Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan Sirefef Removed now caoonect connect to net


  • Please log in to reply
6 replies to this topic

#1 t_bird83

t_bird83

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 24 November 2012 - 04:33 PM

Ran Super Antivirus and it located the Sirefef trojan. As soon as I clicked remove threat my wireless connection went down. I ran the check three more times, each time the virus was detected and removed. Fourth and fifth time nothing was detected.

Booted in safe mode with networking.
Downloaded Tdskiller and ran it. Nothing detected.

Ran Microsoft Security Essentials Scan. Nothing detected.

Ran Malwarebytes, nothing detected. Updates are 26 days old unfortunately but I cannot connect to the internet by either wireless or by connecting directly to router.

I am running Windows XP SP3 on a Dell Latitude E5500.

Wireless says "Limited or no connectivity". IP address is never aquired. IP config is correct. Password and setup is correct. Router is working with another computer.

I also cannot enable Microsoft firewall but I think I will tackle that later.

Any help would be greatly appreciated.

Edited by t_bird83, 24 November 2012 - 04:46 PM.


BC AdBot (Login to Remove)

 


#2 t_bird83

t_bird83
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 24 November 2012 - 05:46 PM

I downloaded MiniToolBox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Here are the results

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by travissmith (administrator) on 24-11-2012 at 17:47:55
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

204.74.30.245 vpn.armstrong.cn
204.74.30.245 vpn.armstrong.cn
204.74.30.245 vpn.armstrong.cn
204.74.30.245 vpn.armstrong.cn
204.74.30.245 vpn.armstrong.cn
204.74.30.245 vpn.armstrong.cn
204.74.30.245 vpn.armstrong.cn

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Disconnected)
Microsoft Loopback Adapter = Local Area Connection 3 (Disconnected)
Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Media disconnected)
Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Media disconnected)
TAP-Win32 NetDirect Adapter = Local Area Connection 5 (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=static addr=172.16.16.99 mask=255.255.255.0
set dns name="Local Area Connection" source=static addr=none register=PRIMARY
set wins name="Local Area Connection" source=static addr=none

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

# Interface IP Configuration for "Local Area Connection 5"

set address name="Local Area Connection 5" source=dhcp
set dns name="Local Area Connection 5" source=dhcp register=PRIMARY
set wins name="Local Area Connection 5" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : WLNBTS2009

Primary Dns Suffix . . . . . . . : lott.com

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller

Physical Address. . . . . . . . . : 00-23-AE-1C-72-4A



Ethernet adapter Wireless Network Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card

Physical Address. . . . . . . . . : 00-24-2B-2A-80-6F



Ethernet adapter Local Area Connection 5:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : TAP-Win32 NetDirect Adapter

Physical Address. . . . . . . . . : 00-FF-8A-27-E3-B1

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host google.com. Please check the name and try again.

Server: UnKnown
Address: 127.0.0.1

Ping request could not find host yahoo.com. Please check the name and try again.



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 23 ae 1c 72 4a ...... Broadcom NetXtreme 57xx Gigabit Controller - Virtual Machine Network Services Driver
0x10004 ...00 24 2b 2a 80 6f ...... Dell Wireless 1397 WLAN Mini-Card - Virtual Machine Network Services Driver
0x10005 ...00 ff 8a 27 e3 b1 ...... TAP-Win32 NetDirect Adapter - Virtual Machine Network Services Driver
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
255.255.255.255 255.255.255.255 255.255.255.255 10004 1
255.255.255.255 255.255.255.255 255.255.255.255 10003 1
255.255.255.255 255.255.255.255 255.255.255.255 10005 1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/24/2012 10:56:26 AM) (Source: Wave TCG Client Services) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (11/24/2012 10:55:23 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The network location cannot be reached. For information about network troubleshooting, see Windows Help. ). Group Policy processing aborted.

Error: (11/24/2012 10:54:44 AM) (Source: Report Server Windows Service (MSSQLSERVER)) (User: )
Description: Report Server Windows Service (MSSQLSERVER) cannot connect to the report server database.

Error: (11/24/2012 10:54:41 AM) (Source: AutoEnrollment) (User: )
Description: Automatic certificate enrollment for local system failed to contact the active directory (0x800704cf). The network location cannot be reached. For information about network troubleshooting, see Windows Help.
Enrollment will not be performed.

Error: (11/24/2012 10:54:41 AM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot obtain the domain controller name for your computer network. (The network location cannot be reached. For information about network troubleshooting, see Windows Help. ). Group Policy processing aborted.

Error: (11/24/2012 10:53:44 AM) (Source: MSSQLSERVER) (User: )
Description: SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.

Error: (11/24/2012 10:53:44 AM) (Source: MSSQLSERVER) (User: )
Description: Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.

Error: (11/24/2012 10:53:44 AM) (Source: MSSQLSERVER) (User: )
Description: TDSSNIClient initialization failed with error 0x2742, status code 0x1.

Error: (11/24/2012 10:53:44 AM) (Source: MSSQLSERVER) (User: )
Description: TDSSNIClient initialization failed with error 0x2742, status code 0xa.

Error: (11/24/2012 10:53:44 AM) (Source: MSSQLSERVER) (User: )
Description: Server failed to listen on 'any' <ipv4> 1433. Error: 0x2742. To proceed, notify your system administrator.


System errors:
=============
Error: (11/24/2012 10:59:00 AM) (Source: Service Control Manager) (User: )
Description: The Background Intelligent Transfer Service service terminated with service-specific error 2147952450 (0x80072742).

Error: (11/24/2012 10:57:14 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error:
%%2

Error: (11/24/2012 10:57:14 AM) (Source: Service Control Manager) (User: )
Description: The AFD service failed to start due to the following error:
%%2

Error: (11/24/2012 10:56:31 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error:
%%2

Error: (11/24/2012 10:56:31 AM) (Source: Service Control Manager) (User: )
Description: The AFD service failed to start due to the following error:
%%2

Error: (11/24/2012 10:56:17 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error:
%%2

Error: (11/24/2012 10:56:17 AM) (Source: Service Control Manager) (User: )
Description: The AFD service failed to start due to the following error:
%%2

Error: (11/24/2012 10:55:58 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error:
%%2

Error: (11/24/2012 10:55:58 AM) (Source: Service Control Manager) (User: )
Description: The AFD service failed to start due to the following error:
%%2

Error: (11/24/2012 10:55:54 AM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness (NLA) service depends on the AFD service which failed to start because of the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (11/24/2012 10:56:26 AM) (Source: Wave TCG Client Services)(User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (11/24/2012 10:55:23 AM) (Source: Userenv)(User: NT AUTHORITY)
Description: The network location cannot be reached. For information about network troubleshooting, see Windows Help.

Error: (11/24/2012 10:54:44 AM) (Source: Report Server Windows Service (MSSQLSERVER))(User: )
Description: Report Server Windows Service (MSSQLSERVER)

Error: (11/24/2012 10:54:41 AM) (Source: AutoEnrollment)(User: )
Description: local system0x800704cfThe network location cannot be reached. For information about network troubleshooting, see Windows Help.

Error: (11/24/2012 10:54:41 AM) (Source: Userenv)(User: NT AUTHORITY)
Description: The network location cannot be reached. For information about network troubleshooting, see Windows Help.

Error: (11/24/2012 10:53:44 AM) (Source: MSSQLSERVER)(User: )
Description: FRunCM

Error: (11/24/2012 10:53:44 AM) (Source: MSSQLSERVER)(User: )
Description:

Error: (11/24/2012 10:53:44 AM) (Source: MSSQLSERVER)(User: )
Description: 27421

Error: (11/24/2012 10:53:44 AM) (Source: MSSQLSERVER)(User: )
Description: 2742a

Error: (11/24/2012 10:53:44 AM) (Source: MSSQLSERVER)(User: )
Description: 'any'ipv414330x2742


