Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI Money Pak Ransomware?


  • Please log in to reply
10 replies to this topic

#1 lonnie0000

lonnie0000

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 31 August 2012 - 11:48 PM

Hello, I have Windows Vista OS. I didn't have System Restore enabled(big mistake). When I was using the internet a few days ago, a message came up on the screen saying that it was from the FBI, and that I had 72 hours to pay $200. This locked up my computer completely. When I restarted the computer, the same message came up shortly afer and I was locked up once again. I was then able to boot up in safe mode. I did a scan using my McAfee Internet Security, put it didn't pick up anything. I also tried Malware Bytes, and that didn't show any infections either. I then used a different computer and found more info about the FBI Money Pak Ransomware, and I thought it sounded like it might be what had infected my computer.

I saw the article listed at the site here about removing the virus with Emsisoft emergency kit. So I booted back up in Safe Mode with Networking and downloaded EEK. It ended up finding 14 high risk items on my computer. Most of them seemed to be Java exploits and other things related to Java(I am usually up to date with Java). I didn't take notice that the scan had actually picked up the item called 'Reveton Trojan' though? I put the items in quarantine, and tried starting back up in normal mode. Though, the FBI Money Pak screen still came up again.

I then looked back at some info I had read, concerning ways to try to manually remove certain files that the virus had infected the computer with. I couldn't find the exact files on my computer that were listed in the info, but I did find a recent exe file that was on my computer from the same date of the infection. It was called hos32.exe and I couldn't really find out what is was supposed to be used for. So I deleted it, and booted back up in normal mode and things seemed to working ok. Ever since then, I've been able to use the internet normally without the FBI Money Pak alert showing up. Though, I'd still like to be sure that any remaining remnants of the virus are gone from my computer. So if you could help me with that please, I would appreciate it? Thanks

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:26 PM

Posted 01 September 2012 - 02:56 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 lonnie0000

lonnie0000
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 01 September 2012 - 08:18 PM

Thanks for the reply.


TDSSkiller scan results:



18:47:13.0532 22012 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
18:47:14.0678 22012 ============================================================
18:47:14.0678 22012 Current date / time: 2012/09/01 18:47:14.0678
18:47:14.0678 22012 SystemInfo:
18:47:14.0678 22012
18:47:14.0678 22012 OS Version: 6.0.6002 ServicePack: 2.0
18:47:14.0678 22012 Product type: Workstation
18:47:14.0678 22012 ComputerName: LIONELL-PC
18:47:14.0678 22012 UserName: lionell
18:47:14.0678 22012 Windows directory: C:\Windows
18:47:14.0678 22012 System windows directory: C:\Windows
18:47:14.0678 22012 Processor architecture: Intel x86
18:47:14.0678 22012 Number of processors: 2
18:47:14.0679 22012 Page size: 0x1000
18:47:14.0679 22012 Boot type: Normal boot
18:47:14.0679 22012 ============================================================
18:47:17.0031 22012 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:47:17.0051 22012 ============================================================
18:47:17.0051 22012 \Device\Harddisk0\DR0:
18:47:17.0051 22012 MBR partitions:
18:47:17.0051 22012 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
18:47:17.0051 22012 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x38F6A000
18:47:17.0051 22012 ============================================================
18:47:17.0083 22012 C: <-> \Device\Harddisk0\DR0\Partition2
18:47:17.0111 22012 D: <-> \Device\Harddisk0\DR0\Partition1
18:47:17.0131 22012 ============================================================
18:47:17.0131 22012 Initialize success
18:47:17.0131 22012 ============================================================
18:48:08.0853 21432 ============================================================
18:48:08.0853 21432 Scan started
18:48:08.0853 21432 Mode: Manual;
18:48:08.0853 21432 ============================================================
18:48:12.0659 21432 ================ Scan system memory ========================
18:48:12.0659 21432 System memory - ok
18:48:12.0659 21432 ================ Scan services =============================
18:48:12.0746 21432 [ F7EABCA8375EA2DC6F35C4BCA4757515 ] A2DDA C:\Users\lionell\Desktop\Run\a2ddax86.sys
18:48:12.0949 21432 A2DDA - ok
18:48:13.0056 21432 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
18:48:13.0064 21432 ACPI - ok
18:48:13.0175 21432 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:48:13.0178 21432 AdobeARMservice - ok
18:48:13.0224 21432 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:48:13.0237 21432 adp94xx - ok
18:48:13.0252 21432 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:48:13.0261 21432 adpahci - ok
18:48:13.0277 21432 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
18:48:13.0283 21432 adpu160m - ok
18:48:13.0295 21432 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:48:13.0301 21432 adpu320 - ok
18:48:13.0331 21432 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:48:13.0333 21432 AeLookupSvc - ok
18:48:13.0371 21432 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
18:48:13.0555 21432 AFD - ok
18:48:13.0580 21432 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:48:13.0586 21432 agp440 - ok
18:48:13.0603 21432 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:48:13.0612 21432 aic78xx - ok
18:48:13.0631 21432 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
18:48:13.0635 21432 ALG - ok
18:48:13.0651 21432 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
18:48:13.0658 21432 aliide - ok
18:48:13.0682 21432 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:48:13.0687 21432 amdagp - ok
18:48:13.0705 21432 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
18:48:13.0712 21432 amdide - ok
18:48:13.0733 21432 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
18:48:13.0737 21432 AmdK7 - ok
18:48:13.0748 21432 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:48:13.0754 21432 AmdK8 - ok
18:48:13.0779 21432 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
18:48:13.0787 21432 Appinfo - ok
18:48:13.0836 21432 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:48:13.0841 21432 Apple Mobile Device - ok
18:48:13.0868 21432 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
18:48:13.0874 21432 arc - ok
18:48:13.0887 21432 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:48:13.0895 21432 arcsas - ok
18:48:13.0917 21432 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:48:13.0921 21432 AsyncMac - ok
18:48:13.0956 21432 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
18:48:13.0957 21432 atapi - ok
18:48:13.0990 21432 [ C797D9EE6AEB9DBC01FC00B14216E02F ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
18:48:14.0008 21432 Ati External Event Utility - ok
18:48:14.0079 21432 [ E615E3C567FBD10121723EFF09D26B00 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:48:14.0128 21432 atikmdag - ok
18:48:14.0154 21432 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:48:14.0161 21432 AudioEndpointBuilder - ok
18:48:14.0168 21432 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:48:14.0171 21432 Audiosrv - ok
18:48:14.0190 21432 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
18:48:14.0194 21432 Beep - ok
18:48:14.0213 21432 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
18:48:14.0220 21432 BFE - ok
18:48:14.0251 21432 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
18:48:14.0276 21432 BITS - ok
18:48:14.0296 21432 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:48:14.0301 21432 blbdrive - ok
18:48:14.0374 21432 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:48:14.0382 21432 Bonjour Service - ok
18:48:14.0428 21432 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:48:14.0501 21432 bowser - ok
18:48:14.0512 21432 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
18:48:14.0519 21432 BrFiltLo - ok
18:48:14.0530 21432 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
18:48:14.0536 21432 BrFiltUp - ok
18:48:14.0557 21432 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
18:48:14.0559 21432 Browser - ok
18:48:14.0578 21432 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
18:48:14.0585 21432 Brserid - ok
18:48:14.0596 21432 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
18:48:14.0601 21432 BrSerWdm - ok
18:48:14.0625 21432 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
18:48:14.0629 21432 BrUsbMdm - ok
18:48:14.0639 21432 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
18:48:14.0644 21432 BrUsbSer - ok
18:48:14.0670 21432 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:48:14.0674 21432 BTHMODEM - ok
18:48:14.0698 21432 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:48:14.0703 21432 cdfs - ok
18:48:14.0727 21432 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:48:14.0733 21432 cdrom - ok
18:48:14.0749 21432 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
18:48:14.0753 21432 CertPropSvc - ok
18:48:14.0857 21432 [ 958C33D0715D1496684D2E5E329748E8 ] cfwids C:\Windows\system32\drivers\cfwids.sys
18:48:14.0859 21432 cfwids - ok
18:48:14.0881 21432 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
18:48:14.0889 21432 circlass - ok
18:48:14.0920 21432 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
18:48:14.0929 21432 CLFS - ok
18:48:14.0988 21432 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:48:14.0997 21432 clr_optimization_v2.0.50727_32 - ok
18:48:15.0018 21432 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:48:15.0025 21432 cmdide - ok
18:48:15.0040 21432 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:48:15.0044 21432 Compbatt - ok
18:48:15.0051 21432 COMSysApp - ok
18:48:15.0063 21432 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:48:15.0069 21432 crcdisk - ok
18:48:15.0094 21432 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
18:48:15.0100 21432 Crusoe - ok
18:48:15.0133 21432 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:48:15.0138 21432 CryptSvc - ok
18:48:15.0158 21432 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:48:15.0175 21432 DcomLaunch - ok
18:48:15.0212 21432 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:48:15.0278 21432 DfsC - ok
18:48:15.0334 21432 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
18:48:15.0375 21432 DFSR - ok
18:48:15.0408 21432 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
18:48:15.0414 21432 Dhcp - ok
18:48:15.0434 21432 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
18:48:15.0441 21432 disk - ok
18:48:15.0496 21432 [ 65478ED59558E70CAFC766734616A7D7 ] dldtCATSCustConnectService C:\Windows\system32\spool\DRIVERS\W32X86\3\\dldtserv.exe
18:48:15.0584 21432 dldtCATSCustConnectService - ok
18:48:15.0589 21432 dldt_device - ok
18:48:15.0633 21432 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:48:15.0637 21432 Dnscache - ok
18:48:15.0666 21432 [ 13511564CAC5A005255765E322C16967 ] DockLoginService C:\Program Files\Dell\DellDock\DockLogin.exe
18:48:15.0671 21432 DockLoginService - ok
18:48:15.0696 21432 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:48:15.0706 21432 dot3svc - ok
18:48:15.0728 21432 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
18:48:15.0733 21432 DPS - ok
