Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 Firewall Error 0x8007042c


  • Please log in to reply
31 replies to this topic

#1 StephenASiracusa

StephenASiracusa

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 18 October 2012 - 08:31 PM

Greetings from Wisconsin,


The more I dig, the more problems I seem to uncover. Finally, I turn to you for help.
It begins with what appears to be "no firewall in place" on this Dell Win 7 desktop.

Help would be greatly appreciated.
In advance, thank-you!

- Steve


*** Mod Edit: Moved topic from Windows7 to the more appropriate forum. ~ bloopie ***


Edited by bloopie, 18 October 2012 - 08:36 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:21 AM

Posted 18 October 2012 - 08:32 PM

Let us check for malware before fixing the firewall

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 StephenASiracusa

StephenASiracusa
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 18 October 2012 - 08:40 PM

Greetings from Wisconsin,


The more I dig, the more problems I seem to uncover. Finally, I turn to you for help.
It begins with what appears to be "no firewall in place" on this Dell Win 7 desktop.

Help would be greatly appreciated.
In advance, thank-you!

- Steve


*** Mod Edit: Moved topic from Windows7 to the more appropriate forum. ~ bloopie ***



Thank you for the fast reply narenxp
I'll begin right away

#4 StephenASiracusa

StephenASiracusa
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 18 October 2012 - 08:46 PM

TDSS Killer Log:

