Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Mcaffee firewall not starting


  • Please log in to reply
7 replies to this topic

#1 davlupin

davlupin

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 05 February 2012 - 10:03 AM

I had a Windows security 2012 infection. used MBAM to remove it. Now McAffee cant start its firewall and gives me warnings.

Thanks
David

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 PM

Posted 05 February 2012 - 10:42 AM

Download

FSS

Checkmark

Internet Services
Windows Firewall
System Restore
Security Center
Windows Update

Click on "Scan".
Please copy and paste the log to your reply.

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 davlupin

davlupin
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 05 February 2012 - 04:30 PM

Thanks narenxp
I have 64 bit windiws 7 OS, so I didn't use GMER



Farbar Service Scanner Version: 05-02-2012
Ran by Dave (administrator) on 05-02-2012 at 16:33:47
Running from "C:\Users\Dave\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
===========

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****




16:34:51.0476 0380 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
16:34:51.0896 0380 ============================================================
16:34:51.0896 0380 Current date / time: 2012/02/05 16:34:51.0896
16:34:51.0896 0380 SystemInfo:
16:34:51.0896 0380
16:34:51.0896 0380 OS Version: 6.1.7601 ServicePack: 1.0
16:34:51.0896 0380 Product type: Workstation
16:34:51.0897 0380 ComputerName: DAVE-VAIO
16:34:51.0897 0380 UserName: Dave
16:34:51.0897 0380 Windows directory: C:\Windows
16:34:51.0897 0380 System windows directory: C:\Windows
16:34:51.0897 0380 Running under WOW64
16:34:51.0897 0380 Processor architecture: Intel x64
16:34:51.0897 0380 Number of processors: 4
16:34:51.0897 0380 Page size: 0x1000
16:34:51.0897 0380 Boot type: Normal boot
16:34:51.0897 0380 ============================================================
16:34:52.0752 0380 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:34:52.0762 0380 \Device\Harddisk0\DR0:
16:34:52.0763 0380 MBR used
16:34:52.0763 0380 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0xD75000, BlocksNum 0x32000
16:34:52.0763 0380 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xDA7000, BlocksNum 0x395DE830
16:34:52.0794 0380 Initialize success
16:34:52.0794 0380 ============================================================
16:35:23.0043 5620 ============================================================
16:35:23.0043 5620 Scan started
16:35:23.0043 5620 Mode: Manual; TDLFS;
16:35:23.0043 5620 ============================================================
16:35:23.0902 5620 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:35:23.0968 5620 1394ohci - ok
16:35:24.0044 5620 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:35:24.0142 5620 ACPI - ok
16:35:24.0193 5620 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:35:24.0249 5620 AcpiPmi - ok
16:35:24.0314 5620 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
16:35:24.0343 5620 adp94xx - ok
16:35:24.0385 5620 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
16:35:24.0404 5620 adpahci - ok
16:35:24.0443 5620 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
16:35:24.0455 5620 adpu320 - ok
16:35:24.0528 5620 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
16:35:24.0534 5620 AFD - ok
16:35:24.0572 5620 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:35:24.0580 5620 agp440 - ok
16:35:24.0638 5620 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:35:24.0646 5620 aliide - ok
16:35:24.0677 5620 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:35:24.0682 5620 amdide - ok
16:35:24.0720 5620 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
16:35:24.0728 5620 AmdK8 - ok
16:35:24.0911 5620 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
16:35:25.0188 5620 amdkmdag - ok
16:35:25.0256 5620 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
16:35:25.0301 5620 amdkmdap - ok
16:35:25.0343 5620 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
16:35:25.0349 5620 AmdPPM - ok
16:35:25.0399 5620 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:35:25.0445 5620 amdsata - ok
16:35:25.0486 5620 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
16:35:25.0500 5620 amdsbs - ok
16:35:25.0557 5620 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:35:25.0629 5620 amdxata - ok
16:35:25.0669 5620 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\DRIVERS\Apfiltr.sys
16:35:25.0748 5620 ApfiltrService - ok
16:35:25.0787 5620 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:35:25.0861 5620 AppID - ok
16:35:25.0917 5620 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
16:35:25.0929 5620 arc - ok
16:35:25.0945 5620 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
16:35:25.0957 5620 arcsas - ok
16:35:25.0971 5620 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:35:25.0979 5620 AsyncMac - ok
16:35:26.0020 5620 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:35:26.0024 5620 atapi - ok
16:35:26.0086 5620 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
16:35:26.0169 5620 athr - ok
16:35:26.0314 5620 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
16:35:26.0349 5620 atikmdag - ok
16:35:26.0398 5620 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
16:35:26.0413 5620 b06bdrv - ok
16:35:26.0435 5620 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:35:26.0445 5620 b57nd60a - ok
16:35:26.0478 5620 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:35:26.0484 5620 Beep - ok
16:35:26.0505 5620 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
16:35:26.0511 5620 blbdrive - ok
16:35:26.0558 5620 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:35:26.0623 5620 bowser - ok
16:35:26.0637 5620 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
16:35:26.0643 5620 BrFiltLo - ok
16:35:26.0657 5620 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
16:35:26.0665 5620 BrFiltUp - ok
16:35:26.0690 5620 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:35:26.0703 5620 Brserid - ok
16:35:26.0718 5620 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:35:26.0724 5620 BrSerWdm - ok
16:35:26.0739 5620 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:35:26.0744 5620 BrUsbMdm - ok
16:35:26.0758 5620 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:35:26.0763 5620 BrUsbSer - ok
16:35:26.0805 5620 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
16:35:26.0811 5620 BthEnum - ok
16:35:26.0827 5620 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
16:35:26.0832 5620 BTHMODEM - ok
16:35:26.0860 5620 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
16:35:26.0866 5620 BthPan - ok
16:35:26.0919 5620 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
16:35:26.0979 5620 BTHPORT - ok
16:35:27.0041 5620 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
16:35:27.0096 5620 BTHUSB - ok
16:35:27.0123 5620 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
16:35:27.0179 5620 btusbflt - ok
16:35:27.0214 5620 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
16:35:27.0267 5620 btwaudio - ok
16:35:27.0296 5620 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
16:35:27.0344 5620 btwavdt - ok
16:35:27.0367 5620 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
16:35:27.0411 5620 btwl2cap - ok
16:35:27.0434 5620 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
16:35:27.0479 5620 btwrchid - ok
16:35:27.0503 5620 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:35:27.0510 5620 cdfs - ok
16:35:27.0559 5620 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
16:35:27.0602 5620 cdrom - ok
16:35:27.0669 5620 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys
16:35:27.0723 5620 cfwids - ok
16:35:27.0746 5620 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
16:35:27.0751 5620 circlass - ok
16:35:27.0787 5620 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:35:27.0802 5620 CLFS - ok
16:35:27.0835 5620 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
16:35:27.0843 5620 CmBatt - ok
16:35:27.0875 5620 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:35:27.0881 5620 cmdide - ok
16:35:27.0939 5620 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:35:27.0991 5620 CNG - ok
