Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 8 - Strange Behavior


  • Please log in to reply
16 replies to this topic

#1 street9009

street9009

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 01 February 2013 - 08:09 PM

I have a Windows 8 Professional machine that is acting very strange. The owner has no discernment when downloading or running programs, spends a LOT of time on Facebook, etc. and the PC just doesn't act right. Symantec Endpoint is throwing error messages (mslldp.sys has been prevented from running). His Excel doesn't detect that files have changed and just closes. Yesterday the time in the system tray stopped updating, his video stops responding...etc.

I KNOW it has to do with something he's done to the PC. The hardware is brand new. But I've scanned it with the latest Spybot, Malwarebytes, and Microsoft Antiwpyware tools and found nothing. Symantec also turned up nothing. I've got Windows 8 on an identical machine and I have no trouble with mine so I know he's gone and corrupted or infected something.

From what I've read- ComboFix isn't ready for Windows 8 yet so I'm unsure of what else to run.

Appreciate any help anyone can provide.

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:26 AM

Posted 02 February 2013 - 05:02 PM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
- Do NOT backup any unknown files ending in .exe, .com, .scr, .pif, and .bat since files of these types are more likely to be infected.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the boxes next to Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply. - If the log is too long, then split it into multiple posts.


:step2:

Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[R1].txt as well.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 street9009

street9009
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 02 February 2013 - 05:58 PM

Thanks for the reply. The next 4 posts will be the contents of the logs you've asked for, in the order which they were posted above. Appreciate it!

#4 street9009

street9009
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 02 February 2013 - 06:01 PM