18:48:15.0747 21432 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:48:15.0754 21432 drmkaud - ok
18:48:15.0806 21432 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:48:15.0864 21432 DXGKrnl - ok
18:48:15.0884 21432 [ 04944F4FC4F0477185F5D26AE0DDB90E ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
18:48:15.0894 21432 e1express - ok
18:48:15.0928 21432 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
18:48:15.0934 21432 E1G60 - ok
18:48:15.0957 21432 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
18:48:15.0960 21432 EapHost - ok
18:48:15.0966 21432 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
18:48:15.0972 21432 Ecache - ok
18:48:16.0038 21432 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:48:16.0050 21432 ehRecvr - ok
18:48:16.0065 21432 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
18:48:16.0072 21432 ehSched - ok
18:48:16.0081 21432 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
18:48:16.0086 21432 ehstart - ok
18:48:16.0110 21432 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:48:16.0124 21432 elxstor - ok
18:48:16.0165 21432 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
18:48:16.0182 21432 EMDMgmt - ok
18:48:16.0199 21432 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:48:16.0203 21432 ErrDev - ok
18:48:16.0256 21432 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
18:48:16.0262 21432 EventSystem - ok
18:48:16.0283 21432 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
18:48:16.0290 21432 exfat - ok
18:48:16.0315 21432 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:48:16.0324 21432 fastfat - ok
18:48:16.0334 21432 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:48:16.0341 21432 fdc - ok
18:48:16.0347 21432 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
18:48:16.0349 21432 fdPHost - ok
18:48:16.0356 21432 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
18:48:16.0359 21432 FDResPub - ok
18:48:16.0370 21432 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:48:16.0374 21432 FileInfo - ok
18:48:16.0386 21432 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:48:16.0391 21432 Filetrace - ok
18:48:16.0403 21432 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:48:16.0409 21432 flpydisk - ok
18:48:16.0423 21432 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:48:16.0430 21432 FltMgr - ok
18:48:16.0487 21432 [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache C:\Windows\system32\FntCache.dll
18:48:16.0504 21432 FontCache - ok
18:48:16.0537 21432 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:48:16.0545 21432 FontCache3.0.0.0 - ok
18:48:16.0587 21432 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:48:16.0653 21432 Fs_Rec - ok
18:48:16.0676 21432 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:48:16.0685 21432 gagp30kx - ok
18:48:16.0709 21432 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:48:16.0761 21432 GEARAspiWDM - ok
18:48:16.0786 21432 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
18:48:16.0811 21432 gpsvc - ok
18:48:16.0837 21432 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:48:16.0850 21432 HDAudBus - ok
18:48:16.0873 21432 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:48:16.0878 21432 HidBth - ok
18:48:16.0897 21432 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
18:48:16.0902 21432 HidIr - ok
18:48:16.0913 21432 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
18:48:16.0916 21432 hidserv - ok
18:48:16.0927 21432 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:48:16.0932 21432 HidUsb - ok
18:48:16.0993 21432 [ D61E53E3FEC0C92BC8DD3969FAD63F87 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
18:48:16.0997 21432 HipShieldK - ok
18:48:17.0024 21432 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:48:17.0027 21432 hkmsvc - ok
18:48:17.0045 21432 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
18:48:17.0053 21432 HpCISSs - ok
18:48:17.0094 21432 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:48:17.0111 21432 HTTP - ok
18:48:17.0124 21432 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
18:48:17.0133 21432 i2omp - ok
18:48:17.0158 21432 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:48:17.0166 21432 i8042prt - ok
18:48:17.0208 21432 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\Windows\system32\drivers\iastor.sys
18:48:17.0281 21432 iaStor - ok
18:48:17.0301 21432 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
18:48:17.0313 21432 iaStorV - ok
18:48:17.0381 21432 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:48:17.0395 21432 IDriverT - ok
18:48:17.0449 21432 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:48:17.0485 21432 idsvc - ok
18:48:17.0629 21432 [ C135BFF15563592B8EA070EA109967F7 ] IHA_MessageCenter C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
18:48:17.0635 21432 IHA_MessageCenter - ok
18:48:17.0656 21432 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:48:17.0664 21432 iirsp - ok
18:48:17.0703 21432 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
18:48:17.0720 21432 IKEEXT - ok
18:48:17.0764 21432 [ 4EAE74C8BCBCA309A5D7CBAD7E231427 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:48:17.0954 21432 IntcAzAudAddService - ok
18:48:17.0967 21432 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
18:48:18.0003 21432 intelide - ok
18:48:18.0018 21432 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:48:18.0025 21432 intelppm - ok
18:48:18.0047 21432 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:48:18.0056 21432 IPBusEnum - ok
18:48:18.0077 21432 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:48:18.0083 21432 IpFilterDriver - ok
18:48:18.0121 21432 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:48:18.0127 21432 iphlpsvc - ok
18:48:18.0139 21432 IpInIp - ok
18:48:18.0163 21432 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
18:48:18.0169 21432 IPMIDRV - ok
18:48:18.0181 21432 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
18:48:18.0187 21432 IPNAT - ok
18:48:18.0228 21432 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:48:18.0245 21432 iPod Service - ok
18:48:18.0284 21432 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:48:18.0292 21432 IRENUM - ok
18:48:18.0312 21432 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:48:18.0318 21432 isapnp - ok
18:48:18.0354 21432 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:48:18.0365 21432 iScsiPrt - ok
18:48:18.0377 21432 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
18:48:18.0385 21432 iteatapi - ok
18:48:18.0404 21432 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
18:48:18.0410 21432 iteraid - ok
18:48:18.0428 21432 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:48:18.0433 21432 kbdclass - ok
18:48:18.0454 21432 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:48:18.0462 21432 kbdhid - ok
18:48:18.0507 21432 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
18:48:18.0510 21432 KeyIso - ok
18:48:18.0556 21432 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:48:18.0658 21432 KSecDD - ok
18:48:18.0673 21432 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:48:18.0680 21432 KtmRm - ok
18:48:18.0721 21432 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
18:48:18.0725 21432 LanmanServer - ok
18:48:18.0753 21432 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:48:18.0758 21432 LanmanWorkstation - ok
18:48:18.0786 21432 [ C91206CA84684057118265E8377C77B6 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
18:48:18.0842 21432 LHidFilt - ok
18:48:18.0858 21432 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:48:18.0864 21432 lltdio - ok
18:48:18.0888 21432 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:48:18.0895 21432 lltdsvc - ok
18:48:18.0920 21432 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:48:18.0922 21432 lmhosts - ok
18:48:18.0927 21432 [ 9F03720FA5E6D14CD4DFEA610F2C1A7C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
18:48:19.0002 21432 LMouFilt - ok
18:48:19.0037 21432 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:48:19.0044 21432 LSI_FC - ok
18:48:19.0053 21432 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:48:19.0058 21432 LSI_SAS - ok
18:48:19.0072 21432 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:48:19.0079 21432 LSI_SCSI - ok
18:48:19.0097 21432 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
18:48:19.0100 21432 luafv - ok
18:48:19.0148 21432 [ FB548FF809634BFA866312B37D8A18AE ] LVcKap C:\Windows\system32\DRIVERS\LVcKap.sys
18:48:19.0266 21432 LVcKap - ok
18:48:19.0295 21432 [ 14E4CC4D46169759D874F57604EA6BE5 ] LVCOMSer C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
18:48:19.0299 21432 LVCOMSer - ok
18:48:19.0342 21432 [ FE3FB994F8702D9E37648927819B74B8 ] LVMVDrv C:\Windows\system32\DRIVERS\LVMVDrv.sys
18:48:19.0436 21432 LVMVDrv - ok
18:48:19.0448 21432 [ C7EA51F1AB10B0B2B443F4D5589FC1A5 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys
18:48:19.0531 21432 LVPr2Mon - ok
18:48:19.0540 21432 [ B2D04E813BA12AB179DAF0B9FDECBA3D ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
18:48:19.0544 21432 LVPrcSrv - ok
18:48:19.0557 21432 [ A7A2EF5000007CA361DA1E2B99DF8C57 ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