=========================== Installed Programs ============================

1769-L1Y Controllers and Embedded Module Profiles (Version: 8.03.2783.0)
1769-L2Y Controllers and Embedded Module Profiles (Version: 8.03.2783.0)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader X (10.1.4) (Version: 10.1.4)
All Day Battery Life Configuration (Version: 1.1.0)
AnswerWorks Runtime
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
ArchestrA (Version: 1.0000)
AuthenTec Fingerprint System (Version: 8.1.0.106)
AutoCAD LT 2002 (Version: 15.0.6.030)
Avaya NetDirect Client (Version: 8.0.13.0)
AVG Security Toolbar (Version: 12.2.5.32)
Bing Bar (Version: 7.0.850.0)
BioAPI Framework (Version: 1.0.1)
biolsp patch (Version: 01.00.02.0005)
BootP-DHCP Server (Version: 2.30)
Broadcom Management Programs (Version: 11.66.01)
Broadcom TPM Driver Installer (Version: 8.04.04)
C-more micro Programming Software Version 3.01.0.0 (Version: 3.01.0000)
C-more Programming Software Ver2.71 (C:\Program Files\AutomationDirect\C-more) (Version: 2.71.0001)
C-more USB Driver Ver 2.1.2.1 (Version: 2.1.2.1)
Choice Guard (Version: 1.2.87.0)
Cisco WebEx Meetings
ClearKeeper (Version: 1.0.0)
Cognex 1756 Comm Module Profiles (Version: 1.16.1.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HDA D330 MDC V.92 Modem (Version: 7.74.00)
Control Techniques Communications Server
ControlFLASH (Version: 11.00.00)
Crystal Reports Basic Runtime for Visual Studio 2008 (Version: 10.5.0.0)
CTSoft (Version: 1.13.00)
DCP32MMWrapper (Version: 1.6.7.196)
Dell Control Point (Version: 1.6.7.196)
Dell ControlPoint Connection Manager (Version: 1.1.1)
Dell ControlPoint Security Manager (Version: 1.6.7.196)
Dell ControlPoint System Manager (Version: 1.1.00000)
Dell Driver Download Manager (Version: 2.1.0.0)
Dell Embassy Trust Suite by Wave Systems (Version: 03.02.02.003)
Dell Security Device Driver Pack (Version: 1.01.30)
Dell Touchpad (Version: 7.2.101.215)
Dell Wireless WLAN Card Utility (Version: 4.170.77.18)
DeviceNet Node Commissioning Tool (Version: 1.0.0)
Digital Line Detect (Version: 1.21)
DirectSOFT 5 - Programming (Version: 5.00)
Do Not Track Plus Add-on 2.2.1.830 (Version: 2.2.1.830)
Document Manager Lite (Version: 06.09.00.054)
EISC Configurator
EMBASSY Security Center (Version: 03.09.00.037)
EMBASSY Security Setup (Version: 03.09.00.035)
Endress+Hauser EtherNet/IP Comm Module Profiles (Version: 1.18.1.0)
ESC Home Page Plugin (Version: 03.04.00.016)
FactoryTalk Activation Manager 3.50.00 (CPR 9 SR 5) (Version: 3.50.00.0021)
FactoryTalk Alarms and Events 2.40.00000 (CPR 9 SR 4) (Version: 2.40.00000)
FactoryTalk Diagnostics 2.50 (CPR 9 SR 5) (Version: 2.50.00.0010)
FactoryTalk Gateway 3.50.00 (CPR 9 SR 5) (Version: 3.50.00)
FactoryTalk Services Platform 2.50 (CPR 9 SR 5) (Version: 2.50.00.0010)
FactoryTalk® View Machine Edition 6.10.00 (CPR 9 SR 4) (Version: 6.10.00.9 (CPR 9 SR 4))
FactoryTalk® View Site Edition 6.10.00 (CPR 9 SR 4) (Version: 6.10.00.9 (CPR 9 SR 4))
File Type Assistant
Firmware Upgrade Wizard for PanelView Plus 400-600 (Version: 5.10.00.09)
Firmware Upgrade Wizard for PanelView Plus 6 700-1500 (Version: 6.0.20110425)
Firmware Upgrade Wizard for PanelView Plus 6 700-1500 (Version: 6.10.20120418)
Firmware Upgrade Wizard for PanelView Plus CE 700-1500 (Version: 5.00.07.55)
FTDI USB Serial Converter Drivers
Gadwin PrintScreen (Version: 4.3)
GDR 3080 for SQL Server Analysis Services 2005 ENU (KB970895) (Version: 9.2.3080)
GDR 3080 for SQL Server Database Services 2005 ENU (KB970895) (Version: 9.2.3080)
GDR 3080 for SQL Server Integration Services 2005 ENU (KB970895) (Version: 9.2.3080)
GDR 3080 for SQL Server Notification Services 2005 ENU (KB970895) (Version: 9.2.3080)
GDR 3080 for SQL Server Reporting Services 2005 ENU (KB970895) (Version: 9.2.3080)
GDR 3080 for SQL Server Tools and Workstation Components 2005 ENU (KB970895) (Version: 9.2.3080)
Gemalto (Version: 01.01.00.0000)
getPlus® for Adobe (Version: 1.5.2.35)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3230.2052)
Google Update Helper (Version: 1.3.21.123)
Hardy Instruments 1756 Specialty Module Profiles (Version: 1.07.1.0)
Hardy Instruments 1769 Specialty Module Profiles (Version: 2.08.1.0)
Hardy Modbus-Link 1.00
HASP Device Drivers
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTools 7 (Version: 7.68.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 35 (Version: 6.0.350)
Java™ 6 Update 7 (Version: 1.6.0.70)
Junk Mail filter update (Version: 14.0.8050.1202)
Koyo USB-Serial Comm Port Driver (Version: 1.0.0.0)
Logix CPU Security Tool (Version: 3.0.0)
Logix5000 Clock Update Tool (Version: 2.4.2)
Logix5000 PLM Sync Utility (Version: 1.0.20)
Logix5000 Task Monitor (Version: 2.4.1)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mettler-Toledo 1756 Comm Module Profiles (Version: 1.09.1.0)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Device Emulator version 2.0 - ENU (Version: 2.0.70117)
Microsoft Download Manager (Version: 1.2.1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Small Business (Version: 9.00.2720)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office Outlook 2003 (Version: 11.0.8173.0)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 (Version: 9.2.3042.00)
Microsoft SQL Server 2005 Analysis Services (Version: 9.2.3042.00)
Microsoft SQL Server 2005 Backward compatibility (Version: 8.05.2004)
Microsoft SQL Server 2005 Books Online (English) (Version: 9.00.1399.06)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Integration Services (Version: 9.2.3042.00)
Microsoft SQL Server 2005 Notification Services (Version: 9.2.3042.00)
Microsoft SQL Server 2005 Reporting Services (Version: 9.2.3042.00)
Microsoft SQL Server 2005 Tools (Version: 9.2.3042.00)
Microsoft SQL Server 2005 Upgrade Advisor (English) (Version: 9.00.1399.06)
Microsoft SQL Server 2008 R2
Microsoft SQL Server 2008 R2 Native Client (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.50.1600.1)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Browser (Version: 10.50.1600.1)
Microsoft SQL Server Native Client (Version: 9.00.3042.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.3042.00)
Microsoft SQL Server VSS Writer (Version: 10.50.1600.1)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft UI Engine (Version: 4.0.0318.1)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Virtual PC 2007 SP1 (Version: 6.0.192.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
MLC 9000 Plus Workshop (Version: 1.0.3)
Modem Diagnostic Tool (Version: 1.0.24.0)
Molex Corporation 1756 Comm Module Profiles (Version: 1.25.1.0)
Mozilla Firefox 12.0 (x86 en-US) (Version: 12.0)
Mozilla Maintenance Service (Version: 12.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
NetVanta VPN Client
NetWaiting (Version: 2.5.53)
NTRU TCG Software Stack (Version: 2.1.28)
Numeric Keypad Control for RSView32 1.00.0060
Numeric Keypad Control for RSView32 1.00.0060 (C:\Program Files\Keypad 1.00.0060\)
Numeric Keypad Control for RSView32 1.00.0060 (C:\Program Files\Keypad 1.00.0060\) #3
Numeric Keypad Control for RSView32 1.00.0060 (C:\Program Files\Keypad 1.00.0060\) #4
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Online Development 1756 Comm Module Profiles (Version: 1.02.1.0)
PanelBuilder32 (Version: 3.83.00)
PanelView Component DesignStation v2.0 (Version: 2.0.0)
PanelView Component Emulator v1.40 (Version: 1.40.0)
PanelView Component Emulator v1.50 (Version: 1.50.0)
Parker Isysnet Analog Module Profiles (Version: 6.02.2.0)
Parker Isysnet ASCII Module Profile (Version: 2.02.1.0)
Parker Isysnet ControlNet Adapter Module Profile (Version: 3.00.0.0)
Parker Isysnet Discrete Module Profiles (Version: 6.02.2.0)
Parker Isysnet Discrete Module Profiles 2 (Version: 2.02.1.0)
Parker Isysnet Discrete Module Profiles 3 (Version: 2.02.1.0)
Parker Isysnet Ethernet Adapter Module Profile (Version: 3.00.0.0)
PDFCreator (Version: 0.9.3)
Phoenix Digital 1756 Communication Module Profiles (Version: 1.05.1.0)
PID Calculation Program
PowerDVD (Version: 8.1)
Preboot Manager (Version: 02.07.01.002)
Private Information Manager (Version: 06.04.00.028)
ProSoft Configuration Builder (Version: 3.21.90102)
ProSoft Discovery Service (Version: 1.0.0.6)
ProSoft Technology 1734 Ethernet Adapter Module Profile (Version: 1.13.1.0)
ProSoft Technology 1756 MVI Comm Module Profiles (Version: 1.10.1.0)
Prosoft Technology 1769 Comm Module Profiles (Version: 2.01.1.0)
QuickTime (Version: 7.72.80.56)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.5)
RealUpgrade 1.1 (Version: 1.1.0)
Redundancy Module Config Tool (Version: 7.2.7.0)
Rockwell Automation 1440 XM Dynamic Measurement Module Profile (Version: 2.01.4.0)
Rockwell Automation 1715 Ethernet Adapter Module Profile (Version: 1.04.2.0)
Rockwell Automation 1715 Redundant I/O Module Profiles (Version: 2.04.3.0)
Rockwell Automation 1732 Discrete Module Profiles (Version: 2.02.1.0)
Rockwell Automation 1732 Discrete Module Profiles 2 (Version: 2.02.1.0)
Rockwell Automation 1734 Analog Module Profiles (Version: 7.00.2578.0)
Rockwell Automation 1734 Analog Module Profiles 2 (Version: 7.00.2578.0)
Rockwell Automation 1734 ASCII Module Profiles (Version: 3.00.2578.0)
Rockwell Automation 1734 ControlNet Adapter Module Profile (Version: 4.00.2577.0)
Rockwell Automation 1734 Discrete Module Profile, DeviceLogix (Version: 3.00.2578.0)
Rockwell Automation 1734 Discrete Module Profiles (Version: 7.00.2578.0)
Rockwell Automation 1734 Discrete Module Profiles 2 (Version: 3.00.2579.0)
Rockwell Automation 1734 Discrete Module Profiles 4 (Version: 3.00.2578.0)
Rockwell Automation 1734 Ethernet Adapter Module Profile (Version: 4.00.2577.0)
Rockwell Automation 1734 Ethernet Adapter,2-Port,Module Profile (Version: 4.00.2577.0)
Rockwell Automation 1734 Specialty Module Profiles (Version: 3.00.2578.0)
Rockwell Automation 1738 Analog Module Profiles (Version: 7.00.2578.0)
Rockwell Automation 1738 Analog Module Profiles 2 (Version: 7.00.2578.0)
Rockwell Automation 1738 ASCII Module Profiles (Version: 3.00.2578.0)
Rockwell Automation 1738 ControlNet Adapter Module Profile (Version: 4.00.2577.0)
Rockwell Automation 1738 Discrete Module Profile, DeviceLogix (Version: 3.00.2578.0)
Rockwell Automation 1738 Discrete Module Profiles (Version: 7.00.2578.0)
Rockwell Automation 1738 Discrete Module Profiles 2 (Version: 3.00.2579.0)
Rockwell Automation 1738 Discrete Module Profiles 3 (Version: 2.02.1.0)
Rockwell Automation 1738 Discrete Module Profiles 4 (Version: 3.00.2578.0)
Rockwell Automation 1738 Ethernet Adapter Module Profile (Version: 4.00.2577.0)
Rockwell Automation 1738 Ethernet Adapter,2-Port,Module Profile (Version: 4.00.2578.0)
Rockwell Automation 1738 Specialty Module Profiles (Version: 3.00.2578.0)
Rockwell Automation 1747 Module Profiles (Version: 8.00.3000.0)
Rockwell Automation 1756 CNet Comms Module Profiles (Version: 1.02.572.0)
Rockwell Automation 1756 ENet Comms Module Profiles (Version: 1.02.572.0)
Rockwell Automation 1756 ENet Comms Module Profiles (Version: 8.03.2783.0)
Rockwell Automation 1756 Ethernet Bridge Module Profile (Version: 8.01.2783.0)
Rockwell Automation 1756 HART Module Profiles (Version: 3.06.4.0)
Rockwell Automation 1756 Remote I/O Interface Module Profile (Version: 2.03.3.0)
Rockwell Automation 1769-L3Y Controllers Module Profiles (Version: 8.03.2783.0)
Rockwell Automation 1769 Analog Module Profiles (Version: 7.02.8.0)
Rockwell Automation 1769 Analog Module Profiles (Version: 8.03.2783.0)
Rockwell Automation 1769 ASCII Module Profiles (Version: 2.02.7.0)
Rockwell Automation 1769 Boolean Module Profiles (Version: 2.02.5.0)
Rockwell Automation 1769 Controller Module Profiles (Version: 8.03.2783.0)
Rockwell Automation 1769 Discrete Module Profiles (Version: 2.02.2.0)
Rockwell Automation 1769 Discrete Module Profiles (Version: 8.03.2783.0)
Rockwell Automation 1769 Embedded Module Profiles (Version: 2.02.10.0)
Rockwell Automation 1769 Specialty Module Profiles (Version: 8.03.2783.0)
Rockwell Automation 1783 Ethernet Managed Switch Module Profile (Version: 2.00.2479.0)
Rockwell Automation 1791DS Discrete Module Profiles (Version: 8.03.2783.0)
Rockwell Automation 1799 Embedded Discrete Module Profile (Version: 1.01.6.0)
Rockwell Automation 2-Port CIP Sync ENetIP Module Profiles (Version: 2.01.10.0)
Rockwell Automation 2-Port Quick Connect ENetIP Module Profiles (Version: 1.01.13.0)
Rockwell Automation 2097 Kinetix Module Profiles (Version: 2.01.2.0)
Rockwell Automation 280 ArmorStart Ethernet Module Profiles (Version: 1.03.1.0)
Rockwell Automation 48MS Vision Sensor Module Profiles (Version: 1.01.19.0)
Rockwell Automation 5XRF RFID Reader Module Profiles (Version: 1.02.24.0)
Rockwell Automation ArmorStart LT Module Profiles (Version: 1.02.1.0)
Rockwell Automation CD Catalog v1.00 (Version: 1.00.0000)
Rockwell Automation DIO DeviceNet Safety Module Profile (Version: 5.04.2.0)
Rockwell Automation DIO DeviceNet Safety Module Profiles (Version: 2.02.4.0)
Rockwell Automation DIO DeviceNet Safety Module Profiles (Version: 5.01.1.0)
Rockwell Automation DIO DeviceNet Safety Module Profiles (Version: 5.04.2.0)
Rockwell Automation DIO DeviceNet Safety Module Profiles (Version: 5.04.4.0)
Rockwell Automation DIO EtherNet Safety Module Profiles (Version: 5.03.1.0)
Rockwell Automation Download Manager (Version: 2.0.7.28)
Rockwell Automation Drives Peripheral Module Profiles (Version: 4.02.10.0)
Rockwell Automation Drives PowerFlex 4 Module Profiles (Version: 4.02.10.0)
Rockwell Automation Drives PowerFlex 7 2 Module Profiles (Version: 4.02.10.0)
Rockwell Automation Drives PowerFlex 7 3 Module Profiles (Version: 4.02.10.0)
Rockwell Automation Drives PowerFlex 7 Module Profiles (Version: 4.02.10.0)
Rockwell Automation Drives SCANport Module Profiles (Version: 4.02.10.0)
Rockwell Automation E1 Plus Module Profiles (Version: 1.01.0.0)
Rockwell Automation EtherNet/IP Tap Family Module Profiles (Version: 2.06.2.0)
Rockwell Automation Faceplates (Version: 1.00.0001)
Rockwell Automation Flex Adapter Module Profiles (Version: 8.03.2783.0)
Rockwell Automation Generic Safety Module Profiles (Version: 8.03.2783.0)
Rockwell Automation Kinetix CIP Motion Drive Module Profiles (Version: 8.03.2783.0)
Rockwell Automation Kinetix350 CIP Motion Drive Module Profiles (Version: 8.03.2783.0)
Rockwell Automation PowerFlex CIP Motion Drive Module Profiles (Version: 8.03.2783.0)
Rockwell Automation SLC Adapter Module Profiles (Version: 8.03.2783.0)
Rockwell Automation Stratix 8000/8300 Module Profiles (Version: 5.01.10.0)
Rockwell Automation USB CIP Driver Package (Version: 3.06.01)
Rockwell Software Hardware Maintenance Tool
Rockwell Windows Firewall Configuration Utility 1.00.06 (Version: 1.00.06.0004)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.5.0)
Roxio Creator BDAV Plugin (Version: 3.5.0)
Roxio Creator Copy (Version: 3.5.0)
Roxio Creator Data (Version: 3.5.0)
Roxio Creator DE (Version: 3.5.0)
Roxio Creator Tools (Version: 3.5.0)
Roxio Drag-to-Disc (Version: 9.1)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
RSLinx Classic 2.59.01 CPR 9 SR 5 (Version: 2.59.01 CPR 9 SR 5)
RSLinx Enterprise 5.50.04 (CPR 9 SR 5) (Version: 5.50.04)
RSLogix 500 English 8.30.00 (CPR 9) (Version: 8.30.00)
RSLogix 5000 Compare (Version: 3.20.00)
RSLogix 5000 DeviceNet Tag Generator (Version: 1.0.105)
RSLogix 5000 Faceplates (Version: 2.23.00)
RSLogix 5000 IEC61131-3 Translation Tool (Version: 1.0.0)
RSLogix 5000 Module Profile Core (Version: 8.03.2783.0)
RSLogix 5000 Module Profile Core EDS Support (Version: 8.03.2783.0)
RSLogix 5000 Module Profile Core System Updates (Version: 6.00.1769.0)
RSLogix 5000 Module Profile Core System Updates 1 (Version: 8.00.2421.0)
RSLogix 5000 Module Profile Setup Utility (Version: 8.03.2783.0)
RSLogix 5000 Motion Database (Version: 20.01.06)
RSLogix 5000 Online Books (Version: 20.0.0)
RSLogix 5000 Online Books (Version: 20.1.0)
RSLogix 5000 Setup Installer (Version: 5.00.0000)
RSLogix 5000 Start Page Media v20.01.00 (Version: 20.01.00)
RSLogix 5000 System Updates (Version: 20.10.0410)
RSLogix 5000 v15.02 (Version: 15.02.0000)
RSLogix 5000 v16.03.00 (CPR 9) (Version: 16.03.00)
RSLogix 5000 v17.01.00 (CPR 9 SR 1) (Version: 17.01.00)
RSLogix 5000 v18.02.00 (CPR 9 SR 2) (Version: 18.02.00)
RSLogix 5000 v19.01.00 (CPR 9 SR 3) (Version: 19.01.00)
RSLogix 5000 v20.01.00 (CPR 9 SR 5) (Version: 20.01.00)
RSLogix Architect v3.60.00 (CPR 9 SR 2) (Version: 3.60.00)
RSLogix Emulate 5000 19.01.00 (CPR 9 SR 3) (Version: 19.01.00)
RSLogix5000 Data Preserved Download Tool (Version: 1.5.2)
RSNetWorx for ControlNet 8.00.00 (CPR 7) (Version: 8.00.00.15)
RSNetWorx for DeviceNet 11.00.00 (CPR 9 SR 5) (Version: 11.00.00)
RSNetWorx for EtherNet/IP 11.00.00 (CPR 9 SR 5) (Version: 11.00.00)
RSView Supervisory Edition 6.10.00.9 (CPR 9 SR 4)
Schenck Process EasyServe (Version: 14.8.240)
Secure Update (Version: 05.07.00.014)
Security Wizards (Version: 01.07.00.014)
Segoe UI (Version: 14.0.4327.805)
Service Pack 2 for SQL Server Analysis Services 2005 ENU (KB921896) (Version: 9.2.3042)
Service Pack 2 for SQL Server Database Services 2005 ENU (KB921896) (Version: 9.2.3042)
Service Pack 2 for SQL Server Integration Services 2005 ENU (KB921896) (Version: 9.2.3042)
Service Pack 2 for SQL Server Notification Services 2005 ENU (KB921896) (Version: 9.2.3042)
Service Pack 2 for SQL Server Reporting Services 2005 ENU (KB921896) (Version: 9.2.3042)
Service Pack 2 for SQL Server Tools and Workstation Components 2005 ENU (KB921896) (Version: 9.2.3042)
Shadow Copy Client (Version: 5.2.01)
SmartConfig
Sonic CinePlayer Decoder Pack (Version: 4.2.0)
SonicWALL SSL-VPN NetExtender (Version: 3.5.108)
Spectrum Controls 1734 Analog Module Profiles (Version: 1.11.1.0)
Spectrum Controls 1756 Analog Module Profiles (Version: 1.09.1.0)
Spectrum Controls 1756 Specialty Module Profiles (Version: 1.03.1.0)
Spectrum Controls 1769 Analog Module Profiles (Version: 1.05.1.0)
Spectrum Controls 1769 Analog Module Profiles (Version: 1.06.1.0)
Spectrum Controls 1769 Analog Module Profiles (Version: 2.06.1.0)
SQL Server 2008 R2 Common Files (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1)
SQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1)
Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1)
SQLXML4 (Version: 9.00.3042.00)
SUPERAntiSpyware (Version: 5.0.1142)
SUPERAntiSpyware Toolbar Powered by Ask.com (Version: 1.15.1.0)
SUPERAntiSpyware Toolbar Powered by Ask.com Updater (Version: 1.2.1.22229)
Tag Data Monitor Tool (Version: 2.0.1)
Tag Data Monitor Tool (Version: 2.0.3)
Tag Upload Download Tool (Version: 2.6.1)
Tag Upload Download Tool (Version: 2.6.4)
TeamViewer 7 (Version: 7.0.15723)
Translate PLC-5_SLC 2.0 (Version: 1.0.8)
Trusted Drive Manager (Version: 2.6.0.108)
tsp patch (Version: 01.00.00.0000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB971930) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951618-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
UPEK TouchChip Fingerprint Reader (Version: 1.0.0)
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core - English (Version: 6.5.10.32)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.5.10.32)
Wave Infrastructure Installer (Version: 06.01.50.0000)
Wave Support Software (Version: 05.10.00.024)
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - AuthenTec Inc. (ATSwpWDF) Biometric (06/12/2008 8.1.0.51) (Version: 06/12/2008 8.1.0.51)
Windows Driver Package - Dell Inc. PBADRV System (01/07/2008 1.0.1.5) (Version: 01/07/2008 1.0.1.5)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Photo Gallery (Version: 14.0.8051.1204)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation (Version: 3.0.6920.0)
XML Paper Specification Shared Components Pack 1.0
Yahoo! Software Update
Yahoo! Toolbar
Yontoo Layers 1.10.01 (Version: 1.10.01)

