Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Threats found by MSE


  • Please log in to reply
7 replies to this topic

#1 niav

niav

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 20 February 2012 - 11:02 AM

Hello MSE has found three Severe threats on my machine. They are:

Exploit:Java/CVE-2010-0842.AL
Trojan:Java/Agent.A
Exploit:Java/CVE-2010-0840.MA

All three files were located in the Temp folder in AppData. MSE sucessfully removed the three threats however I am concerned that there may be further infections on my machine and I would be grateful if somebody could instruct me how to check thoroughly. Thanks in advance.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:14 PM

Posted 20 February 2012 - 11:04 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Remove infections and Post the clean log


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

#3 niav

niav
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 20 February 2012 - 03:17 PM

Thanks for the quick reply. Here are the requested files.

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Remove infections and Post the clean log


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.20.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mark :: MARK-HP [administrator]

20/02/2012 16:07:07
mbam-log-2012-02-20 (16-07-07).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 400372
Time elapsed: 1 hour(s), 37 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\William Hill CASINO CLUB (PUP.Casino) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Paddy Power Poker (PUP.Casino) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SportsInterAction Poker (PUP.Casino) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Casino\William Hill CASINO CLUB\_SetupCasino_ae92c1_en.exe (PUP.Casino) -> Quarantined and deleted successfully.
C:\Poker\Paddy Power Poker\_SetupPoker_3d9ff5.exe (PUP.Casino) -> Quarantined and deleted successfully.
C:\Poker\SportsInterAction Poker\_SetupPoker_6d2994.exe (PUP.Casino) -> Quarantined and deleted successfully.

(end)



Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)


