Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected?...Malwarebytes hasn't eradicated it


  • Please log in to reply
21 replies to this topic

#1 robbinstribe

robbinstribe

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 13 November 2012 - 04:39 PM

Get this box multiple (dozens) of times each day.

(text from the window - I couldn't copy the whole window)
Scan type: Auto-Protect Scan
Event: Risk Found!
Security risk detected: Trojan.Gen.2
File: C:\Users\drobbins\AppData\Local\Temp\DWH4204.tmp
Location: C:\Users\drobbins\AppData\Local\Temp
Computer: BA-DROBBINS1-LT
User: drobbins
Action taken: Pending Side Effects Analysis : Access denied
Date found: Tuesday, November 13, 2012 3:28:17 P


I close it, then it returns.
I run Malwarebytes - it finds rogue windows items. I delete. They return.
Have run my virus protection and it finds nothing.

I'm running Windows 7 Professional.
Service Pack 1

32 bit

Any help is appreciated!

Thanks,
David

BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 PM

Posted 13 November 2012 - 04:55 PM

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe



Right Click it Run as Admin . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results


Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,


Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.


Run a scan with Eset.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.




Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:
Reset IE Proxy Settings
Reset FF Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

#3 robbinstribe

robbinstribe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 14 November 2012 - 11:35 AM

Thanks so much...