16:35:28.0025 5620 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
16:35:28.0031 5620 Compbatt - ok
16:35:28.0053 5620 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:35:28.0099 5620 CompositeBus - ok
16:35:28.0123 5620 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
16:35:28.0127 5620 crcdisk - ok
16:35:28.0189 5620 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
16:35:28.0267 5620 CSC - ok
16:35:28.0324 5620 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:35:28.0367 5620 DfsC - ok
16:35:28.0387 5620 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:35:28.0393 5620 discache - ok
16:35:28.0422 5620 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
16:35:28.0429 5620 Disk - ok
16:35:28.0460 5620 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:35:28.0467 5620 drmkaud - ok
16:35:28.0528 5620 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:35:28.0595 5620 dtsoftbus01 - ok
16:35:28.0656 5620 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:35:28.0746 5620 DXGKrnl - ok
16:35:28.0823 5620 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
16:35:28.0918 5620 ebdrv - ok
16:35:28.0961 5620 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
16:35:28.0985 5620 elxstor - ok
16:35:29.0026 5620 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:35:29.0031 5620 ErrDev - ok
16:35:29.0072 5620 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:35:29.0082 5620 exfat - ok
16:35:29.0107 5620 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:35:29.0117 5620 fastfat - ok
16:35:29.0136 5620 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
16:35:29.0143 5620 fdc - ok
16:35:29.0180 5620 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:35:29.0184 5620 FileInfo - ok
16:35:29.0210 5620 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:35:29.0214 5620 Filetrace - ok
16:35:29.0232 5620 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
16:35:29.0239 5620 flpydisk - ok
16:35:29.0290 5620 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:35:29.0334 5620 FltMgr - ok
16:35:29.0359 5620 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:35:29.0365 5620 FsDepends - ok
16:35:29.0403 5620 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
16:35:29.0472 5620 fssfltr - ok
16:35:29.0511 5620 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
16:35:29.0515 5620 Fs_Rec - ok
16:35:29.0564 5620 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:35:29.0627 5620 fvevol - ok
16:35:29.0655 5620 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
16:35:29.0662 5620 gagp30kx - ok
16:35:29.0693 5620 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:35:29.0770 5620 GEARAspiWDM - ok
16:35:29.0837 5620 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:35:29.0845 5620 hcw85cir - ok
16:35:29.0902 5620 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:35:29.0979 5620 HdAudAddService - ok
16:35:30.0017 5620 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:35:30.0086 5620 HDAudBus - ok
16:35:30.0128 5620 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
16:35:30.0195 5620 HECIx64 - ok
16:35:30.0234 5620 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
16:35:30.0239 5620 HidBatt - ok
16:35:30.0255 5620 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
16:35:30.0260 5620 HidBth - ok
16:35:30.0279 5620 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
16:35:30.0285 5620 HidIr - ok
16:35:30.0336 5620 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
16:35:30.0388 5620 HidUsb - ok
16:35:30.0434 5620 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:35:30.0495 5620 HpSAMD - ok
16:35:30.0551 5620 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:35:30.0636 5620 HTTP - ok
16:35:30.0687 5620 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:35:30.0721 5620 hwpolicy - ok
16:35:30.0771 5620 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:35:30.0778 5620 i8042prt - ok
16:35:30.0814 5620 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
16:35:30.0817 5620 iaStor - ok
16:35:30.0875 5620 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:35:30.0944 5620 iaStorV - ok
16:35:31.0096 5620 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:35:31.0329 5620 igfx - ok
16:35:31.0365 5620 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
16:35:31.0373 5620 iirsp - ok
16:35:31.0403 5620 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys
16:35:31.0448 5620 Impcd - ok
16:35:31.0518 5620 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
16:35:31.0679 5620 IntcAzAudAddService - ok
16:35:31.0717 5620 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
16:35:31.0778 5620 IntcDAud - ok
16:35:31.0815 5620 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:35:31.0818 5620 intelide - ok
16:35:31.0852 5620 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:35:31.0860 5620 intelppm - ok
16:35:31.0905 5620 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:35:31.0974 5620 IpFilterDriver - ok
16:35:32.0012 5620 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:35:32.0055 5620 IPMIDRV - ok
16:35:32.0086 5620 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:35:32.0094 5620 IPNAT - ok
16:35:32.0121 5620 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:35:32.0126 5620 IRENUM - ok
16:35:32.0171 5620 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:35:32.0178 5620 isapnp - ok
16:35:32.0220 5620 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:35:32.0286 5620 iScsiPrt - ok
16:35:32.0318 5620 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:35:32.0326 5620 kbdclass - ok
16:35:32.0345 5620 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:35:32.0392 5620 kbdhid - ok
16:35:32.0438 5620 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:35:32.0489 5620 KSecDD - ok
16:35:32.0529 5620 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:35:32.0582 5620 KSecPkg - ok
16:35:32.0611 5620 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:35:32.0617 5620 ksthunk - ok
16:35:32.0652 5620 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:35:32.0658 5620 lltdio - ok
16:35:32.0698 5620 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
16:35:32.0704 5620 LSI_FC - ok
16:35:32.0722 5620 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
16:35:32.0727 5620 LSI_SAS - ok
16:35:32.0751 5620 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
16:35:32.0756 5620 LSI_SAS2 - ok
16:35:32.0775 5620 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
16:35:32.0781 5620 LSI_SCSI - ok
16:35:32.0806 5620 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:35:32.0807 5620 luafv - ok
16:35:32.0863 5620 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
16:35:32.0870 5620 megasas - ok
16:35:32.0902 5620 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
16:35:32.0914 5620 MegaSR - ok
16:35:32.0979 5620 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys
16:35:33.0049 5620 mfeapfk - ok
16:35:33.0111 5620 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys
16:35:33.0188 5620 mfeavfk - ok
16:35:33.0202 5620 mfeavfk01 - ok
16:35:33.0240 5620 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys
16:35:33.0296 5620 mfefirek - ok
16:35:33.0336 5620 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys
16:35:33.0406 5620 mfehidk - ok
16:35:33.0432 5620 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys
16:35:33.0476 5620 mfenlfk - ok
16:35:33.0500 5620 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys
16:35:33.0546 5620 mferkdet - ok
16:35:33.0598 5620 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys
16:35:33.0673 5620 mfewfpk - ok
16:35:33.0712 5620 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:35:33.0717 5620 Modem - ok
16:35:33.0739 5620 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:35:33.0746 5620 monitor - ok
16:35:33.0798 5620 MotioninJoyXFilter (16f9f464da6e02a020bce626c56a1797) C:\Windows\system32\DRIVERS\MijXfilt.sys
16:35:33.0852 5620 MotioninJoyXFilter - ok
16:35:33.0905 5620 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
16:35:33.0912 5620 mouclass - ok
16:35:33.0965 5620 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:35:33.0986 5620 mouhid - ok
16:35:34.0043 5620 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:35:34.0123 5620 mountmgr - ok