17:49:51.0701 2648 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14
17:49:53.0739 2648 ============================================================
17:49:53.0739 2648 Current date / time: 2012/02/20 17:49:53.0739
17:49:53.0739 2648 SystemInfo:
17:49:53.0739 2648
17:49:53.0740 2648 OS Version: 6.1.7601 ServicePack: 1.0
17:49:53.0740 2648 Product type: Workstation
17:49:53.0740 2648 ComputerName: MARK-HP
17:49:53.0740 2648 UserName: Mark
17:49:53.0740 2648 Windows directory: C:\Windows
17:49:53.0740 2648 System windows directory: C:\Windows
17:49:53.0740 2648 Running under WOW64
17:49:53.0740 2648 Processor architecture: Intel x64
17:49:53.0740 2648 Number of processors: 1
17:49:53.0740 2648 Page size: 0x1000
17:49:53.0740 2648 Boot type: Normal boot
17:49:53.0740 2648 ============================================================
17:49:57.0782 2648 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:49:57.0786 2648 \Device\Harddisk0\DR0:
17:49:57.0787 2648 MBR used
17:49:57.0787 2648 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
17:49:57.0787 2648 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x1B26B000
17:49:57.0787 2648 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B2CF000, BlocksNum 0x1EC2800
17:49:57.0787 2648 \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x1D191800, BlocksNum 0x33970
17:49:57.0918 2648 Initialize success
17:49:57.0918 2648 ============================================================
17:50:31.0910 0868 ============================================================
17:50:31.0910 0868 Scan started
17:50:31.0910 0868 Mode: Manual; TDLFS;
17:50:31.0910 0868 ============================================================
17:50:37.0152 0868 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:50:37.0199 0868 1394ohci - ok
17:50:37.0448 0868 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:50:37.0464 0868 ACPI - ok
17:50:37.0713 0868 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:50:37.0713 0868 AcpiPmi - ok
17:50:38.0103 0868 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:50:38.0150 0868 adp94xx - ok
17:50:38.0587 0868 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:50:38.0618 0868 adpahci - ok
17:50:39.0039 0868 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:50:39.0055 0868 adpu320 - ok
17:50:39.0523 0868 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:50:39.0570 0868 AFD - ok
17:50:39.0882 0868 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:50:39.0882 0868 agp440 - ok
17:50:40.0381 0868 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:50:40.0381 0868 aliide - ok
17:50:40.0880 0868 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:50:40.0896 0868 amdide - ok
17:50:41.0114 0868 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:50:41.0130 0868 AmdK8 - ok
17:50:41.0598 0868 amdkmdag (2c9c4824664c61351ff1e0169262d026) C:\Windows\system32\DRIVERS\atikmdag.sys
17:50:41.0832 0868 amdkmdag - ok
17:50:42.0019 0868 amdkmdap (ef7382689d3b17ac2983202e7a40ab45) C:\Windows\system32\DRIVERS\atikmpag.sys
17:50:42.0035 0868 amdkmdap - ok
17:50:42.0284 0868 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:50:42.0284 0868 AmdPPM - ok
17:50:42.0456 0868 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\DRIVERS\amdsata.sys
17:50:42.0456 0868 amdsata - ok
17:50:42.0861 0868 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:50:42.0877 0868 amdsbs - ok
17:50:43.0251 0868 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\DRIVERS\amdxata.sys
17:50:43.0251 0868 amdxata - ok
17:50:43.0563 0868 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:50:43.0579 0868 AppID - ok
17:50:43.0844 0868 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:50:43.0844 0868 arc - ok
17:50:43.0985 0868 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:50:44.0000 0868 arcsas - ok
17:50:44.0297 0868 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:50:44.0312 0868 AsyncMac - ok
17:50:44.0499 0868 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:50:44.0499 0868 atapi - ok
17:50:44.0765 0868 AtiPcie (c07a040d6b5a42dd41ee386cf90974c8) C:\Windows\system32\DRIVERS\AtiPcie.sys
17:50:44.0765 0868 AtiPcie - ok
17:50:45.0186 0868 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:50:45.0248 0868 b06bdrv - ok
17:50:45.0482 0868 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:50:45.0482 0868 b57nd60a - ok
17:50:46.0091 0868 BCM43XX (0e7a9264576b40638a3fbc804de1ff76) C:\Windows\system32\DRIVERS\bcmwl664.sys
17:50:46.0122 0868 BCM43XX - ok
17:50:46.0449 0868 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:50:46.0465 0868 Beep - ok
17:50:46.0683 0868 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:50:46.0683 0868 blbdrive - ok
17:50:46.0886 0868 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:50:46.0902 0868 bowser - ok
17:50:47.0136 0868 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:50:47.0136 0868 BrFiltLo - ok
17:50:47.0339 0868 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:50:47.0354 0868 BrFiltUp - ok
17:50:47.0432 0868 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:50:47.0432 0868 Brserid - ok
17:50:47.0479 0868 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:50:47.0479 0868 BrSerWdm - ok
17:50:47.0557 0868 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:50:47.0557 0868 BrUsbMdm - ok
17:50:47.0619 0868 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:50:47.0619 0868 BrUsbSer - ok
17:50:47.0729 0868 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:50:47.0744 0868 BTHMODEM - ok
17:50:48.0072 0868 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:50:48.0072 0868 cdfs - ok
17:50:48.0306 0868 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
17:50:48.0306 0868 cdrom - ok
17:50:48.0462 0868 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:50:48.0477 0868 circlass - ok
17:50:48.0711 0868 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:50:48.0727 0868 CLFS - ok
17:50:48.0961 0868 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:50:48.0961 0868 CmBatt - ok
17:50:49.0070 0868 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:50:49.0070 0868 cmdide - ok
17:50:49.0257 0868 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:50:49.0273 0868 CNG - ok
17:50:49.0429 0868 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:50:49.0429 0868 Compbatt - ok
17:50:49.0694 0868 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:50:49.0694 0868 CompositeBus - ok
17:50:49.0991 0868 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:50:50.0006 0868 crcdisk - ok
17:50:50.0303 0868 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:50:50.0318 0868 DfsC - ok
17:50:50.0552 0868 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:50:50.0552 0868 discache - ok
17:50:50.0630 0868 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:50:50.0630 0868 Disk - ok
17:50:50.0833 0868 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:50:50.0833 0868 drmkaud - ok
17:50:50.0927 0868 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:50:50.0942 0868 DXGKrnl - ok
17:50:51.0161 0868 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:50:51.0254 0868 ebdrv - ok
17:50:51.0426 0868 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:50:51.0457 0868 elxstor - ok
17:50:51.0582 0868 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:50:51.0582 0868 ErrDev - ok