17:48:18.0895 6580 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:48:19.0270 6580 ============================================================
17:48:19.0270 6580 Current date / time: 2013/02/02 17:48:19.0270
17:48:19.0270 6580 SystemInfo:
17:48:19.0270 6580
17:48:19.0270 6580 OS Version: 6.2.9200 ServicePack: 0.0
17:48:19.0270 6580 Product type: Workstation
17:48:19.0270 6580 ComputerName: DONR
17:48:19.0270 6580 UserName: DonR
17:48:19.0270 6580 Windows directory: C:\WINDOWS
17:48:19.0270 6580 System windows directory: C:\WINDOWS
17:48:19.0270 6580 Running under WOW64
17:48:19.0270 6580 Processor architecture: Intel x64
17:48:19.0270 6580 Number of processors: 8
17:48:19.0270 6580 Page size: 0x1000
17:48:19.0270 6580 Boot type: Normal boot
17:48:19.0270 6580 ============================================================
17:48:19.0488 6580 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:48:19.0504 6580 ============================================================
17:48:19.0504 6580 \Device\Harddisk0\DR0:
17:48:19.0504 6580 MBR partitions:
17:48:19.0504 6580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1F48000
17:48:19.0504 6580 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1F5C000, BlocksNum 0x727AA000
17:48:19.0504 6580 ============================================================
17:48:19.0520 6580 C: <-> \Device\Harddisk0\DR0\Partition2
17:48:19.0520 6580 ============================================================
17:48:19.0520 6580 Initialize success
17:48:19.0520 6580 ============================================================
17:49:01.0662 3580 ============================================================
17:49:01.0662 3580 Scan started
17:49:01.0662 3580 Mode: Manual; SigCheck; TDLFS;
17:49:01.0662 3580 ============================================================
17:49:02.0100 3580 ================ Scan system memory ========================
17:49:02.0100 3580 System memory - ok
17:49:02.0100 3580 ================ Scan services =============================
17:49:02.0209 3580 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
17:49:02.0256 3580 1394ohci - ok
17:49:02.0272 3580 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
17:49:02.0287 3580 3ware - ok
17:49:02.0319 3580 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
17:49:02.0334 3580 ACPI - ok
17:49:02.0350 3580 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
17:49:02.0350 3580 acpiex - ok
17:49:02.0381 3580 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
17:49:02.0397 3580 acpipagr - ok
17:49:02.0412 3580 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
17:49:02.0428 3580 AcpiPmi - ok
17:49:02.0444 3580 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
17:49:02.0444 3580 acpitime - ok
17:49:02.0538 3580 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:49:02.0538 3580 AdobeARMservice - ok
17:49:02.0553 3580 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
17:49:02.0569 3580 adp94xx - ok
17:49:02.0584 3580 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
17:49:02.0600 3580 adpahci - ok
17:49:02.0616 3580 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
17:49:02.0616 3580 adpu320 - ok
17:49:02.0647 3580 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
17:49:02.0678 3580 AeLookupSvc - ok
17:49:02.0709 3580 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\WINDOWS\system32\drivers\afd.sys
17:49:02.0709 3580 AFD - ok
17:49:02.0725 3580 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
17:49:02.0741 3580 agp440 - ok
17:49:02.0756 3580 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe
17:49:02.0803 3580 ALG - ok
17:49:02.0819 3580 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
17:49:02.0834 3580 AllUserInstallAgent - ok
17:49:02.0866 3580 [ 4C1E3649C89C7D542CD18ECC5210099D ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
17:49:02.0897 3580 AMD External Events Utility - ok
17:49:02.0913 3580 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
17:49:02.0944 3580 AmdK8 - ok
17:49:03.0084 3580 [ A3C0A15B39F979E8F3EABA901D72ECD7 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
17:49:03.0272 3580 amdkmdag - ok
17:49:03.0288 3580 [ 20F3CD38B107C1BD747C0EA37D450165 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
17:49:03.0319 3580 amdkmdap - ok
17:49:03.0334 3580 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
17:49:03.0350 3580 AmdPPM - ok
17:49:03.0366 3580 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
17:49:03.0366 3580 amdsata - ok
17:49:03.0381 3580 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
17:49:03.0397 3580 amdsbs - ok
17:49:03.0413 3580 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
17:49:03.0413 3580 amdxata - ok
17:49:03.0506 3580 [ 2E1247529C4DB2591905641390D99C39 ] AMPAgent C:\Program Files (x86)\Dell\KACE\AMPAgent.exe
17:49:03.0569 3580 AMPAgent - ok
17:49:03.0616 3580 [ 823F34D1DEF120A657BB7529ABF4461F ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
17:49:03.0631 3580 AppHostSvc - ok
17:49:03.0647 3580 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys
17:49:03.0678 3580 AppID - ok
17:49:03.0709 3580 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
17:49:03.0725 3580 AppIDSvc - ok
17:49:03.0741 3580 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\WINDOWS\System32\appinfo.dll
17:49:03.0772 3580 Appinfo - ok
17:49:03.0788 3580 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:49:03.0819 3580 AppMgmt - ok
17:49:03.0834 3580 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys
17:49:03.0834 3580 arc - ok
17:49:03.0850 3580 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
17:49:03.0850 3580 arcsas - ok
17:49:03.0928 3580 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:49:03.0928 3580 aspnet_state - ok
17:49:03.0944 3580 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:49:03.0975 3580 AsyncMac - ok
17:49:03.0991 3580 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
17:49:03.0991 3580 atapi - ok
17:49:04.0022 3580 [ 2B3B05C0A7768BF033217EB8F33F9C35 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW76.sys
17:49:04.0022 3580 AtiHDAudioService - ok
17:49:04.0069 3580 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:49:04.0100 3580 AudioEndpointBuilder - ok
17:49:04.0147 3580 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
17:49:04.0163 3580 Audiosrv - ok
17:49:04.0178 3580 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
17:49:04.0194 3580 AxInstSV - ok
17:49:04.0225 3580 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
17:49:04.0241 3580 b06bdrv - ok
17:49:04.0256 3580 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:49:04.0272 3580 BasicDisplay - ok
17:49:04.0272 3580 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
17:49:04.0288 3580 BasicRender - ok
17:49:04.0319 3580 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
17:49:04.0350 3580 BDESVC - ok
17:49:04.0366 3580 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:49:04.0366 3580 Beep - ok
17:49:04.0413 3580 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\WINDOWS\System32\bfe.dll
17:49:04.0428 3580 BFE - ok
17:49:04.0569 3580 [ 866335C9C0E6733C753FB472C539A6B9 ] BHDrvx64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\BASHDefs\20130116.011\BHDrvx64.sys
17:49:04.0600 3580 BHDrvx64 - ok
17:49:04.0631 3580 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll
17:49:04.0663 3580 BITS - ok
17:49:04.0678 3580 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
17:49:04.0694 3580 bowser - ok
17:49:04.0725 3580 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:49:04.0756 3580 BrokerInfrastructure - ok
17:49:04.0788 3580 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll
17:49:04.0819 3580 Browser - ok
17:49:04.0834 3580 [ 3AA4309EBD9491E516F13FE3DC752FEE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:49:04.0866 3580 BthAvrcpTg - ok
17:49:04.0881 3580 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
17:49:04.0913 3580 BthHFEnum - ok
17:49:04.0928 3580 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
17:49:04.0944 3580 bthhfhid - ok
17:49:04.0959 3580 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
17:49:04.0991 3580 BTHMODEM - ok
17:49:05.0006 3580 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll
17:49:05.0006 3580 bthserv - ok
17:49:05.0053 3580 [ 248C952C82DF1E23775432774CBB20F1 ] ccSettings_{3771A34D-2132-48EA-A486-D62ECDF9D553} C:\WINDOWS\system32\Drivers\SEP\0C0107DF\07DF.105\x64\ccSetx64.sys
17:49:05.0069 3580 ccSettings_{3771A34D-2132-48EA-A486-D62ECDF9D553} - ok
17:49:05.0085 3580 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:49:05.0100 3580 cdfs - ok
17:49:05.0100 3580 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
17:49:05.0131 3580 cdrom - ok
17:49:05.0163 3580 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
17:49:05.0178 3580 CertPropSvc - ok
17:49:05.0194 3580 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
17:49:05.0210 3580 circlass - ok
17:49:05.0225 3580 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
17:49:05.0241 3580 CLFS - ok
17:49:05.0241 3580 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
17:49:05.0272 3580 CmBatt - ok
17:49:05.0303 3580 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
17:49:05.0319 3580 CNG - ok
17:49:05.0319 3580 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
17:49:05.0335 3580 CompositeBus - ok
17:49:05.0335 3580 COMSysApp - ok
17:49:05.0350 3580 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys
17:49:05.0366 3580 condrv - ok
17:49:05.0366 3580 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
17:49:05.0381 3580 CryptSvc - ok
17:49:05.0413 3580 [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC C:\WINDOWS\system32\drivers\csc.sys
17:49:05.0428 3580 CSC - ok
17:49:05.0444 3580 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll
17:49:05.0475 3580 CscService - ok
17:49:05.0491 3580 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\WINDOWS\system32\drivers\dam.sys
17:49:05.0491 3580 dam - ok
17:49:05.0538 3580 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:49:05.0585 3580 DcomLaunch - ok
17:49:05.0600 3580 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
17:49:05.0647 3580 defragsvc - ok
17:49:05.0710 3580 [ 9CA58EBF967034E68F155AEE1AC84A0D ] Dell B1265dnf Network Fax Server C:\Windows\system32\spool\drivers\x64\3\D1265fServer64.exe
17:49:05.0710 3580 Dell B1265dnf Network Fax Server ( UnsignedFile.Multi.Generic ) - warning
17:49:05.0710 3580 Dell B1265dnf Network Fax Server - detected UnsignedFile.Multi.Generic (1)
17:49:05.0725 3580 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:49:05.0756 3580 DeviceAssociationService - ok
17:49:05.0788 3580 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
17:49:05.0850 3580 DeviceInstall - ok
17:49:05.0897 3580 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
17:49:05.0913 3580 Dfsc - ok
17:49:05.0944 3580 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:49:05.0944 3580 dg_ssudbus - ok
17:49:05.0960 3580 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
17:49:05.0991 3580 Dhcp - ok
17:49:06.0006 3580 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys
17:49:06.0022 3580 discache - ok
17:49:06.0022 3580 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys
17:49:06.0038 3580 disk - ok
17:49:06.0053 3580 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
17:49:06.0053 3580 dmvsc - ok
17:49:06.0069 3580 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:49:06.0116 3580 Dnscache - ok
17:49:06.0131 3580 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
17:49:06.0147 3580 dot3svc - ok
17:49:06.0163 3580 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll
17:49:06.0178 3580 DPS - ok
17:49:06.0210 3580 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:49:06.0225 3580 drmkaud - ok
17:49:06.0241 3580 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
17:49:06.0272 3580 DsmSvc - ok
17:49:06.0288 3580 [ 898BF1647BBF012B38EF45C7F9F7A67E ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:49:06.0335 3580 DXGKrnl - ok
17:49:06.0366 3580 [ 5DB7CEB8FB44ABF01614E33BAD2056E0 ] e1cexpress C:\WINDOWS\system32\DRIVERS\e1c62x64.sys
17:49:06.0381 3580 e1cexpress - ok
17:49:06.0397 3580 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
17:49:06.0413 3580 Eaphost - ok
17:49:06.0460 3580 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
17:49:06.0538 3580 ebdrv - ok
17:49:06.0569 3580 [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:49:06.0585 3580 eeCtrl - ok
17:49:06.0585 3580 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\WINDOWS\System32\lsass.exe
17:49:06.0600 3580 EFS - ok
17:49:06.0631 3580 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
17:49:06.0647 3580 EhStorClass - ok
17:49:06.0663 3580 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:49:06.0663 3580 EhStorTcgDrv - ok
17:49:06.0694 3580 [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:49:06.0694 3580 EraserUtilRebootDrv - ok
17:49:06.0710 3580 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
17:49:06.0725 3580 ErrDev - ok
17:49:06.0772 3580 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll
17:49:06.0788 3580 EventSystem - ok
17:49:06.0803 3580 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
17:49:06.0819 3580 exfat - ok
17:49:06.0835 3580 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
17:49:06.0835 3580 fastfat - ok
17:49:06.0866 3580 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe
17:49:06.0881 3580 Fax - ok
17:49:06.0897 3580 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
17:49:06.0913 3580 fdc - ok
17:49:06.0913 3580 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll
17:49:06.0928 3580 fdPHost - ok
17:49:06.0944 3580 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll
17:49:06.0960 3580 FDResPub - ok
17:49:06.0975 3580 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
17:49:06.0991 3580 fhsvc - ok
17:49:07.0006 3580 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
17:49:07.0022 3580 FileInfo - ok
17:49:07.0038 3580 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
17:49:07.0038 3580 Filetrace - ok
17:49:07.0053 3580 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
17:49:07.0069 3580 flpydisk - ok
