Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Popups/Advertisements and More


  • This topic is locked This topic is locked
64 replies to this topic

#31 vmonti

vmonti
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 14 January 2014 - 01:53 PM

I tried to run TDSSKILLEWR.exe and got a security threat and a message showing a failure.

I also attempted to run FRST again and got a security threat warning and then a failure. I tried both 32bit and 64bit downloads.

I can't seam to down load what you requested. FRST.exe was attempted using the icon on my desk top.



BC AdBot (Login to Remove)

 


#32 TheShooter93

TheShooter93

    Cody


  • Malware Study Hall Senior
  • 4,332 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:08:18 PM

Posted 16 January 2014 - 12:50 AM

Hello vmonti,

 

What does the "security threat message" say? Is there any recognizable icon or text to help me identify what is blocking this process?

 

Lastly, if possible, can you provide me with a screenshot of this security threat message?

 

I have provided instructions on how to take a screenshot below.

 

----------------------------------------------------------------------------------------------------------------

 

To take a screenshot,

 

1- Hit the Prntscrn key on your keyboard. This will copy your entire screen to the clipboard. Hitting ALT + Prntscrn will only copy the active window.

 

2- Open Paint (Press and hold the Windows button + R on your keyboard and in the Run box type mspaint and click OK).

 

3- Select "Edit".

 

4- Click on "Paste".

 

5- Select "File".

 

6- Click on "Save As...".

 

7- Save your screenshot as a JPEG file.

 

8- Attach the screenshot to your next post.


Network+ Certified | Senior at UCF pursuing Information Technology B.S. | System Administrator

Please note that I am currently in training. All malware related posts must first be approved by an instructor. This may cause a delay.


#33 vmonti

vmonti
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 19 January 2014 - 04:32 PM

Kaspersky TDSSKiller after scan shows No threats found. I cant copy and paste message. Nor can I drag it to this reply log. If I try to highlight the report it will not highlight or copy and paste. This is all after running a new scan.  



#34 TheShooter93

TheShooter93

    Cody


  • Malware Study Hall Senior
  • 4,332 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:08:18 PM

Posted 20 January 2014 - 01:59 AM

Hello vmonti,

 

Thanks for letting us know of the results, but getting the screenshot and other information I requested in post #32 would still be helpful.

 

It may aid in figuring out exactly what malware is on your system.


Network+ Certified | Senior at UCF pursuing Information Technology B.S. | System Administrator

Please note that I am currently in training. All malware related posts must first be approved by an instructor. This may cause a delay.


#35 vmonti

vmonti
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 22 January 2014 - 06:14 PM

Here is the original TDSS Killer log:

 