17:50:51.0769 0868 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:50:51.0785 0868 exfat - ok
17:50:51.0941 0868 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:50:51.0941 0868 fastfat - ok
17:50:52.0097 0868 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:50:52.0112 0868 fdc - ok
17:50:52.0299 0868 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:50:52.0299 0868 FileInfo - ok
17:50:52.0346 0868 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:50:52.0346 0868 Filetrace - ok
17:50:52.0440 0868 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:50:52.0440 0868 flpydisk - ok
17:50:52.0611 0868 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:50:52.0611 0868 FltMgr - ok
17:50:52.0861 0868 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:50:52.0861 0868 FsDepends - ok
17:50:52.0923 0868 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
17:50:52.0923 0868 Fs_Rec - ok
17:50:53.0033 0868 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:50:53.0048 0868 fvevol - ok
17:50:53.0126 0868 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:50:53.0126 0868 gagp30kx - ok
17:50:53.0329 0868 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:50:53.0329 0868 hcw85cir - ok
17:50:53.0407 0868 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
17:50:53.0423 0868 HdAudAddService - ok
17:50:53.0547 0868 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:50:53.0563 0868 HDAudBus - ok
17:50:53.0625 0868 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:50:53.0625 0868 HidBatt - ok
17:50:53.0688 0868 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:50:53.0703 0868 HidBth - ok
17:50:53.0828 0868 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:50:53.0828 0868 HidIr - ok
17:50:54.0000 0868 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
17:50:54.0000 0868 HidUsb - ok
17:50:54.0249 0868 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:50:54.0265 0868 HpSAMD - ok
17:50:54.0374 0868 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:50:54.0390 0868 HTTP - ok
17:50:54.0530 0868 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:50:54.0530 0868 hwpolicy - ok
17:50:54.0624 0868 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:50:54.0639 0868 i8042prt - ok
17:50:54.0733 0868 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:50:54.0749 0868 iaStorV - ok
17:50:55.0014 0868 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
17:50:55.0154 0868 igfx - ok
17:50:55.0170 0868 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:50:55.0170 0868 iirsp - ok
17:50:55.0295 0868 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys
17:50:55.0326 0868 IntcAzAudAddService - ok
17:50:55.0357 0868 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:50:55.0357 0868 intelide - ok
17:50:55.0482 0868 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:50:55.0497 0868 intelppm - ok
17:50:55.0575 0868 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:50:55.0575 0868 IpFilterDriver - ok
17:50:55.0653 0868 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:50:55.0669 0868 IPMIDRV - ok
17:50:55.0716 0868 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:50:55.0716 0868 IPNAT - ok
17:50:55.0872 0868 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:50:55.0872 0868 IRENUM - ok
17:50:55.0981 0868 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:50:55.0981 0868 isapnp - ok
17:50:56.0121 0868 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:50:56.0121 0868 iScsiPrt - ok
17:50:56.0277 0868 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:50:56.0293 0868 kbdclass - ok
17:50:56.0433 0868 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:50:56.0433 0868 kbdhid - ok
17:50:56.0511 0868 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:50:56.0527 0868 KSecDD - ok
17:50:56.0605 0868 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:50:56.0621 0868 KSecPkg - ok
17:50:56.0761 0868 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:50:56.0761 0868 ksthunk - ok
17:50:56.0995 0868 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:50:57.0011 0868 lltdio - ok
17:50:57.0120 0868 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:50:57.0120 0868 LSI_FC - ok
17:50:57.0198 0868 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:50:57.0213 0868 LSI_SAS - ok
17:50:57.0276 0868 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:50:57.0276 0868 LSI_SAS2 - ok
17:50:57.0338 0868 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:50:57.0338 0868 LSI_SCSI - ok
17:50:57.0447 0868 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:50:57.0447 0868 luafv - ok
17:50:57.0588 0868 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:50:57.0603 0868 megasas - ok
17:50:57.0681 0868 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:50:57.0697 0868 MegaSR - ok
17:50:57.0837 0868 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:50:57.0837 0868 Modem - ok
17:50:57.0978 0868 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:50:57.0978 0868 monitor - ok
17:50:58.0134 0868 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
17:50:58.0134 0868 mouclass - ok
17:50:58.0290 0868 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:50:58.0290 0868 mouhid - ok
17:50:58.0415 0868 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:50:58.0415 0868 mountmgr - ok
17:50:58.0602 0868 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
17:50:58.0602 0868 MpFilter - ok
17:50:58.0773 0868 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:50:58.0773 0868 mpio - ok
17:50:58.0929 0868 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
17:50:58.0929 0868 MpNWMon - ok
17:50:58.0961 0868 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:50:58.0976 0868 mpsdrv - ok
17:50:59.0023 0868 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:50:59.0039 0868 MRxDAV - ok
17:50:59.0070 0868 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:50:59.0085 0868 mrxsmb - ok
17:50:59.0132 0868 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:50:59.0132 0868 mrxsmb10 - ok
17:50:59.0179 0868 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:50:59.0179 0868 mrxsmb20 - ok
17:50:59.0226 0868 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:50:59.0226 0868 msahci - ok
17:50:59.0288 0868 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:50:59.0288 0868 msdsm - ok
17:50:59.0366 0868 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:50:59.0366 0868 Msfs - ok
17:50:59.0429 0868 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:50:59.0429 0868 mshidkmdf - ok
17:50:59.0491 0868 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:50:59.0491 0868 msisadrv - ok
17:50:59.0631 0868 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:50:59.0631 0868 MSKSSRV - ok
17:50:59.0803 0868 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:50:59.0803 0868 MSPCLOCK - ok
17:50:59.0959 0868 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:50:59.0959 0868 MSPQM - ok
17:51:00.0099 0868 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:51:00.0099 0868 MsRPC - ok
17:51:00.0240 0868 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:51:00.0240 0868 mssmbios - ok
17:51:00.0380 0868 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:51:00.0380 0868 MSTEE - ok
17:51:00.0489 0868 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:51:00.0505 0868 MTConfig - ok