20:42:59.0120 4564 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
20:42:59.0615 4564 ============================================================
20:42:59.0615 4564 Current date / time: 2012/10/18 20:42:59.0615
20:42:59.0615 4564 SystemInfo:
20:42:59.0615 4564
20:42:59.0615 4564 OS Version: 6.1.7601 ServicePack: 1.0
20:42:59.0615 4564 Product type: Workstation
20:42:59.0615 4564 ComputerName: SIRACUSA-PC
20:42:59.0615 4564 UserName: siracusa
20:42:59.0615 4564 Windows directory: C:\Windows
20:42:59.0615 4564 System windows directory: C:\Windows
20:42:59.0615 4564 Processor architecture: Intel x86
20:42:59.0615 4564 Number of processors: 2
20:42:59.0615 4564 Page size: 0x1000
20:42:59.0615 4564 Boot type: Normal boot
20:42:59.0615 4564 ============================================================
20:43:00.0660 4564 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:43:00.0662 4564 Drive \Device\Harddisk1\DR1 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:43:00.0680 4564 ============================================================
20:43:00.0680 4564 \Device\Harddisk0\DR0:
20:43:00.0680 4564 MBR partitions:
20:43:00.0680 4564 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
20:43:00.0681 4564 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x10CA5720
20:43:00.0681 4564 \Device\Harddisk1\DR1:
20:43:00.0681 4564 MBR partitions:
20:43:00.0681 4564 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2E938000
20:43:00.0681 4564 ============================================================
20:43:00.0708 4564 C: <-> \Device\Harddisk0\DR0\Partition2
20:43:00.0738 4564 F: <-> \Device\Harddisk1\DR1\Partition1
20:43:00.0738 4564 ============================================================
20:43:00.0738 4564 Initialize success
20:43:00.0738 4564 ============================================================
20:43:30.0424 2248 ============================================================
20:43:30.0424 2248 Scan started
20:43:30.0424 2248 Mode: Manual; TDLFS;
20:43:30.0424 2248 ============================================================
20:43:30.0774 2248 ================ Scan system memory ========================
20:43:30.0774 2248 System memory - ok
20:43:30.0775 2248 ================ Scan services =============================
20:43:30.0921 2248 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:43:30.0924 2248 1394ohci - ok
20:43:30.0956 2248 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:43:30.0959 2248 ACPI - ok
20:43:30.0999 2248 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:43:31.0000 2248 AcpiPmi - ok
20:43:31.0090 2248 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:43:31.0091 2248 AdobeARMservice - ok
20:43:31.0133 2248 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:43:31.0149 2248 adp94xx - ok
20:43:31.0175 2248 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:43:31.0179 2248 adpahci - ok
20:43:31.0191 2248 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:43:31.0193 2248 adpu320 - ok
20:43:31.0215 2248 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:43:31.0216 2248 AeLookupSvc - ok
20:43:31.0245 2248 [ 7A841462AD4749F8A07B27AE8E8947B8 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
20:43:31.0247 2248 AERTFilters - ok
20:43:31.0295 2248 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
20:43:31.0299 2248 AFD - ok
20:43:31.0327 2248 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:43:31.0328 2248 agp440 - ok
20:43:31.0348 2248 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:43:31.0350 2248 aic78xx - ok
20:43:31.0368 2248 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
20:43:31.0369 2248 ALG - ok
20:43:31.0378 2248 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
20:43:31.0379 2248 aliide - ok
20:43:31.0411 2248 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:43:31.0412 2248 amdagp - ok
20:43:31.0426 2248 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
20:43:31.0428 2248 amdide - ok
20:43:31.0449 2248 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:43:31.0450 2248 AmdK8 - ok
20:43:31.0464 2248 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:43:31.0466 2248 AmdPPM - ok
20:43:31.0510 2248 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:43:31.0512 2248 amdsata - ok
20:43:31.0525 2248 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:43:31.0527 2248 amdsbs - ok
20:43:31.0536 2248 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:43:31.0537 2248 amdxata - ok
20:43:31.0575 2248 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
20:43:31.0577 2248 AppID - ok
20:43:31.0607 2248 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:43:31.0608 2248 AppIDSvc - ok
20:43:31.0639 2248 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
20:43:31.0641 2248 Appinfo - ok
20:43:31.0665 2248 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:43:31.0667 2248 arc - ok
20:43:31.0675 2248 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:43:31.0677 2248 arcsas - ok
20:43:31.0688 2248 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:43:31.0690 2248 AsyncMac - ok
20:43:31.0719 2248 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
20:43:31.0719 2248 atapi - ok
20:43:31.0762 2248 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:43:31.0767 2248 AudioEndpointBuilder - ok
20:43:31.0779 2248 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:43:31.0782 2248 Audiosrv - ok
20:43:31.0942 2248 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
20:43:32.0035 2248 AVGIDSAgent - ok
20:43:32.0066 2248 [ 2F47851015D8837976E481F6DAA46A67 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
20:43:32.0106 2248 AVGIDSDriver - ok
20:43:32.0151 2248 [ 303BDE0DCDC04CE597C6C1CD06C6F186 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
20:43:32.0152 2248 AVGIDSHX - ok
20:43:32.0184 2248 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
20:43:32.0185 2248 AVGIDSShim - ok
20:43:32.0217 2248 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
20:43:32.0220 2248 Avgldx86 - ok
20:43:32.0264 2248 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
20:43:32.0267 2248 Avglogx - ok
20:43:32.0289 2248 [ 6DF7236D3A16C8417FF72F2EB2ADD244 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
20:43:32.0291 2248 Avgmfx86 - ok
20:43:32.0328 2248 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
20:43:32.0329 2248 Avgrkx86 - ok
20:43:32.0357 2248 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
20:43:32.0379 2248 Avgtdix - ok
20:43:32.0416 2248 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
20:43:32.0418 2248 avgwd - ok
20:43:32.0459 2248 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:43:32.0461 2248 AxInstSV - ok
20:43:32.0498 2248 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:43:32.0503 2248 b06bdrv - ok
20:43:32.0531 2248 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:43:32.0534 2248 b57nd60x - ok
20:43:32.0563 2248 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
20:43:32.0565 2248 BDESVC - ok
20:43:32.0576 2248 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
20:43:32.0577 2248 Beep - ok
20:43:32.0644 2248 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
20:43:32.0650 2248 BFE - ok
20:43:32.0692 2248 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
20:43:32.0709 2248 BITS - ok
20:43:32.0738 2248 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:43:32.0739 2248 blbdrive - ok
20:43:32.0813 2248 [ FEE8EEE4B33E4CB560BD0F5EE26EA3E5 ] Bluetooth Device Monitor C:\Program Files\Intel\Bluetooth\devmonsrv.exe
20:43:32.0830 2248 Bluetooth Device Monitor - ok
20:43:32.0868 2248 [ 5AE7F6E810853AEBCB60C4ACDCD87103 ] Bluetooth Media Service C:\Program Files\Intel\Bluetooth\mediasrv.exe
20:43:32.0894 2248 Bluetooth Media Service - ok
20:43:32.0938 2248 [ 6030437C07D554090D63826E9F608DE1 ] Bluetooth OBEX Service C:\Program Files\Intel\Bluetooth\obexsrv.exe
20:43:32.0955 2248 Bluetooth OBEX Service - ok
20:43:32.0988 2248 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:43:32.0990 2248 bowser - ok
20:43:33.0034 2248 [ 104C980400850EA84F86CD31AE2EEECE ] BPowMon C:\Program Files\Broadcom\BPowMon\BPowMon.exe
20:43:33.0035 2248 BPowMon - ok
20:43:33.0058 2248 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:43:33.0059 2248 BrFiltLo - ok
20:43:33.0069 2248 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:43:33.0071 2248 BrFiltUp - ok
20:43:33.0108 2248 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
20:43:33.0109 2248 Browser - ok
20:43:33.0122 2248 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:43:33.0126 2248 Brserid - ok
20:43:33.0141 2248 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:43:33.0143 2248 BrSerWdm - ok
20:43:33.0158 2248 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:43:33.0159 2248 BrUsbMdm - ok
20:43:33.0167 2248 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:43:33.0169 2248 BrUsbSer - ok
20:43:33.0213 2248 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files\Browny02\BrYNSvc.exe
20:43:33.0232 2248 BrYNSvc - ok
20:43:33.0261 2248 [ DB99076533FFB38CBEC8AC88E4535850 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
20:43:33.0263 2248 BthAvrcp - ok
20:43:33.0311 2248 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:43:33.0313 2248 BthEnum - ok
20:43:33.0326 2248 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:43:33.0327 2248 BTHMODEM - ok
20:43:33.0349 2248 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:43:33.0351 2248 BthPan - ok
20:43:33.0378 2248 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:43:33.0383 2248 BTHPORT - ok
20:43:33.0409 2248 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
20:43:33.0411 2248 bthserv - ok
20:43:33.0420 2248 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:43:33.0422 2248 BTHUSB - ok
20:43:33.0449 2248 [ ECF4C3BB58C701D73FCE05F25C8B323B ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