17:49:07.0085 3580 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:49:07.0100 3580 FltMgr - ok
17:49:07.0131 3580 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\WINDOWS\system32\FntCache.dll
17:49:07.0163 3580 FontCache - ok
17:49:07.0225 3580 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:49:07.0225 3580 FontCache3.0.0.0 - ok
17:49:07.0241 3580 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
17:49:07.0241 3580 FsDepends - ok
17:49:07.0256 3580 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:49:07.0256 3580 Fs_Rec - ok
17:49:07.0303 3580 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:49:07.0319 3580 fvevol - ok
17:49:07.0335 3580 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
17:49:07.0335 3580 FxPPM - ok
17:49:07.0350 3580 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
17:49:07.0350 3580 gagp30kx - ok
17:49:07.0366 3580 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
17:49:07.0381 3580 gencounter - ok
17:49:07.0397 3580 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:49:07.0397 3580 GPIOClx0101 - ok
17:49:07.0428 3580 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
17:49:07.0444 3580 gpsvc - ok
17:49:07.0491 3580 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:49:07.0491 3580 gupdate - ok
17:49:07.0491 3580 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:49:07.0507 3580 gupdatem - ok
17:49:07.0522 3580 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:49:07.0522 3580 gusvc - ok
17:49:07.0553 3580 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
17:49:07.0585 3580 HDAudBus - ok
17:49:07.0600 3580 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
17:49:07.0600 3580 HidBatt - ok
17:49:07.0616 3580 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
17:49:07.0632 3580 HidBth - ok
17:49:07.0647 3580 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
17:49:07.0678 3580 hidi2c - ok
17:49:07.0678 3580 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
17:49:07.0694 3580 HidIr - ok
17:49:07.0710 3580 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll
17:49:07.0725 3580 hidserv - ok
17:49:07.0741 3580 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
17:49:07.0757 3580 HidUsb - ok
17:49:07.0757 3580 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
17:49:07.0788 3580 hkmsvc - ok
17:49:07.0803 3580 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:49:07.0835 3580 HomeGroupListener - ok
17:49:07.0866 3580 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:49:07.0882 3580 HomeGroupProvider - ok
17:49:07.0897 3580 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
17:49:07.0913 3580 HpSAMD - ok
17:49:07.0928 3580 [ 29CB98187BB5711F7759540976D295FC ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
17:49:07.0944 3580 HTTP - ok
17:49:07.0960 3580 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
17:49:07.0960 3580 hwpolicy - ok
17:49:07.0975 3580 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
17:49:07.0991 3580 hyperkbd - ok
17:49:07.0991 3580 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:49:08.0022 3580 HyperVideo - ok
17:49:08.0038 3580 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
17:49:08.0053 3580 i8042prt - ok
17:49:08.0085 3580 [ CCFA835960E35F30D28A868E0B3B8722 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
17:49:08.0085 3580 iaStor - ok
17:49:08.0147 3580 [ 1F35EFEC56CD1BF62435EAF97EABC3B3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:49:08.0147 3580 IAStorDataMgrSvc - ok
17:49:08.0163 3580 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
17:49:08.0178 3580 iaStorV - ok
17:49:08.0241 3580 [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\IPSDefs\20130201.011\IDSvia64.sys
17:49:08.0257 3580 IDSVia64 - ok
17:49:08.0272 3580 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
17:49:08.0272 3580 iirsp - ok
17:49:08.0319 3580 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
17:49:08.0350 3580 IKEEXT - ok
17:49:08.0428 3580 [ 392FC7BC8144D0072335AF1F69BDCE9D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTDVHD64.sys
17:49:08.0507 3580 IntcAzAudAddService - ok
17:49:08.0522 3580 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
17:49:08.0522 3580 intelide - ok
17:49:08.0553 3580 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
17:49:08.0585 3580 intelppm - ok
17:49:08.0585 3580 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:49:08.0600 3580 IpFilterDriver - ok
17:49:08.0647 3580 [ CAC5202757EF68C4849B0DFFA75F6D3C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
17:49:08.0678 3580 iphlpsvc - ok
17:49:08.0694 3580 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:49:08.0725 3580 IPMIDRV - ok
17:49:08.0725 3580 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
17:49:08.0741 3580 IPNAT - ok
17:49:08.0757 3580 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
17:49:08.0788 3580 IRENUM - ok
17:49:08.0803 3580 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
17:49:08.0819 3580 isapnp - ok
17:49:08.0835 3580 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
17:49:08.0835 3580 iScsiPrt - ok
17:49:08.0850 3580 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
17:49:08.0850 3580 kbdclass - ok
17:49:08.0866 3580 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
17:49:08.0882 3580 kbdhid - ok
17:49:08.0897 3580 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:49:08.0928 3580 kdnic - ok
17:49:08.0928 3580 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\WINDOWS\system32\lsass.exe
17:49:08.0944 3580 KeyIso - ok
17:49:08.0960 3580 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
17:49:08.0975 3580 KSecDD - ok
17:49:08.0991 3580 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:49:09.0007 3580 KSecPkg - ok
17:49:09.0007 3580 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
17:49:09.0038 3580 ksthunk - ok
17:49:09.0053 3580 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
17:49:09.0069 3580 KtmRm - ok
17:49:09.0116 3580 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
17:49:09.0132 3580 LanmanServer - ok
17:49:09.0147 3580 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:49:09.0163 3580 LanmanWorkstation - ok
17:49:09.0241 3580 [ 577D17C209DDA99AB3F1067AF6CC2BC4 ] LiveUpdate C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
17:49:09.0303 3580 LiveUpdate - ok
17:49:09.0335 3580 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:49:09.0350 3580 lltdio - ok
17:49:09.0382 3580 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
17:49:09.0382 3580 lltdsvc - ok
17:49:09.0397 3580 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
17:49:09.0413 3580 lmhosts - ok
17:49:09.0428 3580 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
17:49:09.0444 3580 LSI_SAS - ok
17:49:09.0460 3580 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:49:09.0460 3580 LSI_SAS2 - ok
17:49:09.0475 3580 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
17:49:09.0475 3580 LSI_SCSI - ok
17:49:09.0491 3580 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
17:49:09.0491 3580 LSI_SSS - ok
17:49:09.0522 3580 [ 8FEFDCEE40B75FD23B4BC60DA6576113 ] LSM C:\WINDOWS\System32\lsm.dll
17:49:09.0522 3580 LSM - ok
17:49:09.0538 3580 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
17:49:09.0553 3580 luafv - ok
17:49:09.0569 3580 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
17:49:09.0569 3580 megasas - ok
17:49:09.0585 3580 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
17:49:09.0600 3580 MegaSR - ok
17:49:09.0632 3580 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\WINDOWS\system32\mmcss.dll
17:49:09.0647 3580 MMCSS - ok
17:49:09.0663 3580 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys
17:49:09.0678 3580 Modem - ok
17:49:09.0710 3580 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys
17:49:09.0741 3580 monitor - ok
17:49:09.0757 3580 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
17:49:09.0757 3580 mouclass - ok
17:49:09.0772 3580 [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
17:49:09.0788 3580 mouhid - ok
17:49:09.0804 3580 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
17:49:09.0819 3580 mountmgr - ok
17:49:09.0850 3580 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
17:49:09.0866 3580 mpsdrv - ok
17:49:09.0897 3580 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
17:49:09.0913 3580 MpsSvc - ok
17:49:09.0944 3580 [ 866AF645A3B1F4358C4201CE089839EA ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
17:49:09.0960 3580 MQAC - ok
17:49:09.0991 3580 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
17:49:09.0991 3580 MRxDAV - ok
17:49:10.0022 3580 [ 877D60D6E4156EC4A2E0B6871D41BED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:49:10.0054 3580 mrxsmb - ok
17:49:10.0085 3580 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:49:10.0085 3580 mrxsmb10 - ok
17:49:10.0100 3580 [ E078446D4B8622AA6030C7B8A1A08962 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:49:10.0100 3580 mrxsmb20 - ok
17:49:10.0116 3580 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
17:49:10.0147 3580 MsBridge - ok
17:49:10.0163 3580 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
17:49:10.0179 3580 MSDTC - ok
17:49:10.0210 3580 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:49:10.0225 3580 Msfs - ok
17:49:10.0241 3580 [ C9BFB0353099B071E70299549C18C8AE ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:49:10.0241 3580 msgpiowin32 - ok
17:49:10.0257 3580 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:49:10.0272 3580 mshidkmdf - ok
17:49:10.0288 3580 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
17:49:10.0304 3580 mshidumdf - ok
17:49:10.0304 3580 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
17:49:10.0304 3580 msisadrv - ok
17:49:10.0335 3580 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
17:49:10.0350 3580 MSiSCSI - ok
17:49:10.0350 3580 msiserver - ok
17:49:10.0366 3580 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:49:10.0366 3580 MSKSSRV - ok
17:49:10.0382 3580 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:49:10.0397 3580 MsLldp - ok
17:49:10.0413 3580 [ 80FF037D6184FFACB2740A50C7949D20 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
17:49:10.0444 3580 MSMQ - ok
17:49:10.0444 3580 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:49:10.0460 3580 MSPCLOCK - ok
17:49:10.0460 3580 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:49:10.0475 3580 MSPQM - ok
17:49:10.0491 3580 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
17:49:10.0507 3580 MsRPC - ok
17:49:10.0507 3580 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
17:49:10.0522 3580 mssmbios - ok
17:49:10.0538 3580 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:49:10.0538 3580 MSTEE - ok
17:49:10.0554 3580 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
17:49:10.0569 3580 MTConfig - ok
17:49:10.0585 3580 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
17:49:10.0585 3580 Mup - ok
17:49:10.0600 3580 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
17:49:10.0600 3580 mvumis - ok
17:49:10.0632 3580 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll
17:49:10.0647 3580 napagent - ok
17:49:10.0663 3580 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:49:10.0694 3580 NativeWifiP - ok
17:49:10.0741 3580 [ 88A2F45CE66B904285978D6BB13AFEB2 ] NAVENG C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20130201.033\ENG64.SYS
17:49:10.0757 3580 NAVENG - ok
17:49:10.0788 3580 [ D2A545DA3A90BBFA40E020C23F1B7A48 ] NAVEX15 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Data\Definitions\VirusDefs\20130201.033\EX64.SYS
17:49:10.0819 3580 NAVEX15 - ok
17:49:10.0835 3580 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
17:49:10.0850 3580 NcaSvc - ok
17:49:10.0866 3580 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
17:49:10.0897 3580 NcdAutoSetup - ok
17:49:10.0929 3580 [ 0F89AE618DBA5D8AB7A2DFCC375F4159 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
17:49:10.0960 3580 NDIS - ok
17:49:10.0975 3580 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:49:10.0991 3580 NdisCap - ok
17:49:10.0991 3580 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:49:11.0007 3580 NdisImPlatform - ok
17:49:11.0022 3580 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:49:11.0054 3580 NdisTapi - ok
17:49:11.0069 3580 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:49:11.0085 3580 Ndisuio - ok
17:49:11.0100 3580 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:49:11.0100 3580 NdisWan - ok
17:49:11.0100 3580 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:49:11.0116 3580 NDISWANLEGACY - ok
17:49:11.0132 3580 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:49:11.0132 3580 NDProxy - ok
17:49:11.0147 3580 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
17:49:11.0179 3580 Ndu - ok
17:49:11.0179 3580 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:49:11.0194 3580 NetBIOS - ok
17:49:11.0210 3580 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:49:11.0210 3580 NetBT - ok
17:49:11.0225 3580 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\WINDOWS\system32\lsass.exe
17:49:11.0241 3580 Netlogon - ok
17:49:11.0241 3580 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll
17:49:11.0272 3580 Netman - ok
17:49:11.0304 3580 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:11.0319 3580 NetMsmqActivator - ok
17:49:11.0319 3580 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:11.0319 3580 NetPipeActivator - ok
17:49:11.0335 3580 [ 20F6FD63E6D456114BC8056D62792786 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
17:49:11.0350 3580 netprofm - ok
17:49:11.0350 3580 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:11.0350 3580 NetTcpActivator - ok
17:49:11.0366 3580 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:49:11.0366 3580 NetTcpPortSharing - ok
17:49:11.0413 3580 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
17:49:11.0413 3580 nfrd960 - ok
17:49:11.0444 3580 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
17:49:11.0475 3580 NlaSvc - ok
17:49:11.0475 3580 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:49:11.0507 3580 Npfs - ok
17:49:11.0522 3580 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
17:49:11.0538 3580 npsvctrig - ok