17:51:00.0567 0868 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:51:00.0567 0868 Mup - ok
17:51:00.0739 0868 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:51:00.0755 0868 NativeWifiP - ok
17:51:00.0926 0868 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:51:00.0973 0868 NDIS - ok
17:51:01.0113 0868 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:51:01.0113 0868 NdisCap - ok
17:51:01.0269 0868 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:51:01.0269 0868 NdisTapi - ok
17:51:01.0425 0868 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:51:01.0425 0868 Ndisuio - ok
17:51:01.0566 0868 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:51:01.0566 0868 NdisWan - ok
17:51:01.0769 0868 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:51:01.0769 0868 NDProxy - ok
17:51:01.0909 0868 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:51:01.0925 0868 NetBIOS - ok
17:51:01.0987 0868 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:51:01.0987 0868 NetBT - ok
17:51:02.0299 0868 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
17:51:02.0455 0868 netw5v64 - ok
17:51:02.0517 0868 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:51:02.0517 0868 nfrd960 - ok
17:51:02.0627 0868 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:51:02.0642 0868 NisDrv - ok
17:51:02.0814 0868 nmwcd (985a3f046dfcd58e26d3a95283bb8f1d) C:\Windows\system32\drivers\ccdcmbx64.sys
17:51:02.0814 0868 nmwcd - ok
17:51:02.0954 0868 nmwcdc (5eb41a9656388dc21119ccc33f0ee22a) C:\Windows\system32\drivers\ccdcmbox64.sys
17:51:02.0954 0868 nmwcdc - ok
17:51:03.0032 0868 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:51:03.0048 0868 Npfs - ok
17:51:03.0095 0868 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:51:03.0095 0868 nsiproxy - ok
17:51:03.0235 0868 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:51:03.0282 0868 Ntfs - ok
17:51:03.0375 0868 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:51:03.0375 0868 Null - ok
17:51:03.0438 0868 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:51:03.0453 0868 nvraid - ok
17:51:03.0531 0868 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:51:03.0547 0868 nvstor - ok
17:51:03.0703 0868 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:51:03.0703 0868 nv_agp - ok
17:51:03.0828 0868 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:51:03.0828 0868 ohci1394 - ok
17:51:03.0984 0868 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:51:03.0999 0868 Parport - ok
17:51:04.0062 0868 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
17:51:04.0077 0868 partmgr - ok
17:51:04.0202 0868 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
17:51:04.0202 0868 pccsmcfd - ok
17:51:04.0265 0868 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:51:04.0265 0868 pci - ok
17:51:04.0327 0868 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:51:04.0343 0868 pciide - ok
17:51:04.0389 0868 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:51:04.0389 0868 pcmcia - ok
17:51:04.0421 0868 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:51:04.0436 0868 pcw - ok
17:51:04.0467 0868 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:51:04.0483 0868 PEAUTH - ok
17:51:04.0717 0868 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:51:04.0717 0868 PptpMiniport - ok
17:51:04.0826 0868 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:51:04.0826 0868 Processor - ok
17:51:04.0951 0868 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:51:04.0967 0868 Psched - ok
17:51:05.0107 0868 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
17:51:05.0138 0868 PSI - ok
17:51:05.0216 0868 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:51:05.0279 0868 ql2300 - ok
17:51:05.0357 0868 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:51:05.0357 0868 ql40xx - ok
17:51:05.0435 0868 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:51:05.0450 0868 QWAVEdrv - ok
17:51:05.0481 0868 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:51:05.0481 0868 RasAcd - ok
17:51:05.0575 0868 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:51:05.0575 0868 RasAgileVpn - ok
17:51:05.0653 0868 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:51:05.0684 0868 Rasl2tp - ok
17:51:05.0840 0868 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:51:05.0840 0868 RasPppoe - ok
17:51:05.0996 0868 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:51:05.0996 0868 RasSstp - ok
17:51:06.0137 0868 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:51:06.0137 0868 rdbss - ok
17:51:06.0261 0868 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:51:06.0261 0868 rdpbus - ok
17:51:06.0386 0868 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:51:06.0386 0868 RDPCDD - ok
17:51:06.0542 0868 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:51:06.0542 0868 RDPENCDD - ok
17:51:06.0651 0868 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:51:06.0667 0868 RDPREFMP - ok
17:51:06.0839 0868 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
17:51:06.0839 0868 RDPWD - ok
17:51:06.0995 0868 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:51:06.0995 0868 rdyboost - ok
17:51:07.0166 0868 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:51:07.0166 0868 rspndr - ok
17:51:07.0260 0868 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:51:07.0275 0868 RTL8167 - ok
17:51:07.0416 0868 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:51:07.0416 0868 sbp2port - ok
17:51:07.0494 0868 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:51:07.0494 0868 scfilter - ok
17:51:07.0619 0868 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
17:51:07.0619 0868 sdbus - ok
17:51:07.0712 0868 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:51:07.0712 0868 secdrv - ok
17:51:07.0884 0868 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:51:07.0884 0868 Serenum - ok
17:51:08.0009 0868 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:51:08.0009 0868 Serial - ok
17:51:08.0118 0868 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:51:08.0118 0868 sermouse - ok
17:51:08.0305 0868 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:51:08.0305 0868 sffdisk - ok
17:51:08.0352 0868 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:51:08.0367 0868 sffp_mmc - ok
17:51:08.0414 0868 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:51:08.0414 0868 sffp_sd - ok
17:51:08.0477 0868 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:51:08.0477 0868 sfloppy - ok
17:51:08.0586 0868 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
17:51:08.0601 0868 Sftfs - ok
17:51:08.0726 0868 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:51:08.0726 0868 Sftplay - ok
17:51:08.0789 0868 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:51:08.0789 0868 Sftredir - ok
17:51:08.0898 0868 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
17:51:08.0913 0868 Sftvol - ok
17:51:09.0054 0868 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:51:09.0054 0868 SiSRaid2 - ok
17:51:09.0101 0868 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:51:09.0101 0868 SiSRaid4 - ok
17:51:09.0288 0868 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:51:09.0288 0868 Smb - ok
17:51:09.0366 0868 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:51:09.0366 0868 spldr - ok
17:51:09.0475 0868 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:51:09.0491 0868 srv - ok