20:43:33.0450 2248 btmaux - ok
20:43:33.0464 2248 [ D517BA16793D76210C963DAB2A88B74F ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
20:43:33.0468 2248 btmhsf - ok
20:43:33.0499 2248 [ 92C5B845803F3662637EB691AC0B250F ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
20:43:33.0500 2248 btusbflt - ok
20:43:33.0517 2248 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:43:33.0518 2248 cdfs - ok
20:43:33.0543 2248 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:43:33.0545 2248 cdrom - ok
20:43:33.0592 2248 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
20:43:33.0594 2248 CertPropSvc - ok
20:43:33.0613 2248 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:43:33.0614 2248 circlass - ok
20:43:33.0635 2248 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
20:43:33.0638 2248 CLFS - ok
20:43:33.0702 2248 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:43:33.0704 2248 clr_optimization_v2.0.50727_32 - ok
20:43:33.0790 2248 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:43:33.0792 2248 clr_optimization_v4.0.30319_32 - ok
20:43:33.0801 2248 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:43:33.0802 2248 CmBatt - ok
20:43:33.0821 2248 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:43:33.0822 2248 cmdide - ok
20:43:33.0861 2248 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
20:43:33.0865 2248 CNG - ok
20:43:33.0881 2248 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:43:33.0882 2248 Compbatt - ok
20:43:33.0911 2248 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:43:33.0913 2248 CompositeBus - ok
20:43:33.0919 2248 COMSysApp - ok
20:43:33.0933 2248 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:43:33.0934 2248 crcdisk - ok
20:43:33.0975 2248 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:43:33.0977 2248 CryptSvc - ok
20:43:34.0016 2248 [ 5C4C3C1D3B626CFF74316DD07C8B6A1F ] csr_a2dp C:\Windows\system32\drivers\bthav.sys
20:43:34.0018 2248 csr_a2dp - ok
20:43:34.0047 2248 [ CB6FF7012BB5D59D7C12350DB795CE1F ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
20:43:34.0048 2248 ctxusbm - ok
20:43:34.0091 2248 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
20:43:34.0096 2248 DcomLaunch - ok
20:43:34.0119 2248 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
20:43:34.0121 2248 defragsvc - ok
20:43:34.0157 2248 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:43:34.0159 2248 DfsC - ok
20:43:34.0206 2248 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:43:34.0209 2248 Dhcp - ok
20:43:34.0218 2248 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
20:43:34.0219 2248 discache - ok
20:43:34.0246 2248 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:43:34.0247 2248 Disk - ok
20:43:34.0288 2248 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:43:34.0290 2248 Dnscache - ok
20:43:34.0325 2248 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
20:43:34.0327 2248 dot3svc - ok
20:43:34.0363 2248 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
20:43:34.0366 2248 DPS - ok
20:43:34.0394 2248 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:43:34.0395 2248 drmkaud - ok
20:43:34.0437 2248 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:43:34.0454 2248 DXGKrnl - ok
20:43:34.0488 2248 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
20:43:34.0489 2248 EapHost - ok
20:43:34.0566 2248 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:43:34.0618 2248 ebdrv - ok
20:43:34.0642 2248 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
20:43:34.0644 2248 EFS - ok
20:43:34.0712 2248 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:43:34.0726 2248 ehRecvr - ok
20:43:34.0742 2248 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
20:43:34.0743 2248 ehSched - ok
20:43:34.0774 2248 ekrn - ok
20:43:34.0810 2248 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:43:34.0815 2248 elxstor - ok
20:43:34.0844 2248 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:43:34.0845 2248 ErrDev - ok
20:43:34.0875 2248 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
20:43:34.0878 2248 EventSystem - ok
20:43:34.0894 2248 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
20:43:34.0896 2248 exfat - ok
20:43:34.0911 2248 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:43:34.0913 2248 fastfat - ok
20:43:34.0962 2248 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
20:43:34.0968 2248 Fax - ok
20:43:34.0975 2248 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:43:34.0977 2248 fdc - ok
20:43:34.0986 2248 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
20:43:34.0987 2248 fdPHost - ok
20:43:35.0007 2248 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
20:43:35.0009 2248 FDResPub - ok
20:43:35.0021 2248 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:43:35.0022 2248 FileInfo - ok
20:43:35.0029 2248 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:43:35.0030 2248 Filetrace - ok
20:43:35.0042 2248 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:43:35.0044 2248 flpydisk - ok
20:43:35.0069 2248 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:43:35.0072 2248 FltMgr - ok
20:43:35.0108 2248 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
20:43:35.0125 2248 FontCache - ok
20:43:35.0195 2248 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:43:35.0197 2248 FontCache3.0.0.0 - ok
20:43:35.0210 2248 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:43:35.0211 2248 FsDepends - ok
20:43:35.0228 2248 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:43:35.0230 2248 Fs_Rec - ok
20:43:35.0281 2248 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:43:35.0284 2248 fvevol - ok
20:43:35.0316 2248 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:43:35.0317 2248 gagp30kx - ok
20:43:35.0356 2248 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
20:43:35.0372 2248 gpsvc - ok
20:43:35.0454 2248 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:43:35.0456 2248 gupdate - ok
20:43:35.0477 2248 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:43:35.0478 2248 gupdatem - ok
20:43:35.0493 2248 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:43:35.0495 2248 hcw85cir - ok
20:43:35.0539 2248 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:43:35.0541 2248 HDAudBus - ok
20:43:35.0551 2248 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:43:35.0553 2248 HidBatt - ok
20:43:35.0569 2248 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:43:35.0570 2248 HidBth - ok
20:43:35.0593 2248 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:43:35.0595 2248 HidIr - ok
20:43:35.0615 2248 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
20:43:35.0617 2248 hidserv - ok
20:43:35.0638 2248 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:43:35.0639 2248 HidUsb - ok
20:43:35.0668 2248 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:43:35.0670 2248 hkmsvc - ok
20:43:35.0705 2248 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:43:35.0708 2248 HomeGroupListener - ok
20:43:35.0743 2248 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:43:35.0746 2248 HomeGroupProvider - ok
20:43:35.0761 2248 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:43:35.0763 2248 HpSAMD - ok
20:43:35.0820 2248 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:43:35.0825 2248 HTTP - ok
20:43:35.0859 2248 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:43:35.0860 2248 hwpolicy - ok
20:43:35.0908 2248 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:43:35.0909 2248 i8042prt - ok
20:43:35.0965 2248 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:43:35.0969 2248 iaStorV - ok
20:43:35.0980 2248 [ 61401BA4183BC171BA114FCE4981BB33 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
20:43:35.0982 2248 iBtFltCoex - ok
20:43:36.0023 2248 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:43:36.0040 2248 idsvc - ok
20:43:36.0214 2248 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
20:43:36.0350 2248 igfx - ok
20:43:36.0378 2248 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:43:36.0379 2248 iirsp - ok
20:43:36.0426 2248 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
20:43:36.0443 2248 IKEEXT - ok
20:43:36.0505 2248 [ 94B1FF5D243D34B31380A2F79FC48959 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:43:36.0581 2248 IntcAzAudAddService - ok
20:43:36.0612 2248 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
20:43:36.0613 2248 intelide - ok
20:43:36.0644 2248 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:43:36.0645 2248 intelppm - ok
20:43:36.0667 2248 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:43:36.0669 2248 IPBusEnum - ok
20:43:36.0678 2248 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:43:36.0680 2248 IpFilterDriver - ok
20:43:36.0715 2248 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:43:36.0716 2248 IPMIDRV - ok
20:43:36.0729 2248 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:43:36.0731 2248 IPNAT - ok
20:43:36.0748 2248 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:43:36.0750 2248 IRENUM - ok
20:43:36.0768 2248 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:43:36.0770 2248 isapnp - ok
20:43:36.0808 2248 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:43:36.0811 2248 iScsiPrt - ok
20:43:36.0828 2248 [ 7EA81534E80570BDF6EE4A4248BBA4D6 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
20:43:36.0832 2248 k57nd60x - ok
20:43:36.0855 2248 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:43:36.0857 2248 kbdclass - ok
20:43:36.0864 2248 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:43:36.0865 2248 kbdhid - ok
20:43:36.0875 2248 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
20:43:36.0876 2248 KeyIso - ok
20:43:36.0909 2248 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:43:36.0911 2248 KSecDD - ok