16:35:34.0166 5620 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:35:34.0241 5620 mpio - ok
16:35:34.0271 5620 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:35:34.0272 5620 mpsdrv - ok
16:35:34.0316 5620 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:35:34.0386 5620 MRxDAV - ok
16:35:34.0436 5620 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:35:34.0487 5620 mrxsmb - ok
16:35:34.0539 5620 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:35:34.0609 5620 mrxsmb10 - ok
16:35:34.0631 5620 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:35:34.0692 5620 mrxsmb20 - ok
16:35:34.0720 5620 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:35:34.0788 5620 msahci - ok
16:35:34.0812 5620 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:35:34.0882 5620 msdsm - ok
16:35:34.0907 5620 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:35:34.0913 5620 Msfs - ok
16:35:34.0937 5620 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:35:34.0946 5620 mshidkmdf - ok
16:35:34.0972 5620 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:35:34.0977 5620 msisadrv - ok
16:35:35.0006 5620 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:35:35.0013 5620 MSKSSRV - ok
16:35:35.0028 5620 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:35:35.0035 5620 MSPCLOCK - ok
16:35:35.0058 5620 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:35:35.0062 5620 MSPQM - ok
16:35:35.0118 5620 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:35:35.0168 5620 MsRPC - ok
16:35:35.0193 5620 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:35:35.0205 5620 mssmbios - ok
16:35:35.0238 5620 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:35:35.0243 5620 MSTEE - ok
16:35:35.0260 5620 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
16:35:35.0265 5620 MTConfig - ok
16:35:35.0286 5620 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:35:35.0292 5620 Mup - ok
16:35:35.0336 5620 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:35:35.0349 5620 NativeWifiP - ok
16:35:35.0415 5620 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:35:35.0440 5620 NDIS - ok
16:35:35.0472 5620 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:35:35.0482 5620 NdisCap - ok
16:35:35.0511 5620 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:35:35.0518 5620 NdisTapi - ok
16:35:35.0570 5620 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:35:35.0620 5620 Ndisuio - ok
16:35:35.0671 5620 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:35:35.0731 5620 NdisWan - ok
16:35:35.0778 5620 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:35:35.0856 5620 NDProxy - ok
16:35:35.0878 5620 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:35:35.0885 5620 NetBIOS - ok
16:35:35.0913 5620 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:35:35.0960 5620 NetBT - ok
16:35:35.0994 5620 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
16:35:36.0001 5620 nfrd960 - ok
16:35:36.0027 5620 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:35:36.0031 5620 Npfs - ok
16:35:36.0055 5620 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:35:36.0056 5620 nsiproxy - ok
16:35:36.0137 5620 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:35:36.0282 5620 Ntfs - ok
16:35:36.0304 5620 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:35:36.0311 5620 Null - ok
16:35:36.0349 5620 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:35:36.0404 5620 nvraid - ok
16:35:36.0447 5620 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:35:36.0497 5620 nvstor - ok
16:35:36.0537 5620 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:35:36.0546 5620 nv_agp - ok
16:35:36.0584 5620 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:35:36.0595 5620 ohci1394 - ok
16:35:36.0653 5620 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
16:35:36.0661 5620 Parport - ok
16:35:36.0721 5620 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
16:35:36.0784 5620 partmgr - ok
16:35:36.0819 5620 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:35:36.0821 5620 pci - ok
16:35:36.0847 5620 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:35:36.0853 5620 pciide - ok
16:35:36.0887 5620 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
16:35:36.0895 5620 pcmcia - ok
16:35:36.0922 5620 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:35:36.0927 5620 pcw - ok
16:35:36.0960 5620 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:35:36.0986 5620 PEAUTH - ok
16:35:37.0070 5620 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:35:37.0128 5620 PptpMiniport - ok
16:35:37.0154 5620 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
16:35:37.0160 5620 Processor - ok
16:35:37.0223 5620 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:35:37.0226 5620 Psched - ok
16:35:37.0276 5620 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
16:35:37.0333 5620 PxHlpa64 - ok
16:35:37.0393 5620 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
16:35:37.0444 5620 ql2300 - ok
16:35:37.0472 5620 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
16:35:37.0478 5620 ql40xx - ok
16:35:37.0507 5620 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:35:37.0516 5620 QWAVEdrv - ok
16:35:37.0633 5620 RapportCerberus_34302 (5e0459ed0a8f540d2f7b6e52da12c9d4) C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\34302\RapportCerberus64_34302.sys
16:35:37.0680 5620 RapportCerberus_34302 - ok
16:35:37.0782 5620 RapportEI64 (345caf7431b5e8d889e7f6fd15efae60) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
16:35:37.0833 5620 RapportEI64 - ok
16:35:37.0873 5620 RapportKE64 (639e619348bb5184dcfa37b9ca6597c7) C:\Windows\system32\Drivers\RapportKE64.sys
16:35:37.0942 5620 RapportKE64 - ok
16:35:37.0987 5620 RapportPG64 (9bc1c7c30198d36f84a58018ce21fbda) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
16:35:38.0056 5620 RapportPG64 - ok
16:35:38.0092 5620 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:35:38.0097 5620 RasAcd - ok
16:35:38.0133 5620 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:35:38.0138 5620 RasAgileVpn - ok
16:35:38.0206 5620 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:35:38.0286 5620 Rasl2tp - ok
16:35:38.0327 5620 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:35:38.0338 5620 RasPppoe - ok
16:35:38.0363 5620 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:35:38.0369 5620 RasSstp - ok
16:35:38.0427 5620 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:35:38.0496 5620 rdbss - ok
16:35:38.0526 5620 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:35:38.0535 5620 rdpbus - ok
16:35:38.0568 5620 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:35:38.0573 5620 RDPCDD - ok
16:35:38.0637 5620 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
16:35:38.0685 5620 RDPDR - ok
16:35:38.0709 5620 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:35:38.0713 5620 RDPENCDD - ok
16:35:38.0738 5620 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:35:38.0742 5620 RDPREFMP - ok
16:35:38.0788 5620 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
16:35:38.0852 5620 RDPWD - ok
16:35:38.0897 5620 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:35:38.0951 5620 rdyboost - ok
16:35:39.0011 5620 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
16:35:39.0058 5620 regi - ok
16:35:39.0102 5620 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
16:35:39.0112 5620 RFCOMM - ok
16:35:39.0151 5620 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
16:35:39.0210 5620 rimspci - ok
16:35:39.0240 5620 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
16:35:39.0298 5620 risdsnpe - ok
16:35:39.0346 5620 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:35:39.0351 5620 rspndr - ok
16:35:39.0386 5620 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys
16:35:39.0439 5620 RTHDMIAzAudService - ok
16:35:39.0486 5620 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
16:35:39.0536 5620 s3cap - ok
16:35:39.0572 5620 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:35:39.0631 5620 sbp2port - ok
16:35:39.0688 5620 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:35:39.0774 5620 scfilter - ok
16:35:39.0833 5620 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
16:35:39.0877 5620 sdbus - ok