17:51:09.0553 0868 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:51:09.0553 0868 srv2 - ok
17:51:09.0678 0868 SrvHsfHDA (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
17:51:09.0678 0868 SrvHsfHDA - ok
17:51:09.0787 0868 SrvHsfV92 (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
17:51:09.0834 0868 SrvHsfV92 - ok
17:51:09.0881 0868 SrvHsfWinac (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
17:51:09.0912 0868 SrvHsfWinac - ok
17:51:10.0037 0868 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:51:10.0037 0868 srvnet - ok
17:51:10.0161 0868 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:51:10.0161 0868 stexstor - ok
17:51:10.0286 0868 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:51:10.0286 0868 swenum - ok
17:51:10.0489 0868 SynTP (868dfb220a18312a12cef01ba9ac069b) C:\Windows\system32\DRIVERS\SynTP.sys
17:51:10.0505 0868 SynTP - ok
17:51:10.0614 0868 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
17:51:10.0676 0868 Tcpip - ok
17:51:10.0910 0868 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
17:51:10.0926 0868 TCPIP6 - ok
17:51:10.0973 0868 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:51:10.0973 0868 tcpipreg - ok
17:51:11.0004 0868 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:51:11.0004 0868 TDPIPE - ok
17:51:11.0035 0868 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
17:51:11.0035 0868 TDTCP - ok
17:51:11.0113 0868 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:51:11.0113 0868 tdx - ok
17:51:11.0207 0868 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:51:11.0207 0868 TermDD - ok
17:51:11.0394 0868 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:51:11.0394 0868 tssecsrv - ok
17:51:11.0534 0868 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:51:11.0534 0868 TsUsbFlt - ok
17:51:11.0706 0868 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:51:11.0706 0868 tunnel - ok
17:51:11.0815 0868 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:51:11.0831 0868 uagp35 - ok
17:51:11.0909 0868 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:51:11.0909 0868 udfs - ok
17:51:12.0127 0868 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:51:12.0127 0868 uliagpkx - ok
17:51:12.0205 0868 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
17:51:12.0221 0868 umbus - ok
17:51:12.0377 0868 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:51:12.0377 0868 UmPass - ok
17:51:12.0470 0868 upperdev (afa3a0937b7044a8322d8bc91722c53b) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
17:51:12.0470 0868 upperdev - ok
17:51:12.0517 0868 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:51:12.0533 0868 usbccgp - ok
17:51:12.0595 0868 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:51:12.0595 0868 usbcir - ok
17:51:12.0658 0868 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:51:12.0673 0868 usbehci - ok
17:51:12.0751 0868 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
17:51:12.0751 0868 usbfilter - ok
17:51:12.0907 0868 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:51:12.0923 0868 usbhub - ok
17:51:13.0032 0868 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:51:13.0048 0868 usbohci - ok
17:51:13.0126 0868 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:51:13.0126 0868 usbprint - ok
17:51:13.0297 0868 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
17:51:13.0297 0868 usbser - ok
17:51:13.0344 0868 UsbserFilt (b826f3ff5a1975cc9096b4caadde77b6) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
17:51:13.0360 0868 UsbserFilt - ok
17:51:13.0406 0868 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:51:13.0422 0868 USBSTOR - ok
17:51:13.0453 0868 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
17:51:13.0453 0868 usbuhci - ok
17:51:13.0562 0868 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
17:51:13.0578 0868 usbvideo - ok
17:51:13.0718 0868 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:51:13.0718 0868 vdrvroot - ok
17:51:13.0874 0868 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:51:13.0874 0868 vga - ok
17:51:13.0984 0868 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:51:13.0999 0868 VgaSave - ok
17:51:14.0108 0868 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:51:14.0108 0868 vhdmp - ok
17:51:14.0249 0868 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:51:14.0249 0868 viaide - ok
17:51:14.0374 0868 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:51:14.0374 0868 volmgr - ok
17:51:14.0514 0868 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:51:14.0514 0868 volmgrx - ok
17:51:14.0639 0868 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:51:14.0654 0868 volsnap - ok
17:51:14.0826 0868 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:51:14.0842 0868 vsmraid - ok
17:51:14.0888 0868 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
17:51:14.0888 0868 vwifibus - ok
17:51:14.0951 0868 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
17:51:14.0951 0868 vwififlt - ok
17:51:14.0998 0868 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:51:14.0998 0868 WacomPen - ok
17:51:15.0091 0868 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:51:15.0107 0868 WANARP - ok
17:51:15.0138 0868 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:51:15.0138 0868 Wanarpv6 - ok
17:51:15.0372 0868 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:51:15.0372 0868 Wd - ok
17:51:15.0434 0868 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:51:15.0450 0868 Wdf01000 - ok
17:51:15.0622 0868 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:51:15.0622 0868 WfpLwf - ok
17:51:15.0684 0868 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:51:15.0700 0868 WIMMount - ok
17:51:15.0918 0868 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:51:15.0918 0868 WinUsb - ok
17:51:16.0043 0868 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:51:16.0043 0868 WmiAcpi - ok
17:51:16.0121 0868 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:51:16.0121 0868 ws2ifsl - ok
17:51:16.0230 0868 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:51:16.0230 0868 WudfPf - ok
17:51:16.0277 0868 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:51:16.0292 0868 WUDFRd - ok
17:51:16.0433 0868 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
17:51:16.0448 0868 yukonw7 - ok
17:51:16.0526 0868 MBR (0x1B8) (995318e754ecb2a3a557f3fd6b004271) \Device\Harddisk0\DR0
17:51:16.0651 0868 \Device\Harddisk0\DR0 - ok
17:51:16.0698 0868 Boot (0x1200) (aa2a617a928aea8af3eae9fbecb0cc09) \Device\Harddisk0\DR0\Partition0
17:51:16.0714 0868 \Device\Harddisk0\DR0\Partition0 - ok
17:51:16.0760 0868 Boot (0x1200) (e585c191998ab7f6196b90a2b913281d) \Device\Harddisk0\DR0\Partition1
17:51:16.0760 0868 \Device\Harddisk0\DR0\Partition1 - ok
17:51:16.0807 0868 Boot (0x1200) (4e2e255d6c1acd5dcc2e807cb4a3b2da) \Device\Harddisk0\DR0\Partition2
17:51:16.0807 0868 \Device\Harddisk0\DR0\Partition2 - ok
17:51:16.0838 0868 Boot (0x1200) (22c100b2f3a91e61fd98937b128079ed) \Device\Harddisk0\DR0\Partition3
17:51:16.0838 0868 \Device\Harddisk0\DR0\Partition3 - ok
17:51:16.0838 0868 ============================================================
17:51:16.0838 0868 Scan finished
17:51:16.0838 0868 ============================================================
17:51:16.0870 2992 Detected object count: 0
17:51:16.0870 2992 Actual detected object count: 0
17:52:09.0361 2652 Deinitialize success