20:43:36.0923 2248 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:43:36.0926 2248 KSecPkg - ok
20:43:36.0949 2248 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
20:43:36.0953 2248 KtmRm - ok
20:43:36.0967 2248 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
20:43:36.0970 2248 LanmanServer - ok
20:43:36.0980 2248 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:43:36.0983 2248 LanmanWorkstation - ok
20:43:37.0034 2248 [ 027D03D9D8AB95194A115A999E960AC0 ] LexBceS C:\Windows\System32\LEXBCES.EXE
20:43:37.0039 2248 LexBceS - ok
20:43:37.0072 2248 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:43:37.0073 2248 lltdio - ok
20:43:37.0098 2248 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:43:37.0101 2248 lltdsvc - ok
20:43:37.0112 2248 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
20:43:37.0114 2248 lmhosts - ok
20:43:37.0130 2248 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:43:37.0132 2248 LSI_FC - ok
20:43:37.0140 2248 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:43:37.0142 2248 LSI_SAS - ok
20:43:37.0152 2248 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:43:37.0153 2248 LSI_SAS2 - ok
20:43:37.0158 2248 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:43:37.0160 2248 LSI_SCSI - ok
20:43:37.0178 2248 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
20:43:37.0180 2248 luafv - ok
20:43:37.0217 2248 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:43:37.0220 2248 Mcx2Svc - ok
20:43:37.0229 2248 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:43:37.0231 2248 megasas - ok
20:43:37.0248 2248 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:43:37.0251 2248 MegaSR - ok
20:43:37.0301 2248 Microsoft SharePoint Workspace Audit Service - ok
20:43:37.0320 2248 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
20:43:37.0321 2248 MMCSS - ok
20:43:37.0335 2248 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
20:43:37.0337 2248 Modem - ok
20:43:37.0369 2248 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:43:37.0370 2248 monitor - ok
20:43:37.0392 2248 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:43:37.0394 2248 mouclass - ok
20:43:37.0418 2248 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:43:37.0419 2248 mouhid - ok
20:43:37.0457 2248 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:43:37.0458 2248 mountmgr - ok
20:43:37.0510 2248 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:43:37.0512 2248 MozillaMaintenance - ok
20:43:37.0546 2248 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
20:43:37.0548 2248 mpio - ok
20:43:37.0566 2248 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:43:37.0568 2248 mpsdrv - ok
20:43:37.0625 2248 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:43:37.0640 2248 MpsSvc - ok
20:43:37.0689 2248 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:43:37.0691 2248 MRxDAV - ok
20:43:37.0735 2248 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:43:37.0737 2248 mrxsmb - ok
20:43:37.0773 2248 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:43:37.0776 2248 mrxsmb10 - ok
20:43:37.0787 2248 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:43:37.0789 2248 mrxsmb20 - ok
20:43:37.0797 2248 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
20:43:37.0799 2248 msahci - ok
20:43:37.0810 2248 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:43:37.0812 2248 msdsm - ok
20:43:37.0823 2248 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
20:43:37.0826 2248 MSDTC - ok
20:43:37.0858 2248 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:43:37.0860 2248 Msfs - ok
20:43:37.0884 2248 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:43:37.0886 2248 mshidkmdf - ok
20:43:37.0921 2248 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:43:37.0922 2248 msisadrv - ok
20:43:37.0954 2248 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:43:37.0956 2248 MSiSCSI - ok
20:43:37.0960 2248 msiserver - ok
20:43:37.0971 2248 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:43:37.0972 2248 MSKSSRV - ok
20:43:37.0984 2248 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:43:37.0985 2248 MSPCLOCK - ok
20:43:37.0989 2248 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:43:37.0990 2248 MSPQM - ok
20:43:38.0013 2248 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:43:38.0015 2248 MsRPC - ok
20:43:38.0023 2248 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:43:38.0025 2248 mssmbios - ok
20:43:38.0032 2248 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:43:38.0033 2248 MSTEE - ok
20:43:38.0038 2248 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:43:38.0040 2248 MTConfig - ok
20:43:38.0063 2248 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
20:43:38.0064 2248 Mup - ok
20:43:38.0101 2248 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
20:43:38.0105 2248 napagent - ok
20:43:38.0136 2248 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:43:38.0139 2248 NativeWifiP - ok
20:43:38.0194 2248 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:43:38.0211 2248 NDIS - ok
20:43:38.0251 2248 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:43:38.0252 2248 NdisCap - ok
20:43:38.0275 2248 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:43:38.0276 2248 NdisTapi - ok
20:43:38.0308 2248 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:43:38.0309 2248 Ndisuio - ok
20:43:38.0340 2248 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:43:38.0342 2248 NdisWan - ok
20:43:38.0352 2248 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:43:38.0354 2248 NDProxy - ok
20:43:38.0398 2248 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:43:38.0399 2248 NetBIOS - ok
20:43:38.0412 2248 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:43:38.0415 2248 NetBT - ok
20:43:38.0425 2248 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
20:43:38.0426 2248 Netlogon - ok
20:43:38.0465 2248 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
20:43:38.0469 2248 Netman - ok
20:43:38.0487 2248 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
20:43:38.0491 2248 netprofm - ok
20:43:38.0526 2248 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:43:38.0528 2248 NetTcpPortSharing - ok
20:43:38.0553 2248 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:43:38.0554 2248 nfrd960 - ok
20:43:38.0585 2248 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:43:38.0589 2248 NlaSvc - ok
20:43:38.0596 2248 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:43:38.0597 2248 Npfs - ok
20:43:38.0614 2248 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
20:43:38.0616 2248 nsi - ok
20:43:38.0650 2248 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:43:38.0652 2248 nsiproxy - ok
20:43:38.0698 2248 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:43:38.0724 2248 Ntfs - ok
20:43:38.0732 2248 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
20:43:38.0734 2248 Null - ok
20:43:38.0757 2248 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:43:38.0759 2248 nvraid - ok
20:43:38.0777 2248 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:43:38.0779 2248 nvstor - ok
20:43:38.0794 2248 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:43:38.0796 2248 nv_agp - ok
20:43:38.0826 2248 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:43:38.0827 2248 ohci1394 - ok
20:43:38.0881 2248 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:43:38.0883 2248 ose - ok
20:43:39.0014 2248 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:43:39.0093 2248 osppsvc - ok
20:43:39.0137 2248 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:43:39.0141 2248 p2pimsvc - ok
20:43:39.0158 2248 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
20:43:39.0163 2248 p2psvc - ok
20:43:39.0186 2248 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:43:39.0187 2248 Parport - ok
20:43:39.0222 2248 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:43:39.0223 2248 partmgr - ok
20:43:39.0233 2248 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:43:39.0234 2248 Parvdm - ok
20:43:39.0243 2248 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:43:39.0246 2248 PcaSvc - ok
20:43:39.0286 2248 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
20:43:39.0289 2248 pci - ok
20:43:39.0301 2248 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
20:43:39.0302 2248 pciide - ok
20:43:39.0318 2248 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:43:39.0321 2248 pcmcia - ok
20:43:39.0334 2248 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
20:43:39.0335 2248 pcw - ok
20:43:39.0414 2248 [ C1C3BAF078BE5A14384A4BA2D730817D ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
20:43:39.0435 2248 PDFProFiltSrvPP - ok
20:43:39.0474 2248 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:43:39.0491 2248 PEAUTH - ok
20:43:39.0556 2248 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
20:43:39.0582 2248 pla - ok
20:43:39.0622 2248 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:43:39.0626 2248 PlugPlay - ok
20:43:39.0653 2248 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:43:39.0655 2248 PNRPAutoReg - ok
20:43:39.0670 2248 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:43:39.0672 2248 PNRPsvc - ok
20:43:39.0691 2248 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:43:39.0695 2248 PolicyAgent - ok
20:43:39.0730 2248 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
20:43:39.0733 2248 Power - ok
20:43:39.0763 2248 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:43:39.0764 2248 PptpMiniport - ok
20:43:39.0781 2248 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:43:39.0782 2248 Processor - ok
20:43:39.0827 2248 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
20:43:39.0830 2248 ProfSvc - ok
20:43:39.0841 2248 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:43:39.0843 2248 ProtectedStorage - ok