17:49:11.0554 3580 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll
17:49:11.0569 3580 nsi - ok
17:49:11.0569 3580 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
17:49:11.0585 3580 nsiproxy - ok
17:49:11.0616 3580 [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:49:11.0663 3580 Ntfs - ok
17:49:11.0663 3580 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys
17:49:11.0694 3580 Null - ok
17:49:11.0710 3580 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
17:49:11.0710 3580 nvraid - ok
17:49:11.0725 3580 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
17:49:11.0725 3580 nvstor - ok
17:49:11.0741 3580 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
17:49:11.0757 3580 nv_agp - ok
17:49:11.0788 3580 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:49:11.0788 3580 ose - ok
17:49:11.0929 3580 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:49:12.0007 3580 osppsvc - ok
17:49:12.0054 3580 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
17:49:12.0069 3580 p2pimsvc - ok
17:49:12.0085 3580 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
17:49:12.0100 3580 p2psvc - ok
17:49:12.0116 3580 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\WINDOWS\System32\drivers\parport.sys
17:49:12.0116 3580 Parport - ok
17:49:12.0147 3580 [ C1D7BA7F0DE487DFEEB51BF8D3EC5562 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
17:49:12.0147 3580 partmgr - ok
17:49:12.0179 3580 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
17:49:12.0210 3580 PcaSvc - ok
17:49:12.0272 3580 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
17:49:12.0272 3580 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
17:49:12.0288 3580 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\WINDOWS\system32\drivers\pci.sys
17:49:12.0304 3580 pci - ok
17:49:12.0319 3580 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
17:49:12.0319 3580 pciide - ok
17:49:12.0335 3580 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
17:49:12.0351 3580 pcmcia - ok
17:49:12.0351 3580 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
17:49:12.0366 3580 pcw - ok
17:49:12.0382 3580 [ EF9B4F3136B4C45F421ADE6871659FB6 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
17:49:12.0397 3580 pdc - ok
17:49:12.0413 3580 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
17:49:12.0429 3580 PEAUTH - ok
17:49:12.0476 3580 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
17:49:12.0522 3580 PeerDistSvc - ok
17:49:12.0601 3580 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
17:49:12.0616 3580 PerfHost - ok
17:49:12.0647 3580 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\WINDOWS\system32\pla.dll
17:49:12.0679 3580 pla - ok
17:49:12.0694 3580 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
17:49:12.0710 3580 PlugPlay - ok
17:49:12.0710 3580 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
17:49:12.0741 3580 PNRPAutoReg - ok
17:49:12.0757 3580 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
17:49:12.0757 3580 PNRPsvc - ok
17:49:12.0788 3580 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
17:49:12.0819 3580 PolicyAgent - ok
17:49:12.0851 3580 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\WINDOWS\system32\umpo.dll
17:49:12.0882 3580 Power - ok
17:49:12.0897 3580 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:49:12.0913 3580 PptpMiniport - ok
17:49:12.0991 3580 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
17:49:13.0054 3580 PrintNotify - ok
17:49:13.0069 3580 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\WINDOWS\System32\drivers\processr.sys
17:49:13.0069 3580 Processor - ok
17:49:13.0085 3580 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\WINDOWS\system32\profsvc.dll
17:49:13.0101 3580 ProfSvc - ok
17:49:13.0101 3580 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
17:49:13.0132 3580 Psched - ok
17:49:13.0147 3580 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\WINDOWS\system32\qwave.dll
17:49:13.0163 3580 QWAVE - ok
17:49:13.0163 3580 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
17:49:13.0179 3580 QWAVEdrv - ok
17:49:13.0194 3580 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:49:13.0194 3580 RasAcd - ok
17:49:13.0210 3580 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
17:49:13.0226 3580 RasAgileVpn - ok
17:49:13.0241 3580 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:49:13.0257 3580 RasAuto - ok
17:49:13.0272 3580 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:49:13.0272 3580 Rasl2tp - ok
17:49:13.0288 3580 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:49:13.0319 3580 RasMan - ok
17:49:13.0319 3580 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:49:13.0335 3580 RasPppoe - ok
17:49:13.0351 3580 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
17:49:13.0351 3580 RasSstp - ok
17:49:13.0382 3580 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:49:13.0397 3580 rdbss - ok
17:49:13.0413 3580 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
17:49:13.0444 3580 rdpbus - ok
17:49:13.0491 3580 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
17:49:13.0507 3580 RDPDR - ok
17:49:13.0522 3580 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:49:13.0554 3580 RdpVideoMiniport - ok
17:49:13.0554 3580 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:49:13.0569 3580 RDPWD - ok
17:49:13.0601 3580 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
17:49:13.0601 3580 rdyboost - ok
17:49:13.0632 3580 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:49:13.0647 3580 RemoteAccess - ok
17:49:13.0647 3580 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:49:13.0663 3580 RemoteRegistry - ok
17:49:13.0694 3580 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
17:49:13.0710 3580 RpcEptMapper - ok
17:49:13.0726 3580 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\WINDOWS\system32\locator.exe
17:49:13.0741 3580 RpcLocator - ok
17:49:13.0788 3580 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:49:13.0804 3580 RpcSs - ok
17:49:13.0819 3580 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:49:13.0835 3580 rspndr - ok
17:49:13.0851 3580 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
17:49:13.0866 3580 s3cap - ok
17:49:13.0882 3580 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\WINDOWS\system32\lsass.exe
17:49:13.0897 3580 SamSs - ok
17:49:13.0913 3580 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
17:49:13.0913 3580 sbp2port - ok
17:49:13.0976 3580 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
17:49:13.0991 3580 SBSDWSCService - ok
17:49:14.0007 3580 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
17:49:14.0038 3580 SCardSvr - ok
17:49:14.0054 3580 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:49:14.0069 3580 scfilter - ok
17:49:14.0101 3580 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:49:14.0132 3580 Schedule - ok
17:49:14.0163 3580 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
17:49:14.0163 3580 SCPolicySvc - ok
17:49:14.0194 3580 [ 66E29CADF9FF6C8325C356BDD617F7EA ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
17:49:14.0194 3580 sdbus - ok
17:49:14.0210 3580 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
17:49:14.0241 3580 SDRSVC - ok
17:49:14.0304 3580 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
17:49:14.0319 3580 SDScannerService - ok
17:49:14.0335 3580 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
17:49:14.0335 3580 sdstor - ok
17:49:14.0397 3580 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:49:14.0413 3580 SDUpdateService - ok
17:49:14.0429 3580 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:49:14.0429 3580 SDWSCService - ok
17:49:14.0460 3580 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
17:49:14.0460 3580 secdrv - ok
17:49:14.0476 3580 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\WINDOWS\system32\seclogon.dll
17:49:14.0476 3580 seclogon - ok
17:49:14.0491 3580 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\WINDOWS\System32\sens.dll
17:49:14.0491 3580 SENS - ok
17:49:14.0523 3580 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
17:49:14.0523 3580 SensrSvc - ok
17:49:14.0616 3580 [ 59BAE636BD55295307296093FADEC771 ] SepMasterService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exe
17:49:14.0616 3580 SepMasterService - ok
17:49:14.0632 3580 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
17:49:14.0663 3580 SerCx - ok
17:49:14.0679 3580 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
17:49:14.0694 3580 Serenum - ok
17:49:14.0710 3580 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\WINDOWS\System32\drivers\serial.sys
17:49:14.0726 3580 Serial - ok
17:49:14.0741 3580 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
17:49:14.0757 3580 sermouse - ok
17:49:14.0773 3580 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\WINDOWS\system32\sessenv.dll
17:49:14.0804 3580 SessionEnv - ok
17:49:14.0804 3580 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
17:49:14.0819 3580 sfloppy - ok
17:49:14.0851 3580 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:49:14.0866 3580 SharedAccess - ok
17:49:14.0882 3580 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:49:14.0913 3580 ShellHWDetection - ok
17:49:14.0929 3580 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:49:14.0929 3580 SiSRaid2 - ok
17:49:14.0944 3580 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
17:49:14.0960 3580 SiSRaid4 - ok
17:49:14.0991 3580 [ 014EC99CC1C892B5B6BA65776592E7B4 ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\Smc.exe
17:49:15.0038 3580 SmcService - ok
17:49:15.0069 3580 [ 88078B50B806B8E8A4A08E547C0D6492 ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\snac64.exe
17:49:15.0085 3580 SNAC - ok
17:49:15.0085 3580 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
17:49:15.0116 3580 SNMPTRAP - ok
17:49:15.0132 3580 [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
17:49:15.0132 3580 spaceport - ok
17:49:15.0148 3580 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
17:49:15.0163 3580 SpbCx - ok
17:49:15.0179 3580 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\WINDOWS\System32\spoolsv.exe
17:49:15.0194 3580 Spooler - ok
17:49:15.0257 3580 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\WINDOWS\system32\sppsvc.exe
17:49:15.0335 3580 sppsvc - ok
17:49:15.0398 3580 [ BFF91C4FF4A2FEDDB0B285EAD0AC1B7B ] SRTSP C:\WINDOWS\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SRTSP64.SYS
17:49:15.0413 3580 SRTSP - ok
17:49:15.0429 3580 [ 1B884D876E87EABF5A3356BBD7321412 ] SRTSPX C:\WINDOWS\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SRTSPX64.SYS
17:49:15.0429 3580 SRTSPX - ok
17:49:15.0429 3580 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:49:15.0444 3580 srv - ok
17:49:15.0491 3580 [ C2106BB710AA34A046126AED7BCA6964 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
17:49:15.0507 3580 srv2 - ok
17:49:15.0523 3580 [ 9400C71F5A1A380B494B6922F007D485 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:49:15.0538 3580 srvnet - ok
17:49:15.0554 3580 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:49:15.0554 3580 SSDPSRV - ok
17:49:15.0601 3580 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\WINDOWS\system32\Drivers\SSPORT.sys
17:49:15.0616 3580 SSPORT - ok
17:49:15.0616 3580 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
17:49:15.0632 3580 SstpSvc - ok
17:49:15.0632 3580 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:49:15.0648 3580 ssudmdm - ok
17:49:15.0648 3580 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
17:49:15.0663 3580 stexstor - ok
17:49:15.0694 3580 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\WINDOWS\System32\wiaservc.dll
17:49:15.0726 3580 stisvc - ok
17:49:15.0726 3580 [ C588BBD37B432CE3204E5765B459E6B2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
17:49:15.0741 3580 storahci - ok
17:49:15.0741 3580 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
17:49:15.0757 3580 storflt - ok
17:49:15.0773 3580 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\WINDOWS\system32\storsvc.dll
17:49:15.0788 3580 StorSvc - ok
17:49:15.0804 3580 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
17:49:15.0804 3580 storvsc - ok
17:49:15.0819 3580 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
17:49:15.0819 3580 storvsp - ok
17:49:15.0835 3580 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\WINDOWS\system32\svsvc.dll
17:49:15.0851 3580 svsvc - ok
17:49:15.0851 3580 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
17:49:15.0851 3580 swenum - ok
17:49:15.0882 3580 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\WINDOWS\System32\swprv.dll
17:49:15.0913 3580 swprv - ok
17:49:15.0944 3580 [ 40E32C65A672CFD24C48A2FE78D239C7 ] SyDvCtrl C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin64\SyDvCtrl64.sys
17:49:15.0944 3580 SyDvCtrl - ok
17:49:15.0960 3580 [ 688BBE78970E639BC1D66AE733394DCF ] SymDS C:\WINDOWS\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMDS64.SYS
17:49:15.0976 3580 SymDS - ok
17:49:15.0991 3580 [ 64D1AF3D04E70A681154FFF1893848F6 ] SymEFA C:\WINDOWS\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMEFA64.SYS
17:49:16.0007 3580 SymEFA - ok
17:49:16.0023 3580 [ 42947647F71E9EF2167B42B372F1DDB7 ] SymELAM C:\WINDOWS\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SymELAM.sys
17:49:16.0038 3580 SymELAM - ok
17:49:16.0038 3580 [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
17:49:16.0054 3580 SymEvent - ok
17:49:16.0085 3580 [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\WINDOWS\system32\Drivers\SEP\0C0107DF\07DF.105\x64\Ironx64.SYS
17:49:16.0085 3580 SymIRON - ok
17:49:16.0101 3580 [ 1605EBD8CB86AFC4430116065995279A ] SYMNETS C:\WINDOWS\system32\Drivers\SEP\0C0107DF\07DF.105\x64\SYMNETS.SYS
17:49:16.0116 3580 SYMNETS - ok
17:49:16.0132 3580 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\WINDOWS\system32\sysmain.dll
17:49:16.0163 3580 SysMain - ok
17:49:16.0179 3580 [ 34ABD119A14E85322EAA69DBE159F5FA ] SysPlant C:\WINDOWS\system32\Drivers\SysPlant.sys
17:49:16.0179 3580 SysPlant - ok
17:49:16.0194 3580 [ E219BF7BCCFE4881B0C053C7E0B47ECC ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:49:16.0226 3580 SystemEventsBroker - ok