Please download GMER from here(doesnot work on 64 bit OS)

http://www2.gmer.net/download.php

Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.

GMER will open to the Rootkit/Malware tab and perform an automatic Full Scan when first run. (do not use the computer while the scan is in progress)

If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
Now click the Scan button. If you see a rootkit warning window, click OK.
When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
Click the Copy button and paste the results into your next reply.


Apologies, I should have mentioned in my original post that the machine is running Windows 7 Home Premium 64-bit so I could not use GMER.

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here


aswMBR version 0.9.9.1618 Copyright© 2011 AVAST Software
Run date: 2012-02-20 18:36:42
-----------------------------
18:36:42.240 OS Version: Windows x64 6.1.7601 Service Pack 1
18:36:42.240 Number of processors: 1 586 0x603
18:36:42.241 ComputerName: MARK-HP UserName: Mark
18:36:43.400 Initialize success
18:36:51.926 AVAST engine defs: 12022001
18:36:55.555 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000058
18:36:55.557 Disk 0 Vendor: ST925031 0005 Size: 238475MB BusType: 11
18:36:55.613 Disk 0 MBR read successfully
18:36:55.615 Disk 0 MBR scan
18:36:55.619 Disk 0 unknown MBR code
18:36:55.661 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
18:36:55.724 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 222422 MB offset 409600
18:36:55.780 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15749 MB offset 455929856
18:36:55.824 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 103 MB offset 488183808
18:36:55.925 Service scanning
18:37:37.069 Modules scanning
18:37:37.089 Disk 0 trace - called modules:
18:37:37.167 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
18:37:37.524 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8002572790]
18:37:37.537 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa800252c040]
18:37:37.550 5 amdxata.sys[fffff880011447a8] -> nt!IofCallDriver -> \Device\00000058[0xfffffa8002522060]
18:37:38.524 AVAST engine scan C:\Windows
18:37:55.062 AVAST engine scan C:\Windows\system32
18:44:14.755 AVAST engine scan C:\Windows\system32\drivers
18:44:36.314 AVAST engine scan C:\Users\Mark
19:36:08.568 AVAST engine scan C:\ProgramData
19:42:29.552 Scan finished successfully
20:08:42.674 Disk 0 MBR has been saved successfully to "C:\Users\Mark\Desktop\MBR.dat"
20:08:42.799 The log file has been saved successfully to "C:\Users\Mark\Desktop\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:14 PM

Posted 20 February 2012 - 03:20 PM

Run malwarebytes once again and make sure you get a CLEAN log

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

#5 niav

niav
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 20 February 2012 - 07:01 PM

Run malwarebytes once again and make sure you get a CLEAN log


Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.20.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mark :: MARK-HP [administrator]

20/02/2012 20:23:21
mbam-log-2012-02-20 (20-23-21).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 400520
Time elapsed: 1 hour(s), 31 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply


The ESET tool found nothing. See image.

http://s16.postimage.org/o17miem39/ESET.jpg

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.


MiniToolBox by Farbar Version: 18-01-2012
Ran by Mark (administrator) on 20-02-2012 at 23:44:05
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Broadcom 4313 802.11b/g/n = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Mark-HP
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom 4313 802.11b/g/n
Physical Address. . . . . . . . . : 00-26-82-8A-03-CC
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9501:e8f9:78fe:bfe8%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 20 February 2012 17:48:02
Lease Expires . . . . . . . . . . : 21 February 2012 17:48:02
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 318776962
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-20-EB-C5-60-EB-69-53-A4-58
DNS Servers . . . . . . . . . . . : 8.8.8.8
156.154.70.1
208.67.220.220
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 60-EB-69-53-A4-58
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{BAA087F0-3CB1-41D7-B670-6EEF17C3F842}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft 6to4 Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:4b5:1b21:3f57:fe99(Preferred)
Link-local IPv6 Address . . . . . : fe80::4b5:1b21:3f57:fe99%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: google-public-dns-a.google.com
Address: 8.8.8.8

DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 209.85.143.100
209.85.143.101


Pinging google.com [209.85.143.100] with 32 bytes of data:
Reply from 209.85.143.100: bytes=32 time=40ms TTL=57
Reply from 209.85.143.100: bytes=32 time=40ms TTL=57

Ping statistics for 209.85.143.100:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 40ms, Maximum = 40ms, Average = 40ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: yahoo.com
Addresses: 98.139.127.62
98.139.183.24
209.191.122.70


