Jump to content


Photo

reboot hangs and weird windows error msg...


  • This topic is locked This topic is locked
12 replies to this topic

#1 oneeyedfranc

oneeyedfranc

    Member

  • Full Member
  • Pip
  • 98 posts

Posted 18 April 2014 - 08:33 PM

i've been having trouble rebooting my computer and got a weird windows error msg.  rebooting problem was the system freezing just after the windows welcome screen.  my webshots wallpaper would appear, but was not able to access my desktop.  after several re-attempts, i was able to access my desktop.  i uninstalled my microsoft security essentials (no longer supported) and installed avast! antivirus and at the end of the installation i got a windows error msg:  No disk in drive.  Please insert disk into drive \ Device \ Harddisk \ DR4.  after several attempts to reboot, i was finally successful.  am hoping someone can provide me with some insight as to wtf is going on with my computer?

 

 Results of screen317's Security Check version 0.99.82  
 Windows XP Service Pack 3 x86   
 Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled!  
avast! Antivirus   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0    
 Malwarebytes Anti-Malware version 1.75.0.1300  
 TweakNow RegCleaner 2011   
 Java 7 Update 55  
 Adobe Flash Player     13.0.0.182  
 Adobe Reader 9  
 Adobe Reader XI  
 Mozilla Firefox (28.0)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbam.exe  
 Tall Emu Online Armor OAcat.exe
 Tall Emu Online Armor oasrv.exe
 Tall Emu Online Armor oaui.exe
 Tall Emu Online Armor OAhlp.exe
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 7%
````````````````````End of Log``````````````````````

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.21376  BrowserJavaVersion: 10.55.2
Run by Francis at 16:41:46 on 2014-04-18
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3322.1950 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: Online Armor Firewall *Enabled*
.
============== Running Processes ================
.
C:\Program Files\Online Armor\OAcat.exe
C:\Program Files\Online Armor\oasrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Panda USB Vaccine\USBVaccine.exe
C:\Program Files\Intel\IDU\awServ.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\spupdsvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\regsvr32.exe
C:\WINDOWS\system32\UTSCSI.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Online Armor\OAui.exe
C:\Program Files\Online Armor\OAhlp.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Webshots\315~1.76~\Webshots.scr
C:\Program Files\IncrediMail\Bin\ImApp.exe
C:\Program Files\Trillian\trillian.exe
C:\Documents and Settings\Francis\Application Data\mjusbsp\magicJack.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.bankofamerica.com/index.jsp
dURLSearchHooks: {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -
uRun: [cdloader] "c:\documents and settings\francis\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\AxAutoMntSrv.exe" -automount
uRun: [IncrediMail] c:\program files\incredimail\bin\IncMail.exe /c
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\francis\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [@OnlineArmor GUI] "c:\program files\online armor\OAui.exe"
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
StartupFolder: c:\docume~1\francis\startm~1\programs\startup\webshots.lnk - c:\program files\webshots\3.1.5.7620\Launcher.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\pandau~1.lnk - c:\program files\panda usb vaccine\USBVaccine.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: &Add animation to IncrediMail Style Box - c:\program files\incredimail\bin\resources\WebMenuImg.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} - hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} - hxxp://intel-drv-cdn.systemrequirementslab.com/wired/bin/sysreqlab_srlx.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{3540AD61-7266-4DB8-AFEC-965424FAB09F} : DHCPNameServer = 192.168.0.1
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - c:\program files\online armor\oaevent.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\francis\application data\mozilla\firefox\profiles\lme39tzn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.tvguide.com/Listings/|https://calendar.yah...w.twoo.com/game
FF - plugin: c:\documents and settings\francis\application data\mozilla\firefox\profiles\lme39tzn.default\extensions\devicedetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: c:\documents and settings\francis\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\francis\application data\mozilla\plugins\npo1d.dll
