5a397bc459f346ab56492b61ef79f6) C:\Windows\system32\DRIVERS\ssadserd.sys
18:31:44.0708 5684 ssadserd - ok
18:31:44.0817 5684 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
18:31:44.0817 5684 sscdbus - ok
18:31:44.0911 5684 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
18:31:44.0927 5684 sscdmdfl - ok
18:31:45.0020 5684 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
18:31:45.0020 5684 sscdmdm - ok
18:31:45.0114 5684 sscdserd (751e66eb32efa80633b80f5d7ff0a1d8) C:\Windows\system32\DRIVERS\sscdserd.sys
18:31:45.0114 5684 sscdserd - ok
18:31:45.0192 5684 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
18:31:45.0192 5684 SSDPSRV - ok
18:31:45.0223 5684 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
18:31:45.0239 5684 SstpSvc - ok
18:31:45.0395 5684 STacSV (977afba86e9bac4fc670a76d53fc379b) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_450b431403c091e3\STacSV.exe
18:31:45.0395 5684 STacSV - ok
18:31:45.0473 5684 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:31:45.0473 5684 stexstor - ok
18:31:45.0566 5684 STHDA (674be634b14a6c773d2f4f46b7a1628b) C:\Windows\system32\DRIVERS\stwrt.sys
18:31:45.0582 5684 STHDA - ok
18:31:45.0675 5684 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
18:31:45.0675 5684 StiSvc - ok
18:31:45.0753 5684 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
18:31:45.0753 5684 storflt - ok
18:31:45.0816 5684 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
18:31:45.0816 5684 StorSvc - ok
18:31:45.0894 5684 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
18:31:45.0894 5684 storvsc - ok
18:31:45.0956 5684 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:31:45.0956 5684 swenum - ok
18:31:46.0019 5684 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
18:31:46.0019 5684 swprv - ok
18:31:46.0128 5684 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
18:31:46.0143 5684 SysMain - ok
18:31:46.0221 5684 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
18:31:46.0237 5684 TabletInputService - ok
18:31:46.0284 5684 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
18:31:46.0284 5684 TapiSrv - ok
18:31:46.0362 5684 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
18:31:46.0377 5684 TBS - ok
18:31:46.0502 5684 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
18:31:46.0565 5684 Tcpip - ok
18:31:46.0689 5684 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
18:31:46.0689 5684 TCPIP6 - ok
18:31:46.0783 5684 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
18:31:46.0783 5684 tcpipreg - ok
18:31:46.0877 5684 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
18:31:46.0877 5684 TDPIPE - ok
18:31:46.0970 5684 TDTCP (2c2c5afe7ee4f620d69c23c0617651a8) C:\Windows\system32\drivers\tdtcp.sys
18:31:46.0970 5684 TDTCP - ok
18:31:47.0033 5684 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
18:31:47.0033 5684 tdx - ok
18:31:47.0111 5684 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
18:31:47.0111 5684 TermDD - ok
18:31:47.0189 5684 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
18:31:47.0204 5684 TermService - ok
18:31:47.0267 5684 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
18:31:47.0267 5684 Themes - ok
18:31:47.0329 5684 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:31:47.0329 5684 THREADORDER - ok
18:31:47.0423 5684 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
18:31:47.0438 5684 TrkWks - ok
18:31:47.0501 5684 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
18:31:47.0501 5684 TrustedInstaller - ok
18:31:47.0579 5684 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:31:47.0579 5684 tssecsrv - ok
18:31:47.0672 5684 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
18:31:47.0672 5684 TsUsbFlt - ok
18:31:47.0781 5684 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
18:31:47.0797 5684 tunnel - ok
18:31:47.0875 5684 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:31:47.0875 5684 uagp35 - ok
18:31:47.0984 5684 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
18:31:47.0984 5684 udfs - ok
18:31:48.0078 5684 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
18:31:48.0078 5684 UI0Detect - ok
18:31:48.0171 5684 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:31:48.0171 5684 uliagpkx - ok
18:31:48.0281 5684 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
18:31:48.0281 5684 umbus - ok
18:31:48.0359 5684 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:31:48.0359 5684 UmPass - ok
18:31:48.0468 5684 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
18:31:48.0468 5684 UmRdpService - ok
18:31:48.0561 5684 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
18:31:48.0577 5684 upnphost - ok
18:31:48.0639 5684 usbbus - ok
18:31:48.0717 5684 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