12:14:44.0671 1752  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:14:51.0984 1752  ============================================================
12:14:51.0984 1752  Current date / time: 2014/01/17 12:14:51.0984
12:14:51.0984 1752  SystemInfo:
12:14:51.0984 1752  
12:14:51.0984 1752  OS Version: 5.1.2600 ServicePack: 3.0
12:14:51.0984 1752  Product type: Workstation
12:14:51.0984 1752  ComputerName: OFFICECOMPUTER
12:14:51.0984 1752  UserName: Vincent Sr
12:14:51.0984 1752  Windows directory: C:\WINDOWS
12:14:51.0984 1752  System windows directory: C:\WINDOWS
12:14:51.0984 1752  Processor architecture: Intel x86
12:14:51.0984 1752  Number of processors: 2
12:14:51.0984 1752  Page size: 0x1000
12:14:51.0984 1752  Boot type: Normal boot
12:14:51.0984 1752  ============================================================
12:14:53.0265 1752  Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:14:53.0265 1752  Drive \Device\Harddisk1\DR2 - Size: 0x7AF00000 (1.92 Gb), SectorSize: 0x200, Cylinders: 0xFA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:14:53.0265 1752  ============================================================
12:14:53.0265 1752  \Device\Harddisk0\DR0:
12:14:53.0265 1752  MBR partitions:
12:14:53.0265 1752  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A7D53F
12:14:53.0265 1752  \Device\Harddisk1\DR2:
12:14:53.0265 1752  MBR partitions:
12:14:53.0265 1752  \Device\Harddisk1\DR2\Partition1: MBR, Type 0xE, StartLBA 0x20, BlocksNum 0x3D77E0
12:14:53.0265 1752  ============================================================
12:14:53.0312 1752  C: <-> \Device\Harddisk0\DR0\Partition1
12:14:53.0312 1752  ============================================================
12:14:53.0312 1752  Initialize success
12:14:53.0312 1752  ============================================================
12:15:30.0890 2260  ============================================================
12:15:30.0890 2260  Scan started
12:15:30.0890 2260  Mode: Manual;
12:15:30.0890 2260  ============================================================
12:15:31.0125 2260  ================ Scan system memory ========================
12:15:31.0125 2260  System memory - ok
12:15:31.0125 2260  ================ Scan services =============================
12:15:31.0187 2260  Abiosdsk - ok
12:15:31.0203 2260  abp480n5 - ok
12:15:31.0250 2260  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:15:31.0250 2260  ACPI - ok
12:15:31.0296 2260  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
12:15:31.0296 2260  ACPIEC - ok
12:15:31.0375 2260  [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:15:31.0390 2260  AdobeFlashPlayerUpdateSvc - ok
12:15:31.0390 2260  adpu160m - ok
12:15:31.0421 2260  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
12:15:31.0421 2260  aec - ok
12:15:31.0468 2260  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
12:15:31.0484 2260  AFD - ok
12:15:31.0484 2260  Aha154x - ok
12:15:31.0500 2260  aic78u2 - ok
12:15:31.0500 2260  aic78xx - ok
12:15:31.0546 2260  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
12:15:31.0546 2260  Alerter - ok
12:15:31.0578 2260  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
12:15:31.0578 2260  ALG - ok
12:15:31.0578 2260  AliIde - ok
12:15:31.0593 2260  amsint - ok
12:15:31.0609 2260  AppMgmt - ok
12:15:31.0609 2260  asc - ok
12:15:31.0625 2260  asc3350p - ok
12:15:31.0625 2260  asc3550 - ok
12:15:31.0718 2260  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:15:31.0765 2260  aspnet_state - ok
12:15:31.0796 2260  [ 6F1505608202BBD179095A6A150D103F ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
12:15:31.0796 2260  aswMonFlt - ok
12:15:31.0843 2260  [ B269C41DF93EFF71DF0986BD982D1C46 ] AswRdr          C:\WINDOWS\system32\drivers\aswRdr.sys
12:15:31.0843 2260  AswRdr - ok
12:15:31.0859 2260  [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
12:15:31.0859 2260  aswRvrt - ok
12:15:31.0921 2260  [ 0F639D0526820BA7872C963813E0EB8D ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
12:15:31.0921 2260  aswSnx - ok
12:15:31.0937 2260  [ 7BA7543EA7936A7ADA615F6DE7C95494 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
12:15:31.0953 2260  aswSP - ok
12:15:31.0984 2260  [ 875D2B1054F2ECD8F575D6CBE78DD7BA ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
12:15:31.0984 2260  aswTdi - ok
12:15:32.0015 2260  [ 1B0662514A68C3A42E60D240C5ABEF28 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
12:15:32.0015 2260  aswVmm - ok
12:15:32.0062 2260  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:15:32.0062 2260  AsyncMac - ok
12:15:32.0078 2260  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
12:15:32.0078 2260  atapi - ok
12:15:32.0093 2260  Atdisk - ok
12:15:32.0140 2260  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:15:32.0140 2260  Atmarpc - ok
12:15:32.0171 2260  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
12:15:32.0171 2260  AudioSrv - ok
12:15:32.0218 2260  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
12:15:32.0218 2260  audstub - ok
12:15:32.0328 2260  [ D74884939D53612FD84AC82C59CCFE27 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:15:32.0328 2260  avast! Antivirus - ok
12:15:32.0359 2260  [ 15ACA2AD17ACECA4814F249783E63AD3 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
12:15:32.0359 2260  avgtp - ok
12:15:32.0437 2260  [ F2E8CEFC8CF4D6454F4121C5FF93136A ] BBSvc           C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.exe
12:15:32.0453 2260  BBSvc - ok
12:15:32.0468 2260  [ 6E1BCC590C9D30FEE8FC14DBD053CE94 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe
12:15:32.0484 2260  BBUpdate - ok
12:15:32.0531 2260  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:15:32.0531 2260  Beep - ok
12:15:32.0593 2260  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
12:15:32.0671 2260  BITS - ok
12:15:32.0734 2260  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
12:15:32.0734 2260  Browser - ok
12:15:32.0734 2260  catchme - ok
12:15:32.0781 2260  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
12:15:32.0781 2260  cbidf2k - ok
12:15:32.0781 2260  cd20xrnt - ok
12:15:32.0828 2260  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
12:15:32.0828 2260  Cdaudio - ok
12:15:32.0875 2260  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
12:15:32.0890 2260  Cdfs - ok
12:15:32.0906 2260  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:15:32.0906 2260  Cdrom - ok
12:15:32.0906 2260  Changer - ok
12:15:32.0968 2260  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
12:15:32.0968 2260  CiSvc - ok
12:15:33.0000 2260  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
12:15:33.0000 2260  ClipSrv - ok
12:15:33.0031 2260  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:15:33.0125 2260  clr_optimization_v2.0.50727_32 - ok
12:15:33.0140 2260  CmdIde - ok
12:15:33.0156 2260  COMSysApp - ok
12:15:33.0171 2260  Cpqarray - ok
12:15:33.0203 2260  [ 097A0A4899B759A4F032BD464963B4BE ] cpuz132         C:\WINDOWS\system32\drivers\cpuz132_x32.sys
12:15:33.0203 2260  cpuz132 - ok
12:15:33.0359 2260  cpuz134 - ok
12:15:33.0390 2260  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
12:15:33.0390 2260  CryptSvc - ok
12:15:33.0406 2260  dac2w2k - ok
12:15:33.0406 2260  dac960nt - ok
12:15:33.0453 2260  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:15:33.0484 2260  DcomLaunch - ok
12:15:33.0531 2260  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
12:15:33.0531 2260  Dhcp - ok
12:15:33.0578 2260  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
12:15:33.0578 2260  Disk - ok
12:15:33.0593 2260  dmadmin - ok
12:15:33.0656 2260  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
12:15:33.0671 2260  dmboot - ok
12:15:33.0703 2260  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
12:15:33.0703 2260  dmio - ok
12:15:33.0734 2260  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
12:15:33.0734 2260  dmload - ok
12:15:33.0765 2260  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
12:15:33.0765 2260  dmserver - ok
12:15:33.0796 2260  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
12:15:33.0796 2260  DMusic - ok
12:15:33.0843 2260  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:15:33.0859 2260  Dnscache - ok
12:15:33.0906 2260  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:15:33.0906 2260  Dot3svc - ok
12:15:33.0921 2260  dpti2o - ok
12:15:33.0953 2260  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
12:15:33.0953 2260  drmkaud - ok
12:15:34.0000 2260  [ 7D91DC6342248369F94D6EBA0CF42E99 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:15:34.0000 2260  E100B - ok
12:15:34.0046 2260  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
12:15:34.0046 2260  EapHost - ok
12:15:34.0125 2260  [ D6B0013E03F3AEFBD272622FDECF01D1 ] EaseUS Agent    C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
12:15:34.0125 2260  EaseUS Agent - ok
12:15:34.0171 2260  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
12:15:34.0171 2260  ERSvc - ok
12:15:34.0218 2260  [ 51352E916ACEB7CEA030D33352E1ACDB ] EUBAKUP         C:\WINDOWS\system32\drivers\eubakup.sys
12:15:34.0234 2260  EUBAKUP - oka
12:15:34.0234 2260  [ 0AE5E1D3E69AF4BB7BE86543940FAA05 ] EUBKMON         C:\WINDOWS\system32\drivers\EUBKMON.sys
12:15:34.0234 2260  EUBKMON - ok
12:15:34.0250 2260  [ 19B7E82942672805C0F1A9A701C2254E ] EUDSKACS        C:\WINDOWS\system32\drivers\eudskacs.sys
12:15:34.0250 2260  EUDSKACS - ok
12:15:34.0281 2260  [ C449B2403385CEF7CE37C86331635345 ] EUFDDISK        C:\WINDOWS\system32\drivers\EuFdDisk.sys
12:15:34.0281 2260  EUFDDISK - ok
12:15:34.0328 2260  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
12:15:34.0359 2260  Eventlog - ok
12:15:34.0406 2260  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\System32\es.dll
12:15:34.0421 2260  EventSystem - ok
12:15:34.0437 2260  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
12:15:34.0437 2260  Fastfat - ok
12:15:34.0484 2260  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:15:34.0500 2260  FastUserSwitchingCompatibility - ok
12:15:34.0515 2260  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
12:15:34.0515 2260  Fdc - ok
12:15:34.0562 2260  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