FF - plugin: c:\documents and settings\francis\local settings\application data\google\update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32(2).dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\browser\nppdf32(2).dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_182.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2014-4-18 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2014-4-18 180632]
R0 RapportKELL;RapportKELL;c:\windows\system32\drivers\RapportKELL.sys [2012-3-11 56208]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2014-4-18 776976]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2014-4-18 411552]
R1 OADevice;OADriver;c:\windows\system32\drivers\OADriver.sys [2013-2-5 210360]
R1 oahlpXX;Online Armor helper driver;c:\windows\system32\drivers\oahlp32.sys [2013-2-5 44984]
R1 OAmon;OAmon;c:\windows\system32\drivers\OAmon.sys [2013-2-5 34856]
R1 OAnet;OAnet;c:\windows\system32\drivers\OAnet.sys [2013-2-5 31912]
R1 RapportCerberus_43926;RapportCerberus_43926;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportcerberus\43926\RapportCerberus32_43926.sys [2014-4-18 272216]
R1 RapportEI;RapportEI;c:\program files\trusteer\rapport\bin\RapportEI.sys [2012-3-11 71440]
R1 RapportPG;RapportPG;c:\program files\trusteer\rapport\bin\RapportPG.sys [2012-3-11 164112]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-4-18 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2014-4-18 67824]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2014-4-18 50344]
R2 AWService;Admin Works Agent X8;c:\program files\intel\idu\awServ.exe [2006-12-27 74520]
R2 OAcat;Online Armor Helper Service;c:\program files\online armor\OAcat.exe [2013-2-5 584864]
R2 RapportMgmtService;Rapport Management Service;c:\program files\trusteer\rapport\bin\RapportMgmtService.exe [2012-3-11 931640]
R2 StarWindServiceAE;StarWind AE Service;c:\program files\alcohol soft\alcohol 120\starwind\StarWindServiceAE.exe [2009-12-23 370688]
R2 SvcOnlineArmor;Online Armor;c:\program files\online armor\OAsrv.exe [2013-2-5 4457688]
R3 appliandMP;appliandMP;c:\windows\system32\drivers\appliand.sys [2011-6-17 28256]
R3 RapportIaso;RapportIaso;c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\39624\RapportIaso.sys [2014-4-18 21520]
S1 SBRE;SBRE;\??\c:\windows\system32\drivers\sbredrv.sys --> c:\windows\system32\drivers\SBREdrv.sys [?]
S2 AGCoreService;AG Core Services; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-8-30 1684736]
S3 appliand;Applian Network Service;c:\windows\system32\drivers\appliand.sys [2011-6-17 28256]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2010-4-22 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2010-4-22 8456]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [2011-5-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [2011-5-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [2011-5-13 136808]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2010-10-5 25088]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
.
=============== Created Last 30 ================
.
2014-04-18 19:13:37    159744    ----a-w-    c:\program files\mozilla firefox\plugins\npqtplugin5.dll
2014-04-18 19:13:37    159744    ----a-w-    c:\program files\mozilla firefox\plugins\npqtplugin4.dll
2014-04-18 19:13:37    159744    ----a-w-    c:\program files\mozilla firefox\plugins\npqtplugin3.dll
2014-04-18 19:13:37    159744    ----a-w-    c:\program files\mozilla firefox\plugins\npqtplugin2.dll
2014-04-18 19:13:37    159744    ----a-w-    c:\program files\mozilla firefox\plugins\npqtplugin.dll
2014-04-18 19:13:37    159744    ----a-w-    c:\program files\internet explorer\plugins\npqtplugin5.dll
2014-04-18 19:13:37    159744    ----a-w-    c:\program files\internet explorer\plugins\npqtplugin4.dll
2014-04-18 19:13:37    159744    ----a-w-    c:\program files\internet explorer\plugins\npqtplugin3.dll
2014-04-18 19:13:37    159744    ----a-w-    c:\program files\internet explorer\plugins\npqtplugin2.dll
2014-04-18 19:13:37    159744    ----a-w-    c:\program files\internet explorer\plugins\npqtplugin.dll
2014-04-18 18:39:15    --------    d-----w-    c:\documents and settings\francis\application data\AVAST Software
2014-04-18 18:28:26    180632    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-04-18 18:28:25    776976    ----a-w-    c:\windows\system32\drivers\aswSnx.sys
2014-04-18 18:28:23    49944    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2014-04-18 18:28:22    67824    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2014-04-18 18:28:21    24184    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
2014-04-18 18:28:16    43152    ----a-w-    c:\windows\avastSS.scr
2014-04-18 17:03:02    145408    ----a-w-    c:\windows\system32\javacpl.cpl
2014-04-18 17:02:52    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2014-03-26 23:02:26    13312    -c----w-    c:\windows\system32\dllcache\xp_eos.exe
2014-03-26 23:02:26    13312    ------w-    c:\windows\system32\xp_eos.exe
.