18:48:19.0606 21432 LVSrvLauncher - ok
18:48:19.0615 21432 [ CAEF4C05BA2C1ACAD4EBCAA4261CD55D ] LVUSBSta C:\Windows\system32\drivers\LVUSBSta.sys
18:48:19.0705 21432 LVUSBSta - ok
18:48:19.0850 21432 [ 485405DE203E88B3FE4294A2EA48D7EE ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.271\McCHSvc.exe
18:48:19.0950 21432 McComponentHostService - ok
18:48:20.0057 21432 [ 7047A47C4476ED8865CACF811A709BA9 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
18:48:20.0062 21432 McMPFSvc - ok
18:48:20.0087 21432 [ 7047A47C4476ED8865CACF811A709BA9 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
18:48:20.0089 21432 mcmscsvc - ok
18:48:20.0096 21432 [ 7047A47C4476ED8865CACF811A709BA9 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
18:48:20.0097 21432 McNaiAnn - ok
18:48:20.0116 21432 [ 7047A47C4476ED8865CACF811A709BA9 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
18:48:20.0118 21432 McNASvc - ok
18:48:20.0215 21432 [ F2424960B82DFCED4FB08596D3EF100A ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
18:48:20.0222 21432 McODS - ok
18:48:20.0228 21432 [ 7047A47C4476ED8865CACF811A709BA9 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
18:48:20.0230 21432 McProxy - ok
18:48:20.0272 21432 [ 6A78931E71218F38B2B4665D2BA79789 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
18:48:20.0277 21432 McShield - ok
18:48:20.0302 21432 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:48:20.0307 21432 Mcx2Svc - ok
18:48:20.0346 21432 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
18:48:20.0350 21432 megasas - ok
18:48:20.0370 21432 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
18:48:20.0383 21432 MegaSR - ok
18:48:20.0416 21432 [ 38995E33939DCA02BEED384C37A0BABB ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
18:48:20.0419 21432 mfeapfk - ok
18:48:20.0433 21432 [ ACB64C134E0FA7124FE67A8CC5F02833 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
18:48:20.0439 21432 mfeavfk - ok
18:48:20.0464 21432 mfeavfk01 - ok
18:48:20.0501 21432 [ FB331E460DBAE41B7CBDD72E690D6DA3 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
18:48:20.0504 21432 mfebopk - ok
18:48:20.0556 21432 [ 8421EF9F71E0595BE68B5D913ED0FE78 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:48:20.0561 21432 mfefire - ok
18:48:20.0577 21432 [ 53891A53ACF0D43088E899DDD7209ACC ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
18:48:20.0585 21432 mfefirek - ok
18:48:20.0604 21432 [ 2F70286021B917F6D69C32C5DB8CD288 ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
18:48:20.0615 21432 mfehidk - ok
18:48:20.0630 21432 [ 9171F3CA5DDD1D6A590B295F90E1E3BB ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
18:48:20.0635 21432 mferkdet - ok
18:48:20.0681 21432 [ 958E4A10C7C2C80714882542934C6912 ] mfevtp C:\Windows\system32\mfevtps.exe
18:48:20.0686 21432 mfevtp - ok
18:48:20.0705 21432 [ 07A474725D2DC08759496F58164795CB ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
18:48:20.0710 21432 mfewfpk - ok
18:48:20.0724 21432 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
18:48:20.0727 21432 MMCSS - ok
18:48:20.0754 21432 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
18:48:20.0762 21432 Modem - ok
18:48:20.0788 21432 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:48:20.0792 21432 monitor - ok
18:48:20.0803 21432 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:48:20.0807 21432 mouclass - ok
18:48:20.0818 21432 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:48:20.0826 21432 mouhid - ok
18:48:20.0835 21432 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
18:48:20.0840 21432 MountMgr - ok
18:48:20.0889 21432 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:48:20.0965 21432 MozillaMaintenance - ok
18:48:20.0990 21432 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
18:48:20.0998 21432 mpio - ok
18:48:21.0023 21432 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:48:21.0032 21432 mpsdrv - ok
18:48:21.0059 21432 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
18:48:21.0068 21432 MpsSvc - ok
18:48:21.0088 21432 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
18:48:21.0095 21432 Mraid35x - ok
18:48:21.0123 21432 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:48:21.0130 21432 MRxDAV - ok
18:48:21.0153 21432 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:48:21.0263 21432 mrxsmb - ok
18:48:21.0297 21432 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:48:21.0382 21432 mrxsmb10 - ok
18:48:21.0395 21432 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:48:21.0479 21432 mrxsmb20 - ok
18:48:21.0496 21432 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
18:48:21.0502 21432 msahci - ok
18:48:21.0528 21432 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:48:21.0535 21432 msdsm - ok
18:48:21.0550 21432 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
18:48:21.0558 21432 MSDTC - ok
18:48:21.0586 21432 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:48:21.0591 21432 Msfs - ok
18:48:21.0600 21432 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:48:21.0603 21432 msisadrv - ok
18:48:21.0638 21432 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:48:21.0649 21432 MSiSCSI - ok
18:48:21.0654 21432 msiserver - ok
18:48:21.0673 21432 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:48:21.0680 21432 MSKSSRV - ok
18:48:21.0696 21432 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:48:21.0698 21432 MSPCLOCK - ok
18:48:21.0705 21432 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:48:21.0710 21432 MSPQM - ok
18:48:21.0729 21432 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:48:21.0738 21432 MsRPC - ok
18:48:21.0748 21432 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:48:21.0753 21432 mssmbios - ok
18:48:21.0777 21432 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:48:21.0783 21432 MSTEE - ok
18:48:21.0805 21432 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
18:48:21.0810 21432 Mup - ok
18:48:21.0838 21432 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
18:48:21.0846 21432 napagent - ok
18:48:21.0883 21432 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:48:21.0892 21432 NativeWifiP - ok
18:48:21.0923 21432 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:48:21.0948 21432 NDIS - ok
18:48:21.0958 21432 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:48:21.0962 21432 NdisTapi - ok
18:48:21.0978 21432 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:48:21.0987 21432 Ndisuio - ok
18:48:22.0000 21432 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:48:22.0009 21432 NdisWan - ok
18:48:22.0026 21432 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:48:22.0031 21432 NDProxy - ok
18:48:22.0044 21432 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:48:22.0052 21432 NetBIOS - ok
18:48:22.0082 21432 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
18:48:22.0090 21432 netbt - ok
18:48:22.0105 21432 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
18:48:22.0107 21432 Netlogon - ok
18:48:22.0135 21432 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
18:48:22.0141 21432 Netman - ok
18:48:22.0157 21432 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
18:48:22.0163 21432 netprofm - ok
18:48:22.0174 21432 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:48:22.0179 21432 NetTcpPortSharing - ok
18:48:22.0203 21432 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:48:22.0209 21432 nfrd960 - ok
18:48:22.0228 21432 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:48:22.0232 21432 NlaSvc - ok
18:48:22.0237 21432 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:48:22.0239 21432 Npfs - ok
18:48:22.0251 21432 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
18:48:22.0254 21432 nsi - ok
18:48:22.0265 21432 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:48:22.0269 21432 nsiproxy - ok
18:48:22.0307 21432 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:48:22.0359 21432 Ntfs - ok
18:48:22.0375 21432 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
18:48:22.0380 21432 ntrigdigi - ok
18:48:22.0394 21432 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
18:48:22.0400 21432 Null - ok
18:48:22.0418 21432 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:48:22.0424 21432 nvraid - ok
18:48:22.0435 21432 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:48:22.0439 21432 nvstor - ok
18:48:22.0457 21432 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:48:22.0463 21432 nv_agp - ok
18:48:22.0467 21432 NwlnkFlt - ok
18:48:22.0472 21432 NwlnkFwd - ok
18:48:22.0488 21432 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:48:22.0493 21432 ohci1394 - ok
18:48:22.0524 21432 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
18:48:22.0555 21432 p2pimsvc - ok
18:48:22.0568 21432 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
18:48:22.0575 21432 p2psvc - ok
18:48:22.0597 21432 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
18:48:22.0603 21432 Parport - ok
18:48:22.0618 21432 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:48:22.0745 21432 partmgr - ok