17:49:16.0241 3580 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:49:16.0257 3580 TabletInputService - ok
17:49:16.0273 3580 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:49:16.0273 3580 TapiSrv - ok
17:49:16.0335 3580 [ 1D644E2D0FC395A055AB1C23C3B43631 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
17:49:16.0382 3580 Tcpip - ok
17:49:16.0429 3580 [ 1D644E2D0FC395A055AB1C23C3B43631 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:49:16.0460 3580 TCPIP6 - ok
17:49:16.0491 3580 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
17:49:16.0491 3580 tcpipreg - ok
17:49:16.0523 3580 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
17:49:16.0538 3580 tdx - ok
17:49:16.0632 3580 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
17:49:16.0710 3580 TeamViewer8 - ok
17:49:16.0741 3580 [ D40003209A3294668E9594CC9BB663AD ] Teefer2 C:\WINDOWS\system32\DRIVERS\Teefer.sys
17:49:16.0741 3580 Teefer2 - ok
17:49:16.0757 3580 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
17:49:16.0757 3580 terminpt - ok
17:49:16.0788 3580 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\WINDOWS\System32\termsrv.dll
17:49:16.0804 3580 TermService - ok
17:49:16.0804 3580 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\WINDOWS\system32\themeservice.dll
17:49:16.0835 3580 Themes - ok
17:49:16.0835 3580 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
17:49:16.0851 3580 THREADORDER - ok
17:49:16.0866 3580 [ FF4135424A79DCC2998276D8E39C9B4D ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
17:49:16.0898 3580 TimeBroker - ok
17:49:16.0929 3580 [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
17:49:16.0929 3580 TPM - ok
17:49:16.0944 3580 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\WINDOWS\System32\trkwks.dll
17:49:16.0944 3580 TrkWks - ok
17:49:16.0991 3580 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:49:17.0007 3580 TrustedInstaller - ok
17:49:17.0023 3580 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
17:49:17.0023 3580 TsUsbFlt - ok
17:49:17.0038 3580 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:49:17.0054 3580 TsUsbGD - ok
17:49:17.0070 3580 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:49:17.0085 3580 tunnel - ok
17:49:17.0085 3580 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
17:49:17.0101 3580 uagp35 - ok
17:49:17.0116 3580 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
17:49:17.0116 3580 UASPStor - ok
17:49:17.0148 3580 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
17:49:17.0148 3580 UCX01000 - ok
17:49:17.0163 3580 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
17:49:17.0179 3580 udfs - ok
17:49:17.0195 3580 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
17:49:17.0210 3580 UI0Detect - ok
17:49:17.0226 3580 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
17:49:17.0226 3580 uliagpkx - ok
17:49:17.0241 3580 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
17:49:17.0273 3580 umbus - ok
17:49:17.0273 3580 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
17:49:17.0273 3580 UmPass - ok
17:49:17.0304 3580 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
17:49:17.0320 3580 UmRdpService - ok
17:49:17.0335 3580 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\WINDOWS\System32\upnphost.dll
17:49:17.0351 3580 upnphost - ok
17:49:17.0366 3580 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
17:49:17.0366 3580 usbccgp - ok
17:49:17.0382 3580 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
17:49:17.0398 3580 usbcir - ok
17:49:17.0429 3580 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
17:49:17.0445 3580 usbehci - ok
17:49:17.0460 3580 [ FBB6794E3BBAD92D66D59D206C1F849F ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
17:49:17.0476 3580 usbhub - ok
17:49:17.0476 3580 [ B7A948501424805571BF562BB0BFE31D ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
17:49:17.0491 3580 USBHUB3 - ok
17:49:17.0507 3580 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
17:49:17.0523 3580 usbohci - ok
17:49:17.0538 3580 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
17:49:17.0538 3580 usbprint - ok
17:49:17.0554 3580 [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
17:49:17.0570 3580 usbscan - ok
17:49:17.0585 3580 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:49:17.0601 3580 USBSTOR - ok
17:49:17.0601 3580 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
17:49:17.0616 3580 usbuhci - ok
17:49:17.0632 3580 [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:49:17.0632 3580 USBXHCI - ok
17:49:17.0648 3580 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\WINDOWS\system32\lsass.exe
17:49:17.0648 3580 VaultSvc - ok
17:49:17.0663 3580 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
17:49:17.0663 3580 vdrvroot - ok
17:49:17.0710 3580 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\WINDOWS\System32\vds.exe
17:49:17.0726 3580 vds - ok
17:49:17.0741 3580 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
17:49:17.0757 3580 VerifierExt - ok
17:49:17.0773 3580 [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
17:49:17.0788 3580 vhdmp - ok
17:49:17.0804 3580 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\WINDOWS\system32\drivers\viaide.sys
17:49:17.0804 3580 viaide - ok
17:49:17.0820 3580 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
17:49:17.0820 3580 Vid - ok
17:49:17.0851 3580 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
17:49:17.0851 3580 vmbus - ok
17:49:17.0851 3580 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
17:49:17.0866 3580 VMBusHID - ok
17:49:17.0882 3580 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
17:49:17.0898 3580 vmbusr - ok
17:49:17.0929 3580 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
17:49:17.0960 3580 vmicheartbeat - ok
17:49:17.0960 3580 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:49:17.0960 3580 vmickvpexchange - ok
17:49:17.0976 3580 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
17:49:17.0976 3580 vmicrdv - ok
17:49:17.0976 3580 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
17:49:17.0991 3580 vmicshutdown - ok
17:49:17.0991 3580 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
17:49:18.0007 3580 vmictimesync - ok
17:49:18.0007 3580 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
17:49:18.0007 3580 vmicvss - ok
17:49:18.0038 3580 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
17:49:18.0038 3580 volmgr - ok
17:49:18.0070 3580 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
17:49:18.0085 3580 volmgrx - ok
17:49:18.0101 3580 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
17:49:18.0101 3580 volsnap - ok
17:49:18.0116 3580 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
17:49:18.0132 3580 vpci - ok
17:49:18.0148 3580 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
17:49:18.0148 3580 vpcivsp - ok
17:49:18.0148 3580 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
17:49:18.0163 3580 vsmraid - ok
17:49:18.0195 3580 [ EA658570314042C914964FC72AB50E6B ] VSS C:\WINDOWS\system32\vssvc.exe
17:49:18.0241 3580 VSS - ok
17:49:18.0273 3580 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
17:49:18.0273 3580 VSTXRAID - ok
17:49:18.0288 3580 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
17:49:18.0304 3580 vwifibus - ok
17:49:18.0335 3580 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\WINDOWS\system32\w32time.dll
17:49:18.0351 3580 W32Time - ok
17:49:18.0398 3580 [ 901CC968412F8155B08D7ABE0171166A ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
17:49:18.0398 3580 W3SVC - ok
17:49:18.0413 3580 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
17:49:18.0429 3580 WacomPen - ok
17:49:18.0445 3580 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:49:18.0460 3580 Wanarp - ok
17:49:18.0460 3580 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:49:18.0460 3580 Wanarpv6 - ok
17:49:18.0476 3580 [ 901CC968412F8155B08D7ABE0171166A ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
17:49:18.0476 3580 WAS - ok
17:49:18.0507 3580 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\WINDOWS\system32\wbengine.exe
17:49:18.0554 3580 wbengine - ok
17:49:18.0570 3580 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
17:49:18.0601 3580 WbioSrvc - ok
17:49:18.0616 3580 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
17:49:18.0616 3580 Wcmsvc - ok
17:49:18.0663 3580 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
17:49:18.0663 3580 wcncsvc - ok
17:49:18.0679 3580 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:49:18.0695 3580 WcsPlugInService - ok
17:49:18.0710 3580 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\WINDOWS\system32\drivers\wd.sys
17:49:18.0710 3580 Wd - ok
17:49:18.0726 3580 [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
17:49:18.0741 3580 WdBoot - ok
17:49:18.0757 3580 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
17:49:18.0773 3580 Wdf01000 - ok
17:49:18.0788 3580 [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
17:49:18.0804 3580 WdFilter - ok
17:49:18.0820 3580 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
17:49:18.0820 3580 WdiServiceHost - ok
17:49:18.0835 3580 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
17:49:18.0835 3580 WdiSystemHost - ok
17:49:18.0882 3580 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:49:18.0882 3580 WebClient - ok
17:49:18.0898 3580 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
17:49:18.0913 3580 Wecsvc - ok
17:49:18.0929 3580 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
17:49:18.0991 3580 wercplsupport - ok
17:49:19.0007 3580 [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
17:49:19.0038 3580 WerSvc - ok
17:49:19.0070 3580 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:49:19.0070 3580 WFPLWFS - ok
17:49:19.0085 3580 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
17:49:19.0101 3580 WiaRpc - ok
17:49:19.0101 3580 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
17:49:19.0116 3580 WIMMount - ok
17:49:19.0116 3580 WinDefend - ok
17:49:19.0163 3580 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:49:19.0179 3580 WinHttpAutoProxySvc - ok
17:49:19.0226 3580 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:49:19.0226 3580 Winmgmt - ok
17:49:19.0288 3580 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:49:19.0351 3580 WinRM - ok
17:49:19.0413 3580 [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
17:49:19.0429 3580 WinUsb - ok
17:49:19.0507 3580 [ 6855E3E596C2758DDBD28EFF84E33204 ] WinVNC4 C:\Program Files\RealVNC\VNC4\WinVNC4.exe
17:49:19.0523 3580 WinVNC4 - ok
17:49:19.0570 3580 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
17:49:19.0617 3580 WlanSvc - ok
17:49:19.0663 3580 [ 08EFA13A2234C8C3B8A99E4B88BE7E9B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
17:49:19.0710 3580 wlidsvc - ok
17:49:19.0726 3580 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
17:49:19.0742 3580 WmiAcpi - ok
17:49:19.0742 3580 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:49:19.0757 3580 wmiApSrv - ok
17:49:19.0773 3580 WMPNetworkSvc - ok
17:49:19.0788 3580 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:49:19.0820 3580 wpcfltr - ok
17:49:19.0835 3580 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
17:49:19.0835 3580 WPCSvc - ok
17:49:19.0851 3580 [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
17:49:19.0882 3580 WPDBusEnum - ok
17:49:19.0898 3580 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:49:19.0929 3580 WpdUpFltr - ok
17:49:19.0945 3580 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:49:19.0945 3580 ws2ifsl - ok
17:49:19.0960 3580 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
17:49:19.0992 3580 wscsvc - ok
17:49:19.0992 3580 WSearch - ok
17:49:20.0038 3580 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\WINDOWS\System32\WSService.dll
17:49:20.0085 3580 WSService - ok
17:49:20.0148 3580 [ A8484C0CB54DB48180FB7CA00F1C3F8F ] wuauserv C:\WINDOWS\system32\wuaueng.dll
17:49:20.0195 3580 wuauserv - ok
17:49:20.0210 3580 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
17:49:20.0226 3580 WudfPf - ok
17:49:20.0226 3580 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
17:49:20.0242 3580 WUDFRd - ok
17:49:20.0242 3580 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:49:20.0257 3580 WUDFSensorLP - ok
17:49:20.0304 3580 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
17:49:20.0304 3580 wudfsvc - ok
17:49:20.0304 3580 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:49:20.0320 3580 WUDFWpdFs - ok
17:49:20.0320 3580 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:49:20.0320 3580 WUDFWpdMtp - ok
17:49:20.0367 3580 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
17:49:20.0398 3580 WwanSvc - ok
17:49:20.0398 3580 ================ Scan global ===============================
17:49:20.0445 3580 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll
17:49:20.0460 3580 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\WINDOWS\system32\winsrv.dll
17:49:20.0492 3580 [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll
17:49:20.0507 3580 [ 8F226143046435C75C033B0C52E90FFE ] C:\WINDOWS\system32\services.exe
17:49:20.0507 3580 [Global] - ok
17:49:20.0507 3580 ================ Scan MBR ==================================
17:49:20.0523 3580 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:49:20.0945 3580 \Device\Harddisk0\DR0 - ok
17:49:20.0945 3580 ================ Scan VBR ==================================
17:49:20.0976 3580 [ 70D1473CFB2C50A5308095CF5F3AF6AB ] \Device\Harddisk0\DR0\Partition1
17:49:20.0976 3580 \Device\Harddisk0\DR0\Partition1 - ok
17:49:20.0992 3580 [ DF14238A409F2F0B26B507B436BE26FF ] \Device\Harddisk0\DR0\Partition2
17:49:20.0992 3580 \Device\Harddisk0\DR0\Partition2 - ok
17:49:20.0992 3580 ============================================================
17:49:20.0992 3580 Scan finished
17:49:20.0992 3580 ============================================================
17:49:21.0007 5048 Detected object count: 1
17:49:21.0007 5048 Actual detected object count: 1
17:50:34.0620 5048 Dell B1265dnf Network Fax Server ( UnsignedFile.Multi.Generic ) - skipped by user
17:50:34.0620 5048 Dell B1265dnf Network Fax Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:50:38.0589 5668 Deinitialize success