18:31:48.0717 5684 usbccgp - ok
18:31:48.0811 5684 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:31:48.0811 5684 usbcir - ok
18:31:48.0889 5684 UsbDiag - ok
18:31:48.0967 5684 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
18:31:48.0967 5684 usbehci - ok
18:31:49.0076 5684 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
18:31:49.0076 5684 usbhub - ok
18:31:49.0139 5684 USBModem - ok
18:31:49.0217 5684 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
18:31:49.0217 5684 usbohci - ok
18:31:49.0357 5684 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:31:49.0357 5684 usbprint - ok
18:31:49.0466 5684 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys
18:31:49.0466 5684 usbscan - ok
18:31:49.0560 5684 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:31:49.0560 5684 USBSTOR - ok
18:31:49.0653 5684 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
18:31:49.0653 5684 usbuhci - ok
18:31:49.0731 5684 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
18:31:49.0731 5684 UxSms - ok
18:31:49.0809 5684 VaultSvc (81951f51e318aecc2d68559e47485cc4) C:\Windows\system32\lsass.exe
18:31:49.0809 5684 VaultSvc - ok
18:31:49.0903 5684 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:31:49.0903 5684 vdrvroot - ok
18:31:49.0997 5684 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
18:31:50.0012 5684 vds - ok
18:31:50.0106 5684 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:31:50.0106 5684 vga - ok
18:31:50.0184 5684 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:31:50.0184 5684 VgaSave - ok
18:31:50.0278 5684 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
18:31:50.0278 5684 vhdmp - ok
18:31:50.0387 5684 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:31:50.0387 5684 viaagp - ok
18:31:50.0465 5684 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:31:50.0465 5684 ViaC7 - ok
18:31:50.0558 5684 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:31:50.0574 5684 viaide - ok
18:31:50.0668 5684 vlon (13145ec7faa2b7c4fc46c3012da85431) C:\Windows\system32\drivers\vlon.sys
18:31:50.0668 5684 vlon - ok
18:31:50.0761 5684 vlonax (5dd1d1f7bb844116eb2c5ac5abb34cf4) C:\Windows\system32\drivers\vlonax.sys
18:31:50.0761 5684 vlonax - ok
18:31:50.0839 5684 vlonaxSvc (591ff706d813b2dec069b58a9147a19f) C:\Windows\system32\vlonax.exe
18:31:50.0839 5684 vlonaxSvc - ok
18:31:50.0933 5684 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
18:31:50.0933 5684 vmbus - ok
18:31:51.0042 5684 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
18:31:51.0042 5684 VMBusHID - ok
18:31:51.0136 5684 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
18:31:51.0136 5684 volmgr - ok
18:31:51.0214 5684 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:31:51.0214 5684 volmgrx - ok
18:31:51.0385 5684 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
18:31:51.0385 5684 volsnap - ok
18:31:51.0494 5684 vpcbus (b26536add1d748cda104d856c979ae79) C:\Windows\system32\DRIVERS\vpchbus.sys
18:31:51.0510 5684 vpcbus - ok
18:31:51.0604 5684 vpcnfltr (a0f7e923a6261760130f22b85df9040e) C:\Windows\system32\DRIVERS\vpcnfltr.sys
18:31:51.0619 5684 vpcnfltr - ok
18:31:51.0760 5684 vpcusb (5f4b55e91ce7e2523c9e1e0ece858869) C:\Windows\system32\DRIVERS\vpcusb.sys
18:31:51.0760 5684 vpcusb - ok
18:31:51.0900 5684 vpcuxd (c35c2c888aff276e95ad3db3b7a8d003) C:\Windows\system32\DRIVERS\vpcuxd.sys
18:31:51.0900 5684 vpcuxd - ok
18:31:52.0009 5684 vpcvmm (b487191fe18d6863381a1ac55482469a) C:\Windows\system32\drivers\vpcvmm.sys
18:31:52.0009 5684 vpcvmm - ok
18:31:52.0118 5684 vpnagent (3730b7b03e2fd363d63e9327e0e1ebea) C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
18:31:52.0134 5684 vpnagent - ok
18:31:52.0228 5684 vpnva (1b7c80c66742dafaa31f98af4c3a5bc2) C:\Windows\system32\DRIVERS\vpnva.sys
18:31:52.0228 5684 vpnva - ok
18:31:52.0337 5684 vserax (a255368125e14f43e4f9cc9af0e6de1a) C:\Windows\system32\drivers\vserax.sys
18:31:52.0337 5684 vserax - ok
18:31:52.0415 5684 vseraxSvc (7e33e5feb6eae1016ff4511e27c7287d) C:\Windows\system32\vserax.exe
18:31:52.0415 5684 vseraxSvc - ok
18:31:52.0493 5684 vserial (4d68edc0d64fac582bece594a0a5bc6b) C:\Windows\system32\drivers\vserial.sys
18:31:52.0493 5684 vserial - ok
18:31:52.0602 5684 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:31:52.0618 5684 vsmraid - ok
18:31:52.0696 5684 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
18:31:52.0727 5684 VSS - ok
18:31:52.0820 5684 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
18:31:52.0820 5684 vwifibus - ok
18:31:52.0898 5684 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
18:31:52.0898 5684 vwififlt - ok
18:31:52.0992 5684 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\Windows\system32\DRIVERS\vwifimp.sys
18:31:52.0992 5684 vwifimp - ok