==================== Find3M  ====================
.
2014-04-18 19:03:53    692400    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-04-18 19:03:52    70832    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-25 22:53:54    841216    ----a-w-    c:\windows\system32\wininet.dll
2014-02-25 22:53:53    78336    ----a-w-    c:\windows\system32\ieencode.dll
2014-02-25 22:53:53    1830912    ------w-    c:\windows\system32\inetcpl.cpl
2014-02-25 22:53:53    17408    ----a-w-    c:\windows\system32\corpol.dll
2014-02-07 02:01:37    1879040    ----a-w-    c:\windows\system32\win32k.sys
2014-02-05 08:55:04    562688    ----a-w-    c:\windows\system32\qedit.dll
2014-01-19 07:32:23    231584    ------w-    c:\windows\system32\MpSigStub.exe
2012-09-16 13:30:18    4096000    ----a-w-    c:\program files\GUT4C47.tmp
2012-07-16 01:41:49    4024320    ----a-w-    c:\program files\GUTC4D.tmp
2012-04-11 06:24:47    3993600    ----a-w-    c:\program files\GUT30C.tmp
.
============= FINISH: 16:44:13.81 ===============


Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.04.18.09

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Francis :: FRANC-E0B09C9DC [administrator]

4/18/2014 4:10:03 PM
mbam-log-2014-04-18 (16-10-03).txt

Scan type: Full scan (C:\|G:\|J:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 441923
Time elapsed: 2 hour(s), 7 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 2
HKLM\SOFTWARE\Wow6432Node\IB Updater (PUP.Optional.Incredibar.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd (PUP.Optional.Incredibar.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 



#2 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,267 posts

Posted 19 April 2014 - 06:21 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the correct version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.

Let me know what problem persists.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#3 oneeyedfranc

oneeyedfranc

    Member

  • Full Member
  • Pip
  • 98 posts

Posted 19 April 2014 - 07:10 PM

Hi nasdaq, ran AdwCleaner, program hung during "Cleaning browsers", computer froze when I attempted to restart AdwCleaner.  shutdown computer by holding down power button and restarted computer.  restarted AdwCleaner and ran Scan.  clicked ok to restart computer, logs failed to appear.  ran FRST leaving 3 boxes unchecked, "List BCD, Drivers MD5, Shortcut.txt".  didn't click "Search Files" or "Fix" buttons, should i have?  closed FRST, located the AdwCleaner logs and posted them below: 

 

# AdwCleaner v3.100 - Report created 19/04/2014 at 16:45:48
# Updated 20/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Francis - FRANC-E0B09C9DC
# Running from : C:\Documents and Settings\Francis\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\Francis\Local Settings\Application Data\Package Cache
File Deleted : C:\END

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKLM\Software\TENCENT
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21376


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\prefs.js ]
 

 

# AdwCleaner v3.100 - Report created 19/04/2014 at 17:09:00
# Updated 20/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Francis - FRANC-E0B09C9DC
# Running from : C:\Documents and Settings\Francis\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.21376


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1551 octets] - [19/04/2014 16:37:10]
AdwCleaner[R1].txt - [936 octets] - [19/04/2014 17:05:53]
AdwCleaner[S0].txt - [1403 octets] - [19/04/2014 16:45:48]
AdwCleaner[S1].txt - [858 octets] - [19/04/2014 17:09:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [917 octets] ##########

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-04-2014
Ran by Francis (administrator) on FRANC-E0B09C9DC on 19-04-2014 17:20:16
Running from C:\Documents and Settings\Francis\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
(Emsisoft GmbH) C:\Program Files\Online Armor\OAcat.exe
(Emsisoft GmbH) C:\Program Files\Online Armor\oasrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe
(OSA Technologies Inc., An Avocent Company) C:\Program Files\Intel\IDU\awServ.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