12:15:34.0562 2260  Fips - ok
12:15:34.0578 2260  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
12:15:34.0578 2260  Flpydisk - ok
12:15:34.0625 2260  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:15:34.0625 2260  FltMgr - ok
12:15:34.0703 2260  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:15:34.0703 2260  FontCache3.0.0.0 - ok
12:15:34.0718 2260  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:15:34.0734 2260  Fs_Rec - ok
12:15:34.0750 2260  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:15:34.0750 2260  Ftdisk - ok
12:15:34.0796 2260  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:15:34.0796 2260  Gpc - ok
12:15:34.0843 2260  [ 694D18AD32B4EEE53D2BCA1D1EE7DFBC ] Guard Agent     C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
12:15:34.0859 2260  Guard Agent - ok
12:15:34.0937 2260  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:15:34.0937 2260  helpsvc - ok
12:15:34.0984 2260  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
12:15:34.0984 2260  HidServ - ok
12:15:35.0000 2260  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:15:35.0000 2260  HidUsb - ok
12:15:35.0046 2260  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
12:15:35.0046 2260  hkmsvc - ok
12:15:35.0062 2260  hpn - ok
12:15:35.0109 2260  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
12:15:35.0125 2260  HTTP - ok
12:15:35.0171 2260  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
12:15:35.0187 2260  HTTPFilter - ok
12:15:35.0187 2260  i2omgmt - ok
12:15:35.0203 2260  i2omp - ok
12:15:35.0250 2260  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:15:35.0250 2260  i8042prt - ok
12:15:35.0328 2260  [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
12:15:35.0359 2260  ialm - ok
12:15:35.0453 2260  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:15:35.0468 2260  IDriverT - ok
12:15:35.0546 2260  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:15:35.0562 2260  idsvc - ok
12:15:35.0593 2260  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
12:15:35.0593 2260  Imapi - ok
12:15:35.0656 2260  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
12:15:35.0671 2260  ImapiService - ok
12:15:35.0671 2260  ini910u - ok
12:15:35.0687 2260  IntelIde - ok
12:15:35.0750 2260  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:15:35.0750 2260  intelppm - ok
12:15:35.0765 2260  [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
12:15:35.0781 2260  ip6fw - ok
12:15:35.0796 2260  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:15:35.0796 2260  IpFilterDriver - ok
12:15:35.0812 2260  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:15:35.0812 2260  IpInIp - ok
12:15:35.0859 2260  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:15:35.0859 2260  IpNat - ok
12:15:35.0890 2260  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:15:35.0906 2260  IPSec - ok
12:15:35.0921 2260  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
12:15:35.0937 2260  IRENUM - ok
12:15:35.0968 2260  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:15:35.0968 2260  isapnp - ok
12:15:36.0078 2260  [ 80A79264302910C7C24BA7E44267EFEF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:15:36.0093 2260  JavaQuickStarterService - ok
12:15:36.0109 2260  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:15:36.0109 2260  Kbdclass - ok
12:15:36.0171 2260  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
12:15:36.0171 2260  kmixer - ok
12:15:36.0218 2260  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
12:15:36.0218 2260  KSecDD - ok
12:15:36.0265 2260  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
12:15:36.0281 2260  lanmanserver - ok
12:15:36.0328 2260  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:15:36.0343 2260  lanmanworkstation - ok
12:15:36.0359 2260  lbrtfdc - ok
12:15:36.0406 2260  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
12:15:36.0421 2260  LmHosts - ok
12:15:36.0421 2260  lsnfd - ok
12:15:36.0468 2260  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
12:15:36.0468 2260  Messenger - ok
12:15:36.0515 2260  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
12:15:36.0515 2260  mnmdd - ok
12:15:36.0546 2260  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
12:15:36.0562 2260  mnmsrvc - ok
12:15:36.0593 2260  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
12:15:36.0593 2260  Modem - ok
12:15:36.0609 2260  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:15:36.0625 2260  Mouclass - ok
12:15:36.0625 2260  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
12:15:36.0625 2260  MountMgr - ok
12:15:36.0671 2260  [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:15:36.0687 2260  MozillaMaintenance - ok
12:15:36.0687 2260  mraid35x - ok
12:15:36.0734 2260  [ 5D235DAA0A9FEED8D880DF7277D6CCC8 ] MRVW225         C:\WINDOWS\system32\DRIVERS\MRVW225.sys
12:15:36.0750 2260  MRVW225 - ok
12:15:36.0781 2260  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:15:36.0781 2260  MRxDAV - ok
12:15:36.0843 2260  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:15:36.0859 2260  MRxSmb - ok
12:15:36.0906 2260  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
12:15:36.0906 2260  MSDTC - ok
12:15:36.0921 2260  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:15:36.0921 2260  Msfs - ok
12:15:36.0937 2260  MSIServer - ok
12:15:36.0968 2260  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:15:36.0968 2260  MSKSSRV - ok
12:15:37.0000 2260  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:15:37.0000 2260  MSPCLOCK - ok
12:15:37.0000 2260  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
12:15:37.0015 2260  MSPQM - ok
12:15:37.0031 2260  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:15:37.0031 2260  mssmbios - ok
12:15:37.0078 2260  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
12:15:37.0078 2260  Mup - ok
12:15:37.0125 2260  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
12:15:37.0156 2260  napagent - ok
12:15:37.0187 2260  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
12:15:37.0187 2260  NDIS - ok
12:15:37.0234 2260  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:15:37.0250 2260  NdisTapi - ok
12:15:37.0296 2260  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:15:37.0296 2260  Ndisuio - ok
12:15:37.0296 2260  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:15:37.0312 2260  NdisWan - ok
12:15:37.0343 2260  [ 2F597BB467E05B1FE3830EABD821B8E0 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
12:15:37.0343 2260  NDProxy - ok
12:15:37.0390 2260  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
12:15:37.0390 2260  NetBIOS - ok
12:15:37.0406 2260  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:15:37.0421 2260  NetBT - ok
12:15:37.0453 2260  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
12:15:37.0468 2260  NetDDE - ok
12:15:37.0468 2260  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
12:15:37.0484 2260  NetDDEdsdm - ok
12:15:37.0531 2260  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:15:37.0531 2260  Netlogon - ok
12:15:37.0593 2260  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
12:15:37.0609 2260  Netman - ok
12:15:37.0640 2260  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:15:37.0640 2260  NetTcpPortSharing - ok
12:15:37.0687 2260  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
12:15:37.0703 2260  Nla - ok
12:15:37.0750 2260  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:15:37.0750 2260  Npfs - ok
12:15:37.0781 2260  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
12:15:37.0812 2260  Ntfs - ok
12:15:37.0812 2260  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
12:15:37.0828 2260  NtLmSsp - ok
12:15:37.0875 2260  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
12:15:37.0906 2260  NtmsSvc - ok
12:15:37.0937 2260  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:15:37.0937 2260  Null - ok
12:15:37.0984 2260  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:15:37.0984 2260  NwlnkFlt - ok
12:15:37.0984 2260  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:15:37.0984 2260  NwlnkFwd - ok
12:15:38.0046 2260  [ CEC7E2C6C1FA00C7AB2F5434F848AE51 ] OMCI            C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
12:15:38.0046 2260  OMCI - ok
12:15:38.0093 2260  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:15:38.0093 2260  ose - ok
12:15:38.0125 2260  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
12:15:38.0140 2260  Parport - ok
12:15:38.0156 2260  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
12:15:38.0156 2260  PartMgr - ok
12:15:38.0203 2260  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
12:15:38.0203 2260  ParVdm - ok
12:15:38.0218 2260  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
12:15:38.0218 2260  PCI - ok
12:15:38.0234 2260  PCIDump - ok
12:15:38.0234 2260  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
12:15:38.0234 2260  PCIIde - ok
12:15:38.0265 2260  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
12:15:38.0281 2260  Pcmcia - ok
12:15:38.0281 2260  PDCOMP - ok
12:15:38.0296 2260  PDFRAME - ok
12:15:38.0296 2260  PDRELI - ok
12:15:38.0312 2260  PDRFRAME - ok
12:15:38.0312 2260  perc2 - ok
12:15:38.0328 2260  perc2hib - ok
12:15:38.0375 2260  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
12:15:38.0390 2260  PlugPlay - ok
12:15:38.0390 2260  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
12:15:38.0406 2260  PolicyAgent - ok
12:15:38.0453 2260  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:15:38.0453 2260  PptpMiniport - ok
12:15:38.0468 2260  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
12:15:38.0468 2260  Processor - ok
12:15:38.0484 2260  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:15:38.0484 2260  ProtectedStorage - ok
12:15:38.0500 2260  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
12:15:38.0500 2260  PSched - ok
12:15:38.0515 2260  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:15:38.0531 2260  Ptilink - ok
12:15:38.0531 2260  ql1080 - ok
12:15:38.0546 2260  Ql10wnt - ok
12:15:38.0546 2260  ql12160 - ok
12:15:38.0562 2260  ql1240 - ok
12:15:38.0562 2260  ql1280 - ok