16:35:39.0905 5620 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:35:39.0909 5620 secdrv - ok
16:35:39.0949 5620 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
16:35:39.0955 5620 Serenum - ok
16:35:39.0977 5620 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
16:35:39.0982 5620 Serial - ok
16:35:40.0026 5620 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
16:35:40.0031 5620 sermouse - ok
16:35:40.0082 5620 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
16:35:40.0137 5620 SFEP - ok
16:35:40.0163 5620 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:35:40.0169 5620 sffdisk - ok
16:35:40.0193 5620 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:35:40.0198 5620 sffp_mmc - ok
16:35:40.0229 5620 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:35:40.0272 5620 sffp_sd - ok
16:35:40.0300 5620 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
16:35:40.0305 5620 sfloppy - ok
16:35:40.0384 5620 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
16:35:40.0390 5620 SiSRaid2 - ok
16:35:40.0410 5620 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
16:35:40.0416 5620 SiSRaid4 - ok
16:35:40.0444 5620 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:35:40.0454 5620 Smb - ok
16:35:40.0521 5620 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:35:40.0526 5620 spldr - ok
16:35:40.0596 5620 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:35:40.0678 5620 srv - ok
16:35:40.0709 5620 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:35:40.0759 5620 srv2 - ok
16:35:40.0784 5620 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:35:40.0829 5620 srvnet - ok
16:35:40.0859 5620 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
16:35:40.0864 5620 stexstor - ok
16:35:40.0896 5620 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
16:35:40.0941 5620 storflt - ok
16:35:40.0981 5620 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
16:35:41.0027 5620 storvsc - ok
16:35:41.0066 5620 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:35:41.0071 5620 swenum - ok
16:35:41.0180 5620 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
16:35:41.0236 5620 Tcpip - ok
16:35:41.0289 5620 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
16:35:41.0336 5620 TCPIP6 - ok
16:35:41.0395 5620 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:35:41.0461 5620 tcpipreg - ok
16:35:41.0492 5620 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:35:41.0499 5620 TDPIPE - ok
16:35:41.0518 5620 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
16:35:41.0522 5620 TDTCP - ok
16:35:41.0583 5620 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:35:41.0585 5620 tdx - ok
16:35:41.0624 5620 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:35:41.0660 5620 TermDD - ok
16:35:41.0733 5620 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:35:41.0784 5620 tssecsrv - ok
16:35:41.0814 5620 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:35:41.0878 5620 TsUsbFlt - ok
16:35:41.0933 5620 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:35:41.0983 5620 tunnel - ok
16:35:42.0019 5620 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW64.SYS
16:35:42.0068 5620 TVICHW64 - ok
16:35:42.0094 5620 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
16:35:42.0101 5620 uagp35 - ok
16:35:42.0158 5620 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:35:42.0218 5620 udfs - ok
16:35:42.0255 5620 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:35:42.0260 5620 uliagpkx - ok
16:35:42.0287 5620 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:35:42.0338 5620 umbus - ok
16:35:42.0366 5620 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
16:35:42.0370 5620 UmPass - ok
16:35:42.0434 5620 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:35:42.0503 5620 usbccgp - ok
16:35:42.0552 5620 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:35:42.0560 5620 usbcir - ok
16:35:42.0631 5620 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
16:35:42.0704 5620 usbehci - ok
16:35:42.0735 5620 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:35:42.0795 5620 usbhub - ok
16:35:42.0849 5620 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
16:35:42.0920 5620 usbohci - ok
16:35:42.0969 5620 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:35:42.0974 5620 usbprint - ok
16:35:43.0022 5620 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:35:43.0026 5620 usbscan - ok
16:35:43.0074 5620 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
16:35:43.0144 5620 USBSTOR - ok
16:35:43.0191 5620 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:35:43.0254 5620 usbuhci - ok
16:35:43.0308 5620 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:35:43.0368 5620 usbvideo - ok
16:35:43.0437 5620 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:35:43.0445 5620 vdrvroot - ok
16:35:43.0474 5620 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:35:43.0478 5620 vga - ok
16:35:43.0505 5620 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:35:43.0511 5620 VgaSave - ok
16:35:43.0566 5620 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:35:43.0632 5620 vhdmp - ok
16:35:43.0673 5620 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:35:43.0678 5620 viaide - ok
16:35:43.0720 5620 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
16:35:43.0772 5620 vmbus - ok
16:35:43.0803 5620 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
16:35:43.0855 5620 VMBusHID - ok
16:35:43.0886 5620 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:35:43.0932 5620 volmgr - ok
16:35:43.0987 5620 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:35:44.0063 5620 volmgrx - ok
16:35:44.0093 5620 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:35:44.0145 5620 volsnap - ok
16:35:44.0174 5620 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
16:35:44.0183 5620 vsmraid - ok
16:35:44.0223 5620 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:35:44.0228 5620 vwifibus - ok
16:35:44.0254 5620 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:35:44.0261 5620 vwififlt - ok
16:35:44.0286 5620 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:35:44.0293 5620 vwifimp - ok
16:35:44.0328 5620 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
16:35:44.0336 5620 WacomPen - ok
16:35:44.0368 5620 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:35:44.0412 5620 WANARP - ok
16:35:44.0420 5620 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:35:44.0422 5620 Wanarpv6 - ok
16:35:44.0492 5620 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
16:35:44.0497 5620 Wd - ok
16:35:44.0530 5620 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:35:44.0562 5620 Wdf01000 - ok
16:35:44.0646 5620 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:35:44.0658 5620 WfpLwf - ok
16:35:44.0693 5620 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:35:44.0699 5620 WIMMount - ok
16:35:44.0786 5620 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:35:44.0791 5620 WmiAcpi - ok
16:35:44.0841 5620 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:35:44.0846 5620 ws2ifsl - ok
16:35:44.0912 5620 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:35:44.0954 5620 WudfPf - ok
16:35:44.0981 5620 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:35:45.0026 5620 WUDFRd - ok
16:35:45.0090 5620 xusb21 (9176c0822faa649e45121875be32f5d2) C:\Windows\system32\DRIVERS\xusb21.sys
16:35:45.0134 5620 xusb21 - ok
16:35:45.0177 5620 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
16:35:45.0227 5620 yukonw7 - ok
16:35:45.0261 5620 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:35:45.0522 5620 \Device\Harddisk0\DR0 - ok
16:35:45.0528 5620 Boot (0x1200) (fcc0b75d910726c11c8db6b1e7c00da1) \Device\Harddisk0\DR0\Partition0
16:35:45.0530 5620 \Device\Harddisk0\DR0\Partition0 - ok
16:35:45.0573 5620 Boot (0x1200) (07c1f7827ad55550cdf95b844b817ff6) \Device\Harddisk0\DR0\Partition1
16:35:45.0577 5620 \Device\Harddisk0\DR0\Partition1 - ok
16:35:45.0578 5620 ============================================================
16:35:45.0578 5620 Scan finished
16:35:45.0578 5620 ============================================================
16:35:45.0588 7060 Detected object count: 0
16:35:45.0588 7060 Actual detected object count: 0
16:36:01.0881 4980 Deinitialize success