() C:\WINDOWS\system32\PnkBstrA.exe
() C:\WINDOWS\system32\PnkBstrB.exe
(Microsoft Corporation) C:\WINDOWS\system32\spupdsvc.exe
(StarWind Software) C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\WINDOWS\system32\regsvr32.exe
() C:\WINDOWS\system32\UTSCSI.EXE
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.EXE
(Trusteer Ltd.) C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(Emsisoft GmbH) C:\Program Files\Online Armor\OAui.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Emsisoft GmbH) C:\Program Files\Online Armor\OAhlp.exe
() C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [18702336 2009-08-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [@OnlineArmor GUI] => C:\Program Files\Online Armor\OAui.exe [7558464 2013-10-15] (Emsisoft GmbH)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-18] (AVAST Software)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [NvCplDaemon] => C:\WINDOWS\system32\NvCpl.dll [15714592 2014-03-09] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] => C:\WINDOWS\system32\NvMCTray.dll [377288 2014-03-09] (NVIDIA Corporation)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2593056 2014-03-09] ()
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-823518204-484763869-1801674531-1003\...\Run: [cdloader] => C:\Documents and Settings\Francis\Application Data\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKU\S-1-5-21-823518204-484763869-1801674531-1003\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [33120 2010-08-20] (Alcohol Soft Development Team)
HKU\S-1-5-21-823518204-484763869-1801674531-1003\...\Run: [IncrediMail] => C:\Program Files\IncrediMail\bin\IncMail.exe [367016 2013-03-26] (IncrediMail, Ltd.)
HKU\S-1-5-21-823518204-484763869-1801674531-1003\...\Run: [Google Update] => C:\Documents and Settings\Francis\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [136176 2010-08-26] (Google Inc.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Panda USB Vaccine.lnk
ShortcutTarget: Panda USB Vaccine.lnk -> C:\Program Files\Panda USB Vaccine\USBVaccine.exe (Panda Security)
Startup: C:\Documents and Settings\Francis\Start Menu\Programs\Startup\Webshots.lnk
ShortcutTarget: Webshots.lnk -> C:\Program Files\Webshots\3.1.5.7620\Launcher.exe (Webshots.com)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.bankofam...a.com/index.jsp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} http://www.logitech....Detection32.cab
DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} http://intel-drv-cdn...reqlab_srlx.cab
DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bit...m/qsax/qsax.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
ShellExecuteHooks: OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - C:\Program Files\Online Armor\oaevent.dll [1033968 2013-10-15] (Emsisoft GmbH)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default
FF Homepage: hxxp://www.tvguide.com/Listings/|https://calendar.yah...w.twoo.com/game
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 - C:\Program Files\ATT\8.3.1.18\ma\bin\npMotive.dll No File
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Documents and Settings\Francis\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Documents and Settings\Francis\Application Data\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Documents and Settings\Francis\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Documents and Settings\Francis\Local Settings\Application Data\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Francis\Application Data\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Francis\Application Data\mozilla\plugins\npo1d.dll (Google)
FF Extension: Add to Amazon Wish List Button - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\amznUWL2@amazon(2).com [2011-06-27]
FF Extension: Add-on Compatibility Reporter - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\compatibility@addons.mozilla(2).org [2011-06-27]
FF Extension: Разпознаване на устройство Logitech - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\DeviceDetection@logitech.com [2011-08-09]