Pinging yahoo.com [98.139.127.62] with 32 bytes of data:
Reply from 98.139.127.62: bytes=32 time=216ms TTL=57
Reply from 98.139.127.62: bytes=32 time=210ms TTL=57

Ping statistics for 98.139.127.62:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 210ms, Maximum = 216ms, Average = 213ms
Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 26 82 8a 03 cc ......Broadcom 4313 802.11b/g/n
10...60 eb 69 53 a4 58 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
11...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.102 281
192.168.1.102 255.255.255.255 On-link 192.168.1.102 281
192.168.1.255 255.255.255.255 On-link 192.168.1.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:4b5:1b21:3f57:fe99/128
On-link
12 281 fe80::/64 On-link
13 306 fe80::/64 On-link
13 306 fe80::4b5:1b21:3f57:fe99/128
On-link
12 281 fe80::9501:e8f9:78fe:bfe8/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/20/2012 08:24:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/20/2012 08:24:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/20/2012 08:24:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/20/2012 08:23:50 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/20/2012 05:58:44 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/20/2012 05:52:50 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (02/20/2012 05:52:50 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (02/20/2012 03:28:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "imaging1".Error in manifest or policy file "imaging2" on line imaging3.
The element imaging appears as a child of element urn:schemas-microsoft-com:asm.v1^assembly which is not supported by this version of Windows.

Error: (02/20/2012 00:29:12 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (02/20/2012 00:24:43 PM) (Source: Microsoft-Windows-LoadPerf) (User: SYSTEM)SYSTEM
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (02/20/2012 05:48:40 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (02/20/2012 03:50:29 PM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{BAA087F0-3CB1-41D7-B670-6EEF17C3F842} because another computer on the network has the same name. The server could not start.

Error: (02/20/2012 03:43:17 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (02/20/2012 02:24:54 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (02/20/2012 00:18:59 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842

Error: (02/18/2012 00:08:29 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (02/18/2012 00:08:28 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service.

Error: (02/18/2012 10:46:49 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:43:02 on ?18/?02/?2012 was unexpected.

Error: (02/17/2012 08:42:54 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

Error: (02/17/2012 11:41:00 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

Feature: %%835

Error Code: 0x80004005

Error description: Unspecified error

Reason: %%842


Microsoft Office Sessions:
=========================
Error: (02/20/2012 08:24:58 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mark\Desktop\esetsmartinstaller_enu.exe

Error: (02/20/2012 08:24:50 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mark\Desktop\esetsmartinstaller_enu.exe

Error: (02/20/2012 08:24:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mark\Desktop\esetsmartinstaller_enu.exe

Error: (02/20/2012 08:23:50 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Mark\Desktop\esetsmartinstaller_enu.exe

Error: (02/20/2012 05:58:44 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/20/2012 05:52:50 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (02/20/2012 05:52:50 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: Performance1637070000000000000000000009030000

Error: (02/20/2012 03:28:09 PM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (02/20/2012 00:29:12 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (02/20/2012 00:24:43 PM) (Source: Microsoft-Windows-LoadPerf)(User: SYSTEM)SYSTEM
Description: WmiApRplWmiApRpl8F20300004D070000


