Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by FBI Moneypak, please help!


  • This topic is locked This topic is locked
12 replies to this topic

#1 talaga

talaga

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:35 AM

Posted 07 July 2012 - 09:49 AM

Infected yesterday by Moneypak FBI virus, took over my screen and "locks" my computer. I am running Windows Vista and using free ZoneAlarm firewall. I used MBAM and Avast, neither detected it. (I don't know if this is related, but sometimes I have issues with my Java updates also.) I tried downloading and running TrendMicro Housecall and it found nothing also. Very frustrating since I tried Avast boot-time scan, finds nothing, then windows starts with the fake Moneypak FBI screen. :( Help please!

At best, I unplug my ethernet cable, and can restart my computer without the FBI screen, then replug the ethernet and can use the computer (but I know my computer is still infected).

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:35 AM

Posted 07 July 2012 - 12:09 PM

Boot the PC into safemode with networking

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

Edited by narenxp, 07 July 2012 - 12:10 PM.


#3 talaga

talaga
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:35 AM

Posted 07 July 2012 - 08:07 PM

Thanks for your response Narenxp! Before I got your reply, I updated my MBAM and it detected 0_0u_|.exe and quarantined it. I restarted my computer and the startup time was still slow, and when windows started it displayed an error box titled "RunDLL" that said 'Error loading c:\users\Dad\AppData\Local\Temp\0_0u|.exe. The specified module could not be found'. So, I think it was partially removed but my computer was still slower than normal. I followed the rest of your instructions and ESET found 4 infections and cleared them out. The three scan logs you requested are posted below... What should I do next? Thanks for your assistance!


edit: also, I restarted my computer and the same "RunDLL" error box opened to start.



from TDSSKiller...