FF Extension: Xmarks - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\foxmarks@kei(2).com [2012-03-13]
FF Extension: TinEye Reverse Image Search - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\tineye@ideeinc(2).com [2010-07-01]
FF Extension: Google Toolbar for Firefox - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-06-02]
FF Extension: No Name - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}-trash [2011-03-11]
FF Extension: NoScript - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2) [2011-06-27]
FF Extension: WOT - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: Adblock Plus - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2) [2011-06-27]
FF Extension: Add-on Compatibility Reporter - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\compatibility@addons.mozilla.org.xpi [2011-06-27]
FF Extension: TinEye Reverse Image Search - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\tineye@ideeinc.com.xpi [2011-07-01]
FF Extension: Twoo Notifications - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\twoo@twoo.com.xpi [2013-12-11]
FF Extension: Password Exporter - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2013-01-25]
FF Extension: Adblock Plus - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-06-27]
FF Extension: Download Statusbar - C:\Documents and Settings\Francis\Application Data\Mozilla\Firefox\Profiles\lme39tzn.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2011-10-27]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-15]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-15]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-02-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG10\Firefox4\
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-18]

========================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-18] (AVAST Software)
R2 AWService; C:\Program Files\Intel\IDU\awServ.exe [74520 2006-12-27] (OSA Technologies Inc., An Avocent Company)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 OAcat; C:\Program Files\Online Armor\OAcat.exe [584864 2013-10-15] (Emsisoft GmbH)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [75064 2010-08-28] ()
R2 PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [189480 2010-10-09] ()
R2 spupdsvc; C:\WINDOWS\system32\spupdsvc.exe [26488 2007-07-27] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 SvcOnlineArmor; C:\Program Files\Online Armor\oasrv.exe [4457688 2013-10-15] (Emsisoft GmbH)
R2 UTSCSI; C:\WINDOWS\system32\UTSCSI.EXE [45056 2011-06-12] ()
S2 AGCoreService; No ImagePath
S3 stllssvr; "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
S3 appliand; C:\WINDOWS\System32\DRIVERS\appliand.sys [28256 2011-06-01] (Applian Technologies Inc.)
R3 appliandMP; C:\WINDOWS\System32\DRIVERS\appliand.sys [28256 2011-06-01] (Applian Technologies Inc.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-04-18] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-04-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-04-18] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-04-18] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [776976 2014-04-18] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [411552 2014-04-18] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-04-18] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180632 2014-04-18] ()
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [13192 2010-02-23] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [8456 2010-02-23] ()
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S3 NAL; C:\WINDOWS\system32\Drivers\iqvw32.sys [30880 2009-06-24] (Intel Corporation )
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 OADevice; C:\WINDOWS\system32\drivers\OADriver.sys [210360 2013-10-15] ()
R1 oahlpXX; C:\WINDOWS\system32\drivers\oahlp32.sys [44984 2013-10-15] ()
R1 OAmon; C:\WINDOWS\system32\drivers\OAmon.sys [34856 2013-10-15] (Emsisoft)
R1 OAnet; C:\WINDOWS\system32\drivers\OAnet.sys [31912 2013-10-15] (Emsisoft)
R2 osaio; C:\WINDOWS\system32\drivers\osaio.sys [6784 2009-08-27] (OSA Technologies, An Avocent Company)
R3 pepifilter; C:\WINDOWS\System32\DRIVERS\lv302af.sys [13976 2009-04-30] (Logitech Inc.)