12:15:38.0593 2260  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:15:38.0609 2260  RasAcd - ok
12:15:38.0640 2260  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:15:38.0656 2260  RasAuto - ok
12:15:38.0687 2260  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:15:38.0687 2260  Rasl2tp - ok
12:15:38.0734 2260  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:15:38.0750 2260  RasMan - ok
12:15:38.0765 2260  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:15:38.0765 2260  RasPppoe - ok
12:15:38.0781 2260  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
12:15:38.0781 2260  Raspti - ok
12:15:38.0796 2260  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:15:38.0812 2260  Rdbss - ok
12:15:38.0828 2260  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:15:38.0828 2260  RDPCDD - ok
12:15:38.0875 2260  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
12:15:38.0875 2260  RDPWD - ok
12:15:38.0906 2260  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
12:15:38.0921 2260  RDSessMgr - ok
12:15:38.0968 2260  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
12:15:38.0968 2260  redbook - ok
12:15:38.0968 2260  ReimageRealTimeProtection - ok
12:15:39.0015 2260  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:15:39.0015 2260  RemoteAccess - ok
12:15:39.0031 2260  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\System32\locator.exe
12:15:39.0046 2260  RpcLocator - ok
12:15:39.0078 2260  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
12:15:39.0093 2260  RpcSs - ok
12:15:39.0140 2260  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\System32\rsvp.exe
12:15:39.0156 2260  RSVP - ok
12:15:39.0171 2260  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:15:39.0187 2260  SamSs - ok
12:15:39.0218 2260  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
12:15:39.0234 2260  SCardSvr - ok
12:15:39.0265 2260  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:15:39.0296 2260  Schedule - ok
12:15:39.0343 2260  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:15:39.0343 2260  Secdrv - ok
12:15:39.0359 2260  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
12:15:39.0375 2260  seclogon - ok
12:15:39.0453 2260  [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt         C:\WINDOWS\system32\drivers\senfilt.sys
12:15:39.0468 2260  senfilt - ok
12:15:39.0515 2260  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
12:15:39.0531 2260  SENS - ok
12:15:39.0546 2260  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
12:15:39.0546 2260  serenum - ok
12:15:39.0593 2260  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
12:15:39.0593 2260  Serial - ok
12:15:39.0656 2260  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
12:15:39.0656 2260  Sfloppy - ok
12:15:39.0703 2260  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:15:39.0718 2260  SharedAccess - ok
12:15:39.0750 2260  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:15:39.0750 2260  ShellHWDetection - ok
12:15:39.0765 2260  Simbad - ok
12:15:39.0828 2260  [ C6D9959E493682F872A639B6EC1B4A08 ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
12:15:39.0843 2260  smwdm - ok
12:15:39.0890 2260  [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
12:15:39.0890 2260  SONYPVU1 - ok
12:15:39.0906 2260  Sparrow - ok
12:15:39.0921 2260  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
12:15:39.0921 2260  splitter - ok
12:15:39.0968 2260  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
12:15:39.0984 2260  Spooler - ok
12:15:40.0031 2260  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
12:15:40.0031 2260  sr - ok
12:15:40.0093 2260  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
12:15:40.0109 2260  srservice - ok
12:15:40.0156 2260  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:15:40.0171 2260  Srv - ok
12:15:40.0234 2260  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:15:40.0234 2260  SSDPSRV - ok
12:15:40.0281 2260  [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
12:15:40.0296 2260  StillCam - ok
12:15:40.0343 2260  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
12:15:40.0375 2260  stisvc - ok
12:15:40.0390 2260  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
12:15:40.0390 2260  swenum - ok
12:15:40.0437 2260  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
12:15:40.0437 2260  swmidi - ok
12:15:40.0453 2260  SwPrv - ok
12:15:40.0453 2260  symc810 - ok
12:15:40.0468 2260  symc8xx - ok
12:15:40.0468 2260  sym_hi - ok
12:15:40.0484 2260  sym_u3 - ok
12:15:40.0515 2260  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
12:15:40.0515 2260  sysaudio - ok
12:15:40.0562 2260  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
12:15:40.0562 2260  SysmonLog - ok
12:15:40.0609 2260  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:15:40.0640 2260  TapiSrv - ok
12:15:40.0703 2260  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:15:40.0718 2260  Tcpip - ok
12:15:40.0750 2260  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
12:15:40.0750 2260  TDPIPE - ok
12:15:40.0765 2260  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
12:15:40.0781 2260  TDTCP - ok
12:15:40.0812 2260  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
12:15:40.0828 2260  TermDD - ok
12:15:40.0875 2260  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
12:15:40.0906 2260  TermService - ok
12:15:40.0921 2260  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
12:15:40.0937 2260  Themes - ok
12:15:40.0953 2260  TosIde - ok
12:15:41.0015 2260  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
12:15:41.0015 2260  TrkWks - ok
12:15:41.0062 2260  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
12:15:41.0062 2260  Udfs - ok
12:15:41.0078 2260  ultra - ok
12:15:41.0125 2260  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
12:15:41.0140 2260  Update - ok
12:15:41.0187 2260  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:15:41.0203 2260  upnphost - ok
12:15:41.0218 2260  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
12:15:41.0234 2260  UPS - ok
12:15:41.0265 2260  [ 65898A183FBF1D1F7759D5CCB364DCD4 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
12:15:41.0265 2260  usbaudio - ok
12:15:41.0312 2260  [ 1B611611C28D2DF25BC057D79C6F13FC ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:15:41.0312 2260  usbccgp - ok
12:15:41.0343 2260  [ 4BAC8DF07F1D8434FC640E677A62204E ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:15:41.0343 2260  usbehci - ok
12:15:41.0390 2260  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:15:41.0390 2260  usbhub - ok
12:15:41.0421 2260  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:15:41.0437 2260  usbprint - ok
12:15:41.0468 2260  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:15:41.0468 2260  USBSTOR - ok
12:15:41.0484 2260  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:15:41.0500 2260  usbuhci - ok
12:15:41.0515 2260  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
12:15:41.0515 2260  VgaSave - ok
12:15:41.0515 2260  ViaIde - ok
12:15:41.0578 2260  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
12:15:41.0578 2260  VolSnap - ok
12:15:41.0609 2260  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
12:15:41.0640 2260  VSS - ok
12:15:41.0640 2260  vToolbarUpdater17.2.0 - ok
12:15:41.0687 2260  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
12:15:41.0718 2260  W32Time - ok
12:15:41.0734 2260  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:15:41.0750 2260  Wanarp - ok
12:15:41.0750 2260  WDICA - ok
12:15:41.0765 2260  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
12:15:41.0765 2260  wdmaud - ok
12:15:41.0828 2260  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:15:41.0843 2260  WebClient - ok
12:15:41.0937 2260  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:15:41.0937 2260  winmgmt - ok
12:15:41.0984 2260  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
12:15:42.0000 2260  WmdmPmSN - ok
12:15:42.0031 2260  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
12:15:42.0031 2260  WmiApSrv - ok
12:15:42.0109 2260  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
12:15:42.0140 2260  WMPNetworkSvc - ok
12:15:42.0187 2260  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:15:42.0187 2260  WS2IFSL - ok
12:15:42.0250 2260  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
12:15:42.0250 2260  wscsvc - ok
12:15:42.0296 2260  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
12:15:42.0328 2260  wuauserv - ok
12:15:42.0359 2260  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:15:42.0359 2260  WudfPf - ok
12:15:42.0375 2260  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:15:42.0375 2260  WudfRd - ok
12:15:42.0406 2260  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
12:15:42.0421 2260  WudfSvc - ok
12:15:42.0468 2260  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
12:15:42.0500 2260  WZCSVC - ok
12:15:42.0546 2260  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
12:15:42.0562 2260  xmlprov - ok
12:15:42.0578 2260  ================ Scan global ===============================
12:15:42.0640 2260  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
12:15:42.0687 2260  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
12:15:42.0734 2260  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
12:15:42.0765 2260  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
12:15:42.0781 2260  [Global] - ok
12:15:42.0781 2260  ================ Scan MBR ==================================
12:15:42.0796 2260  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
12:15:43.0000 2260  \Device\Harddisk0\DR0 - ok
12:15:43.0000 2260  ================ Scan VBR ==================================
12:15:43.0015 2260  [ 44A09BA4A43553892A12A074E0C492E6 ] \Device\Harddisk0\DR0\Partition1
12:15:43.0015 2260  \Device\Harddisk0\DR0\Partition1 - ok
12:15:43.0015 2260  ============================================================
12:15:43.0015 2260  Scan finished
12:15:43.0015 2260  ============================================================
12:15:43.0031 1536  Detected object count: 0
12:15:43.0031 1536  Actual detected object count: 0
12:35:54.0250 3020  Deinitialize success