Download tdss killer

Post log - Kaspersky

15:58:26.0718 8436 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:58:27.0178 8436 ============================================================
15:58:27.0178 8436 Current date / time: 2012/11/13 15:58:27.0178
15:58:27.0178 8436 SystemInfo:
15:58:27.0178 8436
15:58:27.0178 8436 OS Version: 6.1.7601 ServicePack: 1.0
15:58:27.0178 8436 Product type: Workstation
15:58:27.0179 8436 ComputerName: BA-DROBBINS1-LT
15:58:27.0179 8436 UserName: drobbins
15:58:27.0179 8436 Windows directory: C:\Windows
15:58:27.0179 8436 System windows directory: C:\Windows
15:58:27.0179 8436 Processor architecture: Intel x86
15:58:27.0179 8436 Number of processors: 4
15:58:27.0179 8436 Page size: 0x1000
15:58:27.0179 8436 Boot type: Normal boot
15:58:27.0179 8436 ============================================================
15:58:27.0623 8436 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:58:27.0626 8436 Drive \Device\Harddisk1\DR5 - Size: 0x1D9800000 (7.40 Gb), SectorSize: 0x200, Cylinders: 0x3C5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:58:27.0628 8436 ============================================================
15:58:27.0628 8436 \Device\Harddisk0\DR0:
15:58:27.0628 8436 MBR partitions:
15:58:27.0628 8436 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x184E000
15:58:27.0629 8436 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1862000, BlocksNum 0x1B562000
15:58:27.0648 8436 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1CDC4800, BlocksNum 0x3FF800
15:58:27.0648 8436 \Device\Harddisk1\DR5:
15:58:27.0649 8436 MBR partitions:
15:58:27.0649 8436 \Device\Harddisk1\DR5\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xECC000
15:58:27.0649 8436 ============================================================
15:58:27.0693 8436 C: <-> \Device\Harddisk0\DR0\Partition2
15:58:27.0737 8436 D: <-> \Device\Harddisk0\DR0\Partition3
15:58:27.0737 8436 ============================================================
15:58:27.0737 8436 Initialize success
15:58:27.0737 8436 ============================================================
15:58:51.0905 11836 ============================================================
15:58:51.0905 11836 Scan started
15:58:51.0906 11836 Mode: Manual; TDLFS;
15:58:51.0906 11836 ============================================================
15:58:52.0225 11836 ================ Scan system memory ========================
15:58:52.0225 11836 System memory - ok
15:58:52.0226 11836 ================ Scan services =============================
15:58:52.0471 11836 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:58:52.0474 11836 1394ohci - ok
15:58:52.0548 11836 [ AF1F178B0218B44876E63BF0B019E96B ] Acceler C:\Windows\system32\DRIVERS\Accelern.sys
15:58:52.0549 11836 Acceler - ok
15:58:52.0607 11836 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:58:52.0612 11836 ACPI - ok
15:58:52.0628 11836 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:58:52.0628 11836 AcpiPmi - ok
15:58:52.0660 11836 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:58:52.0665 11836 adp94xx - ok
15:58:52.0679 11836 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:58:52.0681 11836 adpahci - ok
15:58:52.0698 11836 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:58:52.0699 11836 adpu320 - ok
15:58:52.0723 11836 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:58:52.0724 11836 AeLookupSvc - ok
15:58:52.0790 11836 [ 827DBC22C96EECF6D36A13162FABAFD3 ] AESTFilters C:\Program Files\IDT\WDM\aestsrv.exe
15:58:52.0792 11836 AESTFilters - ok
15:58:52.0845 11836 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:58:52.0849 11836 AFD - ok
15:58:52.0857 11836 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:58:52.0859 11836 agp440 - ok
15:58:52.0888 11836 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:58:52.0889 11836 aic78xx - ok
15:58:52.0917 11836 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:58:52.0918 11836 ALG - ok
15:58:52.0945 11836 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:58:52.0946 11836 aliide - ok
15:58:52.0962 11836 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:58:52.0963 11836 amdagp - ok
15:58:52.0975 11836 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:58:52.0976 11836 amdide - ok
15:58:53.0002 11836 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:58:53.0004 11836 AmdK8 - ok
15:58:53.0012 11836 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:58:53.0014 11836 AmdPPM - ok
15:58:53.0074 11836 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:58:53.0075 11836 amdsata - ok
15:58:53.0097 11836 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:58:53.0100 11836 amdsbs - ok
15:58:53.0115 11836 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:58:53.0116 11836 amdxata - ok
15:58:53.0145 11836 [ 83299C470907B54BB861B7AD55011871 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
15:58:53.0147 11836 ApfiltrService - ok
15:58:53.0196 11836 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:58:53.0198 11836 AppID - ok
15:58:53.0233 11836 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:58:53.0234 11836 AppIDSvc - ok
15:58:53.0273 11836 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:58:53.0274 11836 Appinfo - ok
15:58:53.0389 11836 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:58:53.0391 11836 Apple Mobile Device - ok
15:58:53.0429 11836 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
15:58:53.0431 11836 AppMgmt - ok
15:58:53.0464 11836 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:58:53.0465 11836 arc - ok
15:58:53.0479 11836 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:58:53.0481 11836 arcsas - ok
15:58:53.0503 11836 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:58:53.0504 11836 AsyncMac - ok
15:58:53.0555 11836 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:58:53.0556 11836 atapi - ok
15:58:53.0613 11836 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:58:53.0620 11836 AudioEndpointBuilder - ok
15:58:53.0632 11836 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:58:53.0634 11836 Audiosrv - ok
15:58:53.0685 11836 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:58:53.0687 11836 AxInstSV - ok
15:58:53.0709 11836 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:58:53.0715 11836 b06bdrv - ok
15:58:53.0734 11836 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:58:53.0737 11836 b57nd60x - ok
15:58:53.0765 11836 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:58:53.0766 11836 BDESVC - ok
15:58:53.0798 11836 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:58:53.0798 11836 Beep - ok
15:58:53.0890 11836 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:58:53.0896 11836 BFE - ok
15:58:53.0940 11836 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:58:53.0951 11836 BITS - ok
15:58:53.0973 11836 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:58:53.0974 11836 blbdrive - ok
15:58:54.0054 11836 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:58:54.0058 11836 Bonjour Service - ok
15:58:54.0104 11836 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:58:54.0105 11836 bowser - ok
15:58:54.0128 11836 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:58:54.0129 11836 BrFiltLo - ok
15:58:54.0142 11836 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:58:54.0143 11836 BrFiltUp - ok
15:58:54.0187 11836 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
15:58:54.0189 11836 Browser - ok
15:58:54.0289 11836 [ 7EFFCCD7B6EA4D3428F5B3ACE8DE8F5A ] Browser Defender Update Service C:\Program Files\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe
15:58:54.0296 11836 Browser Defender Update Service - ok
15:58:54.0319 11836 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:58:54.0322 11836 Brserid - ok
15:58:54.0335 11836 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:58:54.0336 11836 BrSerWdm - ok
15:58:54.0340 11836 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:58:54.0341 11836 BrUsbMdm - ok
15:58:54.0345 11836 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:58:54.0345 11836 BrUsbSer - ok
15:58:54.0391 11836 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:58:54.0392 11836 BthEnum - ok
15:58:54.0402 11836 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:58:54.0405 11836 BTHMODEM - ok
15:58:54.0432 11836 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:58:54.0433 11836 BthPan - ok
15:58:54.0482 11836 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:58:54.0487 11836 BTHPORT - ok
15:58:54.0519 11836 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:58:54.0520 11836 bthserv - ok
15:58:54.0535 11836 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:58:54.0536 11836 BTHUSB - ok
15:58:54.0577 11836 [ E4F2FF5B6BEFE0872B5A4098EB5CACA9 ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
15:58:54.0580 11836 BTWAMPFL - ok
15:58:54.0608 11836 [ C30935C27EB451586143B79B7DAD590F ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:58:54.0610 11836 btwaudio - ok
15:58:54.0623 11836 [ 9ABEA4DC976E3F47DA2D4B169719CBAA ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
15:58:54.0624 11836 btwavdt - ok
15:58:54.0677 11836 [ 7CAD1FF07B6AED945A34375FB1EF01F8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:58:54.0683 11836 btwdins - ok
15:58:54.0701 11836 [ DE53089F0678CB5F0AFEB867ACB0FB05 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:58:54.0702 11836 btwl2cap - ok
15:58:54.0715 11836 [ 1E5468447E4D18FBEA5F01267D6495A5 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:58:54.0716 11836 btwrchid - ok
15:58:54.0782 11836 [ 260A069F403DA226D18C058AD14FD3A3 ] ccEvtMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
15:58:54.0784 11836 ccEvtMgr - ok
15:58:54.0790 11836 [ 260A069F403DA226D18C058AD14FD3A3 ] ccSetMgr C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
15:58:54.0792 11836 ccSetMgr - ok
15:58:54.0811 11836 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:58:54.0812 11836 cdfs - ok
15:58:54.0863 11836 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:58:54.0864 11836 cdrom - ok
15:58:54.0918 11836 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:58:54.0919 11836 CertPropSvc - ok
15:58:54.0950 11836 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:58:54.0951 11836 circlass - ok
15:58:54.0981 11836 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:58:54.0984 11836 CLFS - ok
15:58:55.0052 11836 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:58:55.0054 11836 clr_optimization_v2.0.50727_32 - ok
15:58:55.0126 11836 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:58:55.0128 11836 clr_optimization_v4.0.30319_32 - ok
15:58:55.0138 11836 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:58:55.0139 11836 CmBatt - ok
15:58:55.0176 11836 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:58:55.0189 11836 cmdide - ok
15:58:55.0240 11836 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
15:58:55.0247 11836 CNG - ok
15:58:55.0283 11836 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:58:55.0284 11836 Compbatt - ok
15:58:55.0335 11836 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:58:55.0336 11836 CompositeBus - ok
15:58:55.0347 11836 COMSysApp - ok
15:58:55.0364 11836 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:58:55.0375 11836 crcdisk - ok
15:58:55.0431 11836 [ 3DCB48EBDD33E4D0E1E07F1751D7F767 ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
15:58:55.0443 11836 Credential Vault Host Control Service - ok
15:58:55.0460 11836 [ 13BB0029F5E24A63F2FB256E04DCF2D0 ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
15:58:55.0461 11836 Credential Vault Host Storage - ok
15:58:55.0512 11836 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:58:55.0528 11836 CryptSvc - ok
15:58:55.0573 11836 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
15:58:55.0579 11836 CSC - ok
15:58:55.0639 11836 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
15:58:55.0648 11836 CscService - ok
15:58:55.0683 11836 [ 0F538DF1673E5216F3BAACB6911D9D0F ] CtAudDrv C:\Windows\system32\Drivers\CtAudDrv.sys
15:58:55.0700 11836 CtAudDrv - ok
15:58:55.0712 11836 [ AA52C0B88C46D5037809D05DD826C61E ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
15:58:55.0715 11836 CtClsFlt - ok
15:58:55.0739 11836 [ D1697063E2CDB6575AA46D668FFEE825 ] cvusbdrv C:\Windows\system32\Drivers\cvusbdrv.sys
15:58:55.0740 11836 cvusbdrv - ok
15:58:55.0767 11836 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:58:55.0775 11836 DcomLaunch - ok
15:58:55.0854 11836 [ 4A557869C542B26264EA727C11B6670E ] dcpsysmgrsvc c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
15:58:55.0861 11836 dcpsysmgrsvc - ok
15:58:55.0900 11836 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:58:55.0915 11836 defragsvc - ok
15:58:55.0986 11836 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:58:55.0987 11836 DfsC - ok
15:58:56.0073 11836 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:58:56.0093 11836 Dhcp - ok
15:58:56.0112 11836 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:58:56.0113 11836 discache - ok
15:58:56.0133 11836 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:58:56.0134 11836 Disk - ok
15:58:56.0244 11836 [ 49B921854424D2ACF9E9CFA25FD2BE91 ] dldwCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\dldwserv.exe
15:58:56.0294 11836 dldwCATSCustConnectService - ok
15:58:56.0335 11836 dldw_device - ok
15:58:56.0382 11836 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:58:56.0397 11836 Dnscache - ok
15:58:56.0418 11836 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:58:56.0430 11836 dot3svc - ok
15:58:56.0470 11836 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:58:56.0479 11836 DPS - ok
15:58:56.0499 11836 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:58:56.0584 11836 drmkaud - ok
15:58:56.0644 11836 [ 7797F0CC249709001819E29DAB170EED ] DVMIO D:\Program Files\Dell\Reader 2.1\dvmio.sys
15:58:56.0656 11836 DVMIO - ok
15:58:56.0718 11836 [ 6F0952F5A3C8D9E90DF1F88B84541145 ] DvmMDES D:\Program Files\Dell\Reader 2.1\DVMExportService.exe
15:58:56.0723 11836 DvmMDES - ok
15:58:56.0783 11836 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:58:56.0792 11836 DXGKrnl - ok
15:58:56.0825 11836 [ 19E30C3C80D8CE29944B3F30FF9C8B76 ] e1kexpress C:\Windows\system32\DRIVERS\e1k6232.sys
15:58:56.0828 11836 e1kexpress - ok
15:58:56.0848 11836 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:58:56.0858 11836 EapHost - ok
15:58:56.0947 11836 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:58:57.0004 11836 ebdrv - ok
15:58:57.0046 11836 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
15:58:57.0059 11836 eeCtrl - ok
15:58:57.0102 11836 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:58:57.0105 11836 EFS - ok
15:58:57.0160 11836 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:58:57.0236 11836 ehRecvr - ok
15:58:57.0260 11836 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:58:57.0286 11836 ehSched - ok
15:58:57.0321 11836 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:58:57.0343 11836 elxstor - ok
15:58:57.0403 11836 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
15:58:57.0410 11836 EraserUtilRebootDrv - ok
15:58:57.0422 11836 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:58:57.0427 11836 ErrDev - ok
15:58:57.0471 11836 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:58:57.0491 11836 EventSystem - ok
15:58:57.0573 11836 [ DDEBCC0AA7BD3EB02ABCE6B3D8536DEA ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:58:57.0586 11836 EvtEng - ok
15:58:57.0644 11836 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
15:58:57.0658 11836 ew_hwusbdev - ok
15:58:57.0671 11836 [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
15:58:57.0681 11836 ew_usbenumfilter - ok
15:58:57.0698 11836 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:58:57.0705 11836 exfat - ok
15:58:57.0729 11836 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:58:57.0730 11836 fastfat - ok
15:58:57.0790 11836 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:58:57.0842 11836 Fax - ok
15:58:57.0882 11836 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:58:57.0889 11836 fdc - ok
15:58:57.0931 11836 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:58:57.0944 11836 fdPHost - ok
15:58:57.0968 11836 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:58:57.0974 11836 FDResPub - ok
15:58:57.0983 11836 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:58:57.0984 11836 FileInfo - ok
15:58:57.0996 11836 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:58:58.0003 11836 Filetrace - ok
15:58:58.0015 11836 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:58:58.0089 11836 flpydisk - ok
15:58:58.0118 11836 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:58:58.0121 11836 FltMgr - ok
15:58:58.0159 11836 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
15:58:58.0182 11836 FontCache - ok
15:58:58.0218 11836 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:58:58.0230 11836 FontCache3.0.0.0 - ok
15:58:58.0242 11836 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:58:58.0254 11836 FsDepends - ok
15:58:58.0270 11836 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:58:58.0271 11836 Fs_Rec - ok
15:58:58.0330 11836 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:58:58.0334 11836 fvevol - ok
15:58:58.0367 11836 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:58:58.0380 11836 gagp30kx - ok
15:58:58.0434 11836 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:58:58.0435 11836 GEARAspiWDM - ok
15:58:58.0458 11836 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:58:58.0466 11836 gpsvc - ok
15:58:58.0560 11836 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:58:58.0561 11836 gupdate - ok
15:58:58.0577 11836 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:58:58.0579 11836 gupdatem - ok
15:58:58.0595 11836 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:58:58.0607 11836 hcw85cir - ok
15:58:58.0661 11836 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:58:58.0664 11836 HDAudBus - ok
15:58:58.0692 11836 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:58:58.0703 11836 HidBatt - ok
15:58:58.0718 11836 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:58:58.0731 11836 HidBth - ok
15:58:58.0743 11836 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:58:58.0749 11836 HidIr - ok
15:58:58.0774 11836 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:58:58.0781 11836 hidserv - ok
15:58:58.0808 11836 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:58:58.0809 11836 HidUsb - ok
15:58:58.0842 11836 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:58:59.0226 11836 hkmsvc - ok
15:58:59.0262 11836 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:58:59.0282 11836 HomeGroupListener - ok
15:58:59.0326 11836 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:58:59.0345 11836 HomeGroupProvider - ok
15:58:59.0389 11836 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:58:59.0400 11836 HpSAMD - ok
15:58:59.0463 11836 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:58:59.0471 11836 HTTP - ok