20:43:39.0870 2248 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:43:39.0872 2248 Psched - ok
20:43:39.0899 2248 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
20:43:39.0901 2248 PxHelp20 - ok
20:43:39.0930 2248 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:43:39.0956 2248 ql2300 - ok
20:43:39.0971 2248 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:43:39.0972 2248 ql40xx - ok
20:43:39.0995 2248 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
20:43:39.0999 2248 QWAVE - ok
20:43:40.0013 2248 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:43:40.0014 2248 QWAVEdrv - ok
20:43:40.0076 2248 [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
20:43:40.0078 2248 RapiMgr - ok
20:43:40.0097 2248 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:43:40.0098 2248 RasAcd - ok
20:43:40.0124 2248 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:43:40.0125 2248 RasAgileVpn - ok
20:43:40.0133 2248 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
20:43:40.0136 2248 RasAuto - ok
20:43:40.0140 2248 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:43:40.0142 2248 Rasl2tp - ok
20:43:40.0183 2248 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
20:43:40.0187 2248 RasMan - ok
20:43:40.0202 2248 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:43:40.0204 2248 RasPppoe - ok
20:43:40.0219 2248 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:43:40.0221 2248 RasSstp - ok
20:43:40.0232 2248 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:43:40.0235 2248 rdbss - ok
20:43:40.0247 2248 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:43:40.0249 2248 rdpbus - ok
20:43:40.0283 2248 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:43:40.0284 2248 RDPCDD - ok
20:43:40.0309 2248 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:43:40.0310 2248 RDPENCDD - ok
20:43:40.0320 2248 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:43:40.0321 2248 RDPREFMP - ok
20:43:40.0352 2248 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:43:40.0355 2248 RDPWD - ok
20:43:40.0405 2248 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:43:40.0407 2248 rdyboost - ok
20:43:40.0426 2248 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
20:43:40.0428 2248 RemoteAccess - ok
20:43:40.0456 2248 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:43:40.0458 2248 RemoteRegistry - ok
20:43:40.0486 2248 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:43:40.0488 2248 RFCOMM - ok
20:43:40.0505 2248 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:43:40.0507 2248 RpcEptMapper - ok
20:43:40.0528 2248 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
20:43:40.0530 2248 RpcLocator - ok
20:43:40.0549 2248 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
20:43:40.0552 2248 RpcSs - ok
20:43:40.0576 2248 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:43:40.0577 2248 rspndr - ok
20:43:40.0591 2248 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
20:43:40.0593 2248 SamSs - ok
20:43:40.0644 2248 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:43:40.0645 2248 SASDIFSV - ok
20:43:40.0656 2248 [ 7CE61C25C159F50F9EAF6D77FC83FA35 ] SASENUM C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
20:43:40.0657 2248 SASENUM - ok
20:43:40.0669 2248 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:43:40.0670 2248 SASKUTIL - ok
20:43:40.0712 2248 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:43:40.0714 2248 sbp2port - ok
20:43:40.0765 2248 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
20:43:40.0790 2248 SBSDWSCService - ok
20:43:40.0810 2248 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:43:40.0813 2248 SCardSvr - ok
20:43:40.0847 2248 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:43:40.0849 2248 scfilter - ok
20:43:40.0888 2248 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
20:43:40.0905 2248 Schedule - ok
20:43:40.0917 2248 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:43:40.0918 2248 SCPolicySvc - ok
20:43:40.0947 2248 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:43:40.0950 2248 SDRSVC - ok
20:43:41.0011 2248 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
20:43:41.0014 2248 SeaPort - ok
20:43:41.0045 2248 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:43:41.0046 2248 secdrv - ok
20:43:41.0068 2248 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
20:43:41.0070 2248 seclogon - ok
20:43:41.0089 2248 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
20:43:41.0091 2248 SENS - ok
20:43:41.0118 2248 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:43:41.0120 2248 SensrSvc - ok
20:43:41.0129 2248 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:43:41.0131 2248 Serenum - ok
20:43:41.0174 2248 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:43:41.0176 2248 Serial - ok
20:43:41.0204 2248 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:43:41.0205 2248 sermouse - ok
20:43:41.0253 2248 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
20:43:41.0255 2248 SessionEnv - ok
20:43:41.0286 2248 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:43:41.0287 2248 sffdisk - ok
20:43:41.0293 2248 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:43:41.0294 2248 sffp_mmc - ok
20:43:41.0309 2248 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:43:41.0310 2248 sffp_sd - ok
20:43:41.0317 2248 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:43:41.0318 2248 sfloppy - ok
20:43:41.0340 2248 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:43:41.0344 2248 SharedAccess - ok
20:43:41.0355 2248 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:43:41.0360 2248 ShellHWDetection - ok
20:43:41.0400 2248 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:43:41.0401 2248 sisagp - ok
20:43:41.0418 2248 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:43:41.0420 2248 SiSRaid2 - ok
20:43:41.0428 2248 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:43:41.0430 2248 SiSRaid4 - ok
20:43:41.0455 2248 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:43:41.0457 2248 Smb - ok
20:43:41.0500 2248 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:43:41.0502 2248 SNMPTRAP - ok
20:43:41.0508 2248 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
20:43:41.0509 2248 spldr - ok
20:43:41.0554 2248 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
20:43:41.0559 2248 Spooler - ok
20:43:41.0641 2248 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
20:43:41.0693 2248 sppsvc - ok
20:43:41.0727 2248 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:43:41.0729 2248 sppuinotify - ok
20:43:41.0766 2248 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:43:41.0769 2248 srv - ok
20:43:41.0808 2248 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:43:41.0811 2248 srv2 - ok
20:43:41.0846 2248 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:43:41.0848 2248 srvnet - ok
20:43:41.0870 2248 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:43:41.0873 2248 SSDPSRV - ok
20:43:41.0882 2248 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:43:41.0885 2248 SstpSvc - ok
20:43:41.0901 2248 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:43:41.0902 2248 stexstor - ok
20:43:41.0935 2248 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
20:43:41.0951 2248 StiSvc - ok
20:43:41.0978 2248 [ E476C66713C842F58E61A95826ED1D57 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:43:41.0979 2248 stllssvr - ok
20:43:42.0015 2248 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
20:43:42.0016 2248 swenum - ok
20:43:42.0028 2248 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
20:43:42.0033 2248 swprv - ok
20:43:42.0083 2248 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
20:43:42.0109 2248 SysMain - ok
20:43:42.0138 2248 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:43:42.0140 2248 TabletInputService - ok
20:43:42.0184 2248 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
20:43:42.0187 2248 TapiSrv - ok
20:43:42.0207 2248 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
20:43:42.0209 2248 TBS - ok
20:43:42.0255 2248 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:43:42.0281 2248 Tcpip - ok
20:43:42.0318 2248 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:43:42.0324 2248 TCPIP6 - ok
20:43:42.0357 2248 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:43:42.0359 2248 tcpipreg - ok
20:43:42.0396 2248 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:43:42.0397 2248 TDPIPE - ok
20:43:42.0426 2248 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:43:42.0428 2248 TDTCP - ok
20:43:42.0462 2248 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:43:42.0464 2248 tdx - ok
20:43:42.0528 2248 [ 5624ACD0B7900BEABBD329443A4F4454 ] TeamViewer5 C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
20:43:42.0530 2248 TeamViewer5 - ok
20:43:42.0543 2248 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:43:42.0545 2248 TermDD - ok
20:43:42.0586 2248 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
20:43:42.0601 2248 TermService - ok
20:43:42.0621 2248 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
20:43:42.0624 2248 Themes - ok
20:43:42.0636 2248 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
20:43:42.0637 2248 THREADORDER - ok
20:43:42.0680 2248 TinyWall - ok
20:43:42.0695 2248 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
20:43:42.0698 2248 TrkWks - ok
20:43:42.0752 2248 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:43:42.0754 2248 TrustedInstaller - ok
20:43:42.0792 2248 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:43:42.0793 2248 tssecsrv - ok
20:43:42.0860 2248 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:43:42.0862 2248 TsUsbFlt - ok
20:43:42.0899 2248 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:43:42.0901 2248 tunnel - ok
20:43:42.0919 2248 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:43:42.0921 2248 uagp35 - ok