========================= Memory info: ===================================

Percentage of memory in use: 62%
Total physical RAM: 2003.09 MB
Available physical RAM: 755.87 MB
Total Pagefile: 3895.21 MB
Available Pagefile: 2796.78 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.98 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:149.01 GB) (Free:84.01 GB) NTFS
2 Drive d: (MVI56E_v1.12) (CDROM) (Total:0.15 GB) (Free:0 GB) UDF1.02
4 Drive f: () (Removable) (Total:1.86 GB) (Free:1.25 GB) FAT
5 Drive g: () (Removable) (Total:3.73 GB) (Free:2.76 GB) FAT32

========================= Users: ========================================

User accounts for \\WLNBTS2009

admin Administrator ASPNET
Guest HelpAssistant IUSR_WLNBTS2009
IWAM_WLNBTS2009 SUPPORT_388945a0 user

========================= Restore Points ==================================

13-09-2012 12:29:17 Software Distribution Service 3.0
13-09-2012 13:06:18 Installed Java™ 6 Update 35
14-09-2012 13:21:02 Software Distribution Service 3.0
17-09-2012 11:49:36 Software Distribution Service 3.0
18-09-2012 11:54:47 Software Distribution Service 3.0
19-09-2012 12:10:18 Software Distribution Service 3.0
21-09-2012 11:51:13 Software Distribution Service 3.0
24-09-2012 00:06:11 Software Distribution Service 3.0
25-09-2012 00:30:29 Software Distribution Service 3.0
25-09-2012 00:41:10 Software Distribution Service 3.0
26-09-2012 00:54:04 Software Distribution Service 3.0
27-09-2012 20:40:15 Software Distribution Service 3.0
01-10-2012 00:18:38 Software Distribution Service 3.0
01-10-2012 02:38:07 Software Distribution Service 3.0
02-10-2012 00:01:06 Software Distribution Service 3.0
03-10-2012 03:26:55 System Checkpoint
04-10-2012 00:16:09 Software Distribution Service 3.0
05-10-2012 01:27:51 System Checkpoint
06-10-2012 00:07:09 Software Distribution Service 3.0
07-10-2012 03:51:17 System Checkpoint
07-10-2012 06:05:56 Software Distribution Service 3.0
07-10-2012 15:31:25 Software Distribution Service 3.0
08-10-2012 23:10:43 Software Distribution Service 3.0
10-10-2012 01:31:41 Software Distribution Service 3.0
10-10-2012 21:29:02 Software Distribution Service 3.0
10-10-2012 23:31:44 Software Distribution Service 3.0
10-10-2012 23:56:02 Software Distribution Service 3.0
11-10-2012 02:08:46 Removed ControlFLASH
11-10-2012 21:45:48 Software Distribution Service 3.0
11-10-2012 22:17:07 Software Distribution Service 3.0
12-10-2012 21:22:56 Installed Compatibility Pack for the 2007 Office system
13-10-2012 22:39:49 Software Distribution Service 3.0
14-10-2012 23:54:57 Software Distribution Service 3.0
15-10-2012 00:13:22 Software Distribution Service 3.0
16-10-2012 00:56:58 Software Distribution Service 3.0
17-10-2012 01:50:15 Software Distribution Service 3.0
18-10-2012 21:15:01 Software Distribution Service 3.0
21-10-2012 00:59:40 Software Distribution Service 3.0
22-10-2012 02:35:15 Software Distribution Service 3.0
27-10-2012 14:18:57 Software Distribution Service 3.0
28-10-2012 22:32:10 Software Distribution Service 3.0
01-11-2012 23:25:35 Software Distribution Service 3.0
05-11-2012 05:46:43 Software Distribution Service 3.0
06-11-2012 23:34:33 Software Distribution Service 3.0
08-11-2012 01:13:59 Software Distribution Service 3.0
09-11-2012 03:12:23 Software Distribution Service 3.0
11-11-2012 23:02:28 Software Distribution Service 3.0
12-11-2012 23:10:06 System Checkpoint
14-11-2012 00:28:01 Software Distribution Service 3.0
15-11-2012 01:52:58 Software Distribution Service 3.0
15-11-2012 22:08:13 Software Distribution Service 3.0
16-11-2012 03:53:02 Software Distribution Service 3.0
16-11-2012 04:01:08 Software Distribution Service 3.0
18-11-2012 15:53:21 Software Distribution Service 3.0
19-11-2012 22:42:22 Software Distribution Service 3.0
20-11-2012 22:53:00 Software Distribution Service 3.0
21-11-2012 23:50:23 System Checkpoint
22-11-2012 14:37:13 Installed Microsoft Fix it 50102
23-11-2012 00:40:16 Restore Operation
24-11-2012 16:51:44 Before Shared reg
24-11-2012 21:54:58 Installed Microsoft Fix it 50102

**** End of log ****

#3 t_bird83

t_bird83
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 24 November 2012 - 05:54 PM

Here is the Tdskiller log.