#36 vmonti

vmonti
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 22 January 2014 - 06:23 PM

I also haven't been able to get a screenshot of the security error message because it hasn't popped up again. I am still getting pop-ups while using Internet Explorer and Mozilla Firefox though.

 

Here is the FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-01-2014
Ran by Vincent Sr (administrator) on OFFICECOMPUTER on 22-01-2014 18:17:30
Running from C:\Documents and Settings\Vincent Sr\Desktop
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) ===================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
() C:\Program Files\IDMSQ\idmsq.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.EXE
(TeamViewer GmbH) C:\Documents and Settings\Vincent Sr\Local Settings\temp\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Documents and Settings\Vincent Sr\Local Settings\temp\TeamViewer\Version9\TeamViewer_Desktop.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\qttask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [HP Software Update] - C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2014-01-07] (AVAST Software)
HKLM\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\fb913305-ee1e-42a4-9f5a-06ebf5aaa8ab.exe /check [181136 2014-01-22] (AVAST Software)
HKCU\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [IDMSQ] - C:\Program Files\IDMSQ\idmsq.exe [2561088 2013-10-30] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://xfinity.comcast.net/?cid=mtmh12152013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {2D6AACF5-780C-4C89-9ACE-E30E93321451} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10743
BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO: Idmsq Extension - {3AA4FC9D-FB51-44a2-B09F-0457857CA7C2} - C:\Documents and Settings\Vincent Sr\Application Data\IDMSQ\idmsqext.dll (Or Interactive Ltd)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\Windows\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\Windows\system32\SHELL32.dll (Microsoft Corporation)
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1270916475984
DPF: {6FD482A3-7B57-438B-B040-52CAA30147EE} http://rmlsfl.mlxchange.com/5.3.06.17085/Control/MLSClientUtils.cab
DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} http://rmlsfl.mlxchange.com/5.5.12.25747/Control/IRCSharc.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Vincent Sr\Application Data\Mozilla\Firefox\Profiles\jezjfwwh.default
FF Homepage: hxxp://www.comcast.net/
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Documents and Settings\Vincent Sr\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\browser\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF SearchPlugin: C:\Documents and Settings\Vincent Sr\Application Data\Mozilla\Firefox\Profiles\jezjfwwh.default\searchplugins\findwide.xml
FF SearchPlugin: C:\Documents and Settings\Vincent Sr\Application Data\Mozilla\Firefox\Profiles\jezjfwwh.default\searchplugins\yahoo-1.xml
FF Extension: Internet Download Manager Squared - C:\Documents and Settings\Vincent Sr\Application Data\Mozilla\Firefox\Profiles\jezjfwwh.default\Extensions\idmsq@idmsq.com [2014-01-03]
FF Extension: IE Tab Plus - C:\Documents and Settings\Vincent Sr\Application Data\Mozilla\Firefox\Profiles\jezjfwwh.default\Extensions\ietab@ip.cn [2012-05-04]
FF Extension: SelectionLinks - C:\Documents and Settings\Vincent Sr\Application Data\Mozilla\Firefox\Profiles\jezjfwwh.default\Extensions\{8476A68F-B759-4E09-A7C2-E9B72775983F} [2013-07-16]
FF Extension: Adblock Plus - C:\Documents and Settings\Vincent Sr\Application Data\Mozilla\Firefox\Profiles\jezjfwwh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-21]
FF Extension: Download Statusbar - C:\Documents and Settings\Vincent Sr\Application Data\Mozilla\Firefox\Profiles\jezjfwwh.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-10-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-11-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-29]

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (Google Docs) - C:\Documents and Settings\Vincent Sr\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-03]
CHR Extension: (Google Drive) - C:\Documents and Settings\Vincent Sr\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-03]
CHR Extension: (YouTube) - C:\Documents and Settings\Vincent Sr\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-03]
CHR Extension: (Google Search) - C:\Documents and Settings\Vincent Sr\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-03]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\Vincent Sr\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-04]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Vincent Sr\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-03]
CHR Extension: (GreatArcadeHits Add-on) - C:\Documents and Settings\Vincent Sr\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcogajbgikalbpphmoedjlcfjkhgh [2013-12-15]
CHR Extension: (Gmail) - C:\Documents and Settings\Vincent Sr\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-03]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-03]
CHR HKLM\...\Chrome\Extension: [jpjgjllhjllhihagiojldacanflgefof] - C:\Program Files\OApps\chrome-sl.crx [2013-12-03]
CHR HKLM\...\Chrome\Extension: [ohenffmfbnoidogjgebadealdkecjdal] - C:\Documents and Settings\Vincent Sr\Application Data\IDMSQ\IDMSQ.crx [2013-09-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-07] (AVAST Software)
R2 EaseUS Agent; C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe [68168 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd)
R2 Guard Agent; C:\Program Files\EaseUS\Todo Backup\bin\GuardAgent.exe [23624 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2013-10-08] (Oracle Corporation)
S2 ReimageRealTimeProtection; C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe [x]
S2 vToolbarUpdater17.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-01-07] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [49944 2013-12-03] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-07] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410528 2014-01-07] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [180248 2014-01-07] ()
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-12-15] (AVG Technologies)
R2 cpuz132; C:\WINDOWS\system32\drivers\cpuz132_x32.sys [12672 2009-03-27] (Windows ® Codename Longhorn DDK provider)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [51400 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd)
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [40776 2013-05-10] ()
R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [14920 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd)
R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [185672 2013-05-10] (CHENGDU YIWO Tech Development Co., Ltd)
S3 MRVW225; C:\Windows\System32\DRIVERS\MRVW225.sys [299904 2005-12-21] (Marvell Semiconductor, Inc)
S3 SONYPVU1; C:\Windows\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz134; \??\C:\DOCUME~1\VINCEN~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [x]
S4 IntelIde; No ImagePath
S1 lsnfd; system32\drivers\lsnfd.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
U3 TlntSvr;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-22 18:16 - 2014-01-22 18:16 - 00000000 ____D C:\Documents and Settings\Vincent Sr\Desktop\FRST-OlderVersion
2014-01-17 12:11 - 2014-01-17 11:29 - 02237968 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Vincent Sr\Desktop\tdsskiller.exe
2014-01-15 20:04 - 2014-01-15 20:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2014-01-15 20:03 - 2014-01-15 20:05 - 00004547 _____ C:\WINDOWS\KB2914368.log
2014-01-11 10:51 - 2014-01-11 10:51 - 00031327 _____ C:\ComboFix.txt
2014-01-11 10:42 - 2014-01-11 10:42 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-01-11 10:42 - 2014-01-11 10:42 - 00000000 ____H C:\WINDOWS\system32\config\system.tmp.LOG
2014-01-11 10:42 - 2014-01-11 10:42 - 00000000 ____H C:\WINDOWS\system32\config\software.tmp.LOG
2014-01-11 10:42 - 2014-01-11 10:42 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-01-11 10:42 - 2014-01-11 10:42 - 00000000 ____H C:\WINDOWS\system32\config\default.tmp.LOG
2014-01-11 10:30 - 2014-01-11 10:30 - 00000000 _RSHD C:\cmdcons
2014-01-11 10:30 - 2013-10-28 12:16 - 00000211 _____ C:\Boot.bak
2014-01-11 10:30 - 2004-08-03 23:00 - 00260272 __RSH C:\cmldr
2014-01-11 10:28 - 2014-01-11 10:52 - 00000000 ____D C:\Qoobox
2014-01-11 10:28 - 2011-06-26 01:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2014-01-11 10:28 - 2010-11-07 12:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2014-01-11 10:28 - 2009-04-19 23:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-01-11 10:28 - 2000-08-30 19:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-01-11 10:28 - 2000-08-30 19:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-01-11 10:28 - 2000-08-30 19:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-01-11 10:28 - 2000-08-30 19:00 - 00098816 _____ C:\WINDOWS\sed.exe
2014-01-11 10:28 - 2000-08-30 19:00 - 00080412 _____ C:\WINDOWS\grep.exe
2014-01-11 10:28 - 2000-08-30 19:00 - 00068096 _____ C:\WINDOWS\zip.exe
2014-01-11 10:27 - 2014-01-11 10:50 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-11 10:25 - 2014-01-11 10:19 - 05162489 ____R (Swearware) C:\Documents and Settings\Vincent Sr\Desktop\ComboFix.exe
2014-01-07 11:34 - 2014-01-07 11:34 - 00069336 _____ C:\Documents and Settings\Vincent Sr\Desktop\1-7-14 OTL.Txt
2014-01-03 12:46 - 2014-01-22 17:50 - 00000000 ____D C:\Documents and Settings\Vincent Sr\Application Data\IDMSQ
2014-01-03 12:46 - 2014-01-03 12:46 - 00000000 ____D C:\Documents and Settings\Vincent Sr\Start Menu\Programs\IDMSQ
2014-01-03 12:45 - 2014-01-03 12:46 - 00000000 ____D C:\Program Files\IDMSQ
2014-01-03 12:39 - 2014-01-22 18:18 - 00014082 _____ C:\Documents and Settings\Vincent Sr\Desktop\FRST.txt
2014-01-03 12:39 - 2014-01-22 18:16 - 00000000 ____D C:\FRST
2014-01-03 12:37 - 2014-01-03 12:37 - 01071168 _____ (OR Interactive Ltd) C:\Documents and Settings\Vincent Sr\Desktop\IDM2.exe
2014-01-03 12:35 - 2014-01-22 18:16 - 01222144 _____ (Farbar) C:\Documents and Settings\Vincent Sr\Desktop\FRST.exe
2013-12-28 18:06 - 2013-12-28 18:06 - 00000000 ____D C:\_OTL
2013-12-23 12:06 - 2013-12-23 12:06 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Vincent Sr\Desktop\OTL.exe