11:07:21.0953 1452 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08
11:07:22.0452 1452 ============================================================
11:07:22.0452 1452 Current date / time: 2012/07/07 11:07:22.0452
11:07:22.0452 1452 SystemInfo:
11:07:22.0452 1452
11:07:22.0452 1452 OS Version: 6.0.6002 ServicePack: 2.0
11:07:22.0452 1452 Product type: Workstation
11:07:22.0452 1452 ComputerName: OURHOMECOMPUTER
11:07:22.0452 1452 UserName: Dad
11:07:22.0452 1452 Windows directory: C:\Windows
11:07:22.0452 1452 System windows directory: C:\Windows
11:07:22.0452 1452 Processor architecture: Intel x86
11:07:22.0452 1452 Number of processors: 2
11:07:22.0452 1452 Page size: 0x1000
11:07:22.0452 1452 Boot type: Safe boot with network
11:07:22.0452 1452 ============================================================
11:07:23.0201 1452 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:07:23.0217 1452 ============================================================
11:07:23.0217 1452 \Device\Harddisk0\DR0:
11:07:23.0217 1452 MBR partitions:
11:07:23.0217 1452 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x24283341
11:07:23.0217 1452 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x24283380, BlocksNum 0x11AA341
11:07:23.0217 1452 ============================================================
11:07:23.0232 1452 C: <-> \Device\Harddisk0\DR0\Partition0
11:07:23.0279 1452 D: <-> \Device\Harddisk0\DR0\Partition1
11:07:23.0279 1452 ============================================================
11:07:23.0279 1452 Initialize success
11:07:23.0279 1452 ============================================================
11:07:27.0085 0492 ============================================================
11:07:27.0085 0492 Scan started
11:07:27.0085 0492 Mode: Manual;
11:07:27.0085 0492 ============================================================
11:07:27.0803 0492 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:07:27.0819 0492 ACPI - ok
11:07:27.0881 0492 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
11:07:27.0897 0492 Adobe LM Service - ok
11:07:27.0990 0492 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:07:27.0990 0492 AdobeFlashPlayerUpdateSvc - ok
11:07:28.0084 0492 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
11:07:28.0084 0492 adp94xx - ok
11:07:28.0115 0492 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
11:07:28.0115 0492 adpahci - ok
11:07:28.0146 0492 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
11:07:28.0146 0492 adpu160m - ok
11:07:28.0177 0492 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
11:07:28.0177 0492 adpu320 - ok
11:07:28.0240 0492 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
11:07:28.0240 0492 AeLookupSvc - ok
11:07:28.0318 0492 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:07:28.0318 0492 AFD - ok
11:07:28.0380 0492 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
11:07:28.0380 0492 agp440 - ok
11:07:28.0411 0492 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:07:28.0411 0492 aic78xx - ok
11:07:28.0521 0492 AlertService (c86d177967d27c80e466d4ed95c26db9) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
11:07:28.0536 0492 AlertService - ok
11:07:28.0552 0492 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
11:07:28.0552 0492 ALG - ok
11:07:28.0567 0492 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
11:07:28.0583 0492 aliide - ok
11:07:28.0645 0492 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
11:07:28.0645 0492 amdagp - ok
11:07:28.0677 0492 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
11:07:28.0677 0492 amdide - ok
11:07:28.0723 0492 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
11:07:28.0723 0492 AmdK7 - ok
11:07:28.0755 0492 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
11:07:28.0770 0492 AmdK8 - ok
11:07:28.0833 0492 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
11:07:28.0833 0492 Appinfo - ok
11:07:28.0895 0492 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
11:07:28.0895 0492 arc - ok
11:07:29.0020 0492 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
11:07:29.0020 0492 arcsas - ok
11:07:29.0082 0492 aswFsBlk (1c1f3d6dddc046c920c493a779649f66) C:\Windows\system32\drivers\aswFsBlk.sys
11:07:29.0082 0492 aswFsBlk - ok
11:07:29.0129 0492 aswMonFlt (a48d8015af2a0d8b4937613ffbfd28de) C:\Windows\system32\drivers\aswMonFlt.sys
11:07:29.0129 0492 aswMonFlt - ok
11:07:29.0176 0492 aswRdr (982e275d1c5801042fe94209fb0160fb) C:\Windows\system32\drivers\aswRdr.sys
11:07:29.0176 0492 aswRdr - ok
11:07:29.0285 0492 aswSnx (73dbcf808e00580f2a47f93dd9b03876) C:\Windows\system32\drivers\aswSnx.sys
11:07:29.0285 0492 aswSnx - ok
11:07:29.0379 0492 aswSP (6cbd7d3a33f498d09c831cdd732da2e0) C:\Windows\system32\drivers\aswSP.sys
11:07:29.0394 0492 aswSP - ok
11:07:29.0410 0492 aswTdi (7109a9aa551f37cd168c02368465957e) C:\Windows\system32\drivers\aswTdi.sys
11:07:29.0410 0492 aswTdi - ok
11:07:29.0472 0492 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:07:29.0472 0492 AsyncMac - ok
11:07:29.0503 0492 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:07:29.0503 0492 atapi - ok
11:07:29.0566 0492 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:07:29.0581 0492 AudioEndpointBuilder - ok
11:07:29.0581 0492 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
11:07:29.0581 0492 Audiosrv - ok
11:07:29.0691 0492 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:07:29.0691 0492 avast! Antivirus - ok
11:07:29.0722 0492 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:07:29.0722 0492 Beep - ok
11:07:29.0784 0492 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
11:07:29.0800 0492 BFE - ok
11:07:29.0893 0492 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
11:07:30.0034 0492 BITS - ok
11:07:30.0034 0492 blbdrive - ok
11:07:30.0065 0492 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:07:30.0065 0492 bowser - ok
11:07:30.0127 0492 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:07:30.0127 0492 BrFiltLo - ok
11:07:30.0127 0492 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:07:30.0127 0492 BrFiltUp - ok
11:07:30.0159 0492 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
11:07:30.0159 0492 Browser - ok
11:07:30.0205 0492 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:07:30.0205 0492 Brserid - ok
11:07:30.0237 0492 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:07:30.0237 0492 BrSerWdm - ok
11:07:30.0252 0492 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:07:30.0252 0492 BrUsbMdm - ok
11:07:30.0252 0492 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:07:30.0268 0492 BrUsbSer - ok
11:07:30.0283 0492 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:07:30.0283 0492 BTHMODEM - ok
11:07:30.0346 0492 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:07:30.0361 0492 cdfs - ok
11:07:30.0424 0492 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:07:30.0424 0492 cdrom - ok
11:07:30.0486 0492 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:07:30.0486 0492 CertPropSvc - ok
11:07:30.0502 0492 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\DRIVERS\circlass.sys
11:07:30.0502 0492 circlass - ok
11:07:30.0533 0492 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:07:30.0549 0492 CLFS - ok
11:07:30.0595 0492 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:07:30.0611 0492 clr_optimization_v2.0.50727_32 - ok
11:07:30.0673 0492 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:07:30.0720 0492 clr_optimization_v4.0.30319_32 - ok
11:07:30.0736 0492 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
11:07:30.0736 0492 cmdide - ok
11:07:30.0767 0492 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
11:07:30.0767 0492 Compbatt - ok
11:07:30.0767 0492 COMSysApp - ok
11:07:30.0783 0492 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
11:07:30.0783 0492 crcdisk - ok
11:07:30.0798 0492 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
11:07:30.0798 0492 Crusoe - ok
11:07:30.0861 0492 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll
11:07:30.0861 0492 CryptSvc - ok
11:07:30.0923 0492 DCamUSBSQTECH (41a2586f3d54efbc1aa8d29748e26634) C:\Windows\system32\Drivers\SQcaptur.sys
11:07:30.0923 0492 DCamUSBSQTECH - ok
11:07:31.0001 0492 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:07:31.0001 0492 DcomLaunch - ok
11:07:31.0032 0492 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:07:31.0032 0492 DfsC - ok
11:07:31.0173 0492 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
11:07:31.0188 0492 DFSR - ok
11:07:31.0360 0492 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
11:07:31.0360 0492 Dhcp - ok
11:07:31.0453 0492 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:07:31.0453 0492 disk - ok
11:07:31.0516 0492 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
11:07:31.0516 0492 Dnscache - ok
11:07:31.0547 0492 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
11:07:31.0547 0492 dot3svc - ok
11:07:31.0609 0492 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
11:07:31.0609 0492 Dot4 - ok
11:07:31.0641 0492 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:07:31.0641 0492 Dot4Print - ok
11:07:31.0656 0492 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
11:07:31.0656 0492 dot4usb - ok
11:07:31.0719 0492 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
11:07:31.0734 0492 DPS - ok
11:07:31.0797 0492 DQLWinService (a0b584c33f55545d56f9e71fb4e203ac) C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
11:07:31.0797 0492 DQLWinService - ok
11:07:31.0843 0492 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:07:31.0843 0492 drmkaud - ok
11:07:31.0890 0492 DTSRVC - ok
11:07:31.0953 0492 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:07:31.0968 0492 DXGKrnl - ok
11:07:31.0999 0492 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys
11:07:31.0999 0492 E100B - ok
11:07:32.0062 0492 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:07:32.0062 0492 E1G60 - ok
11:07:32.0093 0492 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
11:07:32.0093 0492 EapHost - ok
11:07:32.0155 0492 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:07:32.0155 0492 Ecache - ok
11:07:32.0202 0492 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe
11:07:32.0202 0492 ehRecvr - ok
11:07:32.0249 0492 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe
11:07:32.0249 0492 ehSched - ok
11:07:32.0265 0492 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll
11:07:32.0265 0492 ehstart - ok
11:07:32.0311 0492 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
11:07:32.0327 0492 elxstor - ok
11:07:32.0374 0492 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
11:07:32.0389 0492 EMDMgmt - ok
11:07:32.0421 0492 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
11:07:32.0421 0492 EventSystem - ok
11:07:32.0467 0492 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:07:32.0467 0492 exfat - ok
11:07:32.0499 0492 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:07:32.0499 0492 fastfat - ok
11:07:32.0545 0492 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
11:07:32.0545 0492 fdc - ok
11:07:32.0577 0492 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
11:07:32.0577 0492 fdPHost - ok
11:07:32.0608 0492 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
11:07:32.0608 0492 FDResPub - ok
11:07:32.0670 0492 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:07:32.0670 0492 FileInfo - ok
11:07:32.0686 0492 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:07:32.0686 0492 Filetrace - ok
11:07:32.0733 0492 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
11:07:32.0733 0492 flpydisk - ok
11:07:32.0764 0492 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:07:32.0764 0492 FltMgr - ok