I hope this helps.

17:57:46.0718 4260 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:57:46.0734 4260 ============================================================
17:57:46.0734 4260 Current date / time: 2012/11/24 17:57:46.0734
17:57:46.0734 4260 SystemInfo:
17:57:46.0734 4260
17:57:46.0734 4260 OS Version: 5.1.2600 ServicePack: 3.0
17:57:46.0734 4260 Product type: Workstation
17:57:46.0734 4260 ComputerName: WLNBTS2009
17:57:46.0734 4260 UserName: travissmith
17:57:46.0734 4260 Windows directory: C:\WINDOWS
17:57:46.0734 4260 System windows directory: C:\WINDOWS
17:57:46.0734 4260 Processor architecture: Intel x86
17:57:46.0734 4260 Number of processors: 2
17:57:46.0734 4260 Page size: 0x1000
17:57:46.0734 4260 Boot type: Normal boot
17:57:46.0734 4260 ============================================================
17:57:50.0640 4260 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:57:50.0656 4260 Drive \Device\Harddisk3\DR5 - Size: 0xEEB00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:57:50.0656 4260 ============================================================
17:57:50.0656 4260 \Device\Harddisk0\DR0:
17:57:50.0656 4260 MBR partitions:
17:57:50.0656 4260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x12A056B0
17:57:50.0656 4260 \Device\Harddisk3\DR5:
17:57:50.0656 4260 MBR partitions:
17:57:50.0656 4260 \Device\Harddisk3\DR5\Partition1: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x7757E0
17:57:50.0656 4260 ============================================================
17:57:50.0781 4260 C: <-> \Device\Harddisk0\DR0\Partition1
17:57:50.0781 4260 ============================================================
17:57:50.0781 4260 Initialize success
17:57:50.0781 4260 ============================================================
17:57:54.0468 4420 ============================================================
17:57:54.0468 4420 Scan started
17:57:54.0468 4420 Mode: Manual;
17:57:54.0468 4420 ============================================================
17:57:56.0609 4420 ================ Scan system memory ========================
17:57:56.0609 4420 System memory - ok
17:57:56.0609 4420 ================ Scan services =============================
17:57:57.0453 4420 [ C0393EB99A6C72C6BEF9BFC4A72B33A6 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
17:57:57.0453 4420 !SASCORE - ok
17:57:57.0625 4420 [ F956EC3BFC79D05E6B5F0E752ADD6E16 ] 1784-PCIDS DeviceNet C:\Program Files\Rockwell Software\RSLogix Emulate 5000\PcidsService.exe
17:57:57.0750 4420 1784-PCIDS DeviceNet - ok
17:57:57.0812 4420 86280601 - ok
17:57:57.0812 4420 Abiosdsk - ok
17:57:57.0843 4420 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:57:57.0859 4420 abp480n5 - ok
17:57:57.0875 4420 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:57:57.0875 4420 ACPI - ok
17:57:57.0890 4420 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
17:57:57.0890 4420 ACPIEC - ok
17:57:57.0937 4420 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:57:57.0937 4420 AdobeFlashPlayerUpdateSvc - ok
17:57:58.0015 4420 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:57:58.0015 4420 adpu160m - ok
17:57:58.0078 4420 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:57:58.0078 4420 aec - ok
17:57:58.0109 4420 [ 20F078136F3BDC4C0405C0527B769303 ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys
17:57:58.0109 4420 AESTAud - ok
17:57:58.0109 4420 AFD - ok
17:57:58.0125 4420 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
17:57:58.0140 4420 agp440 - ok
17:57:58.0156 4420 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:57:58.0156 4420 agpCPQ - ok
17:57:58.0156 4420 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:57:58.0171 4420 Aha154x - ok
17:57:58.0171 4420 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:57:58.0171 4420 aic78u2 - ok
17:57:58.0187 4420 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:57:58.0187 4420 aic78xx - ok
17:57:58.0250 4420 [ 3F9F42085AB5B6A55498A539C54575AB ] akshasp C:\WINDOWS\system32\DRIVERS\akshasp.sys
17:57:58.0250 4420 akshasp - ok
17:57:58.0296 4420 [ D2B95315CC47F9230006FDBCBA394D8D ] aksusb C:\WINDOWS\system32\DRIVERS\aksusb.sys
17:57:58.0296 4420 aksusb - ok
17:57:58.0328 4420 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
17:57:58.0328 4420 Alerter - ok
17:57:58.0359 4420 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
17:57:58.0359 4420 ALG - ok
17:57:58.0375 4420 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
17:57:58.0375 4420 AliIde - ok
17:57:58.0390 4420 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:57:58.0390 4420 alim1541 - ok
17:57:58.0406 4420 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:57:58.0406 4420 amdagp - ok
17:57:58.0437 4420 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
17:57:58.0437 4420 amsint - ok
17:57:58.0468 4420 [ B83F9DA84F7079451C1C6A4A2F140920 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
17:57:58.0468 4420 ApfiltrService - ok
17:57:58.0500 4420 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:57:58.0531 4420 AppMgmt - ok
17:57:58.0546 4420 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:57:58.0562 4420 Arp1394 - ok
17:57:58.0578 4420 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
17:57:58.0578 4420 asc - ok
17:57:58.0593 4420 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:57:58.0609 4420 asc3350p - ok
17:57:58.0625 4420 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:57:58.0671 4420 asc3550 - ok
17:57:58.0843 4420 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:57:58.0843 4420 aspnet_state - ok
17:57:58.0890 4420 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:57:58.0906 4420 AsyncMac - ok
17:57:58.0937 4420 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
17:57:58.0937 4420 atapi - ok
17:57:58.0937 4420 Atdisk - ok
17:57:58.0953 4420 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:57:58.0953 4420 Atmarpc - ok
17:57:59.0015 4420 [ D3FCB01559309C8611E1E1F955E896C9 ] ATService C:\Program Files\Fingerprint Sensor\AtService.exe
17:57:59.0234 4420 ATService - ok
17:57:59.0281 4420 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:57:59.0281 4420 AudioSrv - ok
17:57:59.0328 4420 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:57:59.0328 4420 audstub - ok
17:57:59.0375 4420 [ 6F76908F065C3C151C4BFCA7DFD86979 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
17:57:59.0375 4420 avgtp - ok
17:57:59.0406 4420 [ 58911390115465BF6D8048F21F48655A ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
17:57:59.0421 4420 b57w2k - ok
17:57:59.0484 4420 [ 5C68AC6F3E5B3E6D6A78E97D05E42C3A ] BASFND C:\Program Files\Broadcom\MgmtAgent\BASFND.sys
17:57:59.0484 4420 BASFND - ok
17:57:59.0546 4420 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
17:57:59.0562 4420 BBSvc - ok
17:57:59.0609 4420 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
17:57:59.0671 4420 BBUpdate - ok
17:57:59.0781 4420 [ 9208C78BD9283F79A30252AD954C77A2 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
17:57:59.0812 4420 BCM43XX - ok
17:57:59.0828 4420 [ 8C31C9DB77ED6143AD09DC5FD2C9D9CC ] BCMWLNPF C:\WINDOWS\system32\drivers\bcmwlnpf.sys
17:57:59.0828 4420 BCMWLNPF - ok
17:57:59.0843 4420 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:57:59.0843 4420 Beep - ok
17:57:59.0921 4420 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
17:58:00.0031 4420 BITS - ok
17:58:00.0062 4420 [ 9B53D428DE0A2566A03499D7AA48DEC4 ] Blfp C:\WINDOWS\system32\DRIVERS\baspxp32.sys
17:58:00.0062 4420 Blfp - ok
17:58:00.0078 4420 [ B45BB1781F0DB38BDF52DD9277E53E4A ] BrcmMgmtAgent C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
17:58:00.0078 4420 BrcmMgmtAgent - ok
17:58:00.0125 4420 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
17:58:00.0125 4420 Browser - ok
17:58:00.0203 4420 [ 4C2A9823C48882BCE93E26105E1434E2 ] buttonsvc32 C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
17:58:00.0218 4420 buttonsvc32 - ok
17:58:00.0234 4420 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:58:00.0234 4420 cbidf - ok
17:58:00.0234 4420 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:58:00.0234 4420 cbidf2k - ok
17:58:00.0250 4420 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:58:00.0250 4420 cd20xrnt - ok
17:58:00.0281 4420 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:58:00.0281 4420 Cdaudio - ok
17:58:00.0312 4420 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:58:00.0312 4420 Cdfs - ok
17:58:00.0328 4420 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:58:00.0328 4420 Cdrom - ok
17:58:00.0328 4420 Changer - ok
17:58:00.0375 4420 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:58:00.0390 4420 CiSvc - ok
17:58:00.0406 4420 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:58:00.0406 4420 ClipSrv - ok
17:58:00.0500 4420 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:58:00.0593 4420 clr_optimization_v2.0.50727_32 - ok
17:58:00.0625 4420 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:58:00.0781 4420 clr_optimization_v4.0.30319_32 - ok
17:58:00.0828 4420 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:58:00.0828 4420 CmBatt - ok
17:58:00.0843 4420 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:58:00.0843 4420 CmdIde - ok
17:58:00.0859 4420 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:58:00.0859 4420 Compbatt - ok
17:58:00.0875 4420 COMSysApp - ok
17:58:00.0906 4420 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:58:00.0906 4420 Cpqarray - ok
17:58:00.0953 4420 [ 800EC253F07F89C2FC694839DFEEF6F8 ] Crypto C:\WINDOWS\system32\Drivers\Crypto.sys
17:58:01.0015 4420 Crypto - ok
17:58:01.0062 4420 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:58:01.0062 4420 CryptSvc - ok
17:58:01.0093 4420 [ 1209BBAE5F999602AE202AC6E73D1812 ] ctndrvd C:\WINDOWS\system32\drivers\ctndrv2.sys
17:58:01.0109 4420 ctndrvd - ok
17:58:01.0125 4420 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:58:01.0125 4420 dac2w2k - ok
17:58:01.0156 4420 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:58:01.0156 4420 dac960nt - ok
17:58:01.0187 4420 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:58:01.0203 4420 DcomLaunch - ok
17:58:01.0296 4420 [ CE597E34D62C603871E2F2F5155A88E5 ] dcpsysmgrsvc C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
17:58:01.0312 4420 dcpsysmgrsvc - ok
17:58:01.0328 4420 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:58:01.0328 4420 Dhcp - ok
17:58:01.0359 4420 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:58:01.0390 4420 Disk - ok
17:58:01.0437 4420 [ A0500678A33802D8954153839301D539 ] DLABMFSM C:\WINDOWS\system32\Drivers\DLABMFSM.SYS
17:58:01.0437 4420 DLABMFSM - ok
17:58:01.0468 4420 [ B8D2F68CAC54D46281399F9092644794 ] DLABOIOM C:\WINDOWS\system32\Drivers\DLABOIOM.SYS
17:58:01.0468 4420 DLABOIOM - ok
17:58:01.0468 4420 [ 0EE93AB799D1CB4EC90B36F3612FE907 ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
17:58:01.0468 4420 DLACDBHM - ok
17:58:01.0468 4420 [ 87413B94AE1FABC117C4E8AE6725134E ] DLADResM C:\WINDOWS\system32\Drivers\DLADResM.SYS
17:58:01.0468 4420 DLADResM - ok
17:58:01.0468 4420 [ 766A148235BE1C0039C974446E4C0EDC ] DLAIFS_M C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS
17:58:01.0468 4420 DLAIFS_M - ok
17:58:01.0484 4420 [ 38267CCA177354F1C64450A43A4F7627 ] DLAOPIOM C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS
17:58:01.0484 4420 DLAOPIOM - ok
17:58:01.0484 4420 [ FD363369FD313B46B5AEAB1A688B52E9 ] DLAPoolM C:\WINDOWS\system32\Drivers\DLAPoolM.SYS
17:58:01.0484 4420 DLAPoolM - ok
17:58:01.0484 4420 [ 336AE18F0912EF4FBE5518849E004D74 ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
17:58:01.0484 4420 DLARTL_M - ok
17:58:01.0484 4420 [ FD85F682C1CC2A7CA878C7A448E6D87E ] DLAUDFAM C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS
17:58:01.0484 4420 DLAUDFAM - ok
17:58:01.0515 4420 [ AF389CE587B6BF5BBDCD6F6ABE5EABC0 ] DLAUDF_M C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS
17:58:01.0515 4420 DLAUDF_M - ok
17:58:01.0531 4420 dmadmin - ok
17:58:01.0578 4420 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:58:01.0609 4420 dmboot - ok
17:58:01.0625 4420 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:58:01.0625 4420 dmio - ok
17:58:01.0687 4420 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:58:01.0703 4420 dmload - ok
17:58:01.0765 4420 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:58:01.0765 4420 dmserver - ok
17:58:01.0796 4420 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:58:01.0796 4420 DMusic - ok
17:58:01.0843 4420 [ D2B6508906E217415D51E5924972CE51 ] DNE C:\WINDOWS\system32\DRIVERS\dne2000.sys
17:58:01.0843 4420 DNE - ok
17:58:01.0859 4420 [ 88EA1B2ACDD0536661D67FDD2F030DD2 ] DniVap C:\WINDOWS\system32\DRIVERS\vap.sys
17:58:01.0859 4420 DniVap - ok
17:58:01.0890 4420 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:58:01.0890 4420 Dnscache - ok
17:58:02.0000 4420 [ 7327593CACDEC1D7C1D52FF2AAD36EB5 ] dnWhoDisp C:\Program Files\Rockwell Software\RSLINX\dnwhodisp.exe
17:58:02.0125 4420 dnWhoDisp - ok
17:58:02.0171 4420 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:58:02.0171 4420 Dot3svc - ok
17:58:02.0187 4420 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:58:02.0187 4420 dpti2o - ok
17:58:02.0218 4420 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:58:02.0218 4420 drmkaud - ok
17:58:02.0234 4420 [ 5D3B71BB2BB0009D65D290E2EF374BD3 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