aswMBR version 0.9.9.1532 Copyright© 2011 AVAST Software
Run date: 2012-02-05 17:32:57
-----------------------------
17:32:57.832 OS Version: Windows x64 6.1.7601 Service Pack 1
17:32:57.832 Number of processors: 4 586 0x2502
17:32:57.832 ComputerName: DAVE-VAIO UserName: Dave
17:32:59.693 Initialize success
17:33:04.425 AVAST engine defs: 12020502
17:47:07.885 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:47:07.901 Disk 0 Vendor: ST950042 0001 Size: 476940MB BusType: 3
17:47:07.901 Disk 1 \Device\Harddisk1\DR1 -> \Device\0000007b
17:47:07.901 Disk 1 Vendor: RICOH 02 Size: 476940MB BusType: 0
17:47:07.901 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000007c
17:47:07.901 Disk 2 Vendor: RICOH 02 Size: 476940MB BusType: 0
17:47:07.932 Disk 0 MBR read successfully
17:47:07.948 Disk 0 MBR scan
17:47:07.948 Disk 0 Windows 7 default MBR code
17:47:07.963 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 6889 MB offset 2048
17:47:07.995 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 14110720
17:47:08.026 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 469949 MB offset 14315520
17:47:08.041 Service scanning
17:47:10.647 Modules scanning
17:47:10.959 Disk 0 trace - called modules:
17:47:10.974 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
17:47:10.990 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80063da790]
17:47:10.990 3 CLASSPNP.SYS[fffff88001da943f] -> nt!IofCallDriver -> [0xfffffa800433b6e0]
17:47:10.990 5 ACPI.sys[fffff88000f807a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800433e050]
17:47:13.111 AVAST engine scan C:\Windows
17:47:44.530 AVAST engine scan C:\Windows\system32
17:51:47.456 AVAST engine scan C:\Windows\system32\drivers
17:52:05.848 AVAST engine scan C:\Users\Dave
18:43:22.794 AVAST engine scan C:\ProgramData
20:13:27.100 Scan finished successfully
21:27:36.206 Disk 0 MBR has been saved successfully to "C:\Users\Dave\Desktop\MBR.dat"
21:27:36.221 The log file has been saved successfully to "C:\Users\Dave\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 PM