15:58:59.0534 11836 [ FB572C3FC151C308D1DC3A99954D97B7 ] huawei_cdcacm C:\Windows\system32\DRIVERS\ew_jucdcacm.sys
15:58:59.0547 11836 huawei_cdcacm - ok
15:58:59.0567 11836 [ 00B363D211909FB85BC6300A3214AC03 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
15:58:59.0569 11836 huawei_enumerator - ok
15:58:59.0586 11836 [ 7B1DED0BE9A4203857AB0DED695983E6 ] huawei_ext_ctrl C:\Windows\system32\DRIVERS\ew_juextctrl.sys
15:58:59.0592 11836 huawei_ext_ctrl - ok
15:58:59.0620 11836 [ 189AC9CB8630FAEB1DCAE2F97B8FF98C ] huawei_wwanecm C:\Windows\system32\DRIVERS\ew_juwwanecm.sys
15:58:59.0628 11836 huawei_wwanecm - ok
15:58:59.0640 11836 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:58:59.0641 11836 hwpolicy - ok
15:58:59.0698 11836 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:58:59.0700 11836 i8042prt - ok
15:58:59.0741 11836 [ 26541A068572F650A2FA490726FE81BE ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:58:59.0745 11836 iaStor - ok
15:58:59.0877 11836 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
15:59:00.0117 11836 IAStorDataMgrSvc - ok
15:59:00.0144 11836 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:59:00.0206 11836 iaStorV - ok
15:59:00.0281 11836 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:59:00.0319 11836 idsvc - ok
15:59:00.0486 11836 [ C5589781F75DE0BFB26E221649C80D00 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:59:00.0584 11836 igfx - ok
15:59:00.0623 11836 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:59:00.0637 11836 iirsp - ok
15:59:00.0705 11836 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:59:00.0728 11836 IKEEXT - ok
15:59:00.0781 11836 [ E3C36AC5AE87EC970AE8EA2A93D59AE1 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
15:59:00.0784 11836 Impcd - ok
15:59:00.0838 11836 [ 987A2CC8EC0E86CAA2D8068B1ED7B441 ] InstallFilterService C:\Program Files\STMicroelectronics\AccelerometerP11\InstallFilterService.exe
15:59:00.0840 11836 InstallFilterService - ok
15:59:00.0879 11836 [ AF6D1E38BCE11DABA4C01D6A6DE94410 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:59:00.0883 11836 IntcDAud - ok
15:59:00.0898 11836 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:59:00.0909 11836 intelide - ok
15:59:00.0938 11836 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:59:00.0939 11836 intelppm - ok
15:59:00.0970 11836 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:59:01.0027 11836 IPBusEnum - ok
15:59:01.0053 11836 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:59:01.0066 11836 IpFilterDriver - ok
15:59:01.0117 11836 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:59:01.0178 11836 iphlpsvc - ok
15:59:01.0218 11836 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:59:01.0229 11836 IPMIDRV - ok
15:59:01.0237 11836 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:59:01.0245 11836 IPNAT - ok
15:59:01.0299 11836 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:59:01.0313 11836 iPod Service - ok
15:59:01.0337 11836 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:59:01.0344 11836 IRENUM - ok
15:59:01.0360 11836 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:59:01.0367 11836 isapnp - ok
15:59:01.0384 11836 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:59:01.0424 11836 iScsiPrt - ok
15:59:01.0445 11836 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
15:59:01.0446 11836 kbdclass - ok
15:59:01.0484 11836 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:59:01.0497 11836 kbdhid - ok
15:59:01.0519 11836 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:59:01.0522 11836 KeyIso - ok
15:59:01.0544 11836 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:59:01.0545 11836 KSecDD - ok
15:59:01.0575 11836 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:59:01.0577 11836 KSecPkg - ok
15:59:01.0605 11836 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:59:01.0628 11836 KtmRm - ok
15:59:01.0663 11836 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
15:59:01.0674 11836 LanmanServer - ok
15:59:01.0707 11836 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:59:01.0738 11836 LanmanWorkstation - ok
15:59:01.0936 11836 [ 6105B28F5D03C4AFFA7197B228768849 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
15:59:01.0981 11836 LiveUpdate - ok
15:59:02.0023 11836 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:59:02.0024 11836 lltdio - ok
15:59:02.0051 11836 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:59:02.0070 11836 lltdsvc - ok
15:59:02.0085 11836 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:59:02.0098 11836 lmhosts - ok
15:59:02.0126 11836 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:59:02.0140 11836 LSI_FC - ok
15:59:02.0155 11836 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:59:02.0169 11836 LSI_SAS - ok
15:59:02.0186 11836 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:59:02.0193 11836 LSI_SAS2 - ok
15:59:02.0206 11836 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:59:02.0213 11836 LSI_SCSI - ok
15:59:02.0223 11836 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:59:02.0224 11836 luafv - ok
15:59:02.0263 11836 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:59:02.0279 11836 Mcx2Svc - ok
15:59:02.0302 11836 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:59:02.0314 11836 megasas - ok
15:59:02.0332 11836 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:59:02.0341 11836 MegaSR - ok
15:59:02.0368 11836 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:59:02.0371 11836 MMCSS - ok
15:59:02.0385 11836 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:59:02.0392 11836 Modem - ok
15:59:02.0412 11836 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:59:02.0412 11836 monitor - ok
15:59:02.0464 11836 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:59:02.0465 11836 mouclass - ok
15:59:02.0489 11836 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:59:02.0490 11836 mouhid - ok
15:59:02.0527 11836 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:59:02.0529 11836 mountmgr - ok
15:59:02.0568 11836 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:59:02.0586 11836 mpio - ok
15:59:02.0597 11836 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:59:02.0599 11836 mpsdrv - ok
15:59:02.0651 11836 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:59:02.0676 11836 MpsSvc - ok
15:59:02.0720 11836 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:59:02.0722 11836 MRxDAV - ok
15:59:02.0757 11836 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:59:02.0760 11836 mrxsmb - ok
15:59:02.0781 11836 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:59:02.0786 11836 mrxsmb10 - ok
15:59:02.0802 11836 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:59:02.0804 11836 mrxsmb20 - ok
15:59:02.0815 11836 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:59:02.0821 11836 msahci - ok
15:59:02.0838 11836 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:59:02.0845 11836 msdsm - ok
15:59:02.0860 11836 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:59:02.0881 11836 MSDTC - ok
15:59:02.0919 11836 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:59:02.0919 11836 Msfs - ok
15:59:02.0933 11836 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:59:02.0943 11836 mshidkmdf - ok
15:59:02.0956 11836 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:59:02.0957 11836 msisadrv - ok
15:59:02.0985 11836 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:59:02.0993 11836 MSiSCSI - ok
15:59:02.0997 11836 msiserver - ok
15:59:03.0007 11836 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:59:03.0012 11836 MSKSSRV - ok
15:59:03.0020 11836 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:59:03.0025 11836 MSPCLOCK - ok
15:59:03.0038 11836 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:59:03.0043 11836 MSPQM - ok
15:59:03.0060 11836 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:59:03.0062 11836 MsRPC - ok
15:59:03.0107 11836 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:59:03.0108 11836 mssmbios - ok
15:59:03.0115 11836 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:59:03.0126 11836 MSTEE - ok
15:59:03.0132 11836 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:59:03.0143 11836 MTConfig - ok
15:59:03.0150 11836 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:59:03.0151 11836 Mup - ok
15:59:03.0179 11836 [ 428C611928DF3E96538A482117E659F7 ] NAL C:\Windows\system32\Drivers\iqvw32.sys
15:59:03.0186 11836 NAL - ok
15:59:03.0229 11836 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:59:03.0236 11836 napagent - ok
15:59:03.0271 11836 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:59:03.0276 11836 NativeWifiP - ok
15:59:03.0431 11836 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121113.002\NAVENG.SYS
15:59:03.0433 11836 NAVENG - ok
15:59:03.0491 11836 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20121113.002\NAVEX15.SYS
15:59:03.0514 11836 NAVEX15 - ok
15:59:03.0557 11836 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:59:03.0565 11836 NDIS - ok
15:59:03.0588 11836 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:59:03.0597 11836 NdisCap - ok
15:59:03.0615 11836 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:59:03.0616 11836 NdisTapi - ok
15:59:03.0651 11836 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:59:03.0651 11836 Ndisuio - ok
15:59:03.0690 11836 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:59:03.0693 11836 NdisWan - ok
15:59:03.0733 11836 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:59:03.0735 11836 NDProxy - ok
15:59:03.0759 11836 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:59:03.0761 11836 NetBIOS - ok
15:59:03.0808 11836 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:59:03.0811 11836 NetBT - ok
15:59:03.0846 11836 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:59:03.0848 11836 Netlogon - ok
15:59:03.0909 11836 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:59:03.0930 11836 Netman - ok
15:59:03.0961 11836 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:59:03.0968 11836 netprofm - ok
15:59:03.0988 11836 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:59:04.0006 11836 NetTcpPortSharing - ok
15:59:04.0147 11836 [ 29E4F23D31FB66C7BF0014D36CF5AF2A ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
15:59:04.0207 11836 NETwNs32 - ok
15:59:04.0238 11836 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:59:04.0245 11836 nfrd960 - ok
15:59:04.0292 11836 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:59:04.0313 11836 NlaSvc - ok
15:59:04.0326 11836 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:59:04.0328 11836 Npfs - ok
15:59:04.0353 11836 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:59:04.0359 11836 nsi - ok
15:59:04.0366 11836 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:59:04.0367 11836 nsiproxy - ok
15:59:04.0432 11836 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:59:04.0450 11836 Ntfs - ok
15:59:04.0468 11836 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:59:04.0468 11836 Null - ok
15:59:04.0513 11836 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:59:04.0529 11836 nvraid - ok
15:59:04.0555 11836 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:59:04.0569 11836 nvstor - ok
15:59:04.0588 11836 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:59:04.0596 11836 nv_agp - ok
15:59:04.0687 11836 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:59:04.0721 11836 odserv - ok
15:59:04.0759 11836 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:59:04.0769 11836 ohci1394 - ok
15:59:04.0795 11836 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:59:04.0848 11836 ose - ok
15:59:04.0870 11836 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:59:04.0881 11836 p2pimsvc - ok
15:59:04.0908 11836 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:59:04.0932 11836 p2psvc - ok
15:59:04.0964 11836 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:59:04.0966 11836 Parport - ok
15:59:05.0006 11836 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:59:05.0007 11836 partmgr - ok
15:59:05.0024 11836 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:59:05.0025 11836 Parvdm - ok
15:59:05.0048 11836 [ 4088C1ECD1F54281A92FA663B0FDC36F ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys
15:59:05.0049 11836 PBADRV - ok
15:59:05.0066 11836 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:59:05.0091 11836 PcaSvc - ok
15:59:05.0133 11836 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:59:05.0137 11836 pci - ok
15:59:05.0151 11836 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:59:05.0163 11836 pciide - ok
15:59:05.0180 11836 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:59:05.0183 11836 pcmcia - ok
15:59:05.0223 11836 [ 6C9E2F69D99C025FD5CAB2228E495FA1 ] PCTBD C:\Windows\system32\Drivers\PCTBD.sys
15:59:05.0225 11836 PCTBD - ok
15:59:05.0285 11836 [ F7DA28F2AB6CD32B2F76EE96EDAD8F20 ] PCTCore C:\Windows\system32\drivers\PCTCore.sys
15:59:05.0291 11836 PCTCore - ok
15:59:05.0312 11836 [ 3C9FD593E95B98C642B4486CD122C2FB ] pctDS C:\Windows\system32\drivers\pctDS.sys
15:59:05.0317 11836 pctDS - ok
15:59:05.0350 11836 [ DB6B6E47165B9647B215CEEB4DB33B87 ] pctEFA C:\Windows\system32\drivers\pctEFA.sys
15:59:05.0363 11836 pctEFA - ok
15:59:05.0380 11836 [ 5E11C0C1BEE956DE9EAAC7ED086D8DB9 ] PCTSD C:\Windows\system32\Drivers\PCTSD.sys
15:59:05.0384 11836 PCTSD - ok
15:59:05.0398 11836 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:59:05.0399 11836 pcw - ok
15:59:05.0420 11836 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:59:05.0429 11836 PEAUTH - ok
15:59:05.0468 11836 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:59:05.0492 11836 PeerDistSvc - ok
15:59:05.0565 11836 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:59:05.0590 11836 pla - ok
15:59:05.0632 11836 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:59:05.0656 11836 PlugPlay - ok
15:59:05.0677 11836 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:59:05.0684 11836 PNRPAutoReg - ok
15:59:05.0704 11836 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:59:05.0706 11836 PNRPsvc - ok
15:59:05.0728 11836 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:59:05.0750 11836 PolicyAgent - ok
15:59:05.0787 11836 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:59:05.0806 11836 Power - ok
15:59:05.0837 11836 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:59:05.0838 11836 PptpMiniport - ok
15:59:05.0868 11836 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:59:05.0881 11836 Processor - ok
15:59:05.0921 11836 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
15:59:05.0937 11836 ProfSvc - ok
15:59:05.0971 11836 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:59:05.0973 11836 ProtectedStorage - ok
15:59:06.0003 11836 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:59:06.0005 11836 Psched - ok
15:59:06.0034 11836 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
15:59:06.0036 11836 PxHelp20 - ok
15:59:06.0075 11836 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:59:06.0107 11836 ql2300 - ok
15:59:06.0126 11836 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:59:06.0195 11836 ql40xx - ok
15:59:06.0229 11836 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:59:06.0247 11836 QWAVE - ok
15:59:06.0261 11836 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:59:06.0268 11836 QWAVEdrv - ok
15:59:06.0279 11836 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:59:06.0285 11836 RasAcd - ok
15:59:06.0309 11836 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:59:06.0310 11836 RasAgileVpn - ok
15:59:06.0321 11836 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:59:06.0336 11836 RasAuto - ok
15:59:06.0364 11836 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:59:06.0365 11836 Rasl2tp - ok
15:59:06.0413 11836 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:59:06.0433 11836 RasMan - ok
15:59:06.0449 11836 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:59:06.0451 11836 RasPppoe - ok
15:59:06.0462 11836 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:59:06.0463 11836 RasSstp - ok
15:59:06.0478 11836 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:59:06.0481 11836 rdbss - ok
15:59:06.0492 11836 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:59:06.0492 11836 rdpbus - ok
15:59:06.0530 11836 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:59:06.0531 11836 RDPCDD - ok
15:59:06.0552 11836 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:59:06.0565 11836 RDPDR - ok
15:59:06.0588 11836 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:59:06.0589 11836 RDPENCDD - ok
15:59:06.0604 11836 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:59:06.0604 11836 RDPREFMP - ok
15:59:06.0642 11836 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:59:06.0659 11836 RDPWD - ok
15:59:06.0716 11836 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:59:06.0721 11836 rdyboost - ok
15:59:06.0776 11836 [ 5608ED3957105BC14E3C426BB27AC5A1 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:59:06.0783 11836 RegSrvc - ok
15:59:06.0811 11836 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:59:06.0826 11836 RemoteAccess - ok
15:59:06.0850 11836 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:59:06.0859 11836 RemoteRegistry - ok
15:59:06.0898 11836 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:59:06.0901 11836 RFCOMM - ok
15:59:06.0931 11836 [ E891F07815AF88075705EF6A248711F6 ] rimspci C:\Windows\system32\DRIVERS\rimspe86.sys
15:59:06.0942 11836 rimspci - ok
15:59:06.0950 11836 [ 5312F15DBEB47D906DCA2E334DC4C97D ] risdpcie C:\Windows\system32\DRIVERS\risdpe86.sys
15:59:06.0952 11836 risdpcie - ok
15:59:06.0958 11836 [ CF2DE2365FD99E5B8E38C9F3467DCDB8 ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe86.sys
15:59:06.0965 11836 rixdpcie - ok
15:59:07.0051 11836 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
15:59:07.0078 11836 RoxMediaDB12OEM - ok
15:59:07.0101 11836 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
15:59:07.0174 11836 RoxWatch12 - ok
15:59:07.0218 11836 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:59:07.0233 11836 RpcEptMapper - ok
15:59:07.0257 11836 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:59:07.0278 11836 RpcLocator - ok
15:59:07.0327 11836 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:59:07.0335 11836 RpcSs - ok
15:59:07.0363 11836 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:59:07.0365 11836 rspndr - ok
15:59:07.0401 11836 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:59:07.0411 11836 s3cap - ok
15:59:07.0422 11836 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:59:07.0424 11836 SamSs - ok
15:59:07.0441 11836 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:59:07.0449 11836 sbp2port - ok
15:59:07.0459 11836 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:59:07.0468 11836 SCardSvr - ok
15:59:07.0511 11836 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:59:07.0512 11836 scfilter - ok
15:59:07.0553 11836 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:59:07.0562 11836 Schedule - ok