==================== One Month Modified Files and Folders =======

2014-01-22 18:18 - 2014-01-03 12:39 - 00014082 _____ C:\Documents and Settings\Vincent Sr\Desktop\FRST.txt
2014-01-22 18:16 - 2014-01-22 18:16 - 00000000 ____D C:\Documents and Settings\Vincent Sr\Desktop\FRST-OlderVersion
2014-01-22 18:16 - 2014-01-03 12:39 - 00000000 ____D C:\FRST
2014-01-22 18:16 - 2014-01-03 12:35 - 01222144 _____ (Farbar) C:\Documents and Settings\Vincent Sr\Desktop\FRST.exe
2014-01-22 17:55 - 2013-09-29 09:27 - 00000364 ____H C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-01-22 17:52 - 2010-04-10 11:21 - 01825447 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-22 17:50 - 2014-01-03 12:46 - 00000000 ____D C:\Documents and Settings\Vincent Sr\Application Data\IDMSQ
2014-01-22 17:49 - 2010-04-10 09:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-22 17:49 - 2010-04-10 05:41 - 00000159 _____ C:\WINDOWS\wiadebug.log
2014-01-22 17:49 - 2010-04-10 05:41 - 00000049 _____ C:\WINDOWS\wiaservc.log
2014-01-22 17:49 - 2003-07-16 15:53 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2014-01-21 16:46 - 2010-04-10 09:55 - 00000278 ___SH C:\Documents and Settings\Vincent Sr\ntuser.ini
2014-01-21 16:46 - 2010-04-10 09:54 - 00032568 _____ C:\WINDOWS\SchedLgU.Txt
2014-01-20 17:27 - 2012-04-04 09:00 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-01-17 11:29 - 2014-01-17 12:11 - 02237968 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Vincent Sr\Desktop\tdsskiller.exe
2014-01-15 20:07 - 2013-08-15 10:27 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-15 20:05 - 2014-01-15 20:03 - 00004547 _____ C:\WINDOWS\KB2914368.log
2014-01-15 20:05 - 2010-04-11 12:49 - 00491424 _____ C:\WINDOWS\setupapi.log
2014-01-15 20:05 - 2010-04-10 11:46 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 20:05 - 2010-04-10 05:39 - 02822069 _____ C:\WINDOWS\FaxSetup.log
2014-01-15 20:05 - 2010-04-10 05:39 - 01379942 _____ C:\WINDOWS\ocgen.log
2014-01-15 20:05 - 2010-04-10 05:39 - 01084072 _____ C:\WINDOWS\tsoc.log
2014-01-15 20:05 - 2010-04-10 05:39 - 00756061 _____ C:\WINDOWS\comsetup.log
2014-01-15 20:05 - 2010-04-10 05:39 - 00458080 _____ C:\WINDOWS\ntdtcsetup.log
2014-01-15 20:05 - 2010-04-10 05:39 - 00448187 _____ C:\WINDOWS\iis6.log
2014-01-15 20:05 - 2010-04-10 05:39 - 00141501 _____ C:\WINDOWS\msgsocm.log
2014-01-15 20:05 - 2010-04-10 05:39 - 00116654 _____ C:\WINDOWS\ocmsn.log
2014-01-15 20:05 - 2010-04-10 05:39 - 00001374 _____ C:\WINDOWS\imsins.log
2014-01-15 20:04 - 2014-01-15 20:04 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2914368$
2014-01-11 10:52 - 2014-01-11 10:28 - 00000000 ____D C:\Qoobox
2014-01-11 10:51 - 2014-01-11 10:51 - 00031327 _____ C:\ComboFix.txt
2014-01-11 10:50 - 2014-01-11 10:27 - 00000000 ____D C:\WINDOWS\erdnt
2014-01-11 10:47 - 2003-07-16 15:47 - 00000227 _____ C:\WINDOWS\system.ini
2014-01-11 10:42 - 2014-01-11 10:42 - 00008192 ____H C:\WINDOWS\system32\config\SECURITY.tmp.LOG
2014-01-11 10:42 - 2014-01-11 10:42 - 00000000 ____H C:\WINDOWS\system32\config\system.tmp.LOG
2014-01-11 10:42 - 2014-01-11 10:42 - 00000000 ____H C:\WINDOWS\system32\config\software.tmp.LOG
2014-01-11 10:42 - 2014-01-11 10:42 - 00000000 ____H C:\WINDOWS\system32\config\SAM.tmp.LOG
2014-01-11 10:42 - 2014-01-11 10:42 - 00000000 ____H C:\WINDOWS\system32\config\default.tmp.LOG
2014-01-11 10:42 - 2010-04-10 05:38 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2014-01-11 10:42 - 2010-04-10 05:38 - 00262144 _____ C:\WINDOWS\system32\config\SAM.bak
2014-01-11 10:42 - 2010-04-10 05:37 - 30932992 _____ C:\WINDOWS\system32\config\software.bak
2014-01-11 10:42 - 2010-04-10 05:37 - 05505024 _____ C:\WINDOWS\system32\config\system.bak
2014-01-11 10:42 - 2010-04-10 05:37 - 00524288 _____ C:\WINDOWS\system32\config\default.bak
2014-01-11 10:39 - 2010-04-10 09:55 - 00000000 ____D C:\Documents and Settings\Vincent Sr
2014-01-11 10:30 - 2014-01-11 10:30 - 00000000 _RSHD C:\cmdcons
2014-01-11 10:30 - 2010-04-10 05:37 - 00000327 __RSH C:\boot.ini
2014-01-11 10:19 - 2014-01-11 10:25 - 05162489 ____R (Swearware) C:\Documents and Settings\Vincent Sr\Desktop\ComboFix.exe
2014-01-07 15:30 - 2013-09-29 09:27 - 00775952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-07 15:30 - 2013-09-29 09:27 - 00410528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-07 15:30 - 2013-09-29 09:27 - 00270240 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-07 15:30 - 2013-09-29 09:27 - 00180248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-07 15:30 - 2013-09-29 09:27 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-07 15:30 - 2013-09-29 09:27 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-01-07 15:30 - 2013-09-29 09:27 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-01-07 15:30 - 2013-09-29 09:27 - 00001733 _____ C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
2014-01-07 15:30 - 2013-09-29 09:26 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-07 11:34 - 2014-01-07 11:34 - 00069336 _____ C:\Documents and Settings\Vincent Sr\Desktop\1-7-14 OTL.Txt
2014-01-04 15:26 - 2010-04-10 05:38 - 00220040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2014-01-03 12:46 - 2014-01-03 12:46 - 00000000 ____D C:\Documents and Settings\Vincent Sr\Start Menu\Programs\IDMSQ
2014-01-03 12:46 - 2014-01-03 12:45 - 00000000 ____D C:\Program Files\IDMSQ
2014-01-03 12:37 - 2014-01-03 12:37 - 01071168 _____ (OR Interactive Ltd) C:\Documents and Settings\Vincent Sr\Desktop\IDM2.exe
2013-12-28 18:06 - 2013-12-28 18:06 - 00000000 ____D C:\_OTL
2013-12-23 12:06 - 2013-12-23 12:06 - 00602112 _____ (OldTimer Tools) C:\Documents and Settings\Vincent Sr\Desktop\OTL.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================