11:07:32.0889 0492 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
11:07:32.0889 0492 FontCache - ok
11:07:32.0935 0492 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:07:32.0935 0492 FontCache3.0.0.0 - ok
11:07:32.0967 0492 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
11:07:32.0967 0492 Fs_Rec - ok
11:07:32.0982 0492 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
11:07:32.0982 0492 gagp30kx - ok
11:07:33.0045 0492 ggflt (4b5fddbcb9407741f47818b8d1ee4a8e) C:\Windows\system32\DRIVERS\ggflt.sys
11:07:33.0045 0492 ggflt - ok
11:07:33.0060 0492 ggsemc (80bbcc9724b24a708ca9489c1e0a1e5f) C:\Windows\system32\DRIVERS\ggsemc.sys
11:07:33.0060 0492 ggsemc - ok
11:07:33.0138 0492 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
11:07:33.0154 0492 gpsvc - ok
11:07:33.0263 0492 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
11:07:33.0263 0492 gupdate - ok
11:07:33.0279 0492 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
11:07:33.0279 0492 gupdatem - ok
11:07:33.0341 0492 hcw18bda (06d43e140a1b20bea7307b91ece79a32) C:\Windows\system32\drivers\hcw18bda.sys
11:07:33.0341 0492 hcw18bda - ok
11:07:33.0419 0492 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:07:33.0419 0492 HdAudAddService - ok
11:07:33.0481 0492 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:07:33.0497 0492 HDAudBus - ok
11:07:33.0528 0492 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:07:33.0528 0492 HidBth - ok
11:07:33.0544 0492 HidIr (d8df3722d5e961baa1292aa2f12827e2) C:\Windows\system32\DRIVERS\hidir.sys
11:07:33.0544 0492 HidIr - ok
11:07:33.0575 0492 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
11:07:33.0575 0492 hidserv - ok
11:07:33.0575 0492 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:07:33.0575 0492 HidUsb - ok
11:07:33.0606 0492 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
11:07:33.0606 0492 hkmsvc - ok
11:07:33.0622 0492 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
11:07:33.0622 0492 HpCISSs - ok
11:07:33.0731 0492 hpqcxs08 (ce0fcec4d4d860f36d972759b11eaf0f) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
11:07:33.0731 0492 hpqcxs08 - ok
11:07:33.0762 0492 hpqddsvc (ee4c7a4cf2316701ffde90f404520265) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
11:07:33.0762 0492 hpqddsvc - ok
11:07:33.0856 0492 HSF_DP (88749fbf8beb18c90e7d6626c8c1910b) C:\Windows\system32\DRIVERS\HSX_DP.sys
11:07:33.0871 0492 HSF_DP - ok
11:07:33.0903 0492 HSXHWBS2 (fe440536bd98af772130dc3a6fe1915f) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
11:07:33.0903 0492 HSXHWBS2 - ok
11:07:33.0934 0492 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:07:33.0949 0492 HTTP - ok
11:07:33.0965 0492 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
11:07:33.0965 0492 i2omp - ok
11:07:34.0043 0492 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:07:34.0043 0492 i8042prt - ok
11:07:34.0137 0492 IAANTMON (11a220eb53f1d42b8af0ad1210b8241d) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
11:07:34.0152 0492 IAANTMON - ok
11:07:34.0215 0492 iaStor (25c3d5f66a74a7bddeca56085f040d2e) C:\Windows\system32\drivers\iastor.sys
11:07:34.0215 0492 iaStor - ok
11:07:34.0246 0492 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
11:07:34.0246 0492 iaStorV - ok
11:07:34.0293 0492 IDriverT (6f95324909b502e2651442c1548ab12f) c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
11:07:34.0308 0492 IDriverT - ok
11:07:34.0386 0492 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:07:34.0402 0492 idsvc - ok
11:07:34.0605 0492 igfx (62f534791ae488a475a3e508d92af4cc) C:\Windows\system32\DRIVERS\igdkmd32.sys
11:07:34.0620 0492 igfx - ok
11:07:34.0745 0492 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:07:34.0745 0492 iirsp - ok
11:07:34.0776 0492 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
11:07:34.0792 0492 IKEEXT - ok
11:07:34.0948 0492 IntcAzAudAddService (84ed2154239f9d013bbd3220755ada8b) C:\Windows\system32\drivers\RTKVHDA.sys
11:07:34.0979 0492 IntcAzAudAddService - ok
11:07:35.0057 0492 IntelDHSvcConf (ce5af42679dd85947d2d287594f22ce0) C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
11:07:35.0073 0492 IntelDHSvcConf - ok
11:07:35.0197 0492 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:07:35.0197 0492 intelide - ok
11:07:35.0244 0492 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:07:35.0244 0492 intelppm - ok
11:07:35.0275 0492 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
11:07:35.0275 0492 IPBusEnum - ok
11:07:35.0307 0492 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:07:35.0307 0492 IpFilterDriver - ok
11:07:35.0338 0492 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
11:07:35.0338 0492 iphlpsvc - ok
11:07:35.0353 0492 IpInIp - ok
11:07:35.0369 0492 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
11:07:35.0385 0492 IPMIDRV - ok
11:07:35.0400 0492 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:07:35.0400 0492 IPNAT - ok
11:07:35.0431 0492 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:07:35.0431 0492 IRENUM - ok
11:07:35.0431 0492 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
11:07:35.0431 0492 isapnp - ok
11:07:35.0494 0492 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:07:35.0509 0492 iScsiPrt - ok
11:07:35.0541 0492 ISSM (e29ba28f76c5a703e7f30f74cf36df22) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
11:07:35.0541 0492 ISSM - ok
11:07:35.0634 0492 ISWKL (2e41433579de4381f1b0f7b30b013ddc) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
11:07:35.0634 0492 ISWKL - ok
11:07:35.0665 0492 IswSvc (98c9d75cdae131b5d06a69bdccf3287f) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
11:07:35.0681 0492 IswSvc - ok
11:07:35.0697 0492 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:07:35.0697 0492 iteatapi - ok
11:07:35.0743 0492 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:07:35.0743 0492 iteraid - ok
11:07:35.0775 0492 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:07:35.0775 0492 kbdclass - ok
11:07:35.0790 0492 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
11:07:35.0790 0492 kbdhid - ok
11:07:35.0806 0492 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:07:35.0821 0492 KeyIso - ok
11:07:35.0853 0492 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
11:07:35.0853 0492 KSecDD - ok
11:07:35.0915 0492 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
11:07:35.0931 0492 KtmRm - ok
11:07:35.0993 0492 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
11:07:36.0009 0492 LanmanServer - ok
11:07:36.0071 0492 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
11:07:36.0071 0492 LanmanWorkstation - ok
11:07:36.0165 0492 LightScribeService (793ff718477345cd5d232c50bed1e452) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
11:07:36.0180 0492 LightScribeService - ok
11:07:36.0227 0492 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:07:36.0227 0492 lltdio - ok
11:07:36.0258 0492 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
11:07:36.0258 0492 lltdsvc - ok
11:07:36.0289 0492 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
11:07:36.0289 0492 lmhosts - ok
11:07:36.0321 0492 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
11:07:36.0321 0492 LSI_FC - ok
11:07:36.0336 0492 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
11:07:36.0336 0492 LSI_SAS - ok
11:07:36.0352 0492 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
11:07:36.0352 0492 LSI_SCSI - ok
11:07:36.0367 0492 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:07:36.0367 0492 luafv - ok
11:07:36.0430 0492 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
11:07:36.0430 0492 LVPr2Mon - ok
11:07:36.0508 0492 LVPrcSrv (0ddfdcaa92c7f553328db06ba599bea9) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
11:07:36.0523 0492 LVPrcSrv - ok
11:07:36.0570 0492 M1 Server (7b073fd0133346d0e555353f164057d7) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
11:07:36.0570 0492 M1 Server - ok
11:07:36.0633 0492 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
11:07:36.0633 0492 MBAMProtector - ok
11:07:36.0695 0492 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:07:36.0711 0492 MBAMService - ok
11:07:36.0742 0492 MCLServiceATL (7bba15ca5a2aa4e50c7cbfb78d11db25) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
11:07:36.0742 0492 MCLServiceATL - ok
11:07:36.0757 0492 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll
11:07:36.0773 0492 Mcx2Svc - ok
11:07:36.0789 0492 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
11:07:36.0804 0492 mdmxsdk - ok
11:07:36.0851 0492 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
11:07:36.0851 0492 megasas - ok
11:07:36.0867 0492 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:07:36.0867 0492 MMCSS - ok
11:07:36.0898 0492 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:07:36.0898 0492 Modem - ok
11:07:36.0913 0492 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:07:36.0913 0492 monitor - ok
11:07:36.0945 0492 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:07:36.0945 0492 mouclass - ok
11:07:36.0960 0492 moufiltr (baa4ed3c323bee7ebc144c7d232220a8) C:\Windows\system32\DRIVERS\moufiltr.sys
11:07:36.0960 0492 moufiltr - ok
11:07:36.0960 0492 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:07:36.0960 0492 mouhid - ok
11:07:36.0991 0492 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:07:36.0991 0492 MountMgr - ok
11:07:37.0038 0492 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:07:37.0038 0492 MozillaMaintenance - ok
11:07:37.0101 0492 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
11:07:37.0101 0492 mpio - ok
11:07:37.0132 0492 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:07:37.0132 0492 mpsdrv - ok
11:07:37.0179 0492 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
11:07:37.0179 0492 MpsSvc - ok
11:07:37.0194 0492 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:07:37.0194 0492 Mraid35x - ok
11:07:37.0225 0492 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:07:37.0225 0492 MRxDAV - ok
11:07:37.0257 0492 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:07:37.0257 0492 mrxsmb - ok
11:07:37.0288 0492 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:07:37.0288 0492 mrxsmb10 - ok
11:07:37.0303 0492 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:07:37.0303 0492 mrxsmb20 - ok
11:07:37.0319 0492 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
11:07:37.0319 0492 msahci - ok
11:07:37.0335 0492 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
11:07:37.0335 0492 msdsm - ok
11:07:37.0366 0492 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
11:07:37.0366 0492 MSDTC - ok
11:07:37.0397 0492 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:07:37.0413 0492 Msfs - ok
11:07:37.0475 0492 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:07:37.0475 0492 msisadrv - ok
11:07:37.0506 0492 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
11:07:37.0506 0492 MSiSCSI - ok
11:07:37.0506 0492 msiserver - ok
11:07:37.0522 0492 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:07:37.0522 0492 MSKSSRV - ok
11:07:37.0584 0492 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:07:37.0584 0492 MSPCLOCK - ok
11:07:37.0600 0492 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:07:37.0600 0492 MSPQM - ok
11:07:37.0631 0492 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:07:37.0631 0492 MsRPC - ok
11:07:37.0647 0492 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:07:37.0647 0492 mssmbios - ok
11:07:37.0756 0492 MSSQL$SONY_MEDIAMGR2 - ok
11:07:37.0803 0492 MSSQLServerADHelper (1d89eb4e2a99cabd4e81225f4f4c4b25) c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