20:43:42.0934 2248 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:43:42.0937 2248 udfs - ok
20:43:42.0955 2248 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:43:42.0958 2248 UI0Detect - ok
20:43:42.0984 2248 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:43:42.0986 2248 uliagpkx - ok
20:43:43.0025 2248 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:43:43.0027 2248 umbus - ok
20:43:43.0042 2248 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:43:43.0044 2248 UmPass - ok
20:43:43.0075 2248 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
20:43:43.0079 2248 upnphost - ok
20:43:43.0114 2248 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:43:43.0116 2248 usbccgp - ok
20:43:43.0141 2248 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:43:43.0143 2248 usbcir - ok
20:43:43.0180 2248 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:43:43.0181 2248 usbehci - ok
20:43:43.0230 2248 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:43:43.0233 2248 usbhub - ok
20:43:43.0268 2248 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:43:43.0270 2248 usbohci - ok
20:43:43.0281 2248 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:43:43.0283 2248 usbprint - ok
20:43:43.0322 2248 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:43:43.0323 2248 usbscan - ok
20:43:43.0338 2248 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:43:43.0340 2248 USBSTOR - ok
20:43:43.0374 2248 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:43:43.0376 2248 usbuhci - ok
20:43:43.0394 2248 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
20:43:43.0396 2248 UxSms - ok
20:43:43.0408 2248 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
20:43:43.0409 2248 VaultSvc - ok
20:43:43.0453 2248 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:43:43.0454 2248 vdrvroot - ok
20:43:43.0492 2248 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
20:43:43.0506 2248 vds - ok
20:43:43.0534 2248 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:43:43.0536 2248 vga - ok
20:43:43.0545 2248 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:43:43.0547 2248 VgaSave - ok
20:43:43.0582 2248 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:43:43.0585 2248 vhdmp - ok
20:43:43.0608 2248 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:43:43.0610 2248 viaagp - ok
20:43:43.0618 2248 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
20:43:43.0619 2248 ViaC7 - ok
20:43:43.0632 2248 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
20:43:43.0633 2248 viaide - ok
20:43:43.0660 2248 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:43:43.0661 2248 volmgr - ok
20:43:43.0673 2248 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:43:43.0677 2248 volmgrx - ok
20:43:43.0693 2248 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:43:43.0696 2248 volsnap - ok
20:43:43.0717 2248 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:43:43.0719 2248 vsmraid - ok
20:43:43.0770 2248 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
20:43:43.0788 2248 VSS - ok
20:43:43.0810 2248 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:43:43.0812 2248 vwifibus - ok
20:43:43.0845 2248 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
20:43:43.0850 2248 W32Time - ok
20:43:43.0862 2248 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:43:43.0863 2248 WacomPen - ok
20:43:43.0886 2248 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:43:43.0888 2248 WANARP - ok
20:43:43.0890 2248 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:43:43.0892 2248 Wanarpv6 - ok
20:43:43.0943 2248 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
20:43:43.0969 2248 WatAdminSvc - ok
20:43:44.0014 2248 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
20:43:44.0041 2248 wbengine - ok
20:43:44.0067 2248 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:43:44.0071 2248 WbioSrvc - ok
20:43:44.0115 2248 [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
20:43:44.0119 2248 WcesComm - ok
20:43:44.0162 2248 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:43:44.0166 2248 wcncsvc - ok
20:43:44.0177 2248 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:43:44.0179 2248 WcsPlugInService - ok
20:43:44.0204 2248 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:43:44.0205 2248 Wd - ok
20:43:44.0226 2248 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:43:44.0230 2248 Wdf01000 - ok
20:43:44.0241 2248 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:43:44.0244 2248 WdiServiceHost - ok
20:43:44.0247 2248 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:43:44.0249 2248 WdiSystemHost - ok
20:43:44.0281 2248 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
20:43:44.0285 2248 WebClient - ok
20:43:44.0295 2248 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:43:44.0298 2248 Wecsvc - ok
20:43:44.0307 2248 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:43:44.0309 2248 wercplsupport - ok
20:43:44.0329 2248 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
20:43:44.0332 2248 WerSvc - ok
20:43:44.0357 2248 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:43:44.0359 2248 WfpLwf - ok
20:43:44.0378 2248 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:43:44.0379 2248 WIMMount - ok
20:43:44.0383 2248 WinHttpAutoProxySvc - ok
20:43:44.0435 2248 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:43:44.0437 2248 Winmgmt - ok
20:43:44.0486 2248 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
20:43:44.0512 2248 WinRM - ok
20:43:44.0560 2248 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:43:44.0562 2248 WinUsb - ok
20:43:44.0597 2248 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:43:44.0614 2248 Wlansvc - ok
20:43:44.0692 2248 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:43:44.0727 2248 wlidsvc - ok
20:43:44.0741 2248 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:43:44.0743 2248 WmiAcpi - ok
20:43:44.0763 2248 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:43:44.0765 2248 wmiApSrv - ok
20:43:44.0826 2248 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:43:44.0842 2248 WMPNetworkSvc - ok
20:43:44.0861 2248 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:43:44.0864 2248 WPCSvc - ok
20:43:44.0893 2248 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:43:44.0896 2248 WPDBusEnum - ok
20:43:44.0922 2248 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:43:44.0924 2248 ws2ifsl - ok
20:43:44.0950 2248 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
20:43:44.0953 2248 wscsvc - ok
20:43:44.0956 2248 WSearch - ok
20:43:45.0019 2248 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
20:43:45.0054 2248 wuauserv - ok
20:43:45.0063 2248 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:43:45.0065 2248 WudfPf - ok
20:43:45.0107 2248 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:43:45.0109 2248 WUDFRd - ok
20:43:45.0148 2248 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:43:45.0150 2248 wudfsvc - ok
20:43:45.0166 2248 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:43:45.0170 2248 WwanSvc - ok
20:43:45.0185 2248 ================ Scan global ===============================
20:43:45.0226 2248 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:43:45.0253 2248 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:43:45.0269 2248 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:43:45.0303 2248 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:43:45.0333 2248 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:43:45.0337 2248 [Global] - ok
20:43:45.0337 2248 ================ Scan MBR ==================================
20:43:45.0353 2248 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
20:43:45.0584 2248 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:43:45.0584 2248 \Device\Harddisk0\DR0 - detected TDSS File System (1)
20:43:45.0599 2248 [ B20939CD98B7710036274839082AE757 ] \Device\Harddisk1\DR1
20:43:45.0751 2248 \Device\Harddisk1\DR1 - ok
20:43:45.0751 2248 ================ Scan VBR ==================================
20:43:45.0753 2248 [ 10B7FB05E6EE8C9EA6EE3ABDF6283DCB ] \Device\Harddisk0\DR0\Partition1
20:43:45.0754 2248 \Device\Harddisk0\DR0\Partition1 - ok
20:43:45.0781 2248 [ 9512F3CDFB012D9EFAD0AA3D424A85B2 ] \Device\Harddisk0\DR0\Partition2
20:43:45.0783 2248 \Device\Harddisk0\DR0\Partition2 - ok
20:43:45.0812 2248 [ F319D018B87DE51C0947FA3A45626F82 ] \Device\Harddisk1\DR1\Partition1
20:43:45.0814 2248 \Device\Harddisk1\DR1\Partition1 - ok
20:43:45.0815 2248 ============================================================
20:43:45.0815 2248 Scan finished
20:43:45.0815 2248 ============================================================
20:43:45.0821 3468 Detected object count: 1
20:43:45.0821 3468 Actual detected object count: 1
20:44:33.0925 3468 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine
20:44:33.0932 3468 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine
20:44:33.0934 3468 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine
20:44:33.0938 3468 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine
20:44:33.0942 3468 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine
20:44:33.0952 3468 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine
20:44:33.0992 3468 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine
20:44:33.0993 3468 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine
20:44:33.0996 3468 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine
20:44:33.0997 3468 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine
20:44:33.0999 3468 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine
20:44:34.0001 3468 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine
20:44:34.0002 3468 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine
20:44:45.0834 1232 Deinitialize success