# AdwCleaner v2.109 - Logfile created 02/02/2013 at 17:52:02
# Updated 26/01/2013 by Xplode
# Operating system : Windows 8 Pro (64 bits)
# User : DonR - DONR
# Boot Mode : Normal
# Running from : C:\Users\DonR\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16453

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\DonR\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [627 octets] - [02/02/2013 17:52:02]

########## EOF - C:\AdwCleaner[R1].txt - [686 octets] ##########

Farbar Service Scanner Version: 30-01-2013
Ran by DonR (administrator) on 02-02-2013 at 17:53:51
Running from "C:\Users\DonR\Desktop"
Windows 8 Pro (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MsMpEng.exe => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

MiniToolBox by Farbar Version:10-01-2013
Ran by DonR (administrator) on 02-02-2013 at 17:55:54
Running from "C:\Users\DonR\Desktop"
Windows 8 Pro (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


::1 localhost
# [end of entries generated by MVPS HOSTS]
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net

There are 12553 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® 82579LM Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 3-Symantec Endpoint Protection Firewall-0000" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="Local Area Connection" address=192.168.0.12 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DONR
Primary Dns Suffix . . . . . . . : mssfulfillment.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mssfulfillment.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : mssfulfillment.com
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : 90-B1-1C-64-F9-3B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::456f:804b:3216:5bbc%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, February 01, 2013 4:18:35 PM
Lease Expires . . . . . . . . . . : Sunday, February 03, 2013 4:18:36 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.20
DHCPv6 IAID . . . . . . . . . . . : 244363548
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-05-ED-2E-90-B1-1C-64-F9-3B
DNS Servers . . . . . . . . . . . : 192.168.0.20
192.168.0.19
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.mssfulfillment.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : mssfulfillment.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: mss-file.mssfulfillment.com
Address: 192.168.0.20

Name: google.com
Addresses: 2607:f8b0:4004:801::1009
74.125.228.36
74.125.228.41
74.125.228.32
74.125.228.40
74.125.228.46
74.125.228.34
74.125.228.33
74.125.228.39
74.125.228.37
74.125.228.35
74.125.228.38


Pinging google.com [74.125.228.41] with 32 bytes of data:
Reply from 74.125.228.41: bytes=32 time=8ms TTL=60
Reply from 74.125.228.41: bytes=32 time=8ms TTL=60

Ping statistics for 74.125.228.41:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 8ms, Maximum = 8ms, Average = 8ms
Server: mss-file.mssfulfillment.com
Address: 192.168.0.20

Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=84ms TTL=57
Reply from 98.138.253.109: bytes=32 time=79ms TTL=57

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 79ms, Maximum = 84ms, Average = 81ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...90 b1 1c 64 f9 3b ......Intel® 82579LM Gigabit Network Connection
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.104 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.104 266
192.168.0.104 255.255.255.255 On-link 192.168.0.104 266
192.168.0.255 255.255.255.255 On-link 192.168.0.104 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.104 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.104 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 266 fe80::/64 On-link
12 266 fe80::456f:804b:3216:5bbc/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/02/2013 00:34:00 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:donr@c1.atdmt.com/ by: Scheduled scan. Action: Delete succeeded. Action Description: The file was deleted successfully.

Error: (02/02/2013 03:00:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (02/01/2013 04:23:38 PM) (Source: WinVNC4) (User: )
Description: Desktop: ~Desktop: 32c Failed to select desktop: The requested resource is in use. (170)

Error: (02/01/2013 04:15:00 PM) (Source: WinVNC4) (User: )
Description: Desktop: ~Desktop: 388 Failed to select desktop: The requested resource is in use. (170)

Error: (02/01/2013 00:52:14 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:donr@2o7.net/ by: Scheduled scan. Action: Delete succeeded. Action Description: The file was deleted successfully.

Error: (02/01/2013 00:41:37 PM) (Source: Application Hang) (User: )
Description: The program vfp9.exe version 9.0.0.5815 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1194

Start Time: 01ce008900f267dc

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Microsoft Visual FoxPro 9\vfp9.exe

Report Id: 9feea569-6c96-11e2-be75-90b11c64f93b

Faulting package full name:

Faulting package-relative application ID:

Error: (02/01/2013 03:01:16 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (02/01/2013 03:00:19 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (01/31/2013 05:31:16 PM) (Source: Application Hang) (User: )
Description: The program vfp9.exe version 9.0.0.5815 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1214

Start Time: 01cdfff900bdd6cc

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Microsoft Visual FoxPro 9\vfp9.exe

Report Id: ec4c59ee-6bf5-11e2-be75-90b11c64f93b

Faulting package full name:

Faulting package-relative application ID:

Error: (01/31/2013 04:30:55 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:donr@2o7.net/ by: Manual scan. Action: Delete succeeded. Action Description: The file was deleted successfully.


System errors:
=============
Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/31/2013 04:15:27 PM) (Source: Service Control Manager) (User: )
Description: The Symantec Management Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (02/02/2013 00:34:00 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:donr@c1.atdmt.com/ by: Scheduled scan. Action: Delete succeeded. Action Description: The file was deleted successfully.

Error: (02/02/2013 03:00:34 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (02/01/2013 04:23:38 PM) (Source: WinVNC4)(User: )
Description: Desktop~Desktop: 32c Failed to select desktop: The requested resource is in use. (170)

Error: (02/01/2013 04:15:00 PM) (Source: WinVNC4)(User: )
Description: Desktop~Desktop: 388 Failed to select desktop: The requested resource is in use. (170)

Error: (02/01/2013 00:52:14 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:donr@2o7.net/ by: Scheduled scan. Action: Delete succeeded. Action Description: The file was deleted successfully.

Error: (02/01/2013 00:41:37 PM) (Source: Application Hang)(User: )
Description: vfp9.exe9.0.0.5815119401ce008900f267dc4294967295C:\Program Files (x86)\Microsoft Visual FoxPro 9\vfp9.exe9feea569-6c96-11e2-be75-90b11c64f93b

Error: (02/01/2013 03:01:16 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (02/01/2013 03:00:19 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (01/31/2013 05:31:16 PM) (Source: Application Hang)(User: )
Description: vfp9.exe9.0.0.5815121401cdfff900bdd6cc4294967295C:\Program Files (x86)\Microsoft Visual FoxPro 9\vfp9.exeec4c59ee-6bf5-11e2-be75-90b11c64f93b

Error: (01/31/2013 04:30:55 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:donr@2o7.net/ by: Manual scan. Action: Delete succeeded. Action Description: The file was deleted successfully.


CodeIntegrity Errors:
===================================
Date: 2013-01-19 03:05:05.854
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-19 03:05:05.760
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-19 03:01:08.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-19 03:01:08.777
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\repository\Microsoft.VisualBas#\59b793b04e8a7adeac7f1f8376c970fa\Microsoft.VisualBasic.Compatibility.Data.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-19 03:01:08.731
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-16 03:16:42.591
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-16 03:16:42.425
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-16 03:09:08.833
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-16 03:09:07.432
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\repository\Microsoft.VisualBas#\59b793b04e8a7adeac7f1f8376c970fa\Microsoft.VisualBasic.Compatibility.Data.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-16 03:09:04.660
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.


=========================== Installed Programs ============================

Accpac Tools (Version: 1.7.1)
Adobe Acrobat X Standard - English, Français, Deutsch (Version: 10.1.5)
AMD APP SDK Runtime (Version: 10.0.831.4)
AMD Catalyst Install Manager (Version: 3.0.855.0)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
Avidemux 2.6 (32-bit) (Version: 2.6.0.8179)
Barcodesoft Code 128 Font (Demo) (Version: 2.00.0000)
Barcodesoft Data Matrix Encoder (Demo) (Version: 3.00.0000)
BioAPI Framework (Version: 1.0.2)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1207.217.3953)
Catalyst Control Center Graphics Previews Common (Version: 2011.1207.217.3953)
Catalyst Control Center InstallProxy (Version: 2011.1207.217.3953)
Catalyst Control Center Localization All (Version: 2011.1207.217.3953)
Catalyst Control Center Profiles Desktop (Version: 2011.1207.217.3953)
ccc-utility64 (Version: 2011.1207.217.3953)
CCC Help Chinese Standard (Version: 2011.1207.0216.3953)
CCC Help Chinese Traditional (Version: 2011.1207.0216.3953)
CCC Help Czech (Version: 2011.1207.0216.3953)
CCC Help Danish (Version: 2011.1207.0216.3953)
CCC Help Dutch (Version: 2011.1207.0216.3953)
CCC Help English (Version: 2011.1207.0216.3953)
CCC Help Finnish (Version: 2011.1207.0216.3953)
CCC Help French (Version: 2011.1207.0216.3953)
CCC Help German (Version: 2011.1207.0216.3953)
CCC Help Greek (Version: 2011.1207.0216.3953)
CCC Help Hungarian (Version: 2011.1207.0216.3953)
CCC Help Italian (Version: 2011.1207.0216.3953)
CCC Help Japanese (Version: 2011.1207.0216.3953)
CCC Help Korean (Version: 2011.1207.0216.3953)
CCC Help Norwegian (Version: 2011.1207.0216.3953)
CCC Help Polish (Version: 2011.1207.0216.3953)
CCC Help Portuguese (Version: 2011.1207.0216.3953)
CCC Help Russian (Version: 2011.1207.0216.3953)
CCC Help Spanish (Version: 2011.1207.0216.3953)
CCC Help Swedish (Version: 2011.1207.0216.3953)
CCC Help Thai (Version: 2011.1207.0216.3953)
CCC Help Turkish (Version: 2011.1207.0216.3953)
CCleaner (Version: 3.25)
Celtx (2.9.1) (Version: 2.9.1 (en-US))
Common Desktop Agent (Version: 1.53.0)
DataMatrix Win32 DLL
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.10)
Dell B1265dnf Laser MFP
Dell B1265dnf Laser MFP Scan Assistant (Version: 1.04.35.00)
Dell Backup and Recovery Manager (Version: 1.3.1)
Dell Client System Update (Version: 1.2.3)
Dell Edoc Viewer (Version: 1.0.0)
Dell KACE Agent (Version: 5.3.47657)
Dell Support Center (Version: 3.2.6032.55)
Dell System Detect (Version: 3.3.2.1)
Google Chrome (Version: 24.0.1312.57)
Google Earth (Version: 7.0.2.8415)
Google Update Helper (Version: 1.3.21.123)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
HxD Hex Editor version 1.7.7.0 (Version: 1.7.7.0)
IDAutomation Postnet & Intelligent Mail Barcode Fonts DEMO
IDAutomation.com 2D ActiveX Control DEMO
IDAutomation.com DataMatrix Font and Encoder for Windows DEMO
iDRS™ OCR Software by I.R.I.S (Version: 1.00.04.03)
Intel® Control Center (Version: 1.2.1.1008)
Intel® Rapid Storage Technology (Version: 11.2.0.1006)
Java 7 Update 11 (Version: 7.0.110)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.100.15)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft OLE DB Provider for Visual FoxPro (Version: 9.0.0.3504)
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight (Version: 5.1.10516.0)
Microsoft SOAP Toolkit 3.0 (Version: 3.0.1325.4)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Policies (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.51.2500.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (Version: 3.5.8080.0)
Microsoft SQL Server Native Client (Version: 9.00.3042.00)
Microsoft SQL Server System CLR Types (x64) (Version: 10.51.2500.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual FoxPro 9.0 Professional - English
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191)
Morovia DataMatrix Fonts & Encoder (x64) 5.0.1 (demo) (Version: 5.0.1.0)
Morovia US Postal Fontware (demo) (Version: 3.0.1.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
OzLINK for UPS
Picasa 3 (Version: 3.8)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.5907)
Sage Pro 200 ERP version 7.5 WorkStation
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (Version: 10.51.2500.0)
SmarThru Office (Version: 2.08.017)
Spark 2.6.3.12555
Spybot - Search & Destroy (Version: 1.6.2)
Spybot - Search & Destroy (Version: 2.0.12)
SQL Server 2008 R2 SP1 Client Tools (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Management Studio (Version: 10.51.2500.0)
Symantec Endpoint Protection (Version: 12.1.2015.2015)
Symantec Endpoint Protection Manager (Version: 12.1.2015.2015)
TeamViewer 8 (Version: 8.0.16642)
TimeClock Plus 6.0 (Version: 6.00.0000)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Visual FoxPro 9.0 Baseline - English (Version: 9.00.2412)
Visual FoxPro 9.0 Professional - English (Version: 9.00.5815)
Visual FoxPro ODBC Driver (Version: 1.0.0)
VNC Enterprise Edition E4.5.4 (Version: E4.5.4)
Win2PDF 7 (Version: 7.0.46)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 8174.7 MB
Available physical RAM: 5524.21 MB
Total Pagefile: 16366.7 MB
Available Pagefile: 13468.16 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:915.83 GB) (Free:841 GB) NTFS