15:59:07.0604 11836 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:59:07.0605 11836 SCPolicySvc - ok
15:59:07.0666 11836 [ CFEB26A26452D5337C2F3AADD8218FC3 ] sdAuxService C:\Program Files\PC Tools\PC Tools Security\pctsAuxs.exe
15:59:07.0704 11836 sdAuxService - ok
15:59:07.0730 11836 [ B906C04F469060F2DD7FCB84706B4493 ] sdCoreService C:\Program Files\PC Tools\PC Tools Security\pctsSvc.exe
15:59:07.0761 11836 sdCoreService - ok
15:59:07.0812 11836 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:59:07.0830 11836 SDRSVC - ok
15:59:07.0877 11836 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:59:07.0878 11836 secdrv - ok
15:59:07.0919 11836 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:59:07.0933 11836 seclogon - ok
15:59:08.0034 11836 [ 6ABF8E8AE3800CCF84D9AE6865A641E5 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
15:59:08.0079 11836 SecureStorageService - ok
15:59:08.0088 11836 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:59:08.0096 11836 SENS - ok
15:59:08.0126 11836 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:59:08.0141 11836 SensrSvc - ok
15:59:08.0165 11836 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:59:08.0171 11836 Serenum - ok
15:59:08.0182 11836 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:59:08.0189 11836 Serial - ok
15:59:08.0214 11836 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:59:08.0220 11836 sermouse - ok
15:59:08.0266 11836 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:59:08.0276 11836 SessionEnv - ok
15:59:08.0320 11836 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:59:08.0330 11836 sffdisk - ok
15:59:08.0340 11836 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:59:08.0350 11836 sffp_mmc - ok
15:59:08.0363 11836 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:59:08.0369 11836 sffp_sd - ok
15:59:08.0386 11836 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:59:08.0392 11836 sfloppy - ok
15:59:08.0429 11836 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:59:08.0452 11836 SharedAccess - ok
15:59:08.0496 11836 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:59:08.0504 11836 ShellHWDetection - ok
15:59:08.0518 11836 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:59:08.0531 11836 sisagp - ok
15:59:08.0551 11836 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:59:08.0558 11836 SiSRaid2 - ok
15:59:08.0566 11836 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:59:08.0573 11836 SiSRaid4 - ok
15:59:08.0655 11836 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:59:08.0784 11836 SkypeUpdate - ok
15:59:08.0807 11836 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:59:08.0814 11836 Smb - ok
15:59:08.0909 11836 [ FBB0BAAC634FD95EDA136C4B2FEC76F6 ] SmcService C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
15:59:08.0938 11836 SmcService - ok
15:59:08.0970 11836 [ 65E1EBF379856B677979802C8D5BCD87 ] SNAC C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
15:59:09.0011 11836 SNAC - ok
15:59:09.0042 11836 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:59:09.0053 11836 SNMPTRAP - ok
15:59:09.0106 11836 [ E87CF104F12C92401C4D33C50A3D5DC8 ] SPBBCDrv C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
15:59:09.0127 11836 SPBBCDrv - ok
15:59:09.0158 11836 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:59:09.0158 11836 spldr - ok
15:59:09.0197 11836 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
15:59:09.0205 11836 Spooler - ok
15:59:09.0715 11836 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:59:09.0732 11836 sppsvc - ok
15:59:09.0777 11836 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:59:09.0795 11836 sppuinotify - ok
15:59:09.0837 11836 [ 5A293729E1F9FCE3A2106D1F5DC5E98A ] SRTSP C:\Windows\system32\Drivers\SRTSP.SYS
15:59:09.0843 11836 SRTSP - ok
15:59:09.0889 11836 [ 0DDB7FBA32BE09D8057063C0CEE24137 ] SRTSPL C:\Windows\system32\Drivers\SRTSPL.SYS
15:59:09.0910 11836 SRTSPL - ok
15:59:09.0935 11836 [ A99719DFB61B61AA5026341BBB733C0A ] SRTSPX C:\Windows\system32\Drivers\SRTSPX.SYS
15:59:09.0937 11836 SRTSPX - ok
15:59:09.0975 11836 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:59:09.0978 11836 srv - ok
15:59:10.0024 11836 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:59:10.0030 11836 srv2 - ok
15:59:10.0045 11836 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:59:10.0047 11836 srvnet - ok
15:59:10.0075 11836 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:59:10.0091 11836 SSDPSRV - ok
15:59:10.0106 11836 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:59:10.0115 11836 SstpSvc - ok
15:59:10.0140 11836 [ 463BAC682BA75050A5A93025B9CC52C2 ] staccel C:\Windows\system32\DRIVERS\staccel.sys
15:59:10.0141 11836 staccel - ok
15:59:10.0466 11836 [ 7FFB500CDE13B0706F8AA109961AF22D ] STacSV C:\Program Files\IDT\WDM\STacSV.exe
15:59:10.0471 11836 STacSV - ok
15:59:10.0499 11836 [ A5B83C8050572622E5C43B5B3326A129 ] stdflt C:\Windows\system32\DRIVERS\stdfltn.sys
15:59:10.0500 11836 stdflt - ok
15:59:10.0519 11836 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:59:10.0531 11836 stexstor - ok
15:59:10.0564 11836 [ 698E186AC2DF982B2D26428428155DE1 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
15:59:10.0570 11836 STHDA - ok
15:59:10.0618 11836 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:59:10.0680 11836 StiSvc - ok
15:59:10.0726 11836 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
15:59:10.0745 11836 stllssvr - ok
15:59:10.0783 11836 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:59:10.0784 11836 storflt - ok
15:59:10.0804 11836 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
15:59:10.0812 11836 StorSvc - ok
15:59:10.0851 11836 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:59:10.0865 11836 storvsc - ok
15:59:10.0902 11836 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
15:59:10.0903 11836 swenum - ok
15:59:10.0927 11836 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:59:10.0949 11836 swprv - ok
15:59:11.0013 11836 [ 05799A82B7A2714AE14EE17C4B660701 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
15:59:11.0030 11836 Symantec AntiVirus - ok
15:59:11.0057 11836 [ A54FF04BD6E75DC4D8CB6F3E352635E0 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT.SYS
15:59:11.0066 11836 SymEvent - ok
15:59:11.0123 11836 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:59:11.0155 11836 SysMain - ok
15:59:11.0185 11836 [ C074793032757749ED7FA46469A66B17 ] SysPlant C:\Windows\SYSTEM32\Drivers\SysPlant.sys
15:59:11.0199 11836 SysPlant - ok
15:59:11.0241 11836 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:59:11.0255 11836 TabletInputService - ok
15:59:11.0302 11836 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:59:11.0319 11836 TapiSrv - ok
15:59:11.0338 11836 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:59:11.0346 11836 TBS - ok
15:59:11.0407 11836 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:59:11.0425 11836 Tcpip - ok
15:59:11.0452 11836 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:59:11.0459 11836 TCPIP6 - ok
15:59:11.0492 11836 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:59:11.0493 11836 tcpipreg - ok
15:59:11.0568 11836 [ E42D560E2163480E7B586B14ABEB3386 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
15:59:11.0604 11836 tcsd_win32.exe - ok
15:59:11.0684 11836 [ B434294EAA2AE4FB9BD63E25EB89B86F ] TdmService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
15:59:11.0709 11836 TdmService - ok
15:59:11.0748 11836 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:59:11.0755 11836 TDPIPE - ok
15:59:11.0797 11836 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:59:11.0808 11836 TDTCP - ok
15:59:11.0848 11836 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:59:11.0849 11836 tdx - ok
15:59:11.0906 11836 [ 1D3C046A9106DE97DDC8276958700BF4 ] Teefer2 C:\Windows\system32\DRIVERS\teefer2.sys
15:59:11.0908 11836 Teefer2 - ok
15:59:11.0977 11836 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:59:11.0978 11836 TermDD - ok
15:59:12.0028 11836 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:59:12.0052 11836 TermService - ok
15:59:12.0072 11836 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:59:12.0079 11836 Themes - ok
15:59:12.0088 11836 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:59:12.0089 11836 THREADORDER - ok
15:59:12.0123 11836 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:59:12.0130 11836 TrkWks - ok
15:59:12.0181 11836 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:59:12.0193 11836 TrustedInstaller - ok
15:59:12.0205 11836 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:59:12.0211 11836 tssecsrv - ok
15:59:12.0248 11836 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:59:12.0262 11836 TsUsbFlt - ok
15:59:12.0307 11836 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:59:12.0310 11836 tunnel - ok
15:59:12.0333 11836 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:59:12.0348 11836 uagp35 - ok
15:59:12.0362 11836 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:59:12.0375 11836 udfs - ok
15:59:12.0390 11836 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:59:12.0402 11836 UI0Detect - ok
15:59:12.0437 11836 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:59:12.0445 11836 uliagpkx - ok
15:59:12.0498 11836 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
15:59:12.0499 11836 umbus - ok
15:59:12.0510 11836 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:59:12.0521 11836 UmPass - ok
15:59:12.0562 11836 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
15:59:12.0581 11836 UmRdpService - ok
15:59:12.0612 11836 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:59:12.0616 11836 upnphost - ok
15:59:12.0651 11836 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
15:59:12.0658 11836 USBAAPL - ok
15:59:12.0673 11836 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:59:12.0674 11836 usbccgp - ok
15:59:12.0718 11836 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:59:12.0733 11836 usbcir - ok
15:59:12.0746 11836 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:59:12.0747 11836 usbehci - ok
15:59:12.0769 11836 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:59:12.0773 11836 usbhub - ok
15:59:12.0786 11836 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:59:12.0800 11836 usbohci - ok
15:59:12.0827 11836 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:59:12.0833 11836 usbprint - ok
15:59:12.0886 11836 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:59:12.0900 11836 usbscan - ok
15:59:12.0937 11836 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:59:12.0950 11836 USBSTOR - ok
15:59:12.0962 11836 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:59:12.0974 11836 usbuhci - ok
15:59:12.0989 11836 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:59:12.0991 11836 usbvideo - ok
15:59:13.0011 11836 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:59:13.0022 11836 UxSms - ok
15:59:13.0040 11836 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:59:13.0042 11836 VaultSvc - ok
15:59:13.0064 11836 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:59:13.0065 11836 vdrvroot - ok
15:59:13.0116 11836 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:59:13.0150 11836 vds - ok
15:59:13.0162 11836 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:59:13.0168 11836 vga - ok
15:59:13.0176 11836 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:59:13.0177 11836 VgaSave - ok
15:59:13.0215 11836 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:59:13.0224 11836 vhdmp - ok
15:59:13.0249 11836 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:59:13.0256 11836 viaagp - ok
15:59:13.0284 11836 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:59:13.0297 11836 ViaC7 - ok
15:59:13.0340 11836 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:59:13.0352 11836 viaide - ok
15:59:13.0446 11836 [ 8C267B305216E38376D7FC32203C7EA0 ] VmbService C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe
15:59:13.0454 11836 VmbService - ok
15:59:13.0474 11836 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:59:13.0478 11836 vmbus - ok
15:59:13.0491 11836 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:59:13.0498 11836 VMBusHID - ok
15:59:13.0511 11836 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:59:13.0512 11836 volmgr - ok
15:59:13.0525 11836 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:59:13.0529 11836 volmgrx - ok
15:59:13.0545 11836 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:59:13.0547 11836 volsnap - ok
15:59:13.0576 11836 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:59:13.0584 11836 vsmraid - ok
15:59:13.0641 11836 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:59:13.0691 11836 VSS - ok
15:59:13.0703 11836 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:59:13.0703 11836 vwifibus - ok
15:59:13.0724 11836 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:59:13.0725 11836 vwififlt - ok
15:59:13.0752 11836 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:59:13.0752 11836 vwifimp - ok
15:59:13.0781 11836 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:59:13.0793 11836 W32Time - ok
15:59:13.0831 11836 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:59:13.0843 11836 WacomPen - ok
15:59:13.0873 11836 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:59:13.0875 11836 WANARP - ok
15:59:13.0882 11836 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:59:13.0884 11836 Wanarpv6 - ok
15:59:13.0989 11836 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:59:14.0019 11836 WatAdminSvc - ok
15:59:14.0081 11836 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:59:14.0127 11836 wbengine - ok
15:59:14.0140 11836 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:59:14.0149 11836 WbioSrvc - ok
15:59:14.0187 11836 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:59:14.0212 11836 wcncsvc - ok
15:59:14.0227 11836 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:59:14.0235 11836 WcsPlugInService - ok
15:59:14.0244 11836 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:59:14.0250 11836 Wd - ok
15:59:14.0270 11836 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:59:14.0272 11836 Wdf01000 - ok
15:59:14.0287 11836 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:59:14.0295 11836 WdiServiceHost - ok
15:59:14.0299 11836 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:59:14.0301 11836 WdiSystemHost - ok
15:59:14.0338 11836 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:59:14.0363 11836 WebClient - ok
15:59:14.0386 11836 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:59:14.0395 11836 Wecsvc - ok
15:59:14.0407 11836 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:59:14.0409 11836 wercplsupport - ok
15:59:14.0434 11836 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:59:14.0436 11836 WerSvc - ok
15:59:14.0458 11836 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:59:14.0459 11836 WfpLwf - ok
15:59:14.0473 11836 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:59:14.0488 11836 WIMMount - ok
15:59:14.0545 11836 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:59:14.0568 11836 WinDefend - ok
15:59:14.0575 11836 WinHttpAutoProxySvc - ok
15:59:14.0635 11836 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:59:14.0655 11836 Winmgmt - ok
15:59:14.0723 11836 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:59:14.0756 11836 WinRM - ok
15:59:14.0794 11836 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:59:14.0795 11836 WinUsb - ok
15:59:14.0834 11836 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:59:14.0863 11836 Wlansvc - ok
15:59:14.0907 11836 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:59:14.0935 11836 wlcrasvc - ok
15:59:15.0019 11836 [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:59:15.0036 11836 wlidsvc - ok
15:59:15.0083 11836 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:59:15.0084 11836 WmiAcpi - ok
15:59:15.0111 11836 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:59:15.0155 11836 wmiApSrv - ok
15:59:15.0232 11836 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:59:15.0268 11836 WMPNetworkSvc - ok
15:59:15.0292 11836 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:59:15.0304 11836 WPCSvc - ok
15:59:15.0347 11836 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:59:15.0355 11836 WPDBusEnum - ok
15:59:15.0395 11836 [ 4434525F44B84A97DECBFE032334F51B ] WPS C:\Windows\system32\drivers\wpsdrvnt.sys
15:59:15.0409 11836 WPS - ok
15:59:15.0436 11836 [ C306D2037EC147C7C663994F12B87F1E ] WpsHelper C:\Windows\system32\drivers\WpsHelper.sys
15:59:15.0445 11836 WpsHelper - ok
15:59:15.0471 11836 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:59:15.0472 11836 ws2ifsl - ok
15:59:15.0490 11836 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
15:59:15.0506 11836 wscsvc - ok
15:59:15.0509 11836 WSearch - ok
15:59:15.0587 11836 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:59:15.0617 11836 wuauserv - ok
15:59:15.0631 11836 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:59:15.0633 11836 WudfPf - ok
15:59:15.0679 11836 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:59:15.0682 11836 WUDFRd - ok
15:59:15.0719 11836 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:59:15.0736 11836 wudfsvc - ok
15:59:15.0755 11836 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:59:15.0822 11836 WwanSvc - ok
15:59:15.0874 11836 ================ Scan global ===============================
15:59:15.0943 11836 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:59:15.0996 11836 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
15:59:16.0025 11836 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
15:59:16.0052 11836 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:59:16.0095 11836 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:59:16.0101 11836 [Global] - ok
15:59:16.0102 11836 ================ Scan MBR ==================================
15:59:16.0118 11836 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
15:59:17.0195 11836 \Device\Harddisk0\DR0 - ok
15:59:17.0201 11836 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR5
15:59:17.0262 11836 \Device\Harddisk1\DR5 - ok
15:59:17.0263 11836 ================ Scan VBR ==================================
15:59:17.0287 11836 [ BE95C7CA23FC19F933DCEA5E1CE2662F ] \Device\Harddisk0\DR0\Partition1
15:59:17.0290 11836 \Device\Harddisk0\DR0\Partition1 - ok
15:59:17.0315 11836 [ 41A3FA14B89AF6E7CAAF45C3AE88BD56 ] \Device\Harddisk0\DR0\Partition2
15:59:17.0318 11836 \Device\Harddisk0\DR0\Partition2 - ok
15:59:17.0354 11836 [ 878CFD4A25518654F635752566490222 ] \Device\Harddisk0\DR0\Partition3
15:59:17.0358 11836 \Device\Harddisk0\DR0\Partition3 - ok
15:59:17.0363 11836 [ A3D4B4E0457F7AB12529819DE88F058F ] \Device\Harddisk1\DR5\Partition1
15:59:17.0365 11836 \Device\Harddisk1\DR5\Partition1 - ok
15:59:17.0366 11836 ============================================================
15:59:17.0366 11836 Scan finished
15:59:17.0366 11836 ============================================================
15:59:17.0381 9932 Detected object count: 0
15:59:17.0381 9932 Actual detected object count: 0




Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/ecf14848530d11a2f09a94b92a69fcfa/

Post the log here,

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.13.08

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
drobbins :: BA-DROBBINS1-LT [administrator]

11/13/2012 4:08:07 PM
mbam-log-2012-11-13 (16-08-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 355890
Time elapsed: 9 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Update do a quick scan with Superantispyware remove all this finds reboot.
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE
post the log here.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/13/2012 at 04:31 PM

Application Version : 5.6.1014

Core Rules Database Version : 9578
Trace Rules Database Version: 7390

Scan type : Quick Scan
Total Scan Time : 00:10:39

Operating System Information
Windows 7 Professional 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 1136
Memory threats detected : 0
Registry items scanned : 31089
Registry threats detected : 0
File items scanned : 10068
File threats detected : 37

Adware.Tracking Cookie
C:\Users\drobbins\AppData\Roaming\Microsoft\Windows\Cookies\0DJW7TGQ.txt [ /atdmt.com ]
C:\Users\drobbins\AppData\Roaming\Microsoft\Windows\Cookies\ZBTUE990.txt [ /c.atdmt.com ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\drobbins@www.google[2].txt [ Cookie:drobbins@www.google.com/accounts ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\6OD30TII.txt [ Cookie:drobbins@interclick.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\CRPVPCU5.txt [ Cookie:drobbins@zedo.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\TIVDTQZZ.txt [ Cookie:drobbins@yieldmanager.net/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\3UUDEZBF.txt [ Cookie:drobbins@www.google.com/accounts ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\MQOB33ZI.txt [ Cookie:drobbins@adxpose.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\2A2B46GG.txt [ Cookie:drobbins@pro-market.net/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\K3LRZXYE.txt [ Cookie:drobbins@doubleclick.net/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\C3RFDR83.txt [ Cookie:drobbins@lucidmedia.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\4Z63BSNS.txt [ Cookie:drobbins@www.tulsacounty.org/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\QYP7W8CR.txt [ Cookie:drobbins@specificclick.net/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\XQ1O6IM6.txt [ Cookie:drobbins@accounts.google.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\BORAXVP3.txt [ Cookie:drobbins@ad.mlnadvertising.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\240SUW32.txt [ Cookie:drobbins@realmedia.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\8T1IIDK9.txt [ Cookie:drobbins@burstnet.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\K3AI0ZYM.txt [ Cookie:drobbins@statcounter.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\DAVZ825D.txt [ Cookie:drobbins@legolas-media.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\CDRYZWC2.txt [ Cookie:drobbins@adsonar.com/adserving ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\FS2XE43X.txt [ Cookie:drobbins@casalemedia.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\5JAVZI0E.txt [ Cookie:drobbins@kontera.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\6TLJMAAI.txt [ Cookie:drobbins@fastclick.net/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\39L1PPD6.txt [ Cookie:drobbins@ru4.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\G02C0GHZ.txt [ Cookie:drobbins@invitemedia.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\23I9UQIK.txt [ Cookie:drobbins@a1.interclick.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\97MBQMTZ.txt [ Cookie:drobbins@apmebf.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\PLAP5NHD.txt [ Cookie:drobbins@msnbc.112.2o7.net/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\D6P2UN31.txt [ Cookie:drobbins@revsci.net/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\60LZF8D3.txt [ Cookie:drobbins@ad.yieldmanager.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\8UB6E07I.txt [ Cookie:drobbins@tribalfusion.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\I4HJ7INZ.txt [ Cookie:drobbins@tulsacounty.org/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\6G2KI7NL.txt [ Cookie:drobbins@stats.townnews.com/baledger.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\5MZ770V2.txt [ Cookie:drobbins@adbrite.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\DZ4XNRO8.txt [ Cookie:drobbins@bs.serving-sys.com/ ]
C:\USERS\DROBBINS\AppData\Roaming\Microsoft\Windows\Cookies\Low\J4HLX5E2.txt [ Cookie:drobbins@adtechus.com/ ]
C:\USERS\DROBBINS\Cookies\drobbins@www.google[2].txt [ Cookie:drobbins@www.google.com/accounts ]



Run a scan with Eset.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.


No threat found...


Please download MINITOOLBOX and run it.
http://download.bleepingcomputer.com/farbar/MiniToolBox.exe

Checkmark following boxes:
Reset IE Proxy Settings
Reset FF Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by drobbins (administrator) on 13-11-2012 at 16:05:46
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Intel® 82577LM Gigabit Network Connection = Local Area Connection (Connected)
Intel® Centrino® Advanced-N 6200 AGN = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?. subinterface=ethernet_9 mtu=1477
add neighbor interface="Local Area Connection" address=172.17.5.1 neighbor="00-00-5e-00-01-05"


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : BA-DROBBINS1-LT
Primary Dns Suffix . . . . . . . : battlecreek.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : battlecreek.local

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 18-3D-A2-1F-A7-41
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : C0-CB-38-AB-B9-9D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : battlecreek.local
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6200 AGN
Physical Address. . . . . . . . . : 18-3D-A2-1F-A7-40
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8539:672f:bb21:53fc%12(Preferred)
IPv4 Address. . . . . . . . . . . : 10.20.28.93(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : Tuesday, November 13, 2012 8:25:38 AM
Lease Expires . . . . . . . . . . : Tuesday, November 27, 2012 8:25:41 AM
Default Gateway . . . . . . . . . : 10.20.28.1
DHCP Server . . . . . . . . . . . : 172.17.2.4
DHCPv6 IAID . . . . . . . . . . . : 236469666
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-13-D7-7C-5C-26-0A-43-5B-F9
DNS Servers . . . . . . . . . . . : 172.17.2.4
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : battlecreek.local
Description . . . . . . . . . . . : Intel® 82577LM Gigabit Network Connection
Physical Address. . . . . . . . . : 5C-26-0A-43-5B-F9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f028:2c33:8c35:1aee%10(Preferred)
IPv4 Address. . . . . . . . . . . : 172.17.5.75(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, November 13, 2012 8:25:42 AM
Lease Expires . . . . . . . . . . : Thursday, November 15, 2012 8:25:41 AM
Default Gateway . . . . . . . . . : 172.17.5.1
DHCP Server . . . . . . . . . . . : 172.17.2.4
DHCPv6 IAID . . . . . . . . . . . : 240920074
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-13-D7-7C-5C-26-0A-43-5B-F9
DNS Servers . . . . . . . . . . . : 172.17.2.4
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.battlecreek.local:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : battlecreek.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D66481FC-A026-4BEE-AFAF-2FD5E1F034AB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{9CBBA87F-F34B-4B16-B51C-BBE01D80E429}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: tcabcdc01.battlecreek.local
Address: 172.17.2.4

Name: google.com
Addresses: 2001:4860:4007:800::1004
74.125.224.199
74.125.224.200
74.125.224.201
74.125.224.206
74.125.224.192
74.125.224.193
74.125.224.194
74.125.224.195
74.125.224.196
74.125.224.197
74.125.224.198


Pinging google.com [74.125.224.199] with 32 bytes of data:
Reply from 74.125.224.199: bytes=32 time=115ms TTL=51
Reply from 74.125.224.199: bytes=32 time=56ms TTL=51

Ping statistics for 74.125.224.199:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 56ms, Maximum = 115ms, Average = 85ms
Server: tcabcdc01.battlecreek.local
Address: 172.17.2.4

Name: yahoo.com
Addresses: 98.139.183.24
72.30.38.140
98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=280ms TTL=51
Reply from 98.139.183.24: bytes=32 time=233ms TTL=51

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 233ms, Maximum = 280ms, Average = 256ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...18 3d a2 1f a7 41 ......Microsoft Virtual WiFi Miniport Adapter
14...c0 cb 38 ab b9 9d ......Bluetooth Device (Personal Area Network)
12...18 3d a2 1f a7 40 ......Intel® Centrino® Advanced-N 6200 AGN
10...5c 26 0a 43 5b f9 ......Intel® 82577LM Gigabit Network Connection
1...........................Software Loopback Interface 1
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
25...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.20.28.1 10.20.28.93 20
0.0.0.0 0.0.0.0 172.17.5.1 172.17.5.75 20
10.20.28.0 255.255.252.0 On-link 10.20.28.93 276
10.20.28.93 255.255.255.255 On-link 10.20.28.93 276
10.20.31.255 255.255.255.255 On-link 10.20.28.93 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
172.17.5.0 255.255.255.0 On-link 172.17.5.75 276
172.17.5.75 255.255.255.255 On-link 172.17.5.75 276
172.17.5.255 255.255.255.255 On-link 172.17.5.75 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.20.28.93 276
224.0.0.0 240.0.0.0 On-link 172.17.5.75 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.20.28.93 276
255.255.255.255 255.255.255.255 On-link 172.17.5.75 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 276 fe80::/64 On-link
10 276 fe80::/64 On-link
12 276 fe80::8539:672f:bb21:53fc/128
On-link
10 276 fe80::f028:2c33:8c35:1aee/128
On-link
1 306 ff00::/8 On-link
12 276 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 02 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 03 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 04 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 05 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 06 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 46 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 47 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 48 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 49 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 50 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 51 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 52 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/13/2012 03:39:32 PM) (Source: Application Error) (User: )
Description: Faulting application name: SavUI.exe, version: 11.0.6000.419, time stamp: 0x4bb56d9c
Faulting module name: ntdll.dll, version: 6.1.7601.17725, time stamp: 0x4ec49b60
Exception code: 0xc0000005
Fault offset: 0x0003224d
Faulting process id: 0x21cc
Faulting application start time: 0xSavUI.exe0
Faulting application path: SavUI.exe1
Faulting module path: SavUI.exe2
Report Id: SavUI.exe3

Error: (11/13/2012 03:33:14 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\drobbins\AppData\Local\Temp\DWH6E05.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/13/2012 03:29:55 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\drobbins\AppData\Local\Temp\DWHB345.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/13/2012 03:29:11 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\drobbins\AppData\Local\Temp\DWH4204.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/13/2012 03:27:18 PM) (Source: Application Error) (User: )
Description: Faulting application name: Rtvscan.exe, version: 11.0.6000.419, time stamp: 0x4bb57114
Faulting module name: Rtvscan.exe, version: 11.0.6000.419, time stamp: 0x4bb57114
Exception code: 0xc0000005
Fault offset: 0x00094115
Faulting process id: 0x14c
Faulting application start time: 0xRtvscan.exe0
Faulting application path: Rtvscan.exe1
Faulting module path: Rtvscan.exe2
Report Id: Rtvscan.exe3

Error: (11/13/2012 03:26:55 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\drobbins\AppData\Local\Temp\DWH8504.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/13/2012 03:26:27 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\drobbins\AppData\Local\Temp\DWH4842.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/13/2012 03:25:58 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\drobbins\AppData\Local\Temp\DWH2CC5.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/13/2012 03:25:31 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\drobbins\AppData\Local\Temp\DWHFD3C.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/13/2012 03:25:05 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\drobbins\AppData\Local\Temp\DWHD18A.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.


System errors:
=============
Error: (11/13/2012 03:43:16 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer BA-DEAN-LT
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{062BAB92-F95A-48F4-9DDE-E0B9C67.
The master browser is stopping or an election is being forced.

Error: (11/13/2012 03:37:39 PM) (Source: NetBT) (User: )
Description: The name "BATTLECREEK :1d" could not be registered on the interface with IP address 10.20.28.93.
The computer with the IP address 10.20.28.98 did not allow the name to be claimed by
this computer.

Error: (11/13/2012 03:27:36 PM) (Source: Service Control Manager) (User: )
Description: The Symantec Endpoint Protection service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (11/13/2012 03:27:23 PM) (Source: NetBT) (User: )
Description: The name "BATTLECREEK :1d" could not be registered on the interface with IP address 10.20.28.93.
The computer with the IP address 10.20.28.98 did not allow the name to be claimed by
this computer.

Error: (11/13/2012 02:33:15 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer CCAMPBELL-PC
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{062BAB92-F95A-48F4-9DDE-E0B9C.
The master browser is stopping or an election is being forced.