#5 StephenASiracusa

StephenASiracusa
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 18 October 2012 - 08:50 PM

asw MBR Log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-18 20:47:32
-----------------------------
20:47:32.840 OS Version: Windows 6.1.7601 Service Pack 1
20:47:32.840 Number of processors: 2 586 0x170A
20:47:32.841 ComputerName: SIRACUSA-PC UserName: siracusa
20:47:33.733 Initialize success
20:48:40.759 AVAST engine defs: 12101802
20:49:09.353 The log file has been saved successfully to "C:\Users\siracusa\Desktop\aswMBR.txt"

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:21 AM

Posted 18 October 2012 - 09:06 PM

ASWMBR log is incomplete

#7 StephenASiracusa

StephenASiracusa
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 18 October 2012 - 09:17 PM

ESet still running:

...preview: 8 OLMARIK.* trojans so far

ASWMBR log is incomplete



I'll try again (in a minute)
Make that ~:25m :)

Edited by StephenASiracusa, 18 October 2012 - 09:19 PM.


#8 StephenASiracusa

StephenASiracusa
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 18 October 2012 - 09:42 PM

Updated aswMBR Log:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-18 21:22:35
-----------------------------
21:22:35.282 OS Version: Windows 6.1.7601 Service Pack 1
21:22:35.282 Number of processors: 2 586 0x170A
21:22:35.283 ComputerName: SIRACUSA-PC UserName: siracusa
21:22:37.342 Initialize success
21:22:50.765 AVAST engine defs: 12101802
21:23:00.603 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
21:23:00.606 Disk 0 Vendor: WDC_WD1600AAJS-75M0A0 02.03E02 Size: 152587MB BusType: 3
21:23:00.644 Disk 0 MBR read successfully
21:23:00.647 Disk 0 MBR scan
21:23:00.657 Disk 0 Windows VISTA default MBR code
21:23:00.669 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
21:23:00.681 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
21:23:00.698 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 137546 MB offset 30801920
21:23:00.720 Disk 0 scanning sectors +312497952
21:23:00.827 Disk 0 scanning C:\Windows\system32\drivers
21:23:15.438 Service scanning
21:23:51.120 Modules scanning
21:24:03.745 Disk 0 trace - called modules:
21:24:03.794 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys
21:24:03.800 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85a144e0]
21:24:03.806 3 CLASSPNP.SYS[88d8059e] -> nt!IofCallDriver -> [0x84c63918]
21:24:03.811 5 ACPI.sys[888ac3d4] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84c70610]
21:24:05.808 AVAST engine scan C:\Windows
21:24:09.291 AVAST engine scan C:\Windows\system32
21:29:38.185 AVAST engine scan C:\Windows\system32\drivers
21:30:09.706 AVAST engine scan C:\Users\siracusa
21:36:40.338 AVAST engine scan C:\ProgramData
21:38:11.529 Scan finished successfully
21:40:05.605 Disk 0 MBR has been saved successfully to "C:\Users\siracusa\Desktop\MBR.dat"
21:40:05.611 The log file has been saved successfully to "C:\Users\siracusa\Desktop\aswMBR.txt"


...eSet approaching 70% completion

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:21 AM

Posted 18 October 2012 - 09:44 PM

After ESET finishes,remove infections and post the log

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#10 StephenASiracusa

StephenASiracusa
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 18 October 2012 - 09:45 PM

eSet Log:

C:\TDSSKiller_Quarantine\18.10.2012_20.42.59\tdlfs0000\tsk0001.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.10.2012_20.42.59\tdlfs0000\tsk0002.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.10.2012_20.42.59\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.10.2012_20.42.59\tdlfs0000\tsk0004.dta Win64/Olmarik.AG trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.10.2012_20.42.59\tdlfs0000\tsk0005.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.10.2012_20.42.59\tdlfs0000\tsk0006.dta Win64/Olmarik.AF trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.10.2012_20.42.59\tdlfs0000\tsk0010.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\18.10.2012_20.42.59\tdlfs0000\tsk0011.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined



...next?
and BTW, thank you for your help!!

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:21 AM

Posted 18 October 2012 - 09:46 PM

Check my previous instructions :thumbup2:

#12 StephenASiracusa

StephenASiracusa
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 18 October 2012 - 09:56 PM

Mini Toolbox Log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by siracusa (administrator) on 18-10-2012 at 21:55:05
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

Hosts file not detected in the default directory
========================= IP Configuration: ================================

Broadcom NetLink ™ Gigabit Ethernet = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : siracusa-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : new.rr.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : new.rr.com
Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
Physical Address. . . . . . . . . : 00-26-2D-24-FA-94
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7007:e59:8d56:f796%10(Preferred)
IPv4 Address. . . . . . . . . . . : 65.27.111.40(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.224.0
Lease Obtained. . . . . . . . . . : October 18, 2012 15:50:19
Lease Expires . . . . . . . . . . : October 19, 2012 04:46:40
Default Gateway . . . . . . . . . : 65.27.96.1
DHCP Server . . . . . . . . . . . : 10.64.192.1
DHCPv6 IAID . . . . . . . . . . . : 234890797
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-5E-C4-EA-00-26-2D-24-FA-94
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Reusable Microsoft 6To4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter 6TO4 Adapter:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.new.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4009:800::1008
74.125.225.99
74.125.225.100
74.125.225.101
74.125.225.102
74.125.225.103
74.125.225.104
74.125.225.105
74.125.225.110
74.125.225.96
74.125.225.97
74.125.225.98


Pinging google.com [74.125.225.105] with 32 bytes of data:
Reply from 74.125.225.105: bytes=32 time=25ms TTL=53
Reply from 74.125.225.105: bytes=32 time=28ms TTL=53

Ping statistics for 74.125.225.105:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 25ms, Maximum = 28ms, Average = 26ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=77ms TTL=51
Reply from 72.30.38.140: bytes=32 time=126ms TTL=51

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 77ms, Maximum = 126ms, Average = 101ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 26 2d 24 fa 94 ......Broadcom NetLink ™ Gigabit Ethernet
1...........................Software Loopback Interface 1
15...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 65.27.96.1 65.27.111.40 20
65.27.96.0 255.255.224.0 On-link 65.27.111.40 276
65.27.111.40 255.255.255.255 On-link 65.27.111.40 276
65.27.127.255 255.255.255.255 On-link 65.27.111.40 276
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 65.27.111.40 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 65.27.111.40 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
10 276 fe80::7007:e59:8d56:f796/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 08 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/18/2012 08:01:47 PM) (Source: .NET Runtime) (User: )
Description: Application: TinyWall.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
Stack:
at NetFwTypeLib.INetFwPolicy2.get_CurrentProfileTypes()
at PKSoft.WindowsFirewall.Policy..ctor()
at PKSoft.TinyWallDoctor.Uninstall()
at PKSoft.Program.Main(System.String[])

Error: (10/18/2012 08:01:45 PM) (Source: MsiInstaller) (User: siracusa-PC)siracusa-PC
Description: Product: TinyWall -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action InstallCustom, location: C:\Program Files\TinyWall\TinyWall.exe, command: /install

Error: (10/18/2012 06:38:38 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (10/18/2012 03:51:27 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2012 03:51:27 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2012 03:51:27 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2012 03:51:27 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (10/18/2012 03:51:25 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2012 03:51:25 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/18/2012 03:51:25 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (10/18/2012 08:07:36 PM) (Source: Service Control Manager) (User: )
Description: The Base Filtering Engine service terminated with the following error:
%%5

Error: (10/18/2012 08:07:36 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error:
%%5

Error: (10/18/2012 08:06:07 PM) (Source: Service Control Manager) (User: )
Description: The Base Filtering Engine service terminated with the following error:
%%5

Error: (10/18/2012 08:06:07 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error:
%%5

Error: (10/18/2012 08:01:42 PM) (Source: Service Control Manager) (User: )
Description: The TinyWall Service service depends on the Windows Firewall service which failed to start because of the following error:
%%1068

Error: (10/18/2012 08:01:42 PM) (Source: Service Control Manager) (User: )
Description: The Base Filtering Engine service terminated with the following error:
%%5

Error: (10/18/2012 08:01:42 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error:
%%5

Error: (10/18/2012 04:46:43 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.