17:58:02.0234 4420 DRVMCDB - ok
17:58:02.0250 4420 [ C591BA9F96F40A1FD6494DAFDCD17185 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
17:58:02.0250 4420 DRVNDDM - ok
17:58:02.0250 4420 DS1410D - ok
17:58:02.0281 4420 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:58:02.0281 4420 EapHost - ok
17:58:02.0578 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot0 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:03.0062 4420 EmuLogix 5868 Slot0 - ok
17:58:03.0109 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot1 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:03.0125 4420 EmuLogix 5868 Slot1 - ok
17:58:03.0343 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot10 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:03.0343 4420 EmuLogix 5868 Slot10 - ok
17:58:03.0406 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot11 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:03.0421 4420 EmuLogix 5868 Slot11 - ok
17:58:03.0546 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot12 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:03.0562 4420 EmuLogix 5868 Slot12 - ok
17:58:03.0593 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot13 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:03.0609 4420 EmuLogix 5868 Slot13 - ok
17:58:03.0812 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot14 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:03.0812 4420 EmuLogix 5868 Slot14 - ok
17:58:03.0859 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot15 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:03.0859 4420 EmuLogix 5868 Slot15 - ok
17:58:03.0890 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot16 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:03.0890 4420 EmuLogix 5868 Slot16 - ok
17:58:03.0921 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot2 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:03.0937 4420 EmuLogix 5868 Slot2 - ok
17:58:03.0968 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot3 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:03.0968 4420 EmuLogix 5868 Slot3 - ok
17:58:04.0000 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot4 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:04.0015 4420 EmuLogix 5868 Slot4 - ok
17:58:04.0046 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot5 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:04.0062 4420 EmuLogix 5868 Slot5 - ok
17:58:04.0093 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot6 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:04.0109 4420 EmuLogix 5868 Slot6 - ok
17:58:04.0140 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot7 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:04.0156 4420 EmuLogix 5868 Slot7 - ok
17:58:04.0171 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot8 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:04.0187 4420 EmuLogix 5868 Slot8 - ok
17:58:04.0218 4420 [ E7E6B87B0B6DE4FA52817862FC39CD0B ] EmuLogix 5868 Slot9 C:\Program Files\Rockwell Software\RSLogix Emulate 5000\V15\EmuLogix5868.exe
17:58:04.0218 4420 EmuLogix 5868 Slot9 - ok
17:58:04.0281 4420 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:58:04.0281 4420 ERSvc - ok
17:58:04.0359 4420 [ 2DFF01D50C3BE3E37B978B1A75768351 ] EventClientMultiplexer C:\Program Files\Common Files\Rockwell\EventClientMultiplexer.exe
17:58:04.0406 4420 EventClientMultiplexer - ok
17:58:04.0437 4420 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
17:58:04.0453 4420 Eventlog - ok
17:58:04.0500 4420 [ B5E700A8BB2F1186E80ECA619FDD649D ] EventServer C:\Program Files\Common Files\Rockwell\EventServer.exe
17:58:04.0500 4420 EventServer - ok
17:58:04.0531 4420 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
17:58:04.0546 4420 EventSystem - ok
17:58:04.0656 4420 [ E449211A88BBF6B734DE39140BAF3389 ] FactoryTalk Activation Service C:\Program Files\Rockwell Software\FactoryTalk Activation\lmgrd.exe
17:58:05.0171 4420 FactoryTalk Activation Service - ok
17:58:05.0328 4420 [ 4F5FA9AA8418E886A6DADB156874E1B8 ] FactoryTalk Gateway C:\Program Files\Rockwell Software\RSOPC Gateway\RSOPCGateway.exe
17:58:05.0359 4420 FactoryTalk Gateway - ok
17:58:05.0406 4420 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:58:05.0406 4420 Fastfat - ok
17:58:05.0453 4420 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:58:05.0453 4420 FastUserSwitchingCompatibility - ok
17:58:05.0500 4420 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
17:58:05.0500 4420 Fax - ok
17:58:05.0515 4420 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
17:58:05.0531 4420 Fdc - ok
17:58:05.0546 4420 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:58:05.0546 4420 Fips - ok
17:58:05.0546 4420 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
17:58:05.0546 4420 Flpydisk - ok
17:58:05.0562 4420 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:58:05.0562 4420 FltMgr - ok
17:58:05.0687 4420 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
17:58:05.0687 4420 FontCache3.0.0.0 - ok
17:58:05.0687 4420 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:58:05.0703 4420 Fs_Rec - ok
17:58:05.0812 4420 [ E823B8EDE706FB56127F91C3571F4E4A ] FTActivationBoost C:\Program Files\Rockwell Software\FactoryTalk Activation\Tools\FTActivationBoost.exe
17:58:05.0812 4420 FTActivationBoost - ok
17:58:05.0859 4420 [ 4CCBDEA52AE1ED5547F8EA60D9E58C0A ] FTAE_Archiver C:\Program Files\Common Files\Rockwell\FTAEArchiver.exe
17:58:05.0859 4420 FTAE_Archiver - ok
17:58:05.0875 4420 [ 3FE90E191E20CE0210DD4E102C3D4E09 ] FTAE_HistServ C:\Program Files\Common Files\Rockwell\FTAE_HistServ.exe
17:58:05.0890 4420 FTAE_HistServ - ok
17:58:05.0921 4420 [ 782F67CFC6C362257916BBB50BC55DE9 ] FTDIBUS C:\WINDOWS\system32\drivers\ftdibus.sys
17:58:05.0921 4420 FTDIBUS - ok
17:58:05.0968 4420 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:58:05.0968 4420 Ftdisk - ok
17:58:06.0000 4420 [ 4A995111F44CD6F35775865903F4F41E ] FTSER2K C:\WINDOWS\system32\drivers\ftser2k.sys
17:58:06.0062 4420 FTSER2K - ok
17:58:06.0125 4420 [ 35A1F815962F3552066C6BE4C969D297 ] getPlus® Helper C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
17:58:06.0125 4420 getPlus® Helper - ok
17:58:06.0156 4420 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:58:06.0156 4420 Gpc - ok
17:58:06.0203 4420 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:58:06.0234 4420 gupdate - ok
17:58:06.0250 4420 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:58:06.0250 4420 gupdatem - ok
17:58:06.0296 4420 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:58:06.0296 4420 gusvc - ok
17:58:06.0343 4420 [ D95554949082FD29A04D351B58396718 ] Hardlock C:\WINDOWS\system32\drivers\hardlock.sys
17:58:06.0359 4420 Hardlock - ok
17:58:06.0453 4420 [ DB1228B91C09A55EE6816C1D40CD195D ] Harmony C:\Program Files\Rockwell Software\RSCommon\RSOBSERV.EXE
17:58:06.0531 4420 Harmony - ok
17:58:06.0546 4420 [ 2DD25F060DC9F79B5CDF33D90ED93669 ] Haspnt C:\WINDOWS\system32\drivers\Haspnt.sys
17:58:06.0546 4420 Haspnt - ok
17:58:06.0578 4420 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:58:06.0593 4420 HDAudBus - ok
17:58:06.0671 4420 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:58:06.0671 4420 helpsvc - ok
17:58:06.0734 4420 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
17:58:06.0750 4420 HidServ - ok
17:58:06.0750 4420 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:58:06.0750 4420 hidusb - ok
17:58:06.0781 4420 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:58:06.0781 4420 hkmsvc - ok
17:58:06.0796 4420 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
17:58:06.0796 4420 hpn - ok
17:58:06.0843 4420 [ 7290FB97535C317A237D4C73149C7E2C ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
17:58:06.0843 4420 HSFHWAZL - ok
17:58:06.0875 4420 [ F362C0B442337DA8AB0608DFAA4CA076 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
17:58:06.0906 4420 HSF_DPV - ok
17:58:06.0984 4420 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:58:07.0000 4420 HTTP - ok
17:58:07.0046 4420 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:58:07.0046 4420 HTTPFilter - ok
17:58:07.0046 4420 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
17:58:07.0046 4420 i2omgmt - ok
17:58:07.0078 4420 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:58:07.0078 4420 i2omp - ok
17:58:07.0125 4420 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:58:07.0125 4420 i8042prt - ok
17:58:07.0187 4420 [ F148C2E931BFC20397EDC0A7B4F8E22B ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
17:58:07.0187 4420 IAANTMON - ok
17:58:07.0375 4420 [ 4F3139829F1AC202FF0D29C2FD6C15B6 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
17:58:07.0515 4420 ialm - ok
17:58:07.0546 4420 [ 692830B048AACD7E0D6EDEDF098ACC01 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
17:58:07.0546 4420 iaStor - ok
17:58:07.0796 4420 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:58:07.0828 4420 IDriverT - ok
17:58:08.0031 4420 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:58:08.0093 4420 idsvc - ok
17:58:08.0156 4420 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] IISADMIN C:\WINDOWS\system32\inetsrv\inetinfo.exe
17:58:08.0156 4420 IISADMIN - ok
17:58:08.0171 4420 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:58:08.0171 4420 Imapi - ok
17:58:08.0203 4420 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:58:08.0218 4420 ImapiService - ok
17:58:08.0234 4420 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:58:08.0234 4420 ini910u - ok
17:58:08.0281 4420 [ 64C301D73DB18EBDC8680CA82D82AF2D ] IntcHdmiAddService C:\WINDOWS\system32\drivers\IntcHdmi.sys
17:58:08.0281 4420 IntcHdmiAddService - ok
17:58:08.0312 4420 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
17:58:08.0312 4420 IntelIde - ok
17:58:08.0359 4420 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:58:08.0359 4420 intelppm - ok
17:58:08.0375 4420 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:58:08.0375 4420 Ip6Fw - ok
17:58:08.0390 4420 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:58:08.0390 4420 IpFilterDriver - ok
17:58:08.0390 4420 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:58:08.0390 4420 IpInIp - ok
17:58:08.0406 4420 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:58:08.0406 4420 IpNat - ok
17:58:08.0421 4420 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:58:08.0421 4420 IPSec - ok
17:58:08.0453 4420 [ 821301A399C48354C3723EF9FC89C8D2 ] IPSECDRV C:\WINDOWS\system32\Drivers\IPSECDRV.sys
17:58:08.0484 4420 IPSECDRV - ok
17:58:08.0531 4420 [ 8B2DE56F938C34A73D25D928FB124861 ] IPSECMON C:\Program Files\ADTRAN\NetVanta VPN Client\IPSecMon.exe
17:58:08.0578 4420 IPSECMON - ok
17:58:08.0578 4420 IPSECSHM - ok
17:58:08.0625 4420 [ EED834A27D49FA2FE2C3F505E48EEFCC ] IreIKE C:\Program Files\ADTRAN\NetVanta VPN Client\IreIKE.exe
17:58:09.0046 4420 IreIKE - ok
17:58:09.0281 4420 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:58:09.0296 4420 IRENUM - ok
17:58:09.0343 4420 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:58:09.0343 4420 isapnp - ok
17:58:09.0468 4420 [ 8EA1DF617210ABAC262A6109EEEDE801 ] iToolsOPCService C:\Program Files\Eurotherm\iTools\iToolsService.exe
17:58:09.0593 4420 iToolsOPCService - ok
17:58:09.0687 4420 [ 0E410EDC8D0527801B899CF29E60597C ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
17:58:09.0703 4420 JavaQuickStarterService - ok
17:58:09.0796 4420 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:58:09.0796 4420 Kbdclass - ok
17:58:09.0812 4420 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:58:09.0812 4420 kbdhid - ok
17:58:09.0859 4420 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:58:09.0859 4420 kmixer - ok
17:58:09.0906 4420 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:58:09.0906 4420 KSecDD - ok
17:58:09.0937 4420 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
17:58:09.0953 4420 LanmanServer - ok
17:58:09.0984 4420 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:58:10.0000 4420 lanmanworkstation - ok
17:58:10.0000 4420 lbrtfdc - ok
17:58:10.0046 4420 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:58:10.0046 4420 LmHosts - ok
17:58:10.0125 4420 [ A98D99DE22068231D5FE9FA1A07CD6FD ] LogReceiver C:\Program Files\Rockwell Software\RSLinx Enterprise\LogReceiver.exe
17:58:10.0203 4420 LogReceiver - ok
17:58:10.0234 4420 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:58:10.0234 4420 mdmxsdk - ok
17:58:10.0281 4420 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
17:58:10.0281 4420 Messenger - ok
17:58:10.0328 4420 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:58:10.0328 4420 mnmdd - ok
17:58:10.0343 4420 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:58:10.0343 4420 mnmsrvc - ok
17:58:10.0375 4420 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:58:10.0375 4420 Modem - ok
17:58:10.0390 4420 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:58:10.0390 4420 Mouclass - ok
17:58:10.0406 4420 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:58:10.0406 4420 mouhid - ok
17:58:10.0421 4420 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:58:10.0421 4420 MountMgr - ok
17:58:10.0468 4420 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:58:10.0468 4420 MozillaMaintenance - ok
17:58:10.0515 4420 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
17:58:10.0515 4420 MpFilter - ok