Error: (11/13/2012 01:02:01 PM) (Source: Service Control Manager) (User: )
Description: The Symantec Endpoint Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (11/12/2012 02:48:52 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer BA-MATT-LT
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{062BAB92-F95A-48F4-9DDE-E0B9C67.
The master browser is stopping or an election is being forced.

Error: (11/12/2012 11:04:11 AM) (Source: Service Control Manager) (User: )
Description: The Symantec Endpoint Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (11/12/2012 10:43:22 AM) (Source: NetBT) (User: )
Description: The name "BATTLECREEK :1d" could not be registered on the interface with IP address 10.20.28.93.
The computer with the IP address 10.20.28.44 did not allow the name to be claimed by
this computer.

Error: (11/12/2012 09:52:10 AM) (Source: Microsoft-Windows-GroupPolicy) (User: BATTLECREEK)
Description: The processing of Group Policy failed. Windows attempted to read the file \\battlecreek.local\sysvol\battlecreek.local\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini from a domain controller and was not successful. Group Policy settings may not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
B) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.


Microsoft Office Sessions:
=========================
Error: (08/07/2012 09:00:38 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4087 seconds with 2580 seconds of active time. This session ended with a crash.

Error: (02/29/2012 02:58:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 916 seconds with 60 seconds of active time. This session ended with a crash.

Error: (10/24/2011 10:23:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1007 seconds with 120 seconds of active time. This session ended with a crash.

Error: (08/31/2011 04:49:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 775 seconds with 180 seconds of active time. This session ended with a crash.

Error: (08/29/2011 10:56:57 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 6047 seconds with 660 seconds of active time. This session ended with a crash.

Error: (08/04/2011 08:15:58 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 1529 seconds with 960 seconds of active time. This session ended with a crash.

Error: (06/29/2011 10:45:40 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3551 seconds with 1440 seconds of active time. This session ended with a crash.

Error: (05/18/2011 10:48:10 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 71213 seconds with 1200 seconds of active time. This session ended with a crash.

Error: (05/10/2011 10:35:33 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1619 seconds with 420 seconds of active time. This session ended with a crash.

Error: (04/25/2011 09:17:49 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1950 seconds with 420 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
AccelerometerP11 (Version: 2.00.00.12)
Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Reader 9.5.1 (Version: 9.5.1)
Amazon Kindle
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Bing Rewards Client Installer (Version: 16.0.345.0)
BioAPI Framework (Version: 1.0.2)
Bonjour (Version: 3.0.0.10)
Browser Guard 4.0 (Version: 4.0.0.1606)
CCleaner (Version: 3.20)
Custom (Version: 12.34.56.789)
CyberLink PowerDVD 9.5 (Version: 9.5.1.3225)
D3DX10 (Version: 15.4.2368.0902)
Dell Backup and Recovery Manager (Version: 1.3)
Dell ControlVault Host Components Installer (Version: 2.0.20.159)
Dell Data Protection | Access (Version: 01.00.00.154)
Dell Data Protection | Access (Version: 2.0.00000.154)
Dell Data Protection | Access | Drivers (Version: 1.00.011)
Dell Data Protection | Access | Middleware (Version: 1.00.005)
Dell Edoc Viewer (Version: 1.0.0)
Dell System Manager (Version: 1.5.00000)
Dell Touchpad (Version: 7.1007.101.205)
Dell V505
Dell Webcam Central (Version: 1.40.28)
DellAccess (Version: 01.00.00.078)
DirectX 9 Runtime (Version: 1.00.0000)
Dropbox (Version: 1.4.7)
EMBASSY Security Center (Version: 04.02.00.072)
Gemalto (Version: 01.01.01.0000)
Google Calendar Sync
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
iCloud (Version: 1.1.0.40)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2182)
Intel® Network Connections 15.2.89.0 (Version: 15.2.89.0)
Intel® PROSet/Wireless WiFi Software (Version: 13.03.0000)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Kyocera Product Library (Version: 2.0.0713)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.96)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mobipocket Creator 4.2 (Version: 4.2.41)
Mobipocket Reader 6.2 (Version: 6.2.608)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NTRU TCG Software Stack (Version: 2.1.34)
PC-CCID (Version: 2.0.0)
PC Tools Spyware Doctor with AntiVirus 9.0 (Version: 9.0)
Pdf995
PhotoShowExpress (Version: 2.0.063)
Preboot Manager (Version: 03.02.00.066)
Private Information Manager (Version: 07.00.00.026)
QBFC 2.1 (Version: 2.1.00050)
QuickTime (Version: 7.71.80.42)
Reader 2.1 (Version: 2.1.2.1143)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Safari (Version: 5.34.55.3)
SaveVid Plug-in (Version: 2.0.0.105393)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SPBA 5.9 (Version: 5.9.4.6686)
Symantec Endpoint Protection (Version: 11.0.6000.550)
Trusted Drive Manager (Version: 4.0.0.512)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Upek Touchchip Fingerprint Reader (Version: 1.2.004)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1)
Vodafone Mobile Broadband Lite (Version: 10.2.102.30707)
Wave Infrastructure Installer (Version: 07.02.40.0008)
Wave Support Software Installer (Version: 05.12.00.012)
WIDCOMM Bluetooth Software (Version: 6.3.0.6900)
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (Version: 09/11/2009 1.0.1.6)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 63%
Total physical RAM: 3509.83 MB
Available physical RAM: 1275.46 MB
Total Pagefile: 7017.95 MB
Available Pagefile: 3497.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1938.06 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:218.69 GB) (Free:106.35 GB) NTFS
2 Drive d: (READER) (Fixed) (Total:2 GB) (Free:1.87 GB) NTFS
3 Drive e: (May 30 2012) (CDROM) (Total:4.38 GB) (Free:4.18 GB) UDF
4 Drive g: () (Removable) (Total:7.39 GB) (Free:2.65 GB) FAT32

========================= Users: ========================================

User accounts for \\BA-DROBBINS1-LT

Administrator drob Guest
stadmin


**** End of log ****

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 PM

Posted 14 November 2012 - 06:55 PM

Run the Hosts Fix it.
http://support.microsoft.com/kb/972034

Download Adware Cleaner run it as admin Click the delete button allow it to run and post the log it creates.

http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Uninstall

PC Tools Spyware Doctor with AntiVirus 9.0 (Version: 9.0)
Or
Symantec Endpoint Protection (Version: 11.0.6000.550)

You can not have Two antivirus applications installed on a machine at one time.
When you have removed one of the AV please post a fresh minitool box log along with the Adware cleaner log.

#5 robbinstribe

robbinstribe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 15 November 2012 - 09:19 AM

#
Thanks - please let me know if I need to unistall tdsskiller, superantispyware, mini tool, and adwcleaner?


AdwCleaner v2.007 - Logfile created 11/15/2012 at 08:02:23
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : drobbins - BA-DROBBINS1-LT
# Boot Mode : Normal
# Running from : C:\Users\drobbins\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\drobbins\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\drobbins\AppData\LocalLow\Searchqutoolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\drobbins\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [1742 octets] - [15/11/2012 08:02:23]

########## EOF - C:\AdwCleaner[S2].txt - [1802 octets] ##########


MiniToolBox by Farbar Version: 10-11-2012 02
Ran by drobbins (administrator) on 15-11-2012 at 08:16:25
Windows 7 Professional Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

# ::1 localhost

========================= IP Configuration: ================================

Intel® 82577LM Gigabit Network Connection = Local Area Connection (Connected)
Intel® Centrino® Advanced-N 6200 AGN = Wireless Network Connection (Connected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set subinterface interface=?#. subinterface=ethernet_9 mtu=1477
add neighbor interface="Local Area Connection" address=172.17.5.1 neighbor="00-00-5e-00-01-05"


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : BA-DROBBINS1-LT
Primary Dns Suffix . . . . . . . : battlecreek.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : battlecreek.local

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 18-3D-A2-1F-A7-41
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : C0-CB-38-AB-B9-9D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : battlecreek.local
Description . . . . . . . . . . . : Intel® Centrino® Advanced-N 6200 AGN
Physical Address. . . . . . . . . : 18-3D-A2-1F-A7-40
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8539:672f:bb21:53fc%12(Preferred)
IPv4 Address. . . . . . . . . . . : 10.20.28.93(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.252.0
Lease Obtained. . . . . . . . . . : Thursday, November 15, 2012 8:13:44 AM
Lease Expires . . . . . . . . . . : Thursday, November 29, 2012 8:13:43 AM
Default Gateway . . . . . . . . . : 10.20.28.1
DHCP Server . . . . . . . . . . . : 172.17.2.4
DHCPv6 IAID . . . . . . . . . . . : 236469666
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-13-D7-7C-5C-26-0A-43-5B-F9
DNS Servers . . . . . . . . . . . : 172.17.2.4
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : battlecreek.local
Description . . . . . . . . . . . : Intel® 82577LM Gigabit Network Connection
Physical Address. . . . . . . . . : 5C-26-0A-43-5B-F9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f028:2c33:8c35:1aee%10(Preferred)
IPv4 Address. . . . . . . . . . . : 172.17.5.75(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Thursday, November 15, 2012 8:13:26 AM
Lease Expires . . . . . . . . . . : Saturday, November 17, 2012 8:13:26 AM
Default Gateway . . . . . . . . . : 172.17.5.1
DHCP Server . . . . . . . . . . . : 172.17.2.4
DHCPv6 IAID . . . . . . . . . . . : 240920074
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-13-D7-7C-5C-26-0A-43-5B-F9
DNS Servers . . . . . . . . . . . : 172.17.2.4
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{9CBBA87F-F34B-4B16-B51C-BBE01D80E429}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.battlecreek.local:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : battlecreek.local
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D66481FC-A026-4BEE-AFAF-2FD5E1F034AB}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: tcabcdc01.battlecreek.local
Address: 172.17.2.4

Name: google.com
Addresses: 2001:4860:4007:801::1008
74.125.224.199
74.125.224.200
74.125.224.201
74.125.224.206
74.125.224.192
74.125.224.193
74.125.224.194
74.125.224.195
74.125.224.196
74.125.224.197
74.125.224.198


Pinging google.com [74.125.224.199] with 32 bytes of data:
Reply from 74.125.224.199: bytes=32 time=58ms TTL=51
Reply from 74.125.224.199: bytes=32 time=189ms TTL=51

Ping statistics for 74.125.224.199:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 58ms, Maximum = 189ms, Average = 123ms
Server: tcabcdc01.battlecreek.local
Address: 172.17.2.4

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=118ms TTL=53
Reply from 72.30.38.140: bytes=32 time=142ms TTL=53

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 118ms, Maximum = 142ms, Average = 130ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
15...18 3d a2 1f a7 41 ......Microsoft Virtual WiFi Miniport Adapter
14...c0 cb 38 ab b9 9d ......Bluetooth Device (Personal Area Network)
12...18 3d a2 1f a7 40 ......Intel® Centrino® Advanced-N 6200 AGN
10...5c 26 0a 43 5b f9 ......Intel® 82577LM Gigabit Network Connection
1...........................Software Loopback Interface 1
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
25...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 172.17.5.1 172.17.5.75 20
0.0.0.0 0.0.0.0 10.20.28.1 10.20.28.93 20
10.20.28.0 255.255.252.0 On-link 10.20.28.93 276
10.20.28.93 255.255.255.255 On-link 10.20.28.93 276
10.20.31.255 255.255.255.255 On-link 10.20.28.93 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
172.17.5.0 255.255.255.0 On-link 172.17.5.75 276
172.17.5.75 255.255.255.255 On-link 172.17.5.75 276
172.17.5.255 255.255.255.255 On-link 172.17.5.75 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 172.17.5.75 276
224.0.0.0 240.0.0.0 On-link 10.20.28.93 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 172.17.5.75 276
255.255.255.255 255.255.255.255 On-link 10.20.28.93 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
12 276 fe80::/64 On-link
12 276 fe80::8539:672f:bb21:53fc/128
On-link
10 276 fe80::f028:2c33:8c35:1aee/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
12 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 41 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 42 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 43 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 44 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 45 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/15/2012 08:13:45 AM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue

Error: (11/15/2012 08:04:53 AM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue

Error: (11/15/2012 08:02:23 AM) (Source: Symantec AntiVirus) (User: BATTLECREEK)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Event Info: Terminate Process
Action Taken: Logged
Actor Process: C:\Users\drobbins\Desktop\adwcleaner.exe (PID 6604)
Time: Thursday, November 15, 2012 8:02:23 AM

Error: (11/15/2012 08:02:23 AM) (Source: Symantec AntiVirus) (User: BATTLECREEK)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target: C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
Event Info: Terminate Process
Action Taken: Logged
Actor Process: C:\Users\drobbins\Desktop\adwcleaner.exe (PID 6604)
Time: Thursday, November 15, 2012 8:02:23 AM

Error: (11/15/2012 04:10:49 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/15/2012 04:10:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/15/2012 03:38:56 AM) (Source: VmbService) (User: )
Description: conflictManagerTypeValue

Error: (11/15/2012 03:36:08 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\drobbins\AppData\Local\Temp\DWH9927.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/15/2012 03:35:29 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\drobbins\AppData\Local\Temp\DWH7F30.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.