11:07:37.0803 0492 MSSQLServerADHelper - ok
11:07:37.0834 0492 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:07:37.0834 0492 MSTEE - ok
11:07:37.0849 0492 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:07:37.0865 0492 Mup - ok
11:07:37.0896 0492 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
11:07:37.0896 0492 napagent - ok
11:07:37.0959 0492 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:07:37.0959 0492 NativeWifiP - ok
11:07:38.0037 0492 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:07:38.0037 0492 NDIS - ok
11:07:38.0068 0492 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:07:38.0068 0492 NdisTapi - ok
11:07:38.0083 0492 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:07:38.0099 0492 Ndisuio - ok
11:07:38.0115 0492 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:07:38.0115 0492 NdisWan - ok
11:07:38.0130 0492 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:07:38.0146 0492 NDProxy - ok
11:07:38.0193 0492 Net Driver HPZ12 (2969d26eee289be7422aa46fc55f4e38) C:\Windows\system32\HPZinw12.dll
11:07:38.0193 0492 Net Driver HPZ12 - ok
11:07:38.0208 0492 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:07:38.0208 0492 NetBIOS - ok
11:07:38.0239 0492 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:07:38.0239 0492 netbt - ok
11:07:38.0255 0492 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:07:38.0255 0492 Netlogon - ok
11:07:38.0302 0492 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
11:07:38.0302 0492 Netman - ok
11:07:38.0349 0492 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
11:07:38.0349 0492 netprofm - ok
11:07:38.0411 0492 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:07:38.0411 0492 NetTcpPortSharing - ok
11:07:38.0442 0492 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:07:38.0442 0492 nfrd960 - ok
11:07:38.0473 0492 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
11:07:38.0473 0492 NlaSvc - ok
11:07:38.0583 0492 nosGetPlusHelper (431ada51e9d032f533548688ce5a2a24) C:\Program Files\NOS\bin\getPlus_Helper_3004.dll
11:07:38.0583 0492 nosGetPlusHelper - ok
11:07:38.0614 0492 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:07:38.0614 0492 Npfs - ok
11:07:38.0645 0492 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
11:07:38.0645 0492 nsi - ok
11:07:38.0661 0492 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:07:38.0661 0492 nsiproxy - ok
11:07:38.0723 0492 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:07:38.0739 0492 Ntfs - ok
11:07:38.0770 0492 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:07:38.0770 0492 ntrigdigi - ok
11:07:38.0785 0492 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:07:38.0785 0492 Null - ok
11:07:38.0801 0492 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
11:07:38.0817 0492 nvraid - ok
11:07:38.0832 0492 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
11:07:38.0832 0492 nvstor - ok
11:07:38.0848 0492 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
11:07:38.0848 0492 nv_agp - ok
11:07:38.0848 0492 NwlnkFlt - ok
11:07:38.0863 0492 NwlnkFwd - ok
11:07:38.0957 0492 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:07:38.0957 0492 odserv - ok
11:07:39.0019 0492 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
11:07:39.0019 0492 ohci1394 - ok
11:07:39.0051 0492 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:07:39.0051 0492 ose - ok
11:07:39.0113 0492 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:07:39.0113 0492 p2pimsvc - ok
11:07:39.0129 0492 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:07:39.0129 0492 p2psvc - ok
11:07:39.0160 0492 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:07:39.0160 0492 Parport - ok
11:07:39.0222 0492 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
11:07:39.0222 0492 partmgr - ok
11:07:39.0238 0492 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:07:39.0238 0492 Parvdm - ok
11:07:39.0269 0492 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
11:07:39.0269 0492 PcaSvc - ok
11:07:39.0300 0492 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:07:39.0316 0492 pci - ok
11:07:39.0316 0492 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
11:07:39.0316 0492 pciide - ok
11:07:39.0331 0492 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
11:07:39.0347 0492 pcmcia - ok
11:07:39.0394 0492 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
11:07:39.0409 0492 pcouffin - ok
11:07:39.0456 0492 PdiPorts (9a19e0669ac4e15741d8fd2cfde5c1f4) C:\Windows\system32\Drivers\PdiPorts.sys
11:07:39.0456 0492 PdiPorts - ok
11:07:39.0534 0492 PdiService (9bbcfe930e1ae7d247bc5d2044fbcbeb) C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe
11:07:39.0534 0492 PdiService - ok
11:07:39.0628 0492 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:07:39.0643 0492 PEAUTH - ok
11:07:39.0799 0492 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\Windows\system32\DRIVERS\LV302V32.SYS
11:07:39.0831 0492 PID_PEPI - ok
11:07:40.0002 0492 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
11:07:40.0033 0492 pla - ok
11:07:40.0096 0492 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
11:07:40.0111 0492 PlugPlay - ok
11:07:40.0127 0492 Pml Driver HPZ12 (bafc9706bdf425a02b66468ab2605c59) C:\Windows\system32\HPZipm12.dll
11:07:40.0127 0492 Pml Driver HPZ12 - ok
11:07:40.0189 0492 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:07:40.0189 0492 PNRPAutoReg - ok
11:07:40.0205 0492 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
11:07:40.0205 0492 PNRPsvc - ok
11:07:40.0236 0492 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
11:07:40.0236 0492 PolicyAgent - ok
11:07:40.0283 0492 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:07:40.0283 0492 PptpMiniport - ok
11:07:40.0314 0492 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
11:07:40.0314 0492 Processor - ok
11:07:40.0345 0492 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
11:07:40.0345 0492 ProfSvc - ok
11:07:40.0377 0492 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:07:40.0377 0492 ProtectedStorage - ok
11:07:40.0392 0492 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:07:40.0392 0492 PSched - ok
11:07:40.0423 0492 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\Windows\system32\Drivers\PxHelp20.sys
11:07:40.0423 0492 PxHelp20 - ok
11:07:40.0501 0492 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
11:07:40.0517 0492 ql2300 - ok
11:07:40.0564 0492 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:07:40.0564 0492 ql40xx - ok
11:07:40.0611 0492 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
11:07:40.0626 0492 QWAVE - ok
11:07:40.0642 0492 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:07:40.0642 0492 QWAVEdrv - ok
11:07:40.0673 0492 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:07:40.0673 0492 RasAcd - ok
11:07:40.0704 0492 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
11:07:40.0704 0492 RasAuto - ok
11:07:40.0720 0492 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:07:40.0720 0492 Rasl2tp - ok
11:07:40.0767 0492 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
11:07:40.0767 0492 RasMan - ok
11:07:40.0782 0492 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:07:40.0782 0492 RasPppoe - ok
11:07:40.0813 0492 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:07:40.0813 0492 RasSstp - ok
11:07:40.0845 0492 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:07:40.0860 0492 rdbss - ok
11:07:40.0876 0492 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:07:40.0876 0492 RDPCDD - ok
11:07:40.0907 0492 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
11:07:40.0907 0492 rdpdr - ok
11:07:40.0923 0492 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:07:40.0923 0492 RDPENCDD - ok
11:07:40.0969 0492 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys
11:07:40.0969 0492 RDPWD - ok
11:07:41.0079 0492 Remote UI Service (752402f6bd5fa012805813c329f88dd3) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
11:07:41.0094 0492 Remote UI Service - ok
11:07:41.0157 0492 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
11:07:41.0157 0492 RemoteAccess - ok
11:07:41.0188 0492 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
11:07:41.0188 0492 RemoteRegistry - ok
11:07:41.0281 0492 RoxMediaDB9 (062d1268cfcf569ba5fbcfd1bea88d2a) c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
11:07:41.0297 0492 RoxMediaDB9 - ok
11:07:41.0313 0492 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
11:07:41.0313 0492 RpcLocator - ok
11:07:41.0359 0492 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
11:07:41.0359 0492 RpcSs - ok
11:07:41.0422 0492 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:07:41.0422 0492 rspndr - ok
11:07:41.0437 0492 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
11:07:41.0437 0492 SamSs - ok
11:07:41.0469 0492 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:07:41.0469 0492 sbp2port - ok
11:07:41.0531 0492 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
11:07:41.0531 0492 SCardSvr - ok
11:07:41.0578 0492 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
11:07:41.0593 0492 Schedule - ok
11:07:41.0609 0492 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
11:07:41.0609 0492 SCPolicySvc - ok
11:07:41.0656 0492 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
11:07:41.0656 0492 SDRSVC - ok
11:07:41.0687 0492 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:07:41.0687 0492 secdrv - ok
11:07:41.0718 0492 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
11:07:41.0718 0492 seclogon - ok
11:07:41.0734 0492 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
11:07:41.0749 0492 SENS - ok
11:07:41.0765 0492 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:07:41.0765 0492 Serenum - ok
11:07:41.0781 0492 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:07:41.0781 0492 Serial - ok
11:07:41.0812 0492 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:07:41.0812 0492 sermouse - ok
11:07:41.0859 0492 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
11:07:41.0859 0492 SessionEnv - ok
11:07:41.0874 0492 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
11:07:41.0874 0492 sffdisk - ok
11:07:41.0890 0492 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
11:07:41.0890 0492 sffp_mmc - ok
11:07:41.0905 0492 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
11:07:41.0905 0492 sffp_sd - ok
11:07:41.0921 0492 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:07:41.0921 0492 sfloppy - ok
11:07:41.0952 0492 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
11:07:41.0968 0492 SharedAccess - ok
11:07:41.0999 0492 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
11:07:41.0999 0492 ShellHWDetection - ok
11:07:42.0015 0492 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
11:07:42.0030 0492 sisagp - ok
11:07:42.0046 0492 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
11:07:42.0046 0492 SiSRaid2 - ok
11:07:42.0061 0492 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
11:07:42.0061 0492 SiSRaid4 - ok
11:07:42.0233 0492 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
11:07:42.0280 0492 slsvc - ok
11:07:42.0420 0492 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
11:07:42.0420 0492 SLUINotify - ok
11:07:42.0451 0492 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:07:42.0451 0492 Smb - ok
11:07:42.0467 0492 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
11:07:42.0483 0492 SNMPTRAP - ok
11:07:42.0529 0492 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:07:42.0529 0492 spldr - ok
11:07:42.0561 0492 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
11:07:42.0561 0492 Spooler - ok