=========================== Installed Programs ============================

24hPoker (Version: 41.0.18707)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.1.102.62)
Adobe Flash Player 11 Plugin 64-bit (Version: 11.1.102.62)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
Agatha Christie - Death on the Nile (Version: 2.2.0.95)
AMD USB Filter Driver (Version: 1.0.15.94)
ATI Catalyst Install Manager (Version: 3.0.765.0)
Bejeweled 2 Deluxe (Version: 2.2.0.95)
BetVictorPoker (Version: 45.0.23811-22585-203)
Blackhawk Striker 2 (Version: 2.2.0.95)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.350.6)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Full Existing (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Full New (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Light (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Previews Common (Version: 2010.0617.855.14122)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0617.855.14122)
Catalyst Control Center InstallProxy (Version: 2010.0617.855.14122)
Catalyst Control Center Localization All (Version: 2010.0617.855.14122)
ccc-core-static (Version: 2010.0617.855.14122)
ccc-utility64 (Version: 2010.0617.855.14122)
CCC Help Chinese Standard (Version: 2010.0617.0854.14122)
CCC Help Chinese Traditional (Version: 2010.0617.0854.14122)
CCC Help Czech (Version: 2010.0617.0854.14122)
CCC Help Danish (Version: 2010.0617.0854.14122)
CCC Help Dutch (Version: 2010.0617.0854.14122)
CCC Help English (Version: 2010.0617.0854.14122)
CCC Help Finnish (Version: 2010.0617.0854.14122)
CCC Help French (Version: 2010.0617.0854.14122)
CCC Help German (Version: 2010.0617.0854.14122)
CCC Help Greek (Version: 2010.0617.0854.14122)
CCC Help Hungarian (Version: 2010.0617.0854.14122)
CCC Help Italian (Version: 2010.0617.0854.14122)
CCC Help Japanese (Version: 2010.0617.0854.14122)
CCC Help Korean (Version: 2010.0617.0854.14122)
CCC Help Norwegian (Version: 2010.0617.0854.14122)
CCC Help Polish (Version: 2010.0617.0854.14122)
CCC Help Portuguese (Version: 2010.0617.0854.14122)
CCC Help Russian (Version: 2010.0617.0854.14122)
CCC Help Spanish (Version: 2010.0617.0854.14122)
CCC Help Swedish (Version: 2010.0617.0854.14122)
CCC Help Thai (Version: 2010.0617.0854.14122)
CCC Help Turkish (Version: 2010.0617.0854.14122)
Chuzzle Deluxe (Version: 2.2.0.95)
CyberLink DVD Suite (Version: 7.0.3003)
CyberLink PowerDVD 9 (Version: 9.0.1.4217)
CyberLink YouCam (Version: 3.0.2511)
D3DX10 (Version: 15.4.2368.0902)
dopewars-1.5.12
Dora's Carnival Adventure (Version: 2.2.0.95)
Energy Star Digital Logo (Version: 1.0.1)
Escape Rosecliff Island (Version: 2.2.0.95)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
FATE (Version: 2.2.0.95)
FileHippo.com Update Checker
Final Drive Nitro (Version: 2.2.0.95)
Foxit Reader 5.1 (Version: 5.1.4.104)
Google Chrome (Version: 17.0.963.56)
Google Earth (Version: 6.1.0.5001)
Google Talk Plugin (Version: 2.6.1.5251)
Google Update Helper (Version: 1.3.21.99)
Hewlett-Packard ACLM.NET v1.1.1.0 (Version: 1.00.0000)
Holdem Manager
HP Advisor (Version: 3.4.10262.3295)
HP Customer Experience Enhancements (Version: 6.0.1.4)
HP Documentation (Version: 1.1.1.0)
HP Game Console
HP Games (Version: 1.0.1.3)
HP Photo Creations (Version: 1.0.0.6972)
HP Power Manager (Version: 1.0.3)
HP Product Detection (Version: 10.7.9.0)
HP Quick Launch (Version: 2.3.6)
HP Setup (Version: 8.1.4186.3400)
HP Software Framework (Version: 4.0.108.1)
HP Support Assistant (Version: 6.0.5.4)
HP Wireless Assistant (Version: 4.0.9.0)
inSSIDer 2.0 (Version: 2.0.6)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 7 Update 3 (64-bit) (Version: 7.0.30)
Jewel Quest - Heritage (Version: 2.2.0.95)
KeePass Password Safe 1.21 (Version: 1.21)
LabelPrint (Version: 2.5.2907)
LightScribe System Software (Version: 1.18.20.1)
Magic Desktop
Malwarebytes Anti-Malware version 1.60.1.1000 (Version: 1.60.1.1000)
MediaInfo 0.7.41 (Version: 0.7.41)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.1.10111.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MKVtoolnix 4.5.0 (Version: 4.5.0)
Mozilla Firefox 10.0.2 (x86 en-GB) (Version: 10.0.2)
Mozilla Thunderbird 10.0.2 (x86 en-GB) (Version: 10.0.2)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (Version: 1.0.1.2)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nokia Connectivity Cable Driver (Version: 7.1.36.0)
Nokia Software Updater (Version: 02.06.006.44298)
OPoker.com
PC Connectivity Solution (Version: 10.50.2.0)
Penguins! (Version: 2.2.0.95)
PhotoNow! (Version: 1.1.6904)
Plants vs. Zombies (Version: 2.2.0.95)
Poker Superstars III (Version: 2.2.0.95)
Poker848
Pokerkings
Polar Bowler (Version: 2.2.0.95)
Polar Golfer (Version: 2.2.0.95)
Power2Go (Version: 6.1.4204)
PowerDirector (Version: 8.0.3003)
ProPokerTools Odds Oracle 1.25 (Version: 1.25)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.18.322.2010)
Realtek High Definition Audio Driver (Version: 6.0.1.6122)
Recovery Manager (Version: 5.5.3023)
Revo Uninstaller 1.91 (Version: 1.91)
RtVOsd (Version: 1.0.3)
SeaTools for Windows (Version: 1.2.0.5)
Secunia PSI (2.0.0.3001)
Skype™ 5.8 (Version: 5.8.154)
SopCast 3.3.2 (Version: 3.3.2)
Stellarium 0.10.6.1
Synaptics Pointing Device Driver (Version: 15.0.18.0)
UB
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Veetle TV (Version: 0.9.18)
Victory Poker
Virtual Villagers - The Secret City (Version: 2.2.0.95)
VLC media player 2.0.0 (Version: 2.0.0)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Zuma Deluxe (Version: 2.2.0.95)

========================= Memory info: ===================================

Percentage of memory in use: 65%
Total physical RAM: 1786.9 MB
Available physical RAM: 608.78 MB
Total Pagefile: 3573.8 MB
Available Pagefile: 1770.38 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.07 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:217.21 GB) (Free:164.56 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:15.38 GB) (Free:2.21 GB) NTFS

========================= Users: ========================================

User accounts for \\MARK-HP

Administrator Guest Mark


**** End of log ****

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Farbar Service Scanner Version: 14-02-2012
Ran by Mark (administrator) on 20-02-2012 at 23:45:50
Running from "C:\Users\Mark\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-15 08:09] - [2011-12-28 03:59] - 0498688 ____A (Microsoft Corporation) 1C7857B62DE5994A75B054A9FD4C3825

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:14 PM

Posted 20 February 2012 - 07:14 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#7 niav

niav
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:01:14 AM

Posted 20 February 2012 - 07:19 PM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)


Thank you very much for your help. It is much appreciated.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:14 PM

Posted 20 February 2012 - 07:21 PM

You're most welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users