18:31:53.0086 5684 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
18:31:53.0086 5684 W32Time - ok
18:31:53.0164 5684 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:31:53.0164 5684 WacomPen - ok
18:31:53.0273 5684 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:31:53.0273 5684 WANARP - ok
18:31:53.0288 5684 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:31:53.0288 5684 Wanarpv6 - ok
18:31:53.0398 5684 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
18:31:53.0444 5684 WatAdminSvc - ok
18:31:53.0554 5684 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
18:31:53.0600 5684 wbengine - ok
18:31:53.0678 5684 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
18:31:53.0694 5684 WbioSrvc - ok
18:31:53.0788 5684 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
18:31:53.0788 5684 wcncsvc - ok
18:31:53.0866 5684 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
18:31:53.0866 5684 WcsPlugInService - ok
18:31:53.0944 5684 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:31:53.0944 5684 Wd - ok
18:31:54.0022 5684 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:31:54.0037 5684 Wdf01000 - ok
18:31:54.0115 5684 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:31:54.0115 5684 WdiServiceHost - ok
18:31:54.0146 5684 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:31:54.0146 5684 WdiSystemHost - ok
18:31:54.0224 5684 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
18:31:54.0240 5684 WebClient - ok
18:31:54.0318 5684 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
18:31:54.0334 5684 Wecsvc - ok
18:31:54.0396 5684 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
18:31:54.0412 5684 wercplsupport - ok
18:31:54.0490 5684 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
18:31:54.0505 5684 WerSvc - ok
18:31:54.0583 5684 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:31:54.0583 5684 WfpLwf - ok
18:31:54.0661 5684 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:31:54.0677 5684 WIMMount - ok
18:31:54.0739 5684 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
18:31:54.0739 5684 WinDefend - ok
18:31:54.0739 5684 WinHttpAutoProxySvc - ok
18:31:54.0848 5684 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
18:31:54.0848 5684 Winmgmt - ok
18:31:54.0958 5684 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
18:31:55.0004 5684 WinRM - ok
18:31:55.0114 5684 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
18:31:55.0114 5684 WinUsb - ok
18:31:55.0192 5684 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
18:31:55.0192 5684 Wlansvc - ok
18:31:55.0254 5684 wltrysvc (3cbce0c65cc433121001c1108b511d13) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
18:31:55.0254 5684 wltrysvc - ok
18:31:55.0363 5684 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:31:55.0363 5684 WmiAcpi - ok
18:31:55.0457 5684 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
18:31:55.0457 5684 wmiApSrv - ok
18:31:55.0550 5684 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:31:55.0566 5684 WMPNetworkSvc - ok
18:31:55.0644 5684 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
18:31:55.0644 5684 WPCSvc - ok
18:31:55.0722 5684 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
18:31:55.0722 5684 WPDBusEnum - ok
18:31:55.0831 5684 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:31:55.0831 5684 ws2ifsl - ok
18:31:55.0909 5684 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\System32\wscsvc.dll
18:31:55.0909 5684 wscsvc - ok
18:31:55.0956 5684 WSearch - ok
18:31:56.0050 5684 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
18:31:56.0096 5684 wuauserv - ok
18:31:56.0206 5684 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
18:31:56.0206 5684 WudfPf - ok
18:31:56.0315 5684 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:31:56.0330 5684 WUDFRd - ok
18:31:56.0424 5684 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
18:31:56.0424 5684 wudfsvc - ok
18:31:56.0502 5684 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
18:31:56.0502 5684 WwanSvc - ok
18:31:56.0564 5684 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:31:56.0752 5684 \Device\Harddisk0\DR0 - ok
18:31:56.0752 5684 Boot (0x1200) (c2772a6848e6925a1c9e986476162cd6) \Device\Harddisk0\DR0\Partition0
18:31:56.0752 5684 \Device\Harddisk0\DR0\Partition0 - ok
18:31:56.0783 5684 Boot (0x1200) (daa78152735c36d5b133a926f130e644) \Device\Harddisk0\DR0\Partition1
18:31:56.0783 5684 \Device\Harddisk0\DR0\Partition1 - ok
18:31:56.0783 5684 ============================================================
18:31:56.0783 5684 Scan finished
18:31:56.0783 5684 ============================================================
18:31:56.0798 5476 Detected object count: 0
18:31:56.0798 5476 Actual detected object count: 0
18:32:28.0404 1564 Deinitialize success






MBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-04-05 18:34:28
-----------------------------
18:34:28.380 OS Version: Windows 6.1.7601 Service Pack 1
18:34:28.380 Number of processors: 2 586 0x170A
18:34:28.396 ComputerName: LOS004-TECH UserName: espotswood
18:34:29.457 Initialize success
18:34:58.783 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
18:34:58.783 Disk 0 Vendor: FUJITSU_ 0000 Size: 238475MB BusType: 8
18:34:58.799 Disk 0 MBR read successfully
18:34:58.799 Disk 0 MBR scan
18:34:58.799 Disk 0 Windows 7 default MBR code
18:34:58.814 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 101 MB offset 63
18:34:58.814 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 238370 MB offset 208845
18:34:58.814 Disk 0 scanning sectors +488392065
18:34:58.908 Disk 0 scanning C:\Windows\system32\drivers
18:35:07.457 Service scanning
18:35:33.228 Modules scanning
18:35:56.987 Disk 0 trace - called modules:
18:35:57.002 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys halmacpi.dll
18:35:57.018 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8698c030]
18:35:57.018 3 CLASSPNP.SYS[893d959e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x85b50028]
18:35:57.018 Scan finished successfully
18:36:09.482 Disk 0 MBR has been saved successfully to "C:\Users\espotswood\Desktop\MBR.dat"
18:36:09.482 The log file has been saved successfully to "C:\Users\espotswood\Desktop\aswMBR.txt"






Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.04.05.11

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
espotswood :: LOS004-TECH [administrator]

4/5/2012 6:38:10 PM
mbam-log-2012-04-05 (18-38-10).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233767
Time elapsed: 7 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




I have run Malwarebytes for some time now. Last week when this first started it found quite a few issues and has been cleaned. If you like i can send you the results of that scan as well.

#8 Dork251

Dork251
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 05 April 2012 - 09:04 PM

Also Happili just popped up after all that was completed. BUT it showed this message instead of the usual links.

Warning: mysql_connect() [function.mysql-connect]: Too many connections in /home/happili.com/php/comm_includes/mysql.php on line 5

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:40 AM

Posted 05 April 2012 - 10:06 PM

OK, this one is buried and protected.

We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Dork251

Dork251
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:40 AM

Posted 06 April 2012 - 01:13 PM

Everything went well, I got the new thread started. Some of the results did say that there was something there, but I haven't acted on it.

#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:40 AM

Posted 06 April 2012 - 02:28 PM

Ok,good don't do anything.

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.

The current wait time is 1 - 3 days and ALL logs are answered.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users