11:07:42.0654 0492 SQLBrowser (86ebd8b1f23e743aad21f4d5b4d40985) c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:07:42.0654 0492 SQLBrowser - ok
11:07:42.0685 0492 SQLWriter (d89083c4eb02daca8f944b0e05e57f9d) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:07:42.0685 0492 SQLWriter - ok
11:07:42.0732 0492 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:07:42.0732 0492 srv - ok
11:07:42.0748 0492 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:07:42.0748 0492 srv2 - ok
11:07:42.0779 0492 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:07:42.0779 0492 srvnet - ok
11:07:42.0810 0492 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
11:07:42.0810 0492 SSDPSRV - ok
11:07:42.0841 0492 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
11:07:42.0841 0492 SstpSvc - ok
11:07:42.0888 0492 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
11:07:42.0904 0492 stisvc - ok
11:07:42.0966 0492 stllssvr (4cfeb2bd9723489da072b300940ea287) c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
11:07:42.0966 0492 stllssvr - ok
11:07:42.0982 0492 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:07:42.0982 0492 swenum - ok
11:07:43.0013 0492 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
11:07:43.0029 0492 swprv - ok
11:07:43.0044 0492 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:07:43.0044 0492 Symc8xx - ok
11:07:43.0060 0492 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:07:43.0060 0492 Sym_hi - ok
11:07:43.0075 0492 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:07:43.0075 0492 Sym_u3 - ok
11:07:43.0138 0492 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
11:07:43.0138 0492 SysMain - ok
11:07:43.0169 0492 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
11:07:43.0169 0492 TabletInputService - ok
11:07:43.0200 0492 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
11:07:43.0216 0492 TapiSrv - ok
11:07:43.0247 0492 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
11:07:43.0247 0492 TBS - ok
11:07:43.0341 0492 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys
11:07:43.0356 0492 Tcpip - ok
11:07:43.0372 0492 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys
11:07:43.0372 0492 Tcpip6 - ok
11:07:43.0434 0492 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys
11:07:43.0434 0492 tcpipreg - ok
11:07:43.0465 0492 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:07:43.0465 0492 TDPIPE - ok
11:07:43.0481 0492 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:07:43.0481 0492 TDTCP - ok
11:07:43.0497 0492 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:07:43.0497 0492 tdx - ok
11:07:43.0512 0492 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:07:43.0528 0492 TermDD - ok
11:07:43.0575 0492 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
11:07:43.0575 0492 TermService - ok
11:07:43.0606 0492 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
11:07:43.0621 0492 Themes - ok
11:07:43.0637 0492 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
11:07:43.0637 0492 THREADORDER - ok
11:07:43.0653 0492 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
11:07:43.0668 0492 TrkWks - ok
11:07:43.0684 0492 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
11:07:43.0684 0492 TrustedInstaller - ok
11:07:43.0715 0492 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:07:43.0715 0492 tssecsrv - ok
11:07:43.0731 0492 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:07:43.0731 0492 tunmp - ok
11:07:43.0746 0492 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:07:43.0746 0492 tunnel - ok
11:07:43.0777 0492 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
11:07:43.0777 0492 uagp35 - ok
11:07:43.0793 0492 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:07:43.0809 0492 udfs - ok
11:07:43.0840 0492 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
11:07:43.0840 0492 UI0Detect - ok
11:07:43.0855 0492 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
11:07:43.0855 0492 uliagpkx - ok
11:07:43.0871 0492 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
11:07:43.0887 0492 uliahci - ok
11:07:43.0902 0492 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:07:43.0902 0492 UlSata - ok
11:07:43.0918 0492 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:07:43.0918 0492 ulsata2 - ok
11:07:43.0949 0492 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:07:43.0949 0492 umbus - ok
11:07:44.0027 0492 UnlockerDriver5 (4847639d852763ee39415c929470f672) C:\Program Files\Unlocker\UnlockerDriver5.sys
11:07:44.0027 0492 UnlockerDriver5 - ok
11:07:44.0058 0492 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
11:07:44.0074 0492 upnphost - ok
11:07:44.0136 0492 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
11:07:44.0136 0492 usbaudio - ok
11:07:44.0183 0492 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
11:07:44.0183 0492 usbccgp - ok
11:07:44.0199 0492 usbcir (47b9770ea21436de4ad5aea7926e0900) C:\Windows\system32\DRIVERS\usbcir.sys
11:07:44.0199 0492 usbcir - ok
11:07:44.0214 0492 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:07:44.0214 0492 usbehci - ok
11:07:44.0230 0492 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:07:44.0245 0492 usbhub - ok
11:07:44.0277 0492 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:07:44.0277 0492 usbohci - ok
11:07:44.0292 0492 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:07:44.0292 0492 usbprint - ok
11:07:44.0323 0492 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
11:07:44.0323 0492 usbscan - ok
11:07:44.0355 0492 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:07:44.0355 0492 USBSTOR - ok
11:07:44.0370 0492 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:07:44.0370 0492 usbuhci - ok
11:07:44.0401 0492 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
11:07:44.0401 0492 UxSms - ok
11:07:44.0433 0492 UxTuneUp (c8d958e2ae68e32d991f8c3855ab7f74) C:\Windows\System32\uxtuneup.dll
11:07:44.0433 0492 UxTuneUp - ok
11:07:44.0464 0492 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
11:07:44.0464 0492 vds - ok
11:07:44.0526 0492 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
11:07:44.0526 0492 vga - ok
11:07:44.0557 0492 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:07:44.0557 0492 VgaSave - ok
11:07:44.0573 0492 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
11:07:44.0573 0492 viaagp - ok
11:07:44.0589 0492 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
11:07:44.0589 0492 ViaC7 - ok
11:07:44.0604 0492 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
11:07:44.0604 0492 viaide - ok
11:07:44.0620 0492 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:07:44.0620 0492 volmgr - ok
11:07:44.0667 0492 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:07:44.0667 0492 volmgrx - ok
11:07:44.0698 0492 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:07:44.0698 0492 volsnap - ok
11:07:44.0776 0492 Vsdatant (6be75cfce25e42e79c0757c60d88fecb) C:\Windows\system32\DRIVERS\vsdatant.sys
11:07:44.0776 0492 Vsdatant - ok
11:07:44.0807 0492 vsdatant7 - ok
11:07:44.0838 0492 vsmon - ok
11:07:44.0869 0492 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
11:07:44.0869 0492 vsmraid - ok
11:07:44.0947 0492 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
11:07:44.0963 0492 VSS - ok
11:07:44.0994 0492 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
11:07:44.0994 0492 W32Time - ok
11:07:45.0057 0492 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:07:45.0057 0492 WacomPen - ok
11:07:45.0072 0492 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:07:45.0072 0492 Wanarp - ok
11:07:45.0088 0492 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:07:45.0088 0492 Wanarpv6 - ok
11:07:45.0119 0492 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
11:07:45.0119 0492 wcncsvc - ok
11:07:45.0150 0492 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
11:07:45.0150 0492 WcsPlugInService - ok
11:07:45.0181 0492 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
11:07:45.0181 0492 Wd - ok
11:07:45.0228 0492 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:07:45.0244 0492 Wdf01000 - ok
11:07:45.0259 0492 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:07:45.0259 0492 WdiServiceHost - ok
11:07:45.0259 0492 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
11:07:45.0275 0492 WdiSystemHost - ok
11:07:45.0291 0492 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
11:07:45.0306 0492 WebClient - ok
11:07:45.0322 0492 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
11:07:45.0322 0492 Wecsvc - ok
11:07:45.0353 0492 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
11:07:45.0353 0492 wercplsupport - ok
11:07:45.0384 0492 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
11:07:45.0384 0492 WerSvc - ok
11:07:45.0447 0492 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
11:07:45.0447 0492 winachsf - ok
11:07:45.0509 0492 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
11:07:45.0509 0492 WinDefend - ok
11:07:45.0525 0492 WinHttpAutoProxySvc - ok
11:07:45.0571 0492 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
11:07:45.0571 0492 Winmgmt - ok
11:07:45.0649 0492 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
11:07:45.0665 0492 WinRM - ok
11:07:45.0727 0492 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
11:07:45.0727 0492 Wlansvc - ok
11:07:45.0774 0492 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
11:07:45.0774 0492 WmiAcpi - ok
11:07:45.0821 0492 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
11:07:45.0821 0492 wmiApSrv - ok
11:07:45.0915 0492 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
11:07:45.0930 0492 WMPNetworkSvc - ok
11:07:45.0946 0492 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
11:07:45.0946 0492 WPCSvc - ok
11:07:45.0977 0492 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
11:07:45.0977 0492 WPDBusEnum - ok
11:07:46.0024 0492 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:07:46.0024 0492 WpdUsb - ok
11:07:46.0149 0492 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:07:46.0164 0492 WPFFontCache_v0400 - ok
11:07:46.0180 0492 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:07:46.0180 0492 ws2ifsl - ok
11:07:46.0211 0492 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
11:07:46.0211 0492 wscsvc - ok
11:07:46.0211 0492 WSearch - ok
11:07:46.0351 0492 wuauserv (fc3ec24fce372c89423e015a2ac1a31e) C:\Windows\system32\wuaueng.dll
11:07:46.0383 0492 wuauserv - ok
11:07:46.0539 0492 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:07:46.0539 0492 WUDFRd - ok
11:07:46.0585 0492 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
11:07:46.0585 0492 wudfsvc - ok
11:07:46.0648 0492 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
11:07:46.0648 0492 XAudio - ok
11:07:46.0679 0492 XAudioService (cd5f291a1161f15896d1a4d63daff5df) C:\Windows\system32\DRIVERS\xaudio.exe
11:07:46.0679 0492 XAudioService - ok
11:07:46.0695 0492 MBR (0x1B8) (8913823ff508ccf109db74b636c301da) \Device\Harddisk0\DR0
11:07:46.0741 0492 \Device\Harddisk0\DR0 - ok
11:07:46.0757 0492 Boot (0x1200) (d2402ec6853f760720662818734ee16c) \Device\Harddisk0\DR0\Partition0
11:07:46.0757 0492 \Device\Harddisk0\DR0\Partition0 - ok
11:07:46.0757 0492 Boot (0x1200) (062a4aa513cb1af24ba740028c59312b) \Device\Harddisk0\DR0\Partition1
11:07:46.0757 0492 \Device\Harddisk0\DR0\Partition1 - ok
11:07:46.0773 0492 ============================================================
11:07:46.0773 0492 Scan finished
11:07:46.0773 0492 ============================================================
11:07:46.0773 1728 Detected object count: 0
11:07:46.0773 1728 Actual detected object count: 0
11:08:37.0878 1648 Deinitialize success