Error: (10/18/2012 03:51:57 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (10/18/2012 03:51:27 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (10/18/2012 08:01:47 PM) (Source: .NET Runtime)(User: )
Description: Application: TinyWall.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Runtime.InteropServices.COMException
Stack:
at NetFwTypeLib.INetFwPolicy2.get_CurrentProfileTypes()
at PKSoft.WindowsFirewall.Policy..ctor()
at PKSoft.TinyWallDoctor.Uninstall()
at PKSoft.Program.Main(System.String[])

Error: (10/18/2012 08:01:45 PM) (Source: MsiInstaller)(User: siracusa-PC)siracusa-PC
Description: Product: TinyWall -- Error 1722. There is a problem with this Windows Installer package. A program run as part of the setup did not finish as expected. Contact your support personnel or package vendor. Action InstallCustom, location: C:\Program Files\TinyWall\TinyWall.exe, command: /install (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/18/2012 06:38:38 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files\spybot - search & destroy\DelZip179.dllc:\program files\spybot - search & destroy\DelZip179.dll8

Error: (10/18/2012 03:51:27 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2012 03:51:27 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2012 03:51:27 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (10/18/2012 03:51:27 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (10/18/2012 03:51:25 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (10/18/2012 03:51:25 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

Error: (10/18/2012 03:51:25 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt


=========================== Installed Programs ============================

Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 10 ActiveX (Version: 10.2.159.1)
Adobe Flash Player 11 Plugin (Version: 11.0.1.152)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Apple Application Support (Version: 1.4.1)
Apple Software Update (Version: 2.1.1.116)
AVG 2013 (Version: 13.0.2614)
AVG 2013 (Version: 13.0.2741)
AVG 2013 (Version: 2013.0.2741)
Broadcom Gigabit NetLink Controller (Version: 12.33.02)
Broadcom Management Programs (Version: 12.35.01)
Brother MFL-Pro Suite HL-2280DW (Version: 1.0.0.0)
CCleaner (Version: 3.23)
Citrix online plug-in - web (Version: 12.1.0.30)
Citrix online plug-in (DV) (Version: 12.1.0.30)
Citrix online plug-in (HDX) (Version: 12.1.0.30)
Citrix online plug-in (USB) (Version: 12.1.0.30)
Citrix online plug-in (Web) (Version: 12.1.0.30)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Backup and Recovery Manager (Version: 1.2.1)
Dell Edoc Viewer (Version: 1.0.0)
ESET Online Scanner v3
Fences
Fences (Version: 0.95)
Google Chrome (Version: 22.0.1229.94)
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
HiJackThis (Version: 1.0.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1995)
Intel® PROSet/Wireless Software for Bluetooth® Technology (Version: 1.1.0.0537)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 23 (Version: 6.0.230)
Juniper Networks Setup Client (Version: 2.1.2.5973)
Juniper Networks Setup Client Activex Control (Version: 2.1.1.1)
Juniper Terminal Services Client (Version: 6.5.0.14951)
Junk Mail filter update (Version: 15.4.3502.0922)
KODAK Share Button App (Version: 4.03.0000.0000)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nuance PaperPort 12 (Version: 12.1.0000)
Nuance PDF Viewer Plus (Version: 5.30.3290)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
PaperPort Image Printer (Version: 1.00.0001)
PowerDVD DX (Version: 8.3.6029)
QuickTime (Version: 7.69.80.9)
Realtek High Definition Audio Driver (Version: 6.0.1.5936)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE 10.3 (Version: 10.3)
Roxio Creator DE 10.3 (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.2)
Roxio Update Manager (Version: 6.0.0)
Scansoft PDF Professional
Spybot - Search & Destroy (Version: 1.6.2)
SUPERAntiSpyware Free Edition (Version: 4.35.0.1002)
TeamViewer 5 (Version: 5.0.8232 )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (Version: 01/29/2010 1.4.1.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile Device Center (Version: 6.1.6965.0)
Windows Mobile Device Center Driver Update (Version: 6.1.6965.0)
Yahoo! Install Manager
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 58%
Total physical RAM: 2012.8 MB
Available physical RAM: 829.4 MB
Total Pagefile: 4025.61 MB
Available Pagefile: 2414.93 MB
Total Virtual: 2047.88 MB
Available Virtual: 1931.65 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:134.32 GB) (Free:79.07 GB) NTFS
3 Drive f: (BACKUP) (Fixed) (Total:372.61 GB) (Free:102.01 GB) NTFS

========================= Users: ========================================

User accounts for \\SIRACUSA-PC

Administrator Guest siracusa

========================= Restore Points ==================================

07-10-2012 21:14:03 Removed Cisco Network Magic
07-10-2012 21:14:36 Removed Pure Networks Platform
09-10-2012 07:00:13 Windows Backup
10-10-2012 08:00:31 Windows Update
12-10-2012 00:57:30 Installed TinyWall
12-10-2012 00:59:40 Installed TinyWall
12-10-2012 23:25:01 Removed HiJackThis
12-10-2012 23:25:50 Installed HiJackThis
12-10-2012 23:27:53 Removed HiJackThis
12-10-2012 23:29:23 Installed HiJackThis
18-10-2012 21:00:51 Windows Backup
19-10-2012 01:00:50 Installed TinyWall

**** End of log ****

#13 StephenASiracusa

StephenASiracusa
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 18 October 2012 - 09:58 PM

Check my previous instructions :thumbup2:


uh-oh. Did I do something wrong?

#14 StephenASiracusa

StephenASiracusa
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 18 October 2012 - 10:00 PM

Farbar Log:



Farbar Service Scanner Version: 07-10-2012
Ran by siracusa (administrator) on 18-10-2012 at 21:59:33
Running from "C:\Users\siracusa\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.

bfe Service is not running. Checking service configuration:
The start type of bfe service is OK.
The ImagePath of bfe service is OK.
The ServiceDll of bfe service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys
[2012-09-12 04:00] - [2012-08-22 12:16] - 1292144 ____A (Microsoft Corporation) A5EBB8F648000E88B7D9390B514976BF

C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2012-10-09 20:23] - [2012-06-01 23:36] - 0140288 ____A (Microsoft Corporation) 96C0E38905CFD788313BE8E11DAE3F2F

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****

#15 StephenASiracusa

StephenASiracusa
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:05:21 AM

Posted 18 October 2012 - 10:08 PM

Update...

Malwarebytes still running (:12m into run so far)
Adware cannot run until all open programs are terminated - I'll wait for Malwarebytes to complete

...then I'll eventually run Junkware




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users