Posted 05 February 2012 - 07:02 PM

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

#5 davlupin

davlupin
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 07 February 2012 - 05:47 AM

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=05b2ff4c820ec849b7ab0dcf844944af
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-02-06 07:41:37
# local_time=2012-02-06 07:41:37 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5121 16777213 100 75 181335 29029673 0 0
# compatibility_mode=5893 16776574 66 94 1892624 81010479 0 0
# compatibility_mode=8192 67108863 100 0 3712 3712 0 0
# scanned=421889
# found=2
# cleaned=2
# scan_time=11868
C:\ProgramData\Rosetta Stone\Content\data\80\a\80a7ffd98927dcdd835a3799ac8b3a8609d410e8 SWF/Exploit.CVE-2007-0071 trojan (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\Dave\Downloads\cnet_DTLite4413-0173_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok





MiniToolBox by Farbar Version: 18-01-2012
Ran by Dave (administrator) on 06-02-2012 at 20:41:12
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Dave-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Peer-Peer
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 7E-DD-08-C5-76-9C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller
Physical Address. . . . . . . . . : 54-42-49-17-11-40
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 78-DD-08-C5-76-9C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b092:792f:f5b0:9024%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.7(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 06 February 2012 16:08:34
Lease Expires . . . . . . . . . . : 06 February 2012 21:36:57
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 184559198
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-8C-9E-F1-54-42-49-17-11-40
DNS Servers . . . . . . . . . . . : 194.168.4.100
194.168.8.100
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{624E21EC-E4C7-44FB-9C0C-56C28B6745EF}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{5DB63988-98C6-4312-8B36-AA4B2FAA958F}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{D61CA8A8-A9C5-4B05-8B5C-1FF6CD0702CA}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #7
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Reusable ISATAP Interface {0534C460-44E0-47DE-A729-2FB18B02A5A0}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #8
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: google.com
Addresses: 209.85.229.104
209.85.229.103
209.85.229.147
209.85.229.99
209.85.229.105


Pinging google.com [209.85.229.147] with 32 bytes of data:
Reply from 209.85.229.147: bytes=32 time=30ms TTL=52
Reply from 209.85.229.147: bytes=32 time=35ms TTL=52

Ping statistics for 209.85.229.147:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 35ms, Average = 32ms
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: yahoo.com
Addresses: 209.191.122.70
72.30.2.43
98.137.149.56
98.139.180.149


Pinging yahoo.com [72.30.2.43] with 32 bytes of data:
Reply from 72.30.2.43: bytes=32 time=169ms TTL=54
Reply from 72.30.2.43: bytes=32 time=175ms TTL=54