18:48:22.0766 21432 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:48:22.0802 21432 Parvdm - ok
18:48:22.0820 21432 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
18:48:22.0825 21432 PcaSvc - ok
18:48:22.0850 21432 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
18:48:22.0855 21432 pci - ok
18:48:22.0892 21432 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
18:48:22.0896 21432 pciide - ok
18:48:22.0923 21432 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:48:22.0930 21432 pcmcia - ok
18:48:22.0967 21432 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:48:23.0037 21432 PEAUTH - ok
18:48:23.0099 21432 [ D2D2FA02B722336960EEAE0AE7107891 ] PID_0928 C:\Windows\system32\DRIVERS\LV561AV.SYS
18:48:23.0241 21432 PID_0928 - ok
18:48:23.0273 21432 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
18:48:23.0298 21432 pla - ok
18:48:23.0325 21432 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:48:23.0331 21432 PlugPlay - ok
18:48:23.0342 21432 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
18:48:23.0347 21432 PNRPAutoReg - ok
18:48:23.0359 21432 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
18:48:23.0365 21432 PNRPsvc - ok
18:48:23.0385 21432 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:48:23.0392 21432 PolicyAgent - ok
18:48:23.0408 21432 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:48:23.0414 21432 PptpMiniport - ok
18:48:23.0437 21432 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
18:48:23.0442 21432 Processor - ok
18:48:23.0466 21432 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
18:48:23.0470 21432 ProfSvc - ok
18:48:23.0479 21432 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:48:23.0481 21432 ProtectedStorage - ok
18:48:23.0508 21432 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
18:48:23.0511 21432 PSched - ok
18:48:23.0537 21432 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
18:48:23.0618 21432 PxHelp20 - ok
18:48:23.0658 21432 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:48:23.0693 21432 ql2300 - ok
18:48:23.0706 21432 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:48:23.0711 21432 ql40xx - ok
18:48:23.0749 21432 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
18:48:23.0759 21432 QWAVE - ok
18:48:23.0772 21432 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:48:23.0781 21432 QWAVEdrv - ok
18:48:23.0835 21432 [ E615E3C567FBD10121723EFF09D26B00 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
18:48:23.0851 21432 R300 - ok
18:48:23.0869 21432 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:48:23.0877 21432 RasAcd - ok
18:48:23.0891 21432 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
18:48:23.0897 21432 RasAuto - ok
18:48:23.0910 21432 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:48:23.0916 21432 Rasl2tp - ok
18:48:23.0933 21432 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
18:48:23.0941 21432 RasMan - ok
18:48:23.0958 21432 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:48:23.0964 21432 RasPppoe - ok
18:48:23.0987 21432 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:48:23.0996 21432 RasSstp - ok
18:48:24.0026 21432 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:48:24.0038 21432 rdbss - ok
18:48:24.0052 21432 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:48:24.0056 21432 RDPCDD - ok
18:48:24.0088 21432 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
18:48:24.0097 21432 rdpdr - ok
18:48:24.0103 21432 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:48:24.0109 21432 RDPENCDD - ok
18:48:24.0151 21432 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:48:24.0265 21432 RDPWD - ok
18:48:24.0322 21432 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:48:24.0327 21432 RemoteAccess - ok
18:48:24.0341 21432 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:48:24.0347 21432 RemoteRegistry - ok
18:48:24.0370 21432 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
18:48:24.0376 21432 RpcLocator - ok
18:48:24.0394 21432 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
18:48:24.0399 21432 RpcSs - ok
18:48:24.0408 21432 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:48:24.0413 21432 rspndr - ok
18:48:24.0418 21432 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
18:48:24.0420 21432 SamSs - ok
18:48:24.0438 21432 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:48:24.0444 21432 sbp2port - ok
18:48:24.0463 21432 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:48:24.0469 21432 SCardSvr - ok
18:48:24.0495 21432 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
18:48:24.0500 21432 Schedule - ok
18:48:24.0519 21432 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:48:24.0520 21432 SCPolicySvc - ok
18:48:24.0542 21432 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:48:24.0549 21432 SDRSVC - ok
18:48:24.0584 21432 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:48:24.0589 21432 secdrv - ok
18:48:24.0595 21432 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
18:48:24.0599 21432 seclogon - ok
18:48:24.0615 21432 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
18:48:24.0624 21432 SENS - ok
18:48:24.0634 21432 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:48:24.0640 21432 Serenum - ok
18:48:24.0664 21432 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
18:48:24.0673 21432 Serial - ok
18:48:24.0695 21432 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:48:24.0700 21432 sermouse - ok
18:48:24.0723 21432 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
18:48:24.0728 21432 SessionEnv - ok
18:48:24.0739 21432 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:48:24.0743 21432 sffdisk - ok
18:48:24.0764 21432 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:48:24.0816 21432 sffp_mmc - ok
18:48:24.0846 21432 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:48:24.0852 21432 sffp_sd - ok
18:48:24.0871 21432 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:48:24.0878 21432 sfloppy - ok
18:48:24.0902 21432 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:48:24.0913 21432 SharedAccess - ok
18:48:24.0965 21432 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:48:24.0973 21432 ShellHWDetection - ok
18:48:24.0992 21432 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:48:24.0996 21432 sisagp - ok
18:48:25.0008 21432 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
18:48:25.0017 21432 SiSRaid2 - ok
18:48:25.0058 21432 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:48:25.0063 21432 SiSRaid4 - ok
18:48:25.0137 21432 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:48:25.0144 21432 SkypeUpdate - ok
18:48:25.0227 21432 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
18:48:25.0285 21432 slsvc - ok
18:48:25.0313 21432 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
18:48:25.0321 21432 SLUINotify - ok
18:48:25.0343 21432 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:48:25.0348 21432 Smb - ok
18:48:25.0362 21432 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:48:25.0369 21432 SNMPTRAP - ok
18:48:25.0384 21432 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
18:48:25.0391 21432 spldr - ok
18:48:25.0432 21432 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
18:48:25.0438 21432 Spooler - ok
18:48:25.0487 21432 sprtsvc_verizondm - ok
18:48:25.0531 21432 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:48:25.0666 21432 srv - ok
18:48:25.0707 21432 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:48:25.0791 21432 srv2 - ok
18:48:25.0834 21432 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:48:25.0880 21432 srvnet - ok
18:48:25.0894 21432 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:48:25.0899 21432 SSDPSRV - ok
18:48:25.0912 21432 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:48:25.0917 21432 SstpSvc - ok
18:48:25.0945 21432 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
18:48:25.0954 21432 stisvc - ok
18:48:25.0984 21432 [ 1D0063597C3666404FCF97698ABEB019 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
18:48:26.0052 21432 stllssvr - ok
18:48:26.0062 21432 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:48:26.0067 21432 swenum - ok
18:48:26.0095 21432 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
18:48:26.0104 21432 swprv - ok
18:48:26.0126 21432 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
18:48:26.0134 21432 Symc8xx - ok
18:48:26.0156 21432 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
18:48:26.0161 21432 Sym_hi - ok
18:48:26.0174 21432 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
18:48:26.0181 21432 Sym_u3 - ok
18:48:26.0237 21432 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
18:48:26.0254 21432 SysMain - ok
18:48:26.0275 21432 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:48:26.0280 21432 TabletInputService - ok
18:48:26.0307 21432 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:48:26.0319 21432 TapiSrv - ok
18:48:26.0331 21432 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
18:48:26.0335 21432 TBS - ok
18:48:26.0391 21432 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:48:26.0497 21432 Tcpip - ok