17:58:10.0687 4420 [ A69630D039C38018689190234F866D77 ] MpKslca37371a c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{B8C5FD9F-F4DF-489A-9CAB-A07F17FF7DAE}\MpKslca37371a.sys
17:58:10.0687 4420 MpKslca37371a - ok
17:58:10.0734 4420 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:58:10.0734 4420 mraid35x - ok
17:58:10.0781 4420 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:58:10.0812 4420 MRxDAV - ok
17:58:10.0875 4420 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:58:10.0890 4420 MRxSmb - ok
17:58:10.0921 4420 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:58:10.0921 4420 MSDTC - ok
17:58:11.0015 4420 [ 254F2F54BF36B39F9D3CDC1953F64A5C ] MsDtsServer C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe
17:58:11.0015 4420 MsDtsServer - ok
17:58:11.0015 4420 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:58:11.0015 4420 Msfs - ok
17:58:11.0125 4420 [ F7E0900F9A8E3F71F2C16A932F0E03E0 ] msftesql C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
17:58:11.0125 4420 msftesql - ok
17:58:11.0125 4420 MSIServer - ok
17:58:11.0156 4420 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:58:11.0171 4420 MSKSSRV - ok
17:58:11.0218 4420 [ 64E8B7C65EB4796939C0F64F8170821B ] msloop C:\WINDOWS\system32\DRIVERS\loop.sys
17:58:11.0218 4420 msloop - ok
17:58:11.0328 4420 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:58:11.0328 4420 MsMpSvc - ok
17:58:11.0359 4420 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:58:11.0359 4420 MSPCLOCK - ok
17:58:11.0375 4420 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:58:11.0375 4420 MSPQM - ok
17:58:11.0406 4420 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:58:11.0406 4420 mssmbios - ok
17:58:11.0421 4420 MSSQL$FTVIEWX64TAGDB - ok
17:58:11.0437 4420 MSSQLSERVER - ok
17:58:11.0468 4420 [ ADAF062116B4E6D96E44D26486A87AF6 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
17:58:11.0468 4420 MSSQLServerADHelper - ok
17:58:11.0546 4420 [ 8E8E74C953EB0C4F8828D99D6F27FD6F ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:58:11.0546 4420 MSSQLServerADHelper100 - ok
17:58:12.0015 4420 [ 14DB82287276D890848637F16860374F ] MSSQLServerOLAPService C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
17:58:12.0375 4420 MSSQLServerOLAPService - ok
17:58:12.0421 4420 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:58:12.0421 4420 Mup - ok
17:58:12.0468 4420 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:58:12.0468 4420 napagent - ok
17:58:12.0515 4420 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:58:12.0515 4420 NDIS - ok
17:58:12.0546 4420 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:58:12.0546 4420 NdisTapi - ok
17:58:12.0562 4420 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:58:12.0578 4420 Ndisuio - ok
17:58:12.0593 4420 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:58:12.0593 4420 NdisWan - ok
17:58:12.0640 4420 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:58:12.0640 4420 NDProxy - ok
17:58:12.0640 4420 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:58:12.0640 4420 NetBIOS - ok
17:58:12.0718 4420 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:58:12.0718 4420 NetBT - ok
17:58:12.0796 4420 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
17:58:12.0796 4420 NetDDE - ok
17:58:12.0796 4420 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:58:12.0796 4420 NetDDEdsdm - ok
17:58:12.0921 4420 [ 60B17560961ECD0C601229827047CDEB ] NetDirect C:\WINDOWS\system32\DRIVERS\NetDirect.sys
17:58:13.0000 4420 NetDirect - ok
17:58:13.0078 4420 [ E8ADEB45EC3A8A7D559779D8827B6724 ] NetDirectService C:\Program Files\Avaya NetDirect Client\NetDirectService.exe
17:58:13.0078 4420 NetDirectService - ok
17:58:13.0109 4420 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:58:13.0109 4420 Netlogon - ok
17:58:13.0125 4420 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
17:58:13.0125 4420 Netman - ok
17:58:13.0203 4420 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:58:13.0234 4420 NetTcpPortSharing - ok
17:58:13.0296 4420 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:58:13.0296 4420 NIC1394 - ok
17:58:13.0375 4420 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
17:58:13.0375 4420 Nla - ok
17:58:13.0453 4420 [ 06FDC21A1253DE306B38F99DD0BE807E ] NmspHost C:\Program Files\Common Files\Rockwell\NmspHost.exe
17:58:13.0515 4420 NmspHost - ok
17:58:13.0546 4420 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:58:13.0546 4420 Npfs - ok
17:58:13.0593 4420 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:58:13.0593 4420 Ntfs - ok
17:58:13.0609 4420 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:58:13.0609 4420 NtLmSsp - ok
17:58:13.0656 4420 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:58:13.0671 4420 NtmsSvc - ok
17:58:13.0671 4420 ntrtscan - ok
17:58:13.0687 4420 NT_NvcA - ok
17:58:13.0781 4420 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:58:13.0796 4420 Null - ok
17:58:13.0843 4420 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:58:13.0843 4420 NwlnkFlt - ok
17:58:13.0859 4420 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:58:13.0859 4420 NwlnkFwd - ok
17:58:13.0875 4420 OfcPfwSvc - ok
17:58:13.0890 4420 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:58:13.0890 4420 ohci1394 - ok
17:58:13.0937 4420 [ BB7B0F4BE49BF461CED8103B000D20D5 ] OpcEnum C:\WINDOWS\system32\OpcEnum.exe
17:58:14.0015 4420 OpcEnum - ok
17:58:14.0109 4420 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:58:14.0125 4420 ose - ok
17:58:14.0187 4420 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
17:58:14.0187 4420 Parport - ok
17:58:14.0187 4420 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:58:14.0187 4420 PartMgr - ok
17:58:14.0234 4420 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:58:14.0234 4420 ParVdm - ok
17:58:14.0250 4420 [ 4088C1ECD1F54281A92FA663B0FDC36F ] PBADRV C:\WINDOWS\system32\DRIVERS\PBADRV.sys
17:58:14.0250 4420 PBADRV - ok
17:58:14.0281 4420 [ 1961590AA191B6B7DCF18A6A693AF7B8 ] PCASp50 C:\WINDOWS\system32\Drivers\PCASp50.sys
17:58:14.0281 4420 PCASp50 - ok
17:58:14.0328 4420 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
17:58:14.0328 4420 PCI - ok
17:58:14.0328 4420 pcidnt - ok
17:58:14.0328 4420 PCIDump - ok
17:58:14.0359 4420 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
17:58:14.0359 4420 PCIIde - ok
17:58:14.0375 4420 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
17:58:14.0375 4420 Pcmcia - ok
17:58:14.0390 4420 PDCOMP - ok
17:58:14.0390 4420 PDFRAME - ok
17:58:14.0390 4420 PDRELI - ok
17:58:14.0390 4420 PDRFRAME - ok
17:58:14.0421 4420 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
17:58:14.0421 4420 perc2 - ok
17:58:14.0437 4420 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:58:14.0437 4420 perc2hib - ok
17:58:14.0484 4420 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
17:58:14.0484 4420 PlugPlay - ok
17:58:14.0484 4420 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:58:14.0484 4420 PolicyAgent - ok
17:58:14.0515 4420 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:58:14.0515 4420 PptpMiniport - ok
17:58:14.0515 4420 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:58:14.0515 4420 ProtectedStorage - ok
17:58:14.0515 4420 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:58:14.0515 4420 Ptilink - ok
17:58:14.0546 4420 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:58:14.0546 4420 PxHelp20 - ok
17:58:14.0562 4420 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:58:14.0562 4420 ql1080 - ok
17:58:14.0578 4420 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:58:14.0578 4420 Ql10wnt - ok
17:58:14.0593 4420 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:58:14.0593 4420 ql12160 - ok
17:58:14.0609 4420 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:58:14.0671 4420 ql1240 - ok
17:58:14.0734 4420 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:58:14.0734 4420 ql1280 - ok
17:58:14.0781 4420 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:58:14.0781 4420 RasAcd - ok
17:58:14.0921 4420 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:58:14.0921 4420 RasAuto - ok
17:58:14.0968 4420 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:58:14.0968 4420 Rasl2tp - ok
17:58:14.0984 4420 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:58:14.0984 4420 RasMan - ok
17:58:15.0015 4420 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:58:15.0015 4420 RasPppoe - ok
17:58:15.0015 4420 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:58:15.0015 4420 Raspti - ok
17:58:15.0062 4420 [ 8760BF4D04390B24C910579C063ACF1A ] RAUSBCIP C:\WINDOWS\system32\drivers\rausbcip.sys
17:58:15.0109 4420 RAUSBCIP - ok
17:58:15.0140 4420 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:58:15.0140 4420 Rdbss - ok
17:58:15.0187 4420 [ B0C88108BF49F613DE33B41F526D576B ] RdcyHost C:\Program Files\Common Files\Rockwell\RdcyHost.exe
17:58:15.0187 4420 RdcyHost - ok
17:58:15.0187 4420 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:58:15.0187 4420 RDPCDD - ok
17:58:15.0203 4420 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:58:15.0203 4420 rdpdr - ok
17:58:15.0234 4420 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:58:15.0234 4420 RDPWD - ok
17:58:15.0296 4420 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:58:15.0296 4420 RDSessMgr - ok
17:58:15.0328 4420 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:58:15.0328 4420 redbook - ok
17:58:15.0390 4420 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:58:15.0390 4420 RemoteAccess - ok
17:58:15.0437 4420 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:58:15.0437 4420 RemoteRegistry - ok
17:58:15.0500 4420 [ D13465B5BBB9110C8A0A873DDC09FB8C ] ReportServer C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesService.exe
17:58:15.0500 4420 ReportServer - ok
17:58:15.0531 4420 [ 355AAC141B214BEF1DBC1483AFD9BD50 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
17:58:15.0531 4420 rimmptsk - ok
17:58:15.0593 4420 [ 311304F1654EEBF4F6FE4048B248277F ] RnaAeServer C:\Program Files\Common Files\Rockwell\RnaAeServer.exe
17:58:15.0593 4420 RnaAeServer - ok
17:58:15.0703 4420 [ 423CCE30B97CFF5578B65306ED2A286A ] RnaAlarmMux C:\Program Files\Common Files\Rockwell\RnaAlarmMux.exe
17:58:15.0750 4420 RnaAlarmMux - ok
17:58:15.0843 4420 [ 359A40C85AA5BDAA8BDB1E36C563AB43 ] RNADiagnosticsService C:\Program Files\Common Files\Rockwell\RNADiagnosticsSrv.exe
17:58:15.0859 4420 RNADiagnosticsService - ok
17:58:15.0921 4420 [ 99430979723F72D6D28CF80870459334 ] RNADiagReceiver C:\Program Files\Common Files\Rockwell\RNADiagReceiver.exe
17:58:16.0000 4420 RNADiagReceiver - ok
17:58:16.0062 4420 [ 47A97ABBAB3CFFBA8CB243D2FD06F246 ] RNADirectory C:\Program Files\Common Files\Rockwell\RnaDirServer.exe
17:58:16.0109 4420 RNADirectory - ok
17:58:16.0187 4420 [ 9E37485753388A7DBDC9C8BD48E718AD ] RNADirMultiplexor C:\Program Files\Common Files\Rockwell\RNADirMultiplexor.exe
17:58:16.0218 4420 RNADirMultiplexor - ok
17:58:16.0296 4420 [ A665529CA22F7E319D82CB27456C3F3E ] Rockwell HMI Activity Logger C:\Program Files\Rockwell Software\RSView Enterprise\RsActivityLogServ.exe
17:58:16.0625 4420 Rockwell HMI Activity Logger - ok
17:58:16.0687 4420 [ EB21ACD97AEED43615F84D9E6BF492DB ] Rockwell HMI Alarm Logger C:\Program Files\Rockwell Software\RSView Enterprise\RsAlarmLogServ.exe
17:58:16.0765 4420 Rockwell HMI Alarm Logger - ok
17:58:16.0812 4420 [ A8ACE9BC48A001111D270942DD168C0B ] Rockwell HMI Diagnostics C:\Program Files\Rockwell Software\RSView Enterprise\HMIDIAGNOSTICSLSTADAPT.exe
17:58:16.0812 4420 Rockwell HMI Diagnostics - ok
17:58:16.0890 4420 [ 4E009809410D8B85415B893639C56006 ] Rockwell HMI Framework C:\Program Files\Rockwell Software\RSView Enterprise\ServerFramework.exe
17:58:16.0921 4420 Rockwell HMI Framework - ok
17:58:16.0968 4420 [ 0735A764A1C890BBF1423E619D858B64 ] Rockwell Tag Server C:\Program Files\Rockwell Software\RSView Enterprise\TagSrv.exe
17:58:17.0000 4420 Rockwell Tag Server - ok
17:58:17.0046 4420 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
17:58:17.0046 4420 RpcLocator - ok
17:58:17.0109 4420 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:58:17.0109 4420 RpcSs - ok
17:58:17.0171 4420 [ A95840A95A9FF74B0009E5D848CDDB39 ] RsFx0150 C:\WINDOWS\system32\DRIVERS\RsFx0150.sys
17:58:17.0187 4420 RsFx0150 - ok
17:58:17.0234 4420 [ 9D1AFF516D727612363C03ABDC203380 ] RSI-PKTX-A C:\WINDOWS\System32\drivers\RSI-PKTX-A.SYS
17:58:17.0312 4420 RSI-PKTX-A - ok
17:58:17.0359 4420 [ 2AF65117091A47732F0997330E3DAAE6 ] RsiKtControl C:\WINDOWS\system32\RSIKT.SYS
17:58:17.0390 4420 RsiKtControl - ok
17:58:17.0437 4420 RSLinx - ok
17:58:17.0468 4420 [ 03221F7A5CB3298941FB4788B71D2BAA ] RSLinxNG C:\Program Files\Rockwell Software\RSLinx Enterprise\RSLinxNG.exe
17:58:17.0468 4420 RSLinxNG - ok
17:58:17.0484 4420 [ 9E866A7C540C6A4B21BD5255A2A2BD0D ] RSLINXNGKtControl C:\WINDOWS\System32\drivers\RSIKTNG.SYS
17:58:17.0531 4420 RSLINXNGKtControl - ok
17:58:17.0578 4420 [ B089419975668E2A701178032D652A24 ] RSSERIAL C:\WINDOWS\SYSTEM32\RSSERIAL.SYS
17:58:17.0625 4420 RSSERIAL - ok
17:58:17.0734 4420 [ 914CE503B9386250CC4A825461F04DF3 ] RsvcHost C:\Program Files\Common Files\Rockwell\RsvcHost.exe
17:58:17.0765 4420 RsvcHost - ok
17:58:17.0812 4420 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:58:17.0812 4420 RSVP - ok
17:58:17.0890 4420 SABKUTIL - ok