Error: (11/15/2012 03:33:43 AM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Trojan.Gen.2 in File: C:\Users\drobbins\AppData\Local\Temp\DWH8939.tmp by: Auto-Protect scan. Action: Quarantine succeeded : Access denied. Action Description: The file was quarantined successfully.


System errors:
=============
Error: (11/15/2012 08:17:58 AM) (Source: Service Control Manager) (User: )
Description: The Security Center service hung on starting.

Error: (11/15/2012 08:17:42 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (11/15/2012 08:16:42 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

Error: (11/15/2012 08:13:29 AM) (Source: Service Control Manager) (User: )
Description: The dldwCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (11/15/2012 08:13:29 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the dldwCATSCustConnectService service to connect.

Error: (11/15/2012 08:13:28 AM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0

Error: (11/15/2012 08:09:00 AM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.

Error: (11/15/2012 08:04:44 AM) (Source: Service Control Manager) (User: )
Description: The dldwCATSCustConnectService service failed to start due to the following error:
%%1053

Error: (11/15/2012 08:04:44 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the dldwCATSCustConnectService service to connect.

Error: (11/15/2012 08:04:42 AM) (Source: Service Control Manager) (User: )
Description: The NTRU TSS v1.2.1.34 TCS service depends on the TPM Base Services service which failed to start because of the following error:
%%0


Microsoft Office Sessions:
=========================
Error: (08/07/2012 09:00:38 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 4087 seconds with 2580 seconds of active time. This session ended with a crash.

Error: (02/29/2012 02:58:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6654.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 916 seconds with 60 seconds of active time. This session ended with a crash.

Error: (10/24/2011 10:23:42 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1007 seconds with 120 seconds of active time. This session ended with a crash.

Error: (08/31/2011 04:49:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 775 seconds with 180 seconds of active time. This session ended with a crash.

Error: (08/29/2011 10:56:57 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 6047 seconds with 660 seconds of active time. This session ended with a crash.

Error: (08/04/2011 08:15:58 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 1529 seconds with 960 seconds of active time. This session ended with a crash.

Error: (06/29/2011 10:45:40 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3551 seconds with 1440 seconds of active time. This session ended with a crash.

Error: (05/18/2011 10:48:10 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 71213 seconds with 1200 seconds of active time. This session ended with a crash.

Error: (05/10/2011 10:35:33 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1619 seconds with 420 seconds of active time. This session ended with a crash.

Error: (04/25/2011 09:17:49 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1950 seconds with 420 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
AccelerometerP11 (Version: 2.00.00.12)
Adobe AIR (Version: 2.6.0.19120)
Adobe Flash Player 11 ActiveX (Version: 11.0.1.152)
Adobe Reader 9.5.1 (Version: 9.5.1)
Amazon Kindle
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
Bing Rewards Client Installer (Version: 16.0.345.0)
BioAPI Framework (Version: 1.0.2)
Bonjour (Version: 3.0.0.10)
Browser Guard 4.0 (Version: 4.0.0.1606)
CCleaner (Version: 3.20)
Custom (Version: 12.34.56.789)
CyberLink PowerDVD 9.5 (Version: 9.5.1.3225)
D3DX10 (Version: 15.4.2368.0902)
Dell Backup and Recovery Manager (Version: 1.3)
Dell ControlVault Host Components Installer (Version: 2.0.20.159)
Dell Data Protection | Access (Version: 01.00.00.154)
Dell Data Protection | Access (Version: 2.0.00000.154)
Dell Data Protection | Access | Drivers (Version: 1.00.011)
Dell Data Protection | Access | Middleware (Version: 1.00.005)
Dell Edoc Viewer (Version: 1.0.0)
Dell System Manager (Version: 1.5.00000)
Dell Touchpad (Version: 7.1007.101.205)
Dell V505
Dell Webcam Central (Version: 1.40.28)
DellAccess (Version: 01.00.00.078)
DirectX 9 Runtime (Version: 1.00.0000)
Dropbox (Version: 1.4.7)
EMBASSY Security Center (Version: 04.02.00.072)
ESET Online Scanner v3
Gemalto (Version: 01.01.01.0000)
Google Calendar Sync
Google Chrome (Version: 23.0.1271.64)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
iCloud (Version: 1.1.0.40)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2182)
Intel® Network Connections 15.2.89.0 (Version: 15.2.89.0)
Intel® PROSet/Wireless WiFi Software (Version: 13.03.0000)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
iTunes (Version: 10.6.1.7)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 4 (Version: 7.0.40)
JavaFX 2.1.0 (Version: 2.1.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Kyocera Product Library (Version: 2.0.0713)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.0.96)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Standard 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mobipocket Creator 4.2 (Version: 4.2.41)
Mobipocket Reader 6.2 (Version: 6.2.608)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NTRU TCG Software Stack (Version: 2.1.34)
PC-CCID (Version: 2.0.0)
Pdf995
PhotoShowExpress (Version: 2.0.063)
Preboot Manager (Version: 03.02.00.066)
Private Information Manager (Version: 07.00.00.026)
QBFC 2.1 (Version: 2.1.00050)
QuickTime (Version: 7.71.80.42)
Reader 2.1 (Version: 2.1.2.1143)
Roxio Activation Module (Version: 1.0)
Roxio BackOnTrack (Version: 1.3.3)
Roxio Burn (Version: 1.8)
Roxio Creator Starter (Version: 1.0.439)
Roxio Creator Starter (Version: 12.1.77.0)
Roxio Creator Starter (Version: 5.0.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio File Backup (Version: 1.3.2)
Safari (Version: 5.34.55.3)
SaveVid Plug-in (Version: 2.0.0.105393)
Skype Click to Call (Version: 5.9.9216)
Skype™ 5.10 (Version: 5.10.116)
Sonic CinePlayer Decoder Pack (Version: 4.3.0)
SPBA 5.9 (Version: 5.9.4.6686)
SUPERAntiSpyware (Version: 5.6.1014)
Symantec Endpoint Protection (Version: 11.0.6000.550)
Trusted Drive Manager (Version: 4.0.0.512)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760413) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Upek Touchchip Fingerprint Reader (Version: 1.2.004)
Visual Studio Tools for the Office system 3.0 Runtime
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (Version: 1)
Vodafone Mobile Broadband Lite (Version: 10.2.102.30707)
Wave Infrastructure Installer (Version: 07.02.40.0008)
Wave Support Software Installer (Version: 05.12.00.012)
WIDCOMM Bluetooth Software (Version: 6.3.0.6900)
Windows Driver Package - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (Version: 09/11/2009 1.0.1.6)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 3509.83 MB
Available physical RAM: 1968.61 MB
Total Pagefile: 7017.95 MB
Available Pagefile: 5303.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1927.21 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:218.69 GB) (Free:106.38 GB) NTFS
2 Drive d: (READER) (Fixed) (Total:2 GB) (Free:1.87 GB) NTFS
3 Drive e: (May 30 2012) (CDROM) (Total:4.38 GB) (Free:4.18 GB) UDF
4 Drive g: () (Removable) (Total:7.39 GB) (Free:2.65 GB) FAT32

========================= Users: ========================================

User accounts for \\BA-DROBBINS1-LT

Administrator drob Guest
stadmin


**** End of log ****

#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 PM

Posted 15 November 2012 - 04:42 PM

Download Rkill run it post the log.
http://www.bleepingcomputer.com/download/rkill/


Download Norman Malware Cleaner Run it Go to options then put a tick next to Enable rootkit cleaning. Hit the Full Scan>>>>>>>>Let it finish>>>>>>>>Go to the quarantine Tab>>>>>>> Tick the Select All>>>>>Then the Delete>>>>>>Quit
http://normanasa.vo.llnwd.net/o29/public/Norman_Malware_Cleaner.exe
A log will appear on your desktop post that here in your next reply.


REBoot after Norman.

Run the program below as admin hit the scan button allow it to finish then hit the delete button.

http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe


Download the junkware removal tool save it to your desktop run it in safe mode post the log.
http://thisisudax.org/downloads/JRT.exe



Download Hitman Pro .

http://dl.surfright.nl/HitmanPro36.exe 32 bit

http://dl.surfright.nl/HitmanPro36_x64.exe 64 bit

Start the scan Go to setings.
Un-tick Scan for tracking Cookies.
Go back to scan Tab
Select ok
Then Next
No I only want to perform a one time scan to check this computer.
Enter your email to register.
Next.
After the scan make sure to select quarantine found threats.
Then select activate free license then follow the prompts.
Reboot your machine.

#7 robbinstribe

robbinstribe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 17 November 2012 - 07:01 PM

RogueKiller V8.2.3 [11/07/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : drobbins [Admin rights]
Mode : Remove -- Date : 11/15/2012 21:31:32

¤¤¤ Bad processes : 2 ¤¤¤
[SUSP PATH] DTUpdate.exe -- C:\Users\drobbins\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -> KILLED [TermProc]
[SUSP PATH] ReminderHelper.exe -- C:\ProgramData\WeCareReminder\ReminderHelper.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
SSDT[13] : NtAlertResumeThread @ 0x83125C99 -> HOOKED (Unknown @ 0x884E7008)
SSDT[14] : NtAlertThread @ 0x83078BE0 -> HOOKED (Unknown @ 0x8851E0B0)
SSDT[19] : NtAllocateVirtualMemory @ 0x83071BEC -> HOOKED (Unknown @ 0x88513CC8)
SSDT[74] : NtCreateMutant @ 0x830582B2 -> HOOKED (Unknown @ 0x88507230)
SSDT[87] : NtCreateThread @ 0x83123ECA -> HOOKED (Unknown @ 0x88511AF8)
SSDT[131] : NtFreeVirtualMemory @ 0x82EFFAEC -> HOOKED (Unknown @ 0x88524DE8)
SSDT[145] : NtImpersonateAnonymousToken @ 0x8303D8E0 -> HOOKED (Unknown @ 0x884E4840)
SSDT[147] : NtImpersonateThread @ 0x830C184C -> HOOKED (Unknown @ 0x884CB0F8)
SSDT[168] : NtMapViewOfSection @ 0x8308E532 -> HOOKED (Unknown @ 0x88502A10)
SSDT[177] : NtOpenEvent @ 0x83057CAE -> HOOKED (Unknown @ 0x88516EA0)
SSDT[191] : NtOpenProcessToken @ 0x830AC23F -> HOOKED (Unknown @ 0x884FFA10)
SSDT[199] : NtOpenThreadToken @ 0x830C0534 -> HOOKED (Unknown @ 0x885118E8)
SSDT[304] : NtResumeThread @ 0x830B8592 -> HOOKED (Unknown @ 0x8852BC28)
SSDT[316] : NtSetContextThread @ 0x83125745 -> HOOKED (Unknown @ 0x8852A1D0)
SSDT[333] : NtSetInformationProcess @ 0x8308078D -> HOOKED (Unknown @ 0x88501950)
SSDT[335] : NtSetInformationThread @ 0x830B1CF6 -> HOOKED (Unknown @ 0x88500988)
SSDT[366] : NtSuspendProcess @ 0x83125BD3 -> HOOKED (Unknown @ 0x885070E8)
SSDT[367] : NtSuspendThread @ 0x830DD085 -> HOOKED (Unknown @ 0x88524378)
SSDT[370] : NtTerminateProcess @ 0x830A2BFB -> HOOKED (Unknown @ 0x88507648)
SSDT[371] : NtTerminateThread @ 0x830C0584 -> HOOKED (Unknown @ 0x885119C0)
SSDT[385] : NtUnmapViewOfSection @ 0x830AC87A -> HOOKED (Unknown @ 0x884E8598)
SSDT[399] : NtWriteVirtualMemory @ 0x830A7958 -> HOOKED (Unknown @ 0x884E6AF8)

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK2556GSY +++++
--- User ---
[MBR] 1cabc86eb9c8f8a305bb2efc1682fef0
[BSP] a4f4d8f85e39f2981ba4aaba85126a07 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 12444 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 25567232 | Size: 223940 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 484196352 | Size: 2048 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: Ricoh SD Disk Device +++++
--- User ---
[MBR] 8a4a3f84a9eda68451f8bdccda84c484
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7576 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!

Finished : << RKreport[6]_D_11152012_02d2131.txt >>
RKreport[1]_S_11152012_02d2130.txt ; RKreport[2]_D_11152012_02d2130.txt ; RKreport[3]_D_11152012_02d2131.txt ; RKreport[4]_D_11152012_02d2131.txt ; RKreport[5]_D_11152012_02d2131.txt ;
RKreport[6]_D_11152012_02d2131.txt





Norman Malware Cleaner v2.06.01
Copyright © 1990 - 2012, Norman ASA.