Here is the FRST Additional log:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-01-2014
Ran by Vincent Sr at 2014-01-22 18:20:41
Running from C:\Documents and Settings\Vincent Sr\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (Version: 11.0.05 - Adobe Systems Incorporated)
Apple Application Support (Version: 2.3.4 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (Version: 9.0.2011 - Avast Software)
Bing Bar (Version: 7.3.124.0 - Microsoft Corporation)
Broadcom 440x 10/100 Integrated Controller (Version: 3.24 - Broadcom)
Broadcom 440x 10/100 Integrated Controller (Version: 3.24 - Broadcom) Hidden
CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
CamStudio version 2.7 (Version: 2.7 - CamStudio Open Source)
Canon iP1600 (Version:  - )
Citrix Online Launcher (Version: 1.0.122 - Citrix)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000 - Microsoft Corporation)
Coupon Printer for Windows (Version: 5.0.0.3 - Coupons.com Incorporated) <==== ATTENTION
CPUID CPU-Z 1.53.1 (Version:  - )
Dell ResourceCD (Version:  - )
EaseUS Todo Backup Free 6.0 (Version: 6.0 - CHENGDU YIWO Tech Development Co., Ltd)
GoToMeeting 5.7.0.1172 (HKCU Version: 5.7.0.1172 - CitrixOnline)
HP Deskjet 3050A J611 series Basic Device Software (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (Version: 140.0.2.2 - Hewlett Packard)
HP Deskjet 3050A J611 series Product Improvement Study (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (Version: 1.0.0.7702 - HP)
HP Update (Version: 5.003.003.001 - Hewlett-Packard)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4543 - )
Intel® PRO Network Adapters and Drivers (Version:  - )
Internet Download Manager² 1.0 (Version: 1.0 - OR Interactive Ltd)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Level Quality Watcher (Version: 1.0.0.0 - Adpeak, Inc.) Hidden <==== ATTENTION
Malwarebytes' Anti-Malware (Version:  - Malwarebytes Corporation)
Media Player Codec Pack 4.2.9 (Version: 4.2.9 - Media Player Codec Pack)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1 - Microsoft Corporation)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works 6-9 Converter (Version: 14.0.6120.5002 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6.0 Parser (Version: 6.00.3883.8 - Microsoft Corporation)
NVIDIA Drivers (Version:  - )
QuickTime (Version: 7.74.80.86 - Apple Inc.)
RealFlight G3 R/C Simulator (Version:  - )
Revo Uninstaller 1.95 (Version: 1.95 - VS Revo Group)
SoundMAX (Version: 5.12.01.5246 - Analog Devices)
System Requirements Lab CYRI (Version: 5.0.6.0 - Husdawg, LLC)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980302) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB980182) (Version: 1 - Microsoft Corporation) Hidden
WebFldrs XP (Version: 9.50.6513 - Microsoft Corporation) Hidden
Windows 7 Upgrade Advisor (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (Version: 20080414.031525 - Microsoft Corporation)
XP Codec Pack (Version: 2.5.5 - XP Codec Pack team)

==================== Restore Points  =========================

03-01-2014 18:31:45 System Checkpoint
04-01-2014 22:47:29 System Checkpoint
07-01-2014 20:28:34 avast! antivirus system restore point
08-01-2014 21:01:52 System Checkpoint
10-01-2014 00:44:59 System Checkpoint
11-01-2014 22:33:06 System Checkpoint
12-01-2014 22:53:06 System Checkpoint
14-01-2014 15:42:15 Software Distribution Service 3.0
15-01-2014 23:49:56 System Checkpoint
16-01-2014 01:03:56 Software Distribution Service 3.0
17-01-2014 16:54:53 System Checkpoint

==================== Hosts content: ==========================

2003-07-16 15:29 - 2014-01-11 10:46 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-22 17:51 - 2014-01-21 17:40 - 02156032 _____ () C:\Program Files\AVAST Software\Avast\defs\14012101\algo.dll
2013-08-03 12:11 - 2013-05-10 11:08 - 00098888 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CodeLog.dll
2013-08-03 12:11 - 2013-05-10 11:08 - 00029768 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CompressFile.dll
2013-08-03 12:12 - 2008-11-25 16:18 - 01291264 _____ () C:\Program Files\EaseUS\Todo Backup\bin\libxml2.dll
2013-08-03 12:12 - 2004-10-05 02:08 - 00055808 _____ () C:\Program Files\EaseUS\Todo Backup\bin\zlib1.dll
2013-08-03 12:12 - 2013-05-10 11:08 - 00050248 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2013-08-03 12:11 - 2013-06-19 15:00 - 00094792 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ActivationOnline.dll
2013-08-03 12:12 - 2013-06-19 18:14 - 00243784 _____ () C:\Program Files\EaseUS\Todo Backup\bin\uexper.dll
2013-08-03 12:12 - 2013-05-22 15:25 - 00030280 _____ () C:\Program Files\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2013-08-03 12:12 - 2013-05-10 11:08 - 00293960 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ExchBackupSize.dll
2013-08-03 12:12 - 2013-05-10 11:08 - 00578632 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ExImage.dll
2013-08-03 12:12 - 2013-05-10 11:08 - 00468040 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ExchBackupSizeEx.dll
2013-08-03 12:12 - 2013-05-10 11:08 - 00068680 _____ () C:\Program Files\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2013-08-03 12:12 - 2013-05-10 11:09 - 00069192 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2013-08-03 12:11 - 2013-05-20 16:44 - 00022600 _____ () C:\Program Files\EaseUS\Todo Backup\bin\AccountManager.dll
2013-08-03 12:12 - 2013-05-10 11:08 - 00115784 _____ () C:\Program Files\EaseUS\Todo Backup\bin\NasOperator.dll
2013-08-03 12:11 - 2013-05-10 11:08 - 00135752 _____ () C:\Program Files\EaseUS\Todo Backup\bin\CloudOperator.dll
2013-08-03 12:11 - 2013-05-10 11:08 - 00037960 _____ () C:\Program Files\EaseUS\Todo Backup\bin\ActiveOnline.dll
2013-08-03 12:12 - 2013-05-20 16:44 - 00135240 _____ () C:\Program Files\EaseUS\Todo Backup\bin\VMConfig.dll
2013-08-03 12:12 - 2013-05-10 11:08 - 00096840 _____ () C:\Program Files\EaseUS\Todo Backup\bin\TBFireWall.dll
2013-12-03 21:52 - 2013-12-03 21:52 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2003-07-16 15:26 - 2008-04-13 19:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2003-07-16 15:35 - 2008-04-13 19:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2013-11-16 22:47 - 2013-12-05 14:36 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-12-12 18:27 - 2013-12-12 18:27 - 16242056 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Network Controller
Description: Network Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2014 04:46:10 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/20/2014 05:44:00 PM) (Source: Application Hang) (User: )
Description: Fault bucket -287931297.