17:58:17.0906 4420 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
17:58:17.0906 4420 SamSs - ok
17:58:17.0984 4420 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:58:17.0984 4420 SASDIFSV - ok
17:58:18.0000 4420 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:58:18.0000 4420 SASKUTIL - ok
17:58:18.0000 4420 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:58:18.0015 4420 SCardSvr - ok
17:58:18.0015 4420 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:58:18.0031 4420 Schedule - ok
17:58:18.0062 4420 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
17:58:18.0078 4420 sdbus - ok
17:58:18.0093 4420 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:58:18.0093 4420 Secdrv - ok
17:58:18.0125 4420 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:58:18.0140 4420 seclogon - ok
17:58:18.0218 4420 [ 5F91BAD61927DBFC8296D58B61E9DFEB ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
17:58:18.0390 4420 SecureStorageService - ok
17:58:18.0609 4420 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
17:58:18.0625 4420 SENS - ok
17:58:18.0640 4420 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:58:18.0640 4420 Serenum - ok
17:58:18.0687 4420 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:58:18.0687 4420 Serial - ok
17:58:18.0734 4420 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
17:58:18.0750 4420 sffdisk - ok
17:58:18.0781 4420 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
17:58:18.0796 4420 sffp_sd - ok
17:58:18.0828 4420 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:58:18.0828 4420 Sfloppy - ok
17:58:18.0890 4420 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:58:18.0906 4420 SharedAccess - ok
17:58:18.0968 4420 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:58:18.0968 4420 ShellHWDetection - ok
17:58:18.0968 4420 Simbad - ok
17:58:19.0046 4420 [ 1E71D7F3A508B2D7425CB18B834AC654 ] SimModuleService C:\Program Files\Rockwell Software\RSLogix Emulate 5000\SimModuleService.exe
17:58:19.0125 4420 SimModuleService - ok
17:58:19.0171 4420 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:58:19.0171 4420 sisagp - ok
17:58:19.0265 4420 [ 24D62FC9201D172F69C47355D185213B ] SMManager C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe
17:58:19.0265 4420 SMManager - ok
17:58:19.0343 4420 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] SMTPSVC C:\WINDOWS\system32\inetsrv\inetinfo.exe
17:58:19.0343 4420 SMTPSVC - ok
17:58:19.0343 4420 Sntnlusb - ok
17:58:19.0453 4420 [ 692082A7FDCAB0EF31BDA8A4D03F747F ] SONICWALL_NetExtender C:\Program Files\SonicWALL\SSL-VPN\NetExtender\NEService.exe
17:58:19.0453 4420 SONICWALL_NetExtender - ok
17:58:19.0500 4420 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:58:19.0500 4420 Sparrow - ok
17:58:19.0531 4420 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:58:19.0531 4420 splitter - ok
17:58:19.0578 4420 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:58:19.0578 4420 Spooler - ok
17:58:19.0703 4420 [ 37761F6BE2EBAED72CC0D43BD4C8C2A6 ] SQLAgent$FTVIEWX64TAGDB C:\Program Files\Microsoft SQL Server\MSSQL10_50.FTVIEWX64TAGDB\MSSQL\Binn\SQLAGENT.EXE
17:58:19.0718 4420 SQLAgent$FTVIEWX64TAGDB - ok
17:58:19.0812 4420 [ 7D67C07C63796775CC5492BCFEAFF125 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:58:19.0812 4420 SQLBrowser - ok
17:58:19.0906 4420 [ A2B96E2E86E11F9AABF69FB199C28966 ] SQLSERVERAGENT C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE
17:58:19.0906 4420 SQLSERVERAGENT - ok
17:58:19.0937 4420 [ 8E6E5CFA06769A417B03FD6FAA29E010 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:58:19.0937 4420 SQLWriter - ok
17:58:19.0984 4420 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:58:19.0984 4420 sr - ok
17:58:20.0046 4420 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
17:58:20.0046 4420 srservice - ok
17:58:20.0078 4420 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:58:20.0093 4420 Srv - ok
17:58:20.0093 4420 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:58:20.0093 4420 SSDPSRV - ok
17:58:20.0140 4420 [ A7A577C32309FE723FA2EF927464EC6F ] SSLDrv C:\WINDOWS\system32\DRIVERS\SSLDrv.sys
17:58:20.0140 4420 SSLDrv - ok
17:58:20.0203 4420 [ CB2449150A5EA17CAA0B94363D9440CC ] STacSV c:\drivers\audio\r205445\stacsv.exe
17:58:20.0359 4420 STacSV - ok
17:58:20.0390 4420 [ 886C708C91DB573656D64C626468D707 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
17:58:20.0406 4420 STHDA - ok
17:58:20.0437 4420 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:58:20.0437 4420 stisvc - ok
17:58:20.0484 4420 [ DE3E7A2345EBAA3CE8E6957DFB55FB15 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
17:58:20.0546 4420 stllssvr - ok
17:58:20.0562 4420 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:58:20.0562 4420 swenum - ok
17:58:20.0609 4420 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:58:20.0625 4420 swmidi - ok
17:58:20.0625 4420 SwPrv - ok
17:58:20.0671 4420 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
17:58:20.0687 4420 symc810 - ok
17:58:20.0687 4420 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:58:20.0687 4420 symc8xx - ok
17:58:20.0703 4420 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:58:20.0703 4420 sym_hi - ok
17:58:20.0703 4420 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:58:20.0703 4420 sym_u3 - ok
17:58:20.0828 4420 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:58:20.0828 4420 sysaudio - ok
17:58:20.0890 4420 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:58:20.0906 4420 SysmonLog - ok
17:58:20.0937 4420 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:58:20.0937 4420 TapiSrv - ok
17:58:20.0984 4420 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:58:20.0984 4420 Tcpip - ok
17:58:21.0062 4420 [ 13B403A4E6D425AB083966AA1CCD3DA2 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
17:58:21.0156 4420 tcsd_win32.exe - ok
17:58:21.0234 4420 [ 2361CB64F07137E36CDFC07A6CC08D78 ] TdmService C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
17:58:21.0281 4420 TdmService - ok
17:58:21.0312 4420 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:58:21.0312 4420 TDPIPE - ok
17:58:21.0328 4420 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:58:21.0343 4420 TDTCP - ok
17:58:21.0359 4420 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:58:21.0359 4420 TermDD - ok
17:58:21.0406 4420 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
17:58:21.0406 4420 TermService - ok
17:58:21.0437 4420 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
17:58:21.0437 4420 Themes - ok
17:58:21.0468 4420 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:58:21.0468 4420 TlntSvr - ok
17:58:21.0500 4420 [ EB2283C0A4DFBD2E53D14F2C4D5A1E89 ] tmcomm C:\WINDOWS\system32\drivers\tmcomm.sys
17:58:21.0500 4420 tmcomm - ok
17:58:21.0500 4420 TmFilter - ok
17:58:21.0515 4420 tmlisten - ok
17:58:21.0515 4420 TmPreFilter - ok
17:58:21.0515 4420 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
17:58:21.0515 4420 TosIde - ok
17:58:21.0531 4420 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:58:21.0546 4420 TrkWks - ok
17:58:21.0562 4420 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:58:21.0562 4420 Udfs - ok
17:58:21.0593 4420 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
17:58:21.0593 4420 ultra - ok
17:58:21.0625 4420 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:58:21.0625 4420 Update - ok
17:58:22.0359 4420 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:58:22.0375 4420 upnphost - ok
17:58:22.0406 4420 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
17:58:22.0406 4420 UPS - ok
17:58:22.0468 4420 [ C18D6C74953621346DF6B0A11F80C1CC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:58:22.0468 4420 usbccgp - ok
17:58:22.0515 4420 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:58:22.0515 4420 usbehci - ok
17:58:22.0531 4420 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:58:22.0531 4420 usbhub - ok
17:58:22.0562 4420 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:58:22.0562 4420 USBSTOR - ok
17:58:22.0578 4420 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:58:22.0578 4420 usbuhci - ok
17:58:22.0593 4420 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:58:22.0593 4420 VgaSave - ok
17:58:22.0593 4420 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:58:22.0593 4420 viaagp - ok
17:58:22.0609 4420 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
17:58:22.0609 4420 ViaIde - ok
17:58:22.0640 4420 [ EF1536DA74AF467AF81923ACABE12165 ] VirtualBackplane C:\WINDOWS\System32\Drivers\VirtualBackplane.sys
17:58:22.0703 4420 VirtualBackplane - ok
17:58:22.0812 4420 [ 817DA66B1B889FAD1DBF669E0E2F3228 ] vmm C:\WINDOWS\system32\Drivers\vmm.sys
17:58:22.0812 4420 vmm - ok
17:58:22.0828 4420 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:58:22.0828 4420 VolSnap - ok
17:58:22.0890 4420 [ 2ABE8281DB609D8BB1BD1B2F93800D5F ] VPCNetS2 C:\WINDOWS\system32\DRIVERS\VMNetSrv.sys
17:58:22.0890 4420 VPCNetS2 - ok
17:58:22.0890 4420 VSApiNt - ok
17:58:22.0953 4420 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
17:58:22.0968 4420 VSS - ok
17:58:23.0093 4420 [ CBA3F6EF1E70167DB376B4013F71A62B ] vToolbarUpdater12.2.6 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
17:58:23.0125 4420 vToolbarUpdater12.2.6 - ok
17:58:23.0156 4420 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
17:58:23.0156 4420 w32time - ok
17:58:23.0171 4420 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] W3SVC C:\WINDOWS\system32\inetsrv\inetinfo.exe
17:58:23.0171 4420 W3SVC - ok
17:58:23.0187 4420 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:58:23.0187 4420 Wanarp - ok
17:58:23.0250 4420 [ 764F0DFB84184585CC44849F5AE1138A ] WavxDMgr C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
17:58:23.0328 4420 WavxDMgr - ok
17:58:23.0375 4420 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
17:58:23.0390 4420 Wdf01000 - ok
17:58:23.0390 4420 WDICA - ok
17:58:23.0406 4420 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:58:23.0406 4420 wdmaud - ok
17:58:23.0515 4420 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:58:23.0515 4420 WebClient - ok
17:58:23.0546 4420 [ 92CE6497076EAC3083185C44157B3A46 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
17:58:23.0562 4420 winachsf - ok
17:58:23.0656 4420 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:58:23.0656 4420 winmgmt - ok
17:58:23.0875 4420 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:58:23.0921 4420 wlidsvc - ok
17:58:23.0921 4420 wltrysvc - ok
17:58:23.0968 4420 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
17:58:23.0968 4420 WmdmPmSN - ok
17:58:24.0015 4420 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:58:24.0015 4420 Wmi - ok
17:58:24.0062 4420 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:58:24.0062 4420 WmiAcpi - ok
17:58:24.0093 4420 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:58:24.0093 4420 WmiApSrv - ok
17:58:24.0234 4420 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
17:58:24.0265 4420 WMPNetworkSvc - ok
17:58:24.0546 4420 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:58:24.0562 4420 WPFFontCache_v0400 - ok
17:58:24.0609 4420 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:58:24.0625 4420 wscsvc - ok
17:58:24.0703 4420 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:58:24.0703 4420 wuauserv - ok
17:58:24.0796 4420 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:58:24.0796 4420 WudfPf - ok
17:58:24.0812 4420 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:58:24.0812 4420 WudfRd - ok
17:58:24.0828 4420 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:58:24.0828 4420 WudfSvc - ok
17:58:24.0859 4420 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:58:24.0875 4420 WZCSVC - ok
17:58:24.0890 4420 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:58:24.0890 4420 xmlprov - ok
17:58:24.0968 4420 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
17:58:24.0984 4420 YahooAUService - ok
17:58:24.0984 4420 ================ Scan global ===============================
17:58:25.0046 4420 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
17:58:25.0093 4420 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
17:58:25.0109 4420 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
17:58:25.0140 4420 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
17:58:25.0140 4420 [Global] - ok
17:58:25.0140 4420 ================ Scan MBR ==================================
17:58:25.0171 4420 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
17:58:25.0406 4420 \Device\Harddisk0\DR0 - ok
17:58:25.0421 4420 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR5
17:58:25.0468 4420 \Device\Harddisk3\DR5 - ok
17:58:25.0468 4420 ================ Scan VBR ==================================
17:58:25.0468 4420 [ FFADD3C40FD25BF8CCE38CCB781B106C ] \Device\Harddisk0\DR0\Partition1
17:58:25.0468 4420 \Device\Harddisk0\DR0\Partition1 - ok
17:58:25.0468 4420 [ A930B12CFCADF2E94D0DE94123B3FAD9 ] \Device\Harddisk3\DR5\Partition1
17:58:25.0468 4420 \Device\Harddisk3\DR5\Partition1 - ok
17:58:25.0468 4420 ============================================================
17:58:25.0468 4420 Scan finished
17:58:25.0468 4420 ============================================================
17:58:25.0484 4408 Detected object count: 0
17:58:25.0484 4408 Actual detected object count: 0
17:58:32.0859 4192 Deinitialize success