R3 PID_PEPI; C:\WINDOWS\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
S3 PnkBstrK; C:\WINDOWS\system32\drivers\PnkBstrK.sys [137544 2010-10-09] ()
R1 RapportCerberus_59849; C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys [340432 2014-04-18] ()
R3 smbusp; C:\WINDOWS\System32\DRIVERS\intelsmb.sys [45184 2006-12-27] (Intel Corporation)
S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
R0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [428088 2012-01-05] ()
S3 teamviewervpn; C:\WINDOWS\System32\DRIVERS\teamviewervpn.sys [25088 2010-09-23] (TeamViewer GmbH)
R3 WmBEnum; C:\WINDOWS\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
R3 WmFilter; C:\WINDOWS\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
R3 WmHidLo; C:\WINDOWS\System32\drivers\WmHidLo.sys [31816 2010-04-27] (Logitech Inc.)
S3 WmVirHid; C:\WINDOWS\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\WINDOWS\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
U3 a3xxa5ow; C:\WINDOWS\system32\Drivers\a3xxa5ow.sys [0 ] (Microsoft Corporation)
U3 amaukw58; C:\WINDOWS\system32\Drivers\amaukw58.sys [0 ] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
S3 MREMP50; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [X]
S0 PxHelp20; System32\Drivers\PxHelp20.sys [X]
S1 SBRE; \??\C:\WINDOWS\system32\drivers\SBREdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-19 17:20 - 2014-04-19 17:20 - 00020054 _____ () C:\Documents and Settings\Francis\Desktop\FRST.txt
2014-04-19 17:19 - 2014-04-19 17:20 - 00000000 ____D () C:\FRST
2014-04-19 16:37 - 2014-04-19 17:09 - 00000000 ____D () C:\AdwCleaner
2014-04-19 16:35 - 2014-04-19 16:35 - 01308369 _____ () C:\Documents and Settings\Francis\Desktop\adwcleaner.exe
2014-04-19 08:28 - 2014-04-19 08:28 - 01043968 _____ (Farbar) C:\Documents and Settings\Francis\Desktop\FRST.exe
2014-04-18 23:57 - 2014-04-18 23:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\NVIDIA Corporation
2014-04-18 23:56 - 2014-04-18 23:56 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-04-18 23:53 - 2014-03-09 13:35 - 01051080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3233528.dll
2014-04-18 23:53 - 2014-03-09 13:35 - 00896456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3233528.dll
2014-04-18 23:43 - 2014-04-18 23:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Trusteer Endpoint Protection
2014-04-18 23:35 - 2013-10-28 21:48 - 00335872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrshe.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00335872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsar.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00286720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsfr.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsit.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrses.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00282624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsel.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00278528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsde.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrspt.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsnl.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsja.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00274432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsesm.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00270336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsru.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00270336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsptb.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00266240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsko.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00262144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrshu.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrstr.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssl.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssk.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00258048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrspl.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsth.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrssv.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsno.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00253952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsda.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrsfi.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrseng.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00249856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrscs.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00229376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrszhc.dll
2014-04-18 23:35 - 2013-10-28 21:48 - 00126976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvrszht.dll