========================= Users: ========================================

User accounts for \\DONR

Admin Administrator Guest

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

18-01-2013 22:29:26 Windows Update
26-01-2013 08:01:10 Scheduled Checkpoint
31-01-2013 20:52:43 Installed Java 7 Update 11

**** End of log ****

#5 street9009

street9009
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 02 February 2013 - 06:06 PM

http://www.screencast.com/t/t3VfIOe0Nj

http://www.screencast.com/t/UM3OzUWq

Also, so you could see some of the error messages Symantec is throwing, I got two screenshots.

Thanks again.

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:26 AM

Posted 02 February 2013 - 06:55 PM

Hi

Please do the following next:

:step1:

We need to disable Spybot S&D's "TeaTimer"
TeaTimer works by preventing ANY changes to the system. It will attempt to undo any fixes we run, because it blocks these fixes from running.

In order to safeguard your system from problems that can be brought on by a half finished fix, we need to disable TeaTimer. We can reenable it when we're done if you like.
  • Open SpyBot Search and Destroy by going to Start -> All Programs -> Spybot Search and Destroy -> Spybot Search and Destroy.
  • If prompted with a legal dialog, accept the warning.
  • Click Mode > Advanced Mode.
    Posted Image
  • You may be presented with a warning dialog. If so, click Yes
  • Click on Tools and then Resident
    Posted Image
  • Uncheck this checkbox: "Resident TeaTimer {protection of over-all system settings) active"
  • Close/Exit Spybot Search and Destroy


:step2:

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step3:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista / Windows 7 / Windows 8 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step4:

how is the computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 street9009

street9009
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 02 February 2013 - 08:22 PM

Malwarebytes didn't find anything. Here's the log:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.02.10

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
DonR :: DONR [administrator]

2/2/2013 7:03:08 PM
mbam-log-2013-02-02 (19-03-08).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 473816
Time elapsed: 54 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#8 street9009

street9009
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 02 February 2013 - 08:26 PM

And here's the results of the ESET Scan:

C:\Downloads\pdf\pdfopenerbrothersoft.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Downloads\CuteWriter.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Users\DonR\Downloads\VLC_32.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined


ESET is the only thing I've seen that found anything.

Symantec is still giving the messages that I pasted earlier.

#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:26 AM

Posted 03 February 2013 - 11:44 AM

Nothing that indicates malware currently from what I can see in the logs provided.

Is the customer using a PC supplied by their employer? Symantec Endpoint Protection is not usually a consumer level software, and rules are created by the administrator I believe.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 street9009

street9009
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 03 February 2013 - 12:26 PM

Yes that's correct. I'll see if Symantec can be upgraded (in my experience it has seen bugs that disappear in later versions) or repaired.

If you're seeing a clean PC, then it's a clean PC. If the PC continues giving problems I'll suggest a reformat and re-install.

Thanks for your help.

#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:26 AM

Posted 03 February 2013 - 12:44 PM

Reformat & reinstall is usually a last resort. They may be other things I can suggest which may help. - Let me know if so.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 street9009

street9009
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 04 February 2013 - 10:48 AM

Symantec has been re-installed so I think those messages are going to go away.

Any other "basic" suggestions you have I'm open to. I won't really know how the PC is doing until I give it back to the customer and let him resume daily use but while I have it I'm happy to entertain other options.

#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:26 AM

Posted 04 February 2013 - 03:46 PM

Hi

Ok. Please do the following next:

:step1:

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.


Please follow these steps to remove older version Java components and update:

  • Download the latest version of Java Runtime Environment (JRE) Version 13 and save it to your desktop.
  • Look for "Java Platform, Standard Edition".
  • Click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select your OS and Platform (32-bit or 64-bit).
    64-bit OS users, should read: Which Java download should I choose for my 64-bit Windows operating system?
  • If a download for an Offline Installation is available, it is recommended to choose that and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.

Go to Posted Image > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-7u13-windows-i586.exe (or jre-7u13-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it.
  • The McAfee Security Scan Plus tool is installed by default unless you uncheck the McAfee installation box when updating Java.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary.
To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.


:step2:

I see that Spybot - Search & Destroy v1.6.2 is installed.
- please uninstall this (v2 is already installed).


:step3:

Please rerun Minitoolbox on your desktop

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 street9009

street9009
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:26 PM

Posted 04 February 2013 - 04:02 PM

MiniToolBox by Farbar Version:10-01-2013
Ran by DonR (administrator) on 04-02-2013 at 16:00:24
Running from "C:\Users\DonR\Desktop"
Windows 8 Pro (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


::1 localhost
# [end of entries generated by MVPS HOSTS]
127.0.0.1 localhost
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 fr.a2dfp.net
127.0.0.1 m.fr.a2dfp.net
127.0.0.1 ad.a8.net
127.0.0.1 asy.a8ww.net
127.0.0.1 abcstats.com
127.0.0.1 a.abv.bg
127.0.0.1 adserver.abv.bg
127.0.0.1 adv.abv.bg
127.0.0.1 bimg.abv.bg
127.0.0.1 ca.abv.bg
127.0.0.1 www2.a-counter.kiev.ua
127.0.0.1 track.acclaimnetwork.com
127.0.0.1 accuserveadsystem.com
127.0.0.1 www.accuserveadsystem.com
127.0.0.1 achmedia.com
127.0.0.1 aconti.net

There are 12553 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Intel® 82579LM Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 3-QoS Packet Scheduler-0000" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
add address name="Local Area Connection" address=192.168.0.12 mask=255.255.255.0


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DONR
Primary Dns Suffix . . . . . . . : mssfulfillment.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mssfulfillment.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : mssfulfillment.com
Description . . . . . . . . . . . : Intel® 82579LM Gigabit Network Connection
Physical Address. . . . . . . . . : 90-B1-1C-64-F9-3B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::456f:804b:3216:5bbc%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, February 03, 2013 12:26:02 PM
Lease Expires . . . . . . . . . . : Tuesday, February 05, 2013 12:26:04 AM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.20
DHCPv6 IAID . . . . . . . . . . . : 244363548
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-05-ED-2E-90-B1-1C-64-F9-3B
DNS Servers . . . . . . . . . . . : 192.168.0.20
192.168.0.19
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.mssfulfillment.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : mssfulfillment.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: mss-file.mssfulfillment.com
Address: 192.168.0.20

Name: google.com
Addresses: 2607:f8b0:4004:801::1001
74.125.228.36
74.125.228.35
74.125.228.41
74.125.228.38
74.125.228.46
74.125.228.40
74.125.228.39
74.125.228.33
74.125.228.34
74.125.228.37
74.125.228.32


Pinging google.com [74.125.228.36] with 32 bytes of data:
Reply from 74.125.228.36: bytes=32 time=9ms TTL=60
Reply from 74.125.228.36: bytes=32 time=7ms TTL=60

Ping statistics for 74.125.228.36:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 7ms, Maximum = 9ms, Average = 8ms
Server: mss-file.mssfulfillment.com
Address: 192.168.0.20

Name: yahoo.com
Addresses: 98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=126ms TTL=57
Reply from 98.138.253.109: bytes=32 time=81ms TTL=57

Ping statistics for 98.138.253.109:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 81ms, Maximum = 126ms, Average = 103ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...90 b1 1c 64 f9 3b ......Intel® 82579LM Gigabit Network Connection
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.104 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.104 266
192.168.0.104 255.255.255.255 On-link 192.168.0.104 266
192.168.0.255 255.255.255.255 On-link 192.168.0.104 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.104 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.104 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 266 fe80::/64 On-link
12 266 fe80::456f:804b:3216:5bbc/128
On-link
1 306 ff00::/8 On-link
12 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/04/2013 03:03:41 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.

Error: (02/04/2013 03:03:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (02/04/2013 03:02:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.

Error: (02/04/2013 03:01:08 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (02/03/2013 00:30:52 PM) (Source: Symantec AntiVirus) (User: )
Description: Symantec Endpoint Protection has determined that the virus definitions are missing on this computer. This computer will remain unprotected from viruses until virus definitions are downloaded to this computer.Application has encountered an error.
For more information, please go to: http://www.symantec.com/techsupp/servlet/ProductMessages?product=SAVCORP&version=12.1.2015.2015&language=english&module=1000&error=0009&build=symantec_ent

Error: (02/03/2013 00:26:51 PM) (Source: WinVNC4) (User: )
Description: Desktop: ~Desktop: 370 Failed to select desktop: The requested resource is in use. (170)

Error: (02/02/2013 08:24:46 PM) (Source: WinVNC4) (User: )
Description: SDisplay: clipboard: OpenClipboard(getText): Access is denied. (5)

Error: (02/02/2013 07:05:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifest.

Error: (02/02/2013 00:34:00 PM) (Source: Symantec AntiVirus) (User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:donr@c1.atdmt.com/ by: Scheduled scan. Action: Delete succeeded. Action Description: The file was deleted successfully.