#4 t_bird83

t_bird83
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 24 November 2012 - 06:33 PM

Downloaded FSS and checked all the boxes.

Here are the results.

Farbar Service Scanner Version: 09-11-2012
Ran by travissmith (administrator) on 24-11-2012 at 18:38:01
Running from "C:\Documents and Settings\travissmith\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.

afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.


Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error. Yahoo IP is unreachable
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit

ATTENTION!=====> C:\WINDOWS\system32\Drivers\afd.sys FILE IS MISSING AND SHOULD BE RESTORED.

C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
DNE(14) Gpc(6) IPSec(4) IPSECDRV(1) IPSECSHM(18) NetBT(5) NT_NvcA(22) Tcpip(3) VPCNetS2(16)
0x1D0000000400000001000000020000000300000009000000080000000500000006000000070000000A0000000B0000000C0000000D0000000E0000000F000000100000001100000012000000130000001400000015000000160000001700000018000000190000001A0000001B0000001C0000001D000000
IpSec Tag value is correct.

**** End of log ****

#5 t_bird83

t_bird83
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 24 November 2012 - 07:45 PM

Fixed the firewall issue. From the FSS log you can see that the afd.sys file is missing. I followed these directions and after rebooting the firewall was on. NICE!!!!!


If a file is missing, you need to find a replacement. To find a replacement, type in the missing file in the search box, and then click Search Files. For example, if the afd.sys file is missing, type in afd.sys

Simply copy any found replacement and paste it in the C:\Windows\system32\Drivers folder. How to Navigate the Windows Directory. After the file is pasted, restart the computer.

#6 thisisu

thisisu

  • Malware Response Team
  • 2,525 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:12:03 PM

Posted 24 November 2012 - 08:29 PM

Now that's what I call self help :)
Good job!

#7 t_bird83

t_bird83
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:12:03 PM

Posted 25 November 2012 - 10:17 AM

This is an awesome site! I was only able to fix the problem by reading the responses from posts with similar problems. What a great resource!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users