From aswMBR...

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-07 11:19:10
-----------------------------
11:19:10.786 OS Version: Windows 6.0.6002 Service Pack 2
11:19:10.786 Number of processors: 2 586 0xF02
11:19:10.786 ComputerName: OURHOMECOMPUTER UserName: Dad
11:19:11.644 Initialize success
11:19:11.706 AVAST engine defs: 12070700
11:19:15.622 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
11:19:15.622 Disk 0 Vendor: Hitachi_ V54O Size: 305245MB BusType: 3
11:19:15.637 Disk 0 MBR read successfully
11:19:15.653 Disk 0 MBR scan
11:19:15.653 Disk 0 unknown MBR code
11:19:15.653 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 296198 MB offset 63
11:19:15.715 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 9044 MB offset 606614400
11:19:15.731 Disk 0 scanning sectors +625137345
11:19:15.825 Disk 0 scanning C:\Windows\system32\drivers
11:19:23.749 Service scanning
11:19:40.270 Service Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys **LOCKED** 32
11:19:42.641 Modules scanning
11:19:47.961 Disk 0 trace - called modules:
11:19:47.976 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
11:19:47.992 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x863f2638]
11:19:48.007 3 CLASSPNP.SYS[88f9f8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x859cf030]
11:19:48.803 AVAST engine scan C:\Windows
11:19:58.881 AVAST engine scan C:\Windows\system32
11:22:39.951 AVAST engine scan C:\Windows\system32\drivers
11:23:16.158 AVAST engine scan C:\Users\Dad
12:04:31.348 AVAST engine scan C:\ProgramData
12:11:03.781 Scan finished successfully
15:09:36.270 Disk 0 MBR has been saved successfully to "C:\Users\Dad\Desktop\MBR.dat"
15:09:36.286 The log file has been saved successfully to "C:\Users\Dad\Desktop\aswMBR.txt"