18:48:26.0516 21432 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
18:48:26.0523 21432 Tcpip6 - ok
18:48:26.0562 21432 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:48:26.0567 21432 tcpipreg - ok
18:48:26.0576 21432 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:48:26.0581 21432 TDPIPE - ok
18:48:26.0606 21432 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:48:26.0612 21432 TDTCP - ok
18:48:26.0634 21432 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:48:26.0640 21432 tdx - ok
18:48:26.0661 21432 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:48:26.0667 21432 TermDD - ok
18:48:26.0687 21432 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
18:48:26.0696 21432 TermService - ok
18:48:26.0713 21432 tgsrvc_verizondm - ok
18:48:26.0739 21432 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
18:48:26.0741 21432 Themes - ok
18:48:26.0754 21432 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
18:48:26.0757 21432 THREADORDER - ok
18:48:26.0852 21432 [ F3D82327F5F57973E177438A22501C77 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
18:48:26.0923 21432 TomTomHOMEService - ok
18:48:26.0959 21432 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
18:48:26.0963 21432 TrkWks - ok
18:48:26.0983 21432 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:48:26.0985 21432 TrustedInstaller - ok
18:48:27.0007 21432 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:48:27.0012 21432 tssecsrv - ok
18:48:27.0033 21432 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
18:48:27.0037 21432 tunmp - ok
18:48:27.0068 21432 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:48:27.0074 21432 tunnel - ok
18:48:27.0095 21432 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:48:27.0100 21432 uagp35 - ok
18:48:27.0118 21432 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:48:27.0127 21432 udfs - ok
18:48:27.0153 21432 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:48:27.0159 21432 UI0Detect - ok
18:48:27.0183 21432 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:48:27.0188 21432 uliagpkx - ok
18:48:27.0200 21432 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
18:48:27.0207 21432 uliahci - ok
18:48:27.0218 21432 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
18:48:27.0225 21432 UlSata - ok
18:48:27.0238 21432 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
18:48:27.0246 21432 ulsata2 - ok
18:48:27.0270 21432 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:48:27.0277 21432 umbus - ok
18:48:27.0293 21432 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
18:48:27.0301 21432 upnphost - ok
18:48:27.0314 21432 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:48:27.0323 21432 usbccgp - ok
18:48:27.0347 21432 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:48:27.0355 21432 usbcir - ok
18:48:27.0379 21432 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:48:27.0382 21432 usbehci - ok
18:48:27.0401 21432 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:48:27.0409 21432 usbhub - ok
18:48:27.0421 21432 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:48:27.0426 21432 usbohci - ok
18:48:27.0446 21432 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:48:27.0455 21432 usbprint - ok
18:48:27.0488 21432 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:48:27.0494 21432 usbscan - ok
18:48:27.0510 21432 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:48:27.0517 21432 USBSTOR - ok
18:48:27.0537 21432 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:48:27.0543 21432 usbuhci - ok
18:48:27.0559 21432 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
18:48:27.0563 21432 UxSms - ok
18:48:27.0591 21432 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
18:48:27.0608 21432 vds - ok
18:48:27.0622 21432 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:48:27.0626 21432 vga - ok
18:48:27.0644 21432 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
18:48:27.0653 21432 VgaSave - ok
18:48:27.0677 21432 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:48:27.0685 21432 viaagp - ok
18:48:27.0699 21432 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:48:27.0705 21432 ViaC7 - ok
18:48:27.0723 21432 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
18:48:27.0729 21432 viaide - ok
18:48:27.0735 21432 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:48:27.0742 21432 volmgr - ok
18:48:27.0780 21432 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:48:27.0790 21432 volmgrx - ok
18:48:27.0823 21432 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:48:27.0843 21432 volsnap - ok
18:48:27.0878 21432 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:48:27.0884 21432 vsmraid - ok
18:48:27.0922 21432 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
18:48:27.0998 21432 VSS - ok
18:48:28.0016 21432 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
18:48:28.0025 21432 W32Time - ok
18:48:28.0039 21432 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:48:28.0043 21432 WacomPen - ok
18:48:28.0061 21432 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
18:48:28.0070 21432 Wanarp - ok
18:48:28.0075 21432 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:48:28.0077 21432 Wanarpv6 - ok
18:48:28.0098 21432 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:48:28.0121 21432 wcncsvc - ok
18:48:28.0137 21432 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:48:28.0144 21432 WcsPlugInService - ok
18:48:28.0168 21432 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
18:48:28.0172 21432 Wd - ok
18:48:28.0200 21432 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:48:28.0218 21432 Wdf01000 - ok
18:48:28.0230 21432 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:48:28.0235 21432 WdiServiceHost - ok
18:48:28.0240 21432 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:48:28.0244 21432 WdiSystemHost - ok
18:48:28.0263 21432 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
18:48:28.0270 21432 WebClient - ok
18:48:28.0288 21432 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:48:28.0301 21432 Wecsvc - ok
18:48:28.0308 21432 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:48:28.0312 21432 wercplsupport - ok
18:48:28.0325 21432 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
18:48:28.0331 21432 WerSvc - ok
18:48:28.0365 21432 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:48:28.0378 21432 WinDefend - ok
18:48:28.0387 21432 WinHttpAutoProxySvc - ok
18:48:28.0463 21432 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:48:28.0467 21432 Winmgmt - ok
18:48:28.0495 21432 [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM C:\Windows\system32\WsmSvc.dll
18:48:28.0532 21432 WinRM - ok
18:48:28.0571 21432 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:48:28.0597 21432 Wlansvc - ok
18:48:28.0621 21432 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:48:28.0629 21432 WmiAcpi - ok
18:48:28.0665 21432 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:48:28.0673 21432 wmiApSrv - ok
18:48:28.0699 21432 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:48:28.0725 21432 WMPNetworkSvc - ok
18:48:28.0743 21432 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:48:28.0752 21432 WPCSvc - ok
18:48:28.0766 21432 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:48:28.0792 21432 WPDBusEnum - ok
18:48:28.0811 21432 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:48:28.0816 21432 ws2ifsl - ok
18:48:28.0838 21432 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
18:48:28.0843 21432 wscsvc - ok
18:48:28.0849 21432 WSearch - ok
18:48:28.0974 21432 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:48:29.0016 21432 wuauserv - ok
18:48:29.0037 21432 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:48:29.0045 21432 WUDFRd - ok
18:48:29.0066 21432 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:48:29.0070 21432 wudfsvc - ok
18:48:29.0076 21432 ================ Scan global ===============================
18:48:29.0159 21432 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
18:48:29.0203 21432 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:48:29.0267 21432 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
18:48:29.0298 21432 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
18:48:29.0306 21432 [Global] - ok
18:48:29.0307 21432 ================ Scan MBR ==================================
18:48:29.0317 21432 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
18:48:29.0469 21432 \Device\Harddisk0\DR0 - ok
18:48:29.0469 21432 ================ Scan VBR ==================================
18:48:29.0485 21432 [ 9CE85E27988B47C09E68EEF98E70C596 ] \Device\Harddisk0\DR0\Partition1
18:48:29.0488 21432 \Device\Harddisk0\DR0\Partition1 - ok
18:48:29.0492 21432 [ 13C744A4FF0B6AE5B81D5F8324A06968 ] \Device\Harddisk0\DR0\Partition2
18:48:29.0494 21432 \Device\Harddisk0\DR0\Partition2 - ok
18:48:29.0494 21432 ============================================================
18:48:29.0494 21432 Scan finished
18:48:29.0494 21432 ============================================================
18:48:29.0508 18036 Detected object count: 0
18:48:29.0508 18036 Actual detected object count: 0