Norman Scanner Engine Version: 7.00.16
nvcbin.def: Version: 7.00.1895, Date: 2012/11/15 08:24:48, Variants: 15516316
nvcmacro.def: Version: 7.00.1895, Date: 2012/11/15 08:24:48, Variants: 0

Operating System: Windows 7 Service Pack 1

Switches: /iagree /cleanrootkit /nosb

Scan started: 2012/11/15 19:57:38

Running pre-scan cleanup routine...
Potentially unwanted registry value: 'HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1CD0A162-A25C-422B-B4C6-0B15279D0F9E} --> NameServer = 163.121.128.134 212.103.160.18'
Modify registry value: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1CD0A162-A25C-422B-B4C6-0B15279D0F9E} --> NameServer from '163.121.128.134 212.103.160.18' to '8.8.8.8,8.8.4.4'
Cleaning successful
Potentially unwanted registry value: 'HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EA410112-8B89-4CC5-BE23-A40A1BBA4306} --> NameServer = 163.121.128.134 212.103.160.18'
Modify registry value: HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EA410112-8B89-4CC5-BE23-A40A1BBA4306} --> NameServer from '163.121.128.134 212.103.160.18' to '8.8.8.8,8.8.4.4'
Cleaning successful

Number of malicious objects found: 2
Number of malicious objects cleaned: 2
Scanning time: 0s

Scanning system for active rootkit activity...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 1s

Scanning running processes and process memory...

Number of objects found: 3591
Number of objects scanned: 3591
Number of objects not scanned: 0
Number of malicious memory objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 1m 35s

Scanning system for FakeAV...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Number of malicious files found: 0
Number of malicious files cleaned: 0
Scanning time: 0s

Running full scan...
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb: Error opening file for read: 0x00000020
C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb: Error opening file for read: 0x00000020
C:\ProgramData\Symantec\SRTSP\Quarantine\APQ577B.tmp: File infected with win32/Genetik.BE
C:\ProgramData\Symantec\SRTSP\Quarantine\APQ9F0B.tmp: File infected with win32/Genetik.BE
C:\ProgramData\Symantec\SRTSP\Quarantine\APQCC64.tmp: File infected with win32/Genetik.BE
C:\ProgramData\Symantec\SRTSP\Quarantine\APQ4B6F.tmp: File infected with win32/Genetik.BE
C:\ProgramData\Symantec\SRTSP\Quarantine\APQ577B.tmp: Error opening file for repair(0x00000005).
C:\ProgramData\Symantec\SRTSP\Quarantine\APQ4B6F.tmp: Error opening file for repair(0x00000005).
C:\ProgramData\Symantec\SRTSP\Quarantine\APQ9F0B.tmp: Error opening file for repair(0x00000005).
C:\ProgramData\Symantec\SRTSP\Quarantine\APQCC64.tmp: Error opening file for repair(0x00000005).
C:\ProgramData\Symantec\SRTSP\Quarantine\APQCE.tmp: File infected with win32/Genetik.BE
C:\ProgramData\Symantec\SRTSP\Quarantine\APQD570.tmp: File infected with win32/Genetik.BE
C:\ProgramData\Symantec\SRTSP\Quarantine\APQCE.tmp: Error opening file for repair(0x00000005).
C:\ProgramData\Symantec\SRTSP\Quarantine\APQF249.tmp: File infected with win32/Genetik.BE
C:\ProgramData\Symantec\SRTSP\Quarantine\APQDD54.tmp: File infected with win32/Genetik.BE
C:\ProgramData\Symantec\SRTSP\Quarantine\APQD570.tmp: Error opening file for repair(0x00000005).
C:\ProgramData\Symantec\SRTSP\Quarantine\APQF249.tmp: Error opening file for repair(0x00000005).
C:\ProgramData\Symantec\SRTSP\Quarantine\APQDD54.tmp: Error opening file for repair(0x00000005).
C:\ProgramData\Symantec\SRTSP\Quarantine\APQFC0C.tmp: File infected with win32/Genetik.BE
C:\ProgramData\Symantec\SRTSP\Quarantine\APQFC0C.tmp: Error opening file for repair(0x00000005).
C:\System Volume Information\Syscache.hve: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG1: Error opening file for read: 0x00000020
C:\System Volume Information\Syscache.hve.LOG2: Error opening file for read: 0x00000020
C:\Users\drobbins\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{B19C7B1E-2F94-11E2-B544-C0CB38ABB99D}.dat: Error opening file for read: 0x00000020
C:\Users\drobbins\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{B19C7B1F-2F94-11E2-B544-C0CB38ABB99D}.dat: Error opening file for read: 0x00000020
C:\Users\drobbins\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{C18B27BB-2F94-11E2-B544-C0CB38ABB99D}.dat: Error opening file for read: 0x00000020
C:\Users\drobbins\AppData\Local\Microsoft\Windows\UsrClass.dat: Error opening file for read: 0x00000020
C:\Users\drobbins\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\drobbins\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2: Error opening file for read: 0x00000020
C:\Users\drobbins\AppData\Local\Temp\JETB940.tmp: Error opening file for read: 0x00000020
C:\Users\drobbins\AppData\Local\Temp\Low\REG71E2.tmp: Error opening file for read: 0x00000020
C:\Users\drobbins\AppData\Local\Temp\~DF7C0621D00644E82B.TMP: Error opening file for read: 0x00000020
C:\Users\drobbins\AppData\Local\Temp\~DFAC6EDD7F09C4FBD0.TMP: Error opening file for read: 0x00000020
C:\Users\drobbins\AppData\Local\Temp\~DFF2820099F43D951D.TMP: Error opening file for read: 0x00000020
C:\Users\drobbins\Desktop\7zip_installer_d162802.exe: Potentially unwanted program (winpe/InstallIQ.DO)
Delete file: C:\Users\drobbins\Desktop\7zip_installer_d162802.exe
Cleaning successful
C:\Users\drobbins\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Users\drobbins\ntuser.dat.LOG1: Error opening file for read: 0x00000020
C:\Users\drobbins\ntuser.dat.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1: Error opening file for read: 0x00000020
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\edb.log: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\DEFAULT.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\DEFAULT: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\RegBack\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SAM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SECURITY.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SOFTWARE.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG1: Error opening file for read: 0x00000020
C:\Windows\System32\config\SYSTEM.LOG2: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTMuroc System Trace.etl: Error opening file for read: 0x00000020
C:\Windows\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl: Error opening file for read: 0x00000020

Number of files found: 167881
Number of archives unpacked: 9037
Number of objects found: 692733
Number of objects scanned: 692675
Number of objects not scanned: 58
Number of malicious objects found: 10
Number of malicious objects cleaned: 1
Number of malicious files found: 10
Number of malicious files cleaned: 1
Scanning time: 1h 18m 27s

Running post-scan cleanup routine...

Number of malicious objects found: 0
Number of malicious objects cleaned: 0
Scanning time: 0s

Results:
Total number of files found: 167881
Total number of archives unpacked: 9037
Total number of objects found: 696324
Total number of objects scanned: 696266
Total number of objects not scanned: 58
Total number of malicious objects found: 12
Total number of malicious objects cleaned: 3
Total number of malicious files found: 10
Total number of malicious files cleaned: 1
Total number of objects quarantined: 3
Total scanning time: 1h 20m 3s



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.1.1 (11.15.2012)
OS: Windows 7 Professional x86
Ran by drobbins on Thu 11/15/2012 at 21:43:44.87
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] DefaultTabSearch
Successfully deleted: [Service] DefaultTabSearch
Successfully stopped: [Service] DefaultTabUpdate
Successfully deleted: [Service] DefaultTabUpdate



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\compete"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\competeinc"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\defaulttab"
Successfully deleted: [Registry Key] "hkey_current_user\software\compete"
Successfully deleted: [Registry Key] "hkey_current_user\software\default tab"
Successfully deleted: [Registry Key] "hkey_current_user\software\defaulttab"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\cpturlpassthru.dll"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\dca-api.dll"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\dca-bho.dll"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\dcabho.dca"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\dcabho.dca.1"
Successfully deleted: [Registry Key] "hkey_local_machine\software\competeinc"
Successfully deleted: [Registry Key] "hkey_local_machine\software\default tab"
Successfully deleted: [Registry Key] "hkey_local_machine\software\defaulttab"
Successfully deleted: [Registry Key] "hkey_local_machine\software\freeze.com"
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{7f6afbf1-e065-4627-a2fd-810366367d01}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{7f6afbf1-e065-4627-a2fd-810366367d01}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{b49699fc-1665-4414-a1cb-c4a2a4a13eec}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{b49699fc-1665-4414-a1cb-c4a2a4a13eec}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{d824f0de-3d60-4f57-9eb1-66033ecd8abb}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{d824f0de-3d60-4f57-9eb1-66033ecd8abb}



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"
Successfully deleted: [Folder] "C:\ProgramData\wecarereminder"
Successfully deleted: [Folder] "C:\Users\drobbins\AppData\Roaming\defaulttab"
Successfully deleted: [Folder] "C:\Program Files\consumer input"
Successfully deleted: [Folder] "C:\Program Files\defaulttab"
Successfully deleted: [Folder] "C:\Program Files\pc optimizer pro"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/15/2012 at 21:44:42.10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 PM

Posted 17 November 2012 - 07:07 PM

Disable your antivirus.

Download the Emsisoft Emergency Kit
http://www.emsisoft.com/en/software/eek/download/


Right click it and extract to your desktop.Double click the New Folder that is created on your desktop
Then right click and run as admin xp users double click on the Start.exe button to launch the program Click on the Emergency Scanner Option
if you see a Windows message asking if you would like EmergencyScanner.bat to run, please allow it to do so by clicking on the Run or Yes buttons.
proceed with the updates,
When it is done, click on the Back to Security Status link.
Then Select the Deep Scan button. Then hit the Scan Button.
After the scan is finished quarantine any found threats and then reboot your machine.
Post the log.

#9 robbinstribe

robbinstribe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 17 November 2012 - 09:36 PM

Emsisoft Emergency Kit - Version 3.0
Last update: N/A

Scan settings:

Scan type: Deep Scan
Objects: Rootkits, Memory, Traces, C:\, D:\

Detect Riskware: Off
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 11/17/2012 6:30:08 PM

C:\ProgramData\Symantec\SRTSP\Quarantine\APQ1A1.tmp detected: Gen:Variant.Barys.142 (B)
C:\ProgramData\Symantec\SRTSP\Quarantine\APQB55.tmp detected: Gen:Variant.Barys.142 (B)

Scanned 473520
Found 2

Scan end: 11/17/2012 8:01:41 PM
Scan time: 1:31:33

C:\ProgramData\Symantec\SRTSP\Quarantine\APQ1A1.tmp Quarantined Gen:Variant.Barys.142 (B)

Quarantined 1

#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 PM

Posted 17 November 2012 - 09:39 PM

Anymore issues with your machine?

#11 robbinstribe

robbinstribe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 17 November 2012 - 09:51 PM

I haven't seen the symantec box in a while....so it may be good (crosses fingers).

DO I delete all of the things you had me put on, or are there some of them that I should run periodically?

Thanks for your help!

David

#12 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 PM

Posted 17 November 2012 - 09:58 PM

Delete all the items i had you install and except malwarebytes update and do a quick scan once a week with it.



Delete all of your previous restore points and create a new one .
http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Turn off System restore reboot turn it back on reboot again this will clear your system restore and create a new one.

Open your device manager then left click your network adapters then right click and select uninstall for your wireless driver.
Reboot your machine.

Hit start
Control Panel
NetWork & Sharing Center
Manage Network Connections
Right Click Your Connection
Select Properties
Un-Check Ipv6
Select ok





Run the Fix it below this remove the Tunnel Adapters from your machine.
http://go.microsoft.com/?linkid=9728872

Set your Dns To open dns or google dns.
http://theos.in/windows-xp/free-fast-public-dns-server-list/



Open Elevated Command Prompt Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.Now type or copy and paste the commands below one at a time hitting enter after each.

ipconfig /flushdns

ipconfig /registerdns

net stop "dns client"

net start "dns client"
netsh int ipv4 reset reset.log

nbtstat -R

nbtstat -RR

netsh winsock reset catalog

Exit

Restart computer.

:)

#13 robbinstribe

robbinstribe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 17 November 2012 - 10:28 PM

Open your device manager then left click your network adapters then right click and select uninstall for your wireless driver.

Which one is that?

Bluetooth Device (personal Area network)
Bluetooth Device (RFCOMM Protocol TDI)
Intel ®82577LM Gigabit Network Connection
Intel ®Centrino ® Advanced-N 6200 AGN
Microsoft VIrtual WiFi Miniport Adapter

#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:59 PM

Posted 17 November 2012 - 10:34 PM

Intel ®Centrino ® Advanced-N 6200 AGN

You connect wirelesly right

#15 robbinstribe

robbinstribe
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 17 November 2012 - 10:35 PM

I do at home, but at the office I use an ethernet plug in...




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users