From ESET...

C:\Program Files\TotalRecipeSearch_14EI\Installr\1.bin\14EIPlug.dll Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\Users\Dad\AppData\Local\Temp\jar_cache8876388567625067643.tmp a variant of Java/Exploit.CVE-2010-0842.L trojan deleted - quarantined
C:\Users\Dad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\36b495d3-55304bdf a variant of Java/Exploit.CVE-2012-0507.CU trojan deleted - quarantined
C:\Users\Dad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\143b51c7-342a759b a variant of Java/TrojanDownloader.OpenStream.NCC trojan cleaned by deleting - quarantined

Edited by talaga, 07 July 2012 - 09:39 PM.


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:35 AM

Posted 08 July 2012 - 01:23 AM

Please run MBAM again and post the log


Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Press Windows+R key and type

%HOMEPATH%\Start Menu\Programs\Startup

click ok

Delete CTFMON.LNK file from the folder

You should be free from startup error now

#5 talaga

talaga
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:35 AM

Posted 08 July 2012 - 03:26 AM

Scanned with MBAM and mini toolbox, deleted CTFMON.LNK. Posted below...


From MBAM...



Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.07.07.07

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Dad :: OURHOMECOMPUTER [administrator]

7/7/2012 8:44:47 PM
mbam-log-2012-07-07 (20-44-47).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 419164
Time elapsed: 2 hour(s), 5 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




From mini toolbox...



MiniToolBox by Farbar Version: 25-06-2012
Ran by Dad (administrator) on 08-07-2012 at 01:16:36
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


::1 localhost


========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : OurHomeComputer
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : socal.rr.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : socal.rr.com
Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
Physical Address. . . . . . . . . : 00-1B-FC-D1-77-24
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::f840:d7fa:e5a8:213e%8(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, July 07, 2012 8:29:43 PM
Lease Expires . . . . . . . . . . : Sunday, July 08, 2012 9:54:26 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 201333756
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0E-40-2E-93-00-1B-FC-D1-77-24
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : socal.rr.com
Description . . . . . . . . . . . : isatap.socal.rr.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 2607:f8b0:4007:801::1007
74.125.224.163
74.125.224.164
74.125.224.165
74.125.224.166
74.125.224.167
74.125.224.168
74.125.224.169
74.125.224.174
74.125.224.160
74.125.224.161
74.125.224.162



Pinging google.com [74.125.224.165] with 32 bytes of data:

Reply from 74.125.224.165: bytes=32 time=11ms TTL=54

Reply from 74.125.224.165: bytes=32 time=12ms TTL=54



Ping statistics for 74.125.224.165:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 11ms, Maximum = 12ms, Average = 11ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 209.191.122.70
72.30.38.140
98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=54ms TTL=50

Reply from 209.191.122.70: bytes=32 time=59ms TTL=50



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 54ms, Maximum = 59ms, Average = 56ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=13ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 13ms, Average = 6ms

===========================================================================
Interface List
8 ...00 1b fc d1 77 24 ...... Intel® PRO/100 VE Network Connection
1 ........................... Software Loopback Interface 1
9 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 isatap.socal.rr.com
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
8 276 fe80::/64 On-link
8 276 fe80::f840:d7fa:e5a8:213e/128
On-link
1 306 ff00::/8 On-link
8 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/07/2012 11:03:03 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/06/2012 11:18:25 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/06/2012 11:04:40 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/06/2012 10:46:37 AM) (Source: EventSystem) (User: )
Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/06/2012 02:33:44 AM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 1.60.0.80 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: f68
Start Time: 01cd5b5a5a161757
Termination Time: 0

Error: (06/23/2012 06:35:35 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/23/2012 06:35:14 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/23/2012 06:35:13 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/23/2012 06:35:11 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (06/23/2012 06:34:36 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


System errors:
=============
Error: (07/07/2012 08:31:45 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (07/07/2012 08:31:19 PM) (Source: Service Control Manager) (User: )
Description: Portrait Displays Display Tune Service%%2

Error: (07/07/2012 08:31:19 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/07/2012 07:44:53 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (07/07/2012 07:44:20 PM) (Source: Service Control Manager) (User: )
Description: Portrait Displays Display Tune Service%%2

Error: (07/07/2012 07:44:20 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/07/2012 06:10:57 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (07/07/2012 06:10:57 PM) (Source: Service Control Manager) (User: )
Description: Portrait Displays Display Tune Service%%2