Error: (01/20/2014 05:43:47 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/20/2014 05:40:06 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/20/2014 05:39:18 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/20/2014 05:38:31 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 26.0.0.5087, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/13/2014 00:07:35 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x0001240b.
Processing media-specific event for [iexplore.exe!ws!]

Error: (01/11/2014 10:36:55 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved

Error: (01/11/2014 10:36:51 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (01/11/2014 10:36:51 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.


System errors:
=============
Error: (01/22/2014 05:49:56 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
lsnfd

Error: (01/22/2014 05:49:47 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.2.0 service failed to start due to the following error:
%%2

Error: (01/22/2014 05:49:47 PM) (Source: Service Control Manager) (User: )
Description: The Reimage Real Time Protection service failed to start due to the following error:
%%2

Error: (01/21/2014 04:28:57 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
lsnfd

Error: (01/21/2014 04:28:50 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.2.0 service failed to start due to the following error:
%%2

Error: (01/21/2014 04:28:50 PM) (Source: Service Control Manager) (User: )
Description: The Reimage Real Time Protection service failed to start due to the following error:
%%2

Error: (01/20/2014 05:15:10 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
lsnfd

Error: (01/20/2014 05:15:03 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater17.2.0 service failed to start due to the following error:
%%2

Error: (01/20/2014 05:15:03 PM) (Source: Service Control Manager) (User: )
Description: The Reimage Real Time Protection service failed to start due to the following error:
%%2

Error: (01/19/2014 09:56:24 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
lsnfd


Microsoft Office Sessions:
=========================
Error: (01/21/2014 04:46:10 PM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.5087hungapp0.0.0.000000000

Error: (01/20/2014 05:44:00 PM) (Source: Application Hang)(User: )
Description: -287931297

Error: (01/20/2014 05:43:47 PM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.5087hungapp0.0.0.000000000

Error: (01/20/2014 05:40:06 PM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.5087hungapp0.0.0.000000000

Error: (01/20/2014 05:39:18 PM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.5087hungapp0.0.0.000000000

Error: (01/20/2014 05:38:31 PM) (Source: Application Hang)(User: )
Description: firefox.exe26.0.0.5087hungapp0.0.0.000000000

Error: (01/13/2014 00:07:35 PM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702ntdll.dll5.1.2600.60550001240b

Error: (01/11/2014 10:36:55 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThe server name or address could not be resolved

Error: (01/11/2014 10:36:51 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (01/11/2014 10:36:51 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.


==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 2294.07 MB
Available physical RAM: 1342.64 MB
Total Pagefile: 2511.28 MB
Available Pagefile: 1679.6 MB
Total Virtual: 2047.88 MB
Available Virtual: 1942.89 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:37.24 GB) (Free:18.44 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 37 GB) (Disk ID: D0F4738C)
Partition 1: (Active) - (Size=37 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Edited by vmonti, 22 January 2014 - 06:25 PM.


#37 vmonti

vmonti
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 23 January 2014 - 03:00 PM

I used this computer last night and today. I have not seen any pop up advertisements as of yet. It appears that the bugs have been removed and everything is working normal.

Thank You

Vinnie



#38 TheShooter93

TheShooter93

    Cody


  • Malware Study Hall Senior
  • 4,332 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:08:18 PM

Posted 24 January 2014 - 10:38 PM

Hello Vin,

 

That's good to hear! :)

 

Since I am still a student in the Malware Removal Program here, I do have to have all posts containing fixes/further steps approved by an instructor.

 

I'm currently working with an instructor to narrow down the appropriate plan of action.


Edited by TheShooter93, 24 January 2014 - 10:39 PM.

Network+ Certified | Senior at UCF pursuing Information Technology B.S. | System Administrator

Please note that I am currently in training. All malware related posts must first be approved by an instructor. This may cause a delay.


#39 TheShooter93

TheShooter93

    Cody


  • Malware Study Hall Senior
  • 4,332 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:08:18 PM

Posted 25 January 2014 - 11:11 PM

Hello vmonti,

 

Please download and install the latest version of each of the following pieces of software:

 

Adobe Flash Player

 

Java

 

Adobe Reader

 

Not keeping these programs updated leaves your computer open to malware that exploit the use of non-updated versions of this software.

 

----------------------------------------------------------------------------------------------------

 

We need to run a fix with FRST:

  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

----------------------------------------------------------------------------------------------------

 

After you have done this, restart your computer.

 

Lastly, include a fresh FRST log in your next reply and update me on how your system is running.


Edited by TheShooter93, 26 January 2014 - 06:00 PM.

Network+ Certified | Senior at UCF pursuing Information Technology B.S. | System Administrator

Please note that I am currently in training. All malware related posts must first be approved by an instructor. This may cause a delay.


#40 TheShooter93

TheShooter93

    Cody


  • Malware Study Hall Senior
  • 4,332 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:08:18 PM

Posted 28 January 2014 - 10:41 AM

Hello vmonti,

 

This is the third day since my last post. Are you still there?

 

If you need more time, just let me know.

 

If you do not post within 48 hours, this thread will be closed due to inactivity.


Network+ Certified | Senior at UCF pursuing Information Technology B.S. | System Administrator

Please note that I am currently in training. All malware related posts must first be approved by an instructor. This may cause a delay.


#41 vmonti

vmonti
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 28 January 2014 - 01:55 PM

I need more time to determine how to run fixlist.txt and then post the results.



#42 TheShooter93

TheShooter93

    Cody


  • Malware Study Hall Senior
  • 4,332 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:08:18 PM

Posted 28 January 2014 - 02:02 PM

Hi vmonti,

 

No problem. :)


Network+ Certified | Senior at UCF pursuing Information Technology B.S. | System Administrator

Please note that I am currently in training. All malware related posts must first be approved by an instructor. This may cause a delay.


#43 vmonti

vmonti
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 30 January 2014 - 12:37 PM

I hope this is the information you are looking for.

Vin

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-01-2014 01
Ran by Vincent Sr at 2014-01-30 12:33:13 Run:1
Running from C:\Documents and Settings\Vincent Sr\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
*****************

HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKCU\SOFTWARE\Policies\Google => Key deleted successfully.

==== End of Fixlog ====



#44 TheShooter93

TheShooter93

    Cody


  • Malware Study Hall Senior
  • 4,332 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:08:18 PM

Posted 31 January 2014 - 03:59 PM

Hi vmonti,

 

Yes, that is the correct information. Glad to see you got it to work!  :thumbup2:

 

-----------------------------------------------------------------------------------------------------------

 

Were you able to successfully complete this section of my previous post as well? If not, please do so.

 

Quote

Please download and install the latest version of each of the following pieces of software:

Adobe Flash Player

Java

Adobe Reader

 

Not keeping these programs updated leaves your computer open to malware that exploit the use of non-updated versions of this software.

 

 

-----------------------------------------------------------------------------------------------------------

 

Lastly, please include a fresh FRST log in your next reply. In case you need a reminder on how to do so, I've included the steps again here:

 

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Click the box next to "Addition.txt" so there is a check-mark next to it.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

-----------------------------------------------------------------------------------------------------------

 

Your computer is looking good in terms of the logs and since you have not mentioned any more pop-ups/malicious symptoms, I assume your computer is still doing well as previously reported. Is that still the case?

 

If it is, then we're almost there! As a reminder, I'll soon be posting an "All-Clean" message with some additional information for you. That will be my final post, so please don't abandon the thread until then.  :)


Network+ Certified | Senior at UCF pursuing Information Technology B.S. | System Administrator

Please note that I am currently in training. All malware related posts must first be approved by an instructor. This may cause a delay.


#45 vmonti

vmonti
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:18 PM

Posted 01 February 2014 - 11:31 AM

Cody I believe I installed the three down loads you informed me to download:

Java

Adobe Flash Player

Adobe Reader

All three showed installation successful.

Thank you for your services






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users