Edited by lonnie0000, 01 September 2012 - 08:20 PM.


#4 lonnie0000

lonnie0000
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 01 September 2012 - 08:19 PM

aswMBR scan results:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-01 18:58:45
-----------------------------
18:58:45.632 OS Version: Windows 6.0.6002 Service Pack 2
18:58:45.632 Number of processors: 2 586 0x1706
18:58:45.633 ComputerName: LIONELL-PC UserName: lionell
18:59:01.883 Initialize success
19:07:47.464 AVAST engine defs: 12090101
19:09:14.331 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:09:14.335 Disk 0 Vendor: ST3500620AS DE12 Size: 476940MB BusType: 3
19:09:14.348 Disk 0 MBR read successfully
19:09:14.350 Disk 0 MBR scan
19:09:14.356 Disk 0 Windows VISTA default MBR code
19:09:14.359 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
19:09:14.374 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 112640
19:09:14.390 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 466644 MB offset 21084160
19:09:14.398 Disk 0 scanning sectors +976771072
19:09:14.497 Disk 0 scanning C:\Windows\system32\drivers
19:09:27.120 Service scanning
19:09:47.225 Modules scanning
19:10:05.718 Disk 0 trace - called modules:
19:10:05.735 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
19:10:05.740 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86970488]
19:10:05.746 3 CLASSPNP.SYS[89bac8b3] -> nt!IofCallDriver -> [0x8680e918]
19:10:05.751 5 acpi.sys[806996bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x867deb98]
19:10:08.107 AVAST engine scan C:\Windows
19:10:14.400 AVAST engine scan C:\Windows\system32
19:15:55.299 AVAST engine scan C:\Windows\system32\drivers
19:16:12.856 AVAST engine scan C:\Users\lionell
19:29:26.746 AVAST engine scan C:\ProgramData
19:34:01.376 Scan finished successfully
19:34:44.020 Disk 0 MBR has been saved successfully to "C:\Users\lionell\Desktop\MBR.dat"
19:34:44.026 The log file has been saved successfully to "C:\Users\lionell\Desktop\aswMBR.txt"





ESET Online Scanner results:


C:\$RECYCLE.BIN\S-1-5-21-4074928056-3507404200-1058554178-1000\$RFM63QE.exe Win32/LockScreen.AMD trojan cleaned by deleting - quarantined

Edited by lonnie0000, 01 September 2012 - 08:21 PM.


#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:26 PM

Posted 01 September 2012 - 08:27 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#6 lonnie0000

lonnie0000
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 02 September 2012 - 06:13 PM

MiniToolBox by Farbar Version: 23-07-2012
Ran by lionell (administrator) on 02-09-2012 at 18:51:08
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : lionell-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : westell.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection
Physical Address. . . . . . . . . : 00-1D-09-9D-82-1B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::915:f5a2:a70f:f203%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.15(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, September 02, 2012 6:17:08 PM
Lease Expires . . . . . . . . . . : Monday, September 03, 2012 6:17:08 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 251665673
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-10-37-CF-2E-00-1D-09-9D-82-1B
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : westell.com
Description . . . . . . . . . . . : isatap.westell.com
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:18b9:2cc4:3f57:fef0(Preferred)
Link-local IPv6 Address . . . . . : fe80::18b9:2cc4:3f57:fef0%10(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dslrouter.westell.com
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4004:800::1002
74.125.228.14
74.125.228.5
74.125.228.4
74.125.228.7
74.125.228.1
74.125.228.9
74.125.228.0
74.125.228.8
74.125.228.6
74.125.228.2
74.125.228.3



Pinging google.com [74.125.228.3] with 32 bytes of data:

Reply from 74.125.228.3: bytes=32 time=583ms TTL=55

Reply from 74.125.228.3: bytes=32 time=50ms TTL=55



Ping statistics for 74.125.228.3:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 50ms, Maximum = 583ms, Average = 316ms

Server: dslrouter.westell.com
Address: 192.168.1.1

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=218ms TTL=49

Reply from 98.139.183.24: bytes=32 time=87ms TTL=50



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 87ms, Maximum = 218ms, Average = 152ms

Server: dslrouter.westell.com
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
11 ...00 1d 09 9d 82 1b ...... Intel® 82562V-2 10/100 Network Connection
1 ........................... Software Loopback Interface 1
12 ...00 00 00 00 00 00 00 e0 isatap.westell.com
10 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.15 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.15 276
192.168.1.15 255.255.255.255 On-link 192.168.1.15 276
192.168.1.255 255.255.255.255 On-link 192.168.1.15 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.15 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.15 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
10 18 ::/0 On-link
1 306 ::1/128 On-link
10 18 2001::/32 On-link
10 266 2001:0:9d38:953c:18b9:2cc4:3f57:fef0/128
On-link
11 276 fe80::/64 On-link
10 266 fe80::/64 On-link
11 276 fe80::915:f5a2:a70f:f203/128
On-link
10 266 fe80::18b9:2cc4:3f57:fef0/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
11 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/02/2012 06:24:28 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/02/2012 06:24:28 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/02/2012 06:18:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2012 06:15:51 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (09/02/2012 04:39:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2012 03:59:44 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (09/02/2012 03:59:44 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/31/2012 09:07:58 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/31/2012 09:07:58 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Error: (08/31/2012 07:24:10 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7971


System errors:
=============
Error: (09/02/2012 06:18:52 PM) (Source: Service Control Manager) (User: )
Description: dldtCATSCustConnectService%%1053

Error: (09/02/2012 06:18:52 PM) (Source: Service Control Manager) (User: )
Description: 30000dldtCATSCustConnectService

Error: (09/02/2012 04:39:11 PM) (Source: Service Control Manager) (User: )
Description: dldtCATSCustConnectService%%1053

Error: (09/02/2012 04:39:11 PM) (Source: Service Control Manager) (User: )
Description: 30000dldtCATSCustConnectService

Error: (09/01/2012 01:45:37 PM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053

Error: (09/01/2012 01:45:37 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search

Error: (09/01/2012 01:45:37 PM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (08/30/2012 00:59:53 PM) (Source: Service Control Manager) (User: )
Description: McAfee McShield150001Restart the service

Error: (08/29/2012 10:19:11 PM) (Source: Service Control Manager) (User: )
Description: dldtCATSCustConnectService%%1053

Error: (08/29/2012 10:19:11 PM) (Source: Service Control Manager) (User: )
Description: 30000dldtCATSCustConnectService


Microsoft Office Sessions:
=========================
Error: (09/02/2012 06:24:28 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK

Error: (09/02/2012 06:24:28 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK

Error: (09/02/2012 06:18:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2012 06:15:51 PM) (Source: EventSystem)(User: )
Description: 80070005EventSystem.EventSubscription{CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (09/02/2012 04:39:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/02/2012 03:59:44 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK

Error: (09/02/2012 03:59:44 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK

Error: (08/31/2012 09:07:58 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK

Error: (08/31/2012 09:07:58 PM) (Source: Windows Search Service)(User: )
Description: Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)
C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\MCAFEE\MCAFEE INTERNET SECURITY.LNK

Error: (08/31/2012 07:24:10 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7971