Ping statistics for 72.30.2.43:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 169ms, Maximum = 175ms, Average = 172ms
Server: cache1.service.virginmedia.net
Address: 194.168.4.100

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
14...7e dd 08 c5 76 9c ......Microsoft Virtual WiFi Miniport Adapter
11...54 42 49 17 11 40 ......Marvell Yukon 88E8059 PCI-E Gigabit Ethernet Controller
10...78 dd 08 c5 76 9c ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #7
23...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.7 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.7 281
192.168.0.7 255.255.255.255 On-link 192.168.0.7 281
192.168.0.255 255.255.255.255 On-link 192.168.0.7 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.7 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.7 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 281 fe80::/64 On-link
10 281 fe80::b092:792f:f5b0:9024/128
On-link
1 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/06/2012 08:38:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2012 08:38:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2012 08:38:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2012 08:14:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2012 08:09:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (02/06/2012 04:21:53 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2012 04:21:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/06/2012 04:21:37 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/05/2012 08:29:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (02/05/2012 07:00:04 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location H:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).


System errors:
=============
Error: (02/06/2012 04:10:57 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (02/06/2012 04:10:57 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (02/06/2012 04:09:03 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (02/06/2012 04:08:31 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (02/06/2012 04:08:28 PM) (Source: Service Control Manager) (User: )
Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

Error: (02/06/2012 04:08:27 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

Error: (02/06/2012 04:08:27 PM) (Source: Service Control Manager) (User: )
Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

Error: (02/06/2012 04:08:25 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (02/05/2012 09:25:29 PM) (Source: iaStor) (User: )
Description: The device, \Device\Ide\iaStor0, did not respond within the timeout period.

Error: (02/05/2012 02:57:55 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.


Microsoft Office Sessions:
=========================
Error: (02/06/2012 08:38:57 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dave\Desktop\esetsmartinstaller_enu.exe

Error: (02/06/2012 08:38:52 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dave\Desktop\esetsmartinstaller_enu.exe

Error: (02/06/2012 08:38:52 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dave\Desktop\esetsmartinstaller_enu.exe

Error: (02/06/2012 08:14:58 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/06/2012 08:09:00 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (02/06/2012 04:21:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dave\Desktop\esetsmartinstaller_enu.exe

Error: (02/06/2012 04:21:47 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dave\Desktop\esetsmartinstaller_enu.exe

Error: (02/06/2012 04:21:37 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dave\Desktop\esetsmartinstaller_enu.exe

Error: (02/05/2012 08:29:21 PM) (Source: SideBySide)(User: )
Description: C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exeC:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe2

Error: (02/05/2012 07:00:04 PM) (Source: Windows Backup)(User: )
Description: H:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)