Error: (02/02/2013 03:00:34 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.


System errors:
=============
Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/01/2013 04:17:35 PM) (Source: DCOM) (User: MSSFULFILLMENT)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/31/2013 04:15:27 PM) (Source: Service Control Manager) (User: )
Description: The Symantec Management Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (02/04/2013 03:03:41 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/04/2013 03:03:37 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (02/04/2013 03:02:24 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/04/2013 03:01:08 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (02/03/2013 00:30:52 PM) (Source: Symantec AntiVirus)(User: )
Description: Symantec Endpoint Protection has determined that the virus definitions are missing on this computer. This computer will remain unprotected from viruses until virus definitions are downloaded to this computer.Application has encountered an error.
For more information, please go to: http://www.symantec.com/techsupp/servlet/ProductMessages?product=SAVCORP&version=12.1.2015.2015&language=english&module=1000&error=0009&build=symantec_ent

Error: (02/03/2013 00:26:51 PM) (Source: WinVNC4)(User: )
Description: Desktop~Desktop: 370 Failed to select desktop: The requested resource is in use. (170)

Error: (02/02/2013 08:24:46 PM) (Source: WinVNC4)(User: )
Description: SDisplayclipboard: OpenClipboard(getText): Access is denied. (5)

Error: (02/02/2013 07:05:33 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f.manifestC:\Users\DonR\AppData\Local\Temp\IDC2.tmp\ESETSmartInstaller.exe

Error: (02/02/2013 00:34:00 PM) (Source: Symantec AntiVirus)(User: )
Description: Security Risk Found!Tracking Cookies in File: Cookie:donr@c1.atdmt.com/ by: Scheduled scan. Action: Delete succeeded. Action Description: The file was deleted successfully.

Error: (02/02/2013 03:00:34 AM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8


CodeIntegrity Errors:
===================================
Date: 2013-01-19 03:05:05.854
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-19 03:05:05.760
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-19 03:01:08.793
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-19 03:01:08.777
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\repository\Microsoft.VisualBas#\59b793b04e8a7adeac7f1f8376c970fa\Microsoft.VisualBasic.Compatibility.Data.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-19 03:01:08.731
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-16 03:16:42.591
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-16 03:16:42.425
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-16 03:09:08.833
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-16 03:09:07.432
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\repository\Microsoft.VisualBas#\59b793b04e8a7adeac7f1f8376c970fa\Microsoft.VisualBasic.Compatibility.Data.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.

Date: 2013-01-16 03:09:04.660
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll with signing level Unsigned while the system requires signing level Microsoft or better to load.


=========================== Installed Programs ============================

Accpac Tools (Version: 1.7.1)
Adobe Acrobat X Standard - English, Français, Deutsch (Version: 10.1.5)
AMD APP SDK Runtime (Version: 10.0.831.4)
AMD Catalyst Install Manager (Version: 3.0.855.0)
Apple Application Support (Version: 2.1.7)
Apple Software Update (Version: 2.1.3.127)
Avidemux 2.6 (32-bit) (Version: 2.6.0.8179)
Barcodesoft Code 128 Font (Demo) (Version: 2.00.0000)
Barcodesoft Data Matrix Encoder (Demo) (Version: 3.00.0000)
BioAPI Framework (Version: 1.0.2)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2011.1207.217.3953)
Catalyst Control Center Graphics Previews Common (Version: 2011.1207.217.3953)
Catalyst Control Center InstallProxy (Version: 2011.1207.217.3953)
Catalyst Control Center Localization All (Version: 2011.1207.217.3953)
Catalyst Control Center Profiles Desktop (Version: 2011.1207.217.3953)
ccc-utility64 (Version: 2011.1207.217.3953)
CCC Help Chinese Standard (Version: 2011.1207.0216.3953)
CCC Help Chinese Traditional (Version: 2011.1207.0216.3953)
CCC Help Czech (Version: 2011.1207.0216.3953)
CCC Help Danish (Version: 2011.1207.0216.3953)
CCC Help Dutch (Version: 2011.1207.0216.3953)
CCC Help English (Version: 2011.1207.0216.3953)
CCC Help Finnish (Version: 2011.1207.0216.3953)
CCC Help French (Version: 2011.1207.0216.3953)
CCC Help German (Version: 2011.1207.0216.3953)
CCC Help Greek (Version: 2011.1207.0216.3953)
CCC Help Hungarian (Version: 2011.1207.0216.3953)
CCC Help Italian (Version: 2011.1207.0216.3953)
CCC Help Japanese (Version: 2011.1207.0216.3953)
CCC Help Korean (Version: 2011.1207.0216.3953)
CCC Help Norwegian (Version: 2011.1207.0216.3953)
CCC Help Polish (Version: 2011.1207.0216.3953)
CCC Help Portuguese (Version: 2011.1207.0216.3953)
CCC Help Russian (Version: 2011.1207.0216.3953)
CCC Help Spanish (Version: 2011.1207.0216.3953)
CCC Help Swedish (Version: 2011.1207.0216.3953)
CCC Help Thai (Version: 2011.1207.0216.3953)
CCC Help Turkish (Version: 2011.1207.0216.3953)
CCleaner (Version: 3.25)
Celtx (2.9.1) (Version: 2.9.1 (en-US))
Common Desktop Agent (Version: 1.53.0)
DataMatrix Win32 DLL
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Defraggler (Version: 2.10)
Dell B1265dnf Laser MFP
Dell B1265dnf Laser MFP Scan Assistant (Version: 1.04.35.00)
Dell Backup and Recovery Manager (Version: 1.3.1)
Dell Client System Update (Version: 1.2.3)
Dell Edoc Viewer (Version: 1.0.0)
Dell KACE Agent (Version: 5.3.47657)
Dell Support Center (Version: 3.2.6032.55)
Dell System Detect (Version: 3.3.2.1)
ESET Online Scanner v3
Google Chrome (Version: 24.0.1312.57)
Google Earth (Version: 7.0.2.8415)
Google Update Helper (Version: 1.3.21.123)
GoToMeeting 5.1.0.880 (Version: 5.1.0.880)
HxD Hex Editor version 1.7.7.0 (Version: 1.7.7.0)
IDAutomation Postnet & Intelligent Mail Barcode Fonts DEMO
IDAutomation.com 2D ActiveX Control DEMO
IDAutomation.com DataMatrix Font and Encoder for Windows DEMO
iDRS™ OCR Software by I.R.I.S (Version: 1.00.04.03)
Intel® Control Center (Version: 1.2.1.1008)
Intel® Rapid Storage Technology (Version: 11.2.0.1006)
Java 7 Update 13 (64-bit) (Version: 7.0.130)
Java 7 Update 13 (Version: 7.0.130)
Java Auto Updater (Version: 2.1.9.0)
LiveUpdate 3.3 (Symantec Corporation) (Version: 3.3.100.15)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft OLE DB Provider for Visual FoxPro (Version: 9.0.0.3504)
Microsoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731)
Microsoft Report Viewer Redistributable 2008 SP1
Microsoft Silverlight (Version: 5.1.10516.0)
Microsoft SOAP Toolkit 3.0 (Version: 3.0.1325.4)
Microsoft SQL Server 2008 R2 (64-bit)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.51.2500.0)
Microsoft SQL Server 2008 R2 Policies (Version: 10.50.1600.1)
Microsoft SQL Server 2008 R2 Setup (English) (Version: 10.51.2500.0)
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (Version: 3.5.8080.0)
Microsoft SQL Server Native Client (Version: 9.00.3042.00)
Microsoft SQL Server System CLR Types (x64) (Version: 10.51.2500.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual FoxPro 9.0 Professional - English
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.35191)
Morovia DataMatrix Fonts & Encoder (x64) 5.0.1 (demo) (Version: 5.0.1.0)
Morovia US Postal Fontware (demo) (Version: 3.0.1.2)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
OzLINK for UPS
Picasa 3 (Version: 3.8)
QuickTime (Version: 7.72.80.56)
Realtek High Definition Audio Driver (Version: 6.0.1.5907)
Sage Pro 200 ERP version 7.5 WorkStation
Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (Version: 10.51.2500.0)
SmarThru Office (Version: 2.08.017)
Spark 2.6.3.12555
Spybot - Search & Destroy (Version: 2.0.12)
SQL Server 2008 R2 SP1 Client Tools (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0)
SQL Server 2008 R2 SP1 Management Studio (Version: 10.51.2500.0)
Symantec Endpoint Protection (Version: 12.1.2015.2015)
TeamViewer 8 (Version: 8.0.16642)
TimeClock Plus 6.0 (Version: 6.00.0000)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Visual FoxPro 9.0 Baseline - English (Version: 9.00.2412)
Visual FoxPro 9.0 Professional - English (Version: 9.00.5815)
Visual FoxPro ODBC Driver (Version: 1.0.0)
VNC Enterprise Edition E4.5.4 (Version: E4.5.4)
Win2PDF 7 (Version: 7.0.46)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 24%
Total physical RAM: 8174.7 MB
Available physical RAM: 6194.79 MB
Total Pagefile: 16366.7 MB
Available Pagefile: 14173.56 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.36 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:915.83 GB) (Free:840.55 GB) NTFS

========================= Users: ========================================

User accounts for \\DONR

Admin Administrator Guest

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

18-01-2013 22:29:26 Windows Update
26-01-2013 08:01:10 Scheduled Checkpoint
31-01-2013 20:52:43 Installed Java 7 Update 11
03-02-2013 17:19:44 Installed Java 7 Update 13
04-02-2013 20:57:10 Installed Java 7 Update 13 (64-bit)

**** End of log ****

#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:26 AM

Posted 04 February 2013 - 04:16 PM

FINAL STEPS

If you are not experiencing any other malware related issues, it is time to do our final steps:

  • Any programs that we had you download and/or install can be removed at this time.
  • If you used DeFogger to disable your Disk Emulation Software, you can reopen DeFogger and use the "Enable" button.
  • You can download this tool to delete more traces of our tools. Delete the tool itself afterwards.
  • Toggle System Restore OFF and then back ON.
  • You should delete your our old, potentially infected System Restore points and create a new, clean restore point.
    • If you are using Windows XP, read and follow the steps on "How to turn off or turn on System Restore" from this link
    • If you are using Windows Vista, read and follow the steps on "How do I turn System Restore on and off?" proceeded by "How do I create a restore point manually?" from this link.
    • If you are using Windows 7, read and follow the steps on "To delete all restore points" from this link proceeded by "Create a restore point" from this link.
    • If you are using Windows 8, read and follow the steps on "Disabling System Restore" from this link proceeded by "Manually Creating Restore Points" from this link.
  • Recommended reading material to protect your computer from infection in the future:
    Be safe :hello:

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users