=========================== Installed Programs ============================

7-Zip 4.65
Acrobat.com (Version: 1.7.186)
Adobe AIR (Version: 1.5.3.9120)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.5 (Version: 11.5.7.609)
AIM 7
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.007.0731.2233)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center Core Implementation (Version: 2007.0731.2234.38497)
Catalyst Control Center Graphics Full Existing (Version: 2007.0731.2234.38497)
Catalyst Control Center Graphics Full New (Version: 2007.0731.2234.38497)
Catalyst Control Center Graphics Light (Version: 2007.0731.2234.38497)
Catalyst Control Center Graphics Previews Common (Version: 2007.0731.2234.38497)
Catalyst Control Center Graphics Previews Vista (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization Chinese Standard (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization Chinese Traditional (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization French (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization German (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization Hungarian (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization Italian (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization Japanese (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization Korean (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization Polish (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization Portuguese (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization Spanish (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization Thai (Version: 2007.0731.2234.38497)
Catalyst Control Center Localization Turkish (Version: 2007.0731.2234.38497)
ccc-core-static (Version: 2007.0731.2234.38497)
ccc-utility (Version: 2007.0731.2234.38497)
CCC Help Chinese Standard (Version: 2007.0731.2233.38497)
CCC Help Chinese Traditional (Version: 2007.0731.2233.38497)
CCC Help English (Version: 2007.0731.2233.38497)
CCC Help French (Version: 2007.0731.2233.38497)
CCC Help German (Version: 2007.0731.2233.38497)
CCC Help Hungarian (Version: 2007.0731.2233.38497)
CCC Help Italian (Version: 2007.0731.2233.38497)
CCC Help Japanese (Version: 2007.0731.2233.38497)
CCC Help Korean (Version: 2007.0731.2233.38497)
CCC Help Polish (Version: 2007.0731.2233.38497)
CCC Help Portuguese (Version: 2007.0731.2233.38497)
CCC Help Spanish (Version: 2007.0731.2233.38497)
CCC Help Thai (Version: 2007.0731.2233.38497)
CCC Help Turkish (Version: 2007.0731.2233.38497)
CCleaner (Version: 3.22)
CDDRV_Installer (Version: 1.00.0000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Dell-eBay (Version: 1.00.0000)
Dell Best of Web (Version: 1.00.0000)
Dell DataSafe Online (Version: 1.0.21)
Dell Dock (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Version: 2.1.08060)
Dell V305
DivX Plus DirectShow Filters
DivX Setup (Version: 2.6.0.34)
Download Updater (AOL LLC)
EDocs
ESET Online Scanner v3
Google Chrome (Version: 21.0.1180.89)
HitmanPro 3.6 (Version: 3.6.1.164)
IHA_MessageCenter (Version: 1.8.8)
Intel® PRO Network Connections 12.1.11.0 (Version: )
iTunes (Version: 10.6.1.7)
Java 7 Update 7 (Version: 7.0.70)
Java Auto Updater (Version: 2.1.9.0)
KhalSetup (Version: 3.30.165)
Logitech Audio Echo Cancellation Component (Version: 10.51.2027)
Logitech Desktop Messenger (Version: 2.52.18)
Logitech QuickCam (Version: 11.10.2030)
Logitech SetPoint (Version: 3.3)
Logitech Video Enumerator (Version: 10.51.2027)
Logitech® Camera Driver
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
McAfee Internet Security (Version: 11.6.385)
McAfee Security Scan Plus (Version: 3.0.271.4)
McAfee Virtual Technician (Version: 6.5.0.2101)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 9.7.0621)
Missing
Mozilla Firefox 15.0 (x86 en-US) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MVision (Version: 11.10.2030)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
QualXServ Service Agreement (Version: 2.0.0)
QuickTime (Version: 7.71.80.42)
Realtek High Definition Audio Driver
ResScan (Version: 3.11)
Roxio Creator Audio (Version: 3.7.0)
Roxio Creator Copy (Version: 3.7.0)
Roxio Creator Data (Version: 3.7.0)
Roxio Creator DE (Version: 10.1)
Roxio Creator DE (Version: 3.7.0)
Roxio Creator Tools (Version: 3.7.0)
Roxio Express Labeler 3 (Version: 3.2.1)
Roxio Update Manager (Version: 6.0.0)
Safari (Version: 5.34.55.3)
Shared C Run-time for x86 (Version: 10.0.0)
Skins (Version: 2007.0731.2234.38497)
Skype™ 5.10 (Version: 5.10.116)
TomTom HOME 2.8.3.2458 (Version: 2.8.3.2458)
TomTom HOME Visual Studio Merge Modules (Version: 1.0.2)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Verizon Download Manager (Version: 15)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Vz In Home Agent (Version: 8.03.53)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Yahoo! Messenger

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 2045.45 MB
Available physical RAM: 998.5 MB
Total Pagefile: 4335.88 MB
Available Pagefile: 2981.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.89 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:455.71 GB) (Free:410.49 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.95 GB) NTFS

========================= Users: ========================================

User accounts for \\LIONELL-PC

Administrator Guest lionell


**** End of log ****






Farbar Service Scanner Version: 06-08-2012
Ran by lionell (administrator) on 02-09-2012 at 18:55:20
Running from "C:\Users\lionell\Desktop"
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll
[2008-01-20 22:24] - [2008-01-20 22:24] - 0288256 ____A (Microsoft Corporation) E1499BD0FF76B1B2FBBF1AF339D91165

C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****





# AdwCleaner v2.000 - Logfile created 09/02/2012 at 18:58:02
# Updated 30/08/2012 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : lionell - LIONELL-PC
# Boot Mode : Normal
# Running from : C:\Users\lionell\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Viewpoint
Folder Deleted : C:\Users\lionell\AppData\LocalLow\wxDfast

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\Software\IM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4B3803EA-5230-4DC3-A7FC-33638F3D3542}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.19298

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0 (en-US)

Profile name : default
File : C:\Users\lionell\AppData\Roaming\Mozilla\Firefox\Profiles\zi52srue.default\prefs.js

C:\Users\lionell\AppData\Roaming\Mozilla\Firefox\Profiles\zi52srue.default\user.js ... Deleted !

Deleted : user_pref("extensions.4f84414b087e1.scode", "\n(function(){var bdomains={\"premiumreports.info\":1,\[...]
Deleted : user_pref("extensions.skipscreen.hostMatchStr", "hxxp://www.4shared.com/(get|audio|file|document|dir[...]

-\\ Google Chrome v21.0.1180.89

File : C:\Users\lionell\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4238 octets] - [02/09/2012 18:58:02]

########## EOF - C:\AdwCleaner[S1].txt - [4298 octets] ##########

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:26 PM

Posted 02 September 2012 - 09:45 PM

Malwarebytes log?


download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

#8 lonnie0000

lonnie0000
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 03 September 2012 - 09:05 PM

Sorry, here is the Malwarebytes log:


Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.02.06

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19298
lionell :: LIONELL-PC [administrator]

9/2/2012 4:40:05 PM
mbam-log-2012-09-02 (16-40-05).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 338174
Time elapsed: 1 hour(s), 26 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)




RKILL log:


Rkill 2.3.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/03/2012 10:03:17 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.com "@" has been changed to ComFile!
* HKLM\Software\Classes\.com "@" was reset to comfile!


Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Automatic

* msiserver => %systemroot%\system32\msiexec.exe /V [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/03/2012 10:03:32 PM
Execution time: 0 hours(s), 0 minute(s), and 15 seconds(s)

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:26 PM

Posted 04 September 2012 - 12:03 AM

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows-vista/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your flash player

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#10 lonnie0000

lonnie0000
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 07 September 2012 - 11:50 AM

Thanks for your help narenxp, I appreciate it.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:26 PM

Posted 07 September 2012 - 12:48 PM

You're welcome :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users