Error: (07/07/2012 06:10:57 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (07/07/2012 11:03:57 AM) (Source: Service Control Manager) (User: )
Description: aswSnx
aswSP
aswTdi
spldr
Wanarpv6


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 1.8.2)
32 Bit HP CIO Components Installer (Version: 2.1.5)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
Adobe Bridge 1.0 (Version: 001.000.004)
Adobe Common File Installer (Version: 1.00.0000)
Adobe Download Manager (Version: 1.6.2.97)
Adobe Flash Player 11 ActiveX (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Help Center 1.0 (Version: 001.000.000)
Adobe Photoshop CS2 (Version: 9.0)
Adobe Reader 8.3.1 (Version: 8.3.1)
Adobe Shockwave Player 11.5 (Version: 11.5.8.612)
Adobe Stock Photos 1.0 (Version: 001.000.000)
Apple Application Support (Version: 1.2.1)
Apple Software Update (Version: 2.1.1.116)
avast! Free Antivirus (Version: 7.0.1456.0)
AviSynth 2.5
BPD_Scan (Version: 3.00.0000)
BPDSoftware (Version: 82.0.173.000)
BPDSoftware_Ini (Version: 1.00.0000)
ConvertXtoDVD 3.2.0.52 (Version: 3.2.0.52)
DeviceManagementQFolder (Version: 1.00.0000)
DivX Setup (Version: 2.4.1.4)
DocProc (Version: 8.1.0.0)
DocProcQFolder (Version: 1.00.0000)
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDFab 8.0.5.0 (18/11/2010)
DVDFab 8.1.0.0 (16/06/2011) Qt
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Facebook Plug-In
Fax (Version: 120.0.194.000)
FileZilla Client 3.5.2 (Version: 3.5.2)
Free RAR Extract Frog (Version: 1.80)
FrostWire 4.21.3 (Version: 4.21.3.0)
Google Chrome (Version: 20.0.1132.47)
Google Update Helper (Version: 1.3.21.111)
HandBrake 0.9.5 (Version: 0.9.5)
Hardware Diagnostic Tools (Version: 5.00.4424.15)
HP Customer Feedback (Version: 1.0.0)
HP OCR Software 8.0 (Version: 8.0)
HP Officejet All-In-One Series (Version: 1.0)
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential (Version: 1.12.0.46)
HP Photosmart Essential 2.0 (Version: 2.0)
HP Photosmart Essential2.5 (Version: 1.00.0000)
HP Picasso Media Center Add-In (Version: 1.0.0)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Intel® Viiv™ Software (Version: 1.6.361.6)
Java Auto Updater (Version: 2.0.2.4)
Java™ 6 Update 16 (Version: 6.0.160)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ 6 Update 31 (Version: 6.0.310)
Java™ 6 Update 5 (Version: 1.6.0.50)
Java™ 6 Update 7 (Version: 1.6.0.70)
LightScribe 1.4.142.1 (Version: 1.4.142.1)
Logitech Vid (Version: 1.10.1009)
Logitech Webcam Software (Version: 12.10.1113)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (SONY_MEDIAMGR2) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 08.05.0818)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
muvee autoProducer 6.0 (Version: 6.00.050)
Netflix Movie Viewer (Version: 1.2.211)
NewzToolz v2.0.2
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenOffice.org 3.1 (Version: 3.1.9420)
Pazera Free MP4 to AVI Converter 1.6 (Version: 1.6)
Pivot Software (Version: 9.05.014)
Plants vs. Zombies
ProductContext (Version: 50.0.165.000)
PSSWCORE (Version: 2.00.5000)
Python 2.4.3 (Version: 2.4.3150)
QuickTime (Version: 7.66.71.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5789)
Revo Uninstaller 1.89 (Version: 1.89)
Roxio Activation Module (Version: 1.0)
Roxio Creator Audio (Version: 3.4.0)
Roxio Creator Basic v9 (Version: 3.4.0)
Roxio Creator Copy (Version: 3.4.0)
Roxio Creator Data (Version: 3.4.0)
Roxio Creator EasyArchive (Version: 3.4.0)
Roxio Creator Tools (Version: 3.4.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio MyDVD Basic v9 (Version: 9.0.559)
Savings Bond Wizard
Scan (Version: 8.1.0.0)
SDK (Version: 2.15.022)
Skype Toolbars (Version: 1.0.4051)
Skype™ 4.2 (Version: 4.2.158)
Snapfish Media Detector (Version: 1.7.0.15)
Soft Data Fax Modem with SmartCP (Version: 7.74.00)
Sony Media Manager 2.3 (Version: 2.3.160)
Sony Noise Reduction Plug-In 2.0h (Version: 2.0.451)
Sony Sound Forge 9.0 (Version: 9.0.441)
Sony Vegas Pro 8.0 (Version: 8.0.217)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Toolbox (Version: 82.0.173.000)
Unlocker 1.8.7 (Version: 1.8.7)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
USB Driver
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VLC media player 1.0.5 (Version: 1.0.5)
WebReg (Version: 82.0.173.000)
Winamp (Version: 5.61 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Yahoo! Toolbar for Internet Explorer
ZoneAlarm (Version: 9.2.057.000)
ZoneAlarm Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 56%
Total physical RAM: 2037.77 MB
Available physical RAM: 896.31 MB
Total Pagefile: 4318.78 MB
Available Pagefile: 2857.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.25 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:289.26 GB) (Free:9.9 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:8.83 GB) (Free:1 GB) NTFS

========================= Users: ========================================

User accounts for \\OURHOMECOMPUTER

Administrator Dad Guest
IUSR_NMPR


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:35 AM

Posted 08 July 2012 - 05:52 AM

That looks good

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp


Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#7 talaga

talaga
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:35 AM

Posted 08 July 2012 - 12:50 PM

Did everything from previous post. After successful installation of Java, I got an error box that said "Installer: Wrapper.CreateFile failed with error 5: Access is denied."

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:35 AM

Posted 08 July 2012 - 11:19 PM

Are you updating java from administrator account?

If it fails even admin rights,then download

http://sourceforge.net/projects/javara/files/latest/download

Extract and launch it,remove old versions of java and try to install java again.

#9 talaga

talaga
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:35 AM

Posted 09 July 2012 - 02:27 AM

I only have one profile on this computer and I believe it has full admin rights. I downloaded JavaRa and it removed my old versions of java. Then, I went to www.java.com and tried to install Version 7 Update 5. At the end of the install, an error window titled 'Error - Java™ Installer' said: "Downloaded File C:\Users\Dad\AppData\Local\Temp\\fx-runtime.exe is corrupt."

Is this related to my Java infection?

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:35 AM

Posted 09 July 2012 - 02:56 AM

Create a new user account and try to install

#11 childsplay64

childsplay64

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:35 AM

Posted 19 July 2012 - 03:27 PM

Can someone help me with this same problem? I have the fbi moneypak ransomware, i think, but after 2 days I think it went away by itself. Another forum told me to download emsisoft but it only found keygens. I am using the infected account right now and also my computer has been very slow and makes alot of noise even though I have alot of memory and 2gigs of ram. I am using xp 32bit and I am not too familiar with xp. Please help!!

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:35 AM

Posted 19 July 2012 - 03:55 PM

childsplay64

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#13 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,962 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:35 AM

Posted 25 July 2012 - 07:41 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic462406.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users