=========================== Installed Programs ============================

7-Zip 9.20
Adobe AIR (Version: 2.7.1.19610)
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.55)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.55)
Adobe Reader X (10.1.2) (Version: 10.1.2)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
Alps Pointing-device for VAIO
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
ArcSoft WebCam Companion 3 (Version: 3.0.21.278)
ATI Catalyst Install Manager (Version: 3.0.769.0)
Bing Bar (Version: 7.0.609.0)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full Existing (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full New (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Light (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Common (Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0920.2143.37117)
Catalyst Control Center InstallProxy (Version: 2010.0113.2257.41150)
Catalyst Control Center InstallProxy (Version: 2010.0920.2143.37117)
Catalyst Control Center Localization All (Version: 2010.0920.2143.37117)
ccc-core-static (Version: 2010.0920.2143.37117)
ccc-utility64 (Version: 2010.0920.2143.37117)
CCC Help Chinese Standard (Version: 2010.0920.2142.37117)
CCC Help Chinese Traditional (Version: 2010.0920.2142.37117)
CCC Help Czech (Version: 2010.0920.2142.37117)
CCC Help Danish (Version: 2010.0920.2142.37117)
CCC Help Dutch (Version: 2010.0920.2142.37117)
CCC Help English (Version: 2010.0920.2142.37117)
CCC Help Finnish (Version: 2010.0920.2142.37117)
CCC Help French (Version: 2010.0920.2142.37117)
CCC Help German (Version: 2010.0920.2142.37117)
CCC Help Greek (Version: 2010.0920.2142.37117)
CCC Help Hungarian (Version: 2010.0920.2142.37117)
CCC Help Italian (Version: 2010.0920.2142.37117)
CCC Help Japanese (Version: 2010.0920.2142.37117)
CCC Help Korean (Version: 2010.0920.2142.37117)
CCC Help Norwegian (Version: 2010.0920.2142.37117)
CCC Help Polish (Version: 2010.0920.2142.37117)
CCC Help Portuguese (Version: 2010.0920.2142.37117)
CCC Help Russian (Version: 2010.0920.2142.37117)
CCC Help Spanish (Version: 2010.0920.2142.37117)
CCC Help Swedish (Version: 2010.0920.2142.37117)
CCC Help Thai (Version: 2010.0920.2142.37117)
CCC Help Turkish (Version: 2010.0920.2142.37117)
Corel WinDVD (Version: 10.0.5.804)
Creative Media Lite
Creative Software Update (Version: 1.01.02)
Creative ZEN Stone Plus User's Guide
Creative ZEN Stone User's Guide
D3DX10 (Version: 15.4.2368.0902)
DAEMON Tools Lite (Version: 4.45.1.0236)
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DivX Setup (Version: 2.6.1.5)
EasyBits GO
EPSON Copy Utility 3 (Version: 3.0.2.0)
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
EPSON Web-To-Page
ESET Online Scanner v3
ESPRX420 Software Guide
ffdshow v1.1.3771 [2011-03-07] (Version: 1.1.3771.0)
FIFA 11 Demo (Version: 1.0.0.0)
Google Chrome (Version: 16.0.912.77)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.2.2427.2330)
Google Update Helper (Version: 1.3.21.99)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.5.4.1001)
Intel® Turbo Boost Technology Driver (Version: 01.00.01.1002)
Internet TV for Windows Media Center (Version: 4.2.2.0)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 16 (64-bit) (Version: 6.0.160)
Java™ 6 Update 22 (Version: 6.0.220)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
KeyBlaze Typing Tutor
Korean Fonts Support For Adobe Reader 9 (Version: 9.0.0)
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
McAfee Internet Security (Version: 11.0.654)
McAfee Security Scan Plus (Version: 2.0.181.2)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MiPony 1.6.0 (Version: 1.6.0)
MotoGP URT 3 Demo
Mozilla Firefox 10.0 (x86 en-GB) (Version: 10.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Online Backup (Version: 1.2.20.0)
Norton Security Scan (Version: 3.6.0.31)
Quick Web Access (Version: 1.4.7.0)
QuickTime (Version: 7.71.80.42)
Rapport (Version: 3.5.1108.70)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.5992)
Realtek High Definition Audio Driver (Version: 6.0.1.5992)
RealUpgrade 1.1 (Version: 1.1.0)
Remote Keyboard with PlayStation 3 (Version: 1.0.2.06170)
Remote Play with PlayStation 3 (Version: 1.1.0.12240)
Rosetta Stone Ltd Services (Version: 2.2.1.1)
Rosetta Stone Version 3 (Version: 3.4.5.0)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy Media Creator 10 LJ (Version: 10.3)
Roxio Easy Media Creator Home (Version: 10.3.183)
ScanToWeb
Setting Utility Series (Version: 5.1.0.11200)
Skype Click to Call (Version: 5.6.8442)
Skype™ 5.5 (Version: 5.5.124)
SopCast 3.2.4 (Version: 3.2.4)
Spotify (Version: 0.4.7)
Spotify (Version: 0.8.1.76.g4773b858)
TomTom HOME 2.8.2.2264 (Version: 2.8.2.2264)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
VAIO - Remote Play with PlayStation®3 (Version: 1.1.0.12240)
VAIO Care (Version: 6.4.2.11150)
VAIO Control Center (Version: 4.1.1.03100)
VAIO Data Restore Tool (Version: 1.2.0.09150)
VAIO Event Service (Version: 5.1.0.12010)
VAIO Gate (Version: 2.4.1.09230)
VAIO Gate Default (Version: 1.0.0.10290)
VAIO Hardware Diagnostics (Version: 3.9.1)
VAIO Marketing Tools
VAIO Power Management (Version: 5.0.0.11300)
VAIO Premium Partners (Version: 1.0)
VAIO screensaver (Version: 1.0.0.0)
VAIO Smart Network (Version: 3.3.1.08110)
VAIO Transfer Support (Version: 1.1.2.06030)
VAIO Update (Version: 5.5.3.10280)
VAIO Update Merge Module x64 (Version: 5.5.19220)
VAIO Update Merge Module x64 (Version: 5.6.10270)
VAIO Wallpaper Contents (Version: 2.0.0.06010)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.1.11 (Version: 1.1.11)
WIDCOMM Bluetooth Software (Version: 6.2.1.500)
Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) (Version: 09/09/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.00 (64-bit) (Version: 4.00.0)
Zipeg (Version: 2.9.3.1278)

========================= Memory info: ===================================

Percentage of memory in use: 37%
Total physical RAM: 3950.07 MB
Available physical RAM: 2449.4 MB
Total Pagefile: 7898.33 MB
Available Pagefile: 5504.15 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.29 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:458.93 GB) (Free:208.78 GB) NTFS

========================= Users: ========================================

User accounts for \\DAVE-VAIO

Administrator Dave Guest


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 PM

Posted 07 February 2012 - 08:11 AM

Lets fix firewall and other issues


To be on safer side before running registry fixes i would suggest you to

Download

http://www.snapfiles.com/get/erunt.html

Install it and backup your registry to C:/Windows/erdnt

Now Download the registry files

http://www.mediafire.com/?317ea53a883288d

http://www.mediafire.com/?z6aw8j7997qa7j9

http://www.mediafire.com/?3g2d9ijwwe5aa75

Download three files

Launch them one by one,click YES when you get a prompt


Launch and import them to registry

If it opens as a notepad,right click on them

Click on OPEN WITH

Click on BROWSE

navigate to C:/WINDOWS and select REGEDIT and click ok

Now you should get a UAC prompt,click YES

Restart your PC

Now,open RUN and type

regedit and click ok

go to

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE

Right click on it-permissions

Click on ADD and type

Everyone and click ok

Now Click on Everyone

Below you have permission for users

Select full control and click ok


Now,open RUN and type

services.msc and click ok

start base filtering engine service and then windows firewall service

Post the new FSS log and check your firewall

Good luck

#7 davlupin

davlupin
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:07:51 PM

Posted 07 February 2012 - 08:53 AM

It looksl like the firewall is staying on now.

thank you very much.

Farbar Service Scanner Version: 05-02-2012
Ran by Dave (administrator) on 07-02-2012 at 13:43:47
Running from "C:\Users\Dave\Desktop"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:51 PM

Posted 07 February 2012 - 09:07 AM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Uninstall your java update from add or remove programs and download latest from here

http://www.java.com/en/


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users