2014-04-18 16:11 - 2014-04-18 16:50 - 00000000 ____D () C:\Documents and Settings\Francis\Desktop\CurrentScans
2014-04-18 12:13 - 2014-04-18 12:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-04-18 12:12 - 2014-04-18 12:13 - 00000000 ____D () C:\Program Files\QuickTime
2014-04-18 12:12 - 2014-04-18 12:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple Computer
2014-04-18 11:39 - 2014-04-18 11:39 - 00000000 ____D () C:\Documents and Settings\Francis\Application Data\AVAST Software
2014-04-18 11:29 - 2014-04-18 11:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-04-18 11:28 - 2014-04-19 17:12 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-04-18 11:28 - 2014-04-18 11:28 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-04-18 11:28 - 2014-04-18 11:28 - 00180632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-04-18 11:28 - 2014-04-18 11:28 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-04-18 10:48 - 2014-04-18 10:48 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-04-18 10:03 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-18 10:03 - 2014-04-14 19:47 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-04-18 10:02 - 2014-04-18 10:02 - 00004088 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log
2014-04-18 10:02 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-18 10:02 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-18 10:02 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-16 21:18 - 2014-04-16 22:57 - 00000000 ____D () C:\Documents and Settings\Francis\Desktop\Mary's Scans
2014-04-13 18:33 - 2014-04-18 21:56 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-04-08 19:34 - 2014-04-08 19:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-08 19:29 - 2014-04-08 19:34 - 00018072 _____ () C:\WINDOWS\KB2922229.log
2014-04-08 19:28 - 2014-04-08 19:34 - 00108386 _____ () C:\WINDOWS\KB2936068-IE7.log
2014-04-02 17:58 - 2014-04-08 15:00 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-03-26 23:00 - 2014-03-26 23:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-26 22:59 - 2014-03-26 23:00 - 00005054 _____ () C:\WINDOWS\KB2934207.log
2014-03-26 16:02 - 2014-02-25 18:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-03-26 16:02 - 2014-02-25 18:59 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe

==================== One Month Modified Files and Folders =======

2014-04-19 17:20 - 2014-04-19 17:20 - 00020054 _____ () C:\Documents and Settings\Francis\Desktop\FRST.txt
2014-04-19 17:20 - 2014-04-19 17:19 - 00000000 ____D () C:\FRST
2014-04-19 17:18 - 2010-08-26 16:49 - 00000986 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-823518204-484763869-1801674531-1003UA.job
2014-04-19 17:15 - 2009-08-26 18:17 - 01959276 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-19 17:14 - 2013-10-13 13:37 - 00001276 _____ () C:\WINDOWS\system32\nvAppTimestamps
2014-04-19 17:12 - 2014-04-18 11:28 - 00000366 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-04-19 17:12 - 2009-08-26 11:10 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-04-19 17:12 - 2009-08-26 11:10 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-04-19 17:12 - 2008-04-14 05:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-04-19 17:11 - 2011-09-03 18:30 - 00000564 _____ () C:\WINDOWS\Tasks\PandaUSBVaccine.job
2014-04-19 17:11 - 2009-08-26 18:21 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-19 17:10 - 2009-08-26 18:22 - 00000178 ___SH () C:\Documents and Settings\Francis\ntuser.ini
2014-04-19 17:10 - 2009-08-26 18:21 - 00032476 _____ () C:\WINDOWS\SchedLgU.Txt
2014-04-19 17:09 - 2014-04-19 16:37 - 00000000 ____D () C:\AdwCleaner
2014-04-19 17:08 - 2010-01-25 02:59 - 00079170 _____ () C:\WINDOWS\spupdsvc.log
2014-04-19 16:40 - 2012-10-11 02:22 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-19 16:35 - 2014-04-19 16:35 - 01308369 _____ () C:\Documents and Settings\Francis\Desktop\adwcleaner.exe
2014-04-19 16:29 - 2011-06-12 21:38 - 00000000 ____D () C:\Documents and Settings\Francis\Application Data\mjusbsp
2014-04-19 16:28 - 2010-01-28 21:53 - 00000000 ____D () C:\Program Files\Trillian
2014-04-19 08:28 - 2014-04-19 08:28 - 01043968 _____ (Farbar) C:\Documents and Settings\Francis\Desktop\FRST.exe
2014-04-19 08:18 - 2010-08-26 16:49 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-823518204-484763869-1801674531-1003Core.job
2014-04-19 00:07 - 2010-12-11 17:09 - 00001002 _____ () C:\Documents and Settings\Francis\Start Menu\Programs\magicJack.lnk
2014-04-19 00:07 - 2010-01-25 21:22 - 00000996 _____ () C:\Documents and Settings\Francis\Desktop\magicJack.lnk
2014-04-19 00:05 - 2013-07-15 21:03 - 00000000 ____D () C:\Documents and Settings\Francis\Local Settings\Application Data\NVIDIA
2014-04-19 00:00 - 2013-10-13 15:51 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2014-04-18 23:57 - 2014-04-18 23:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\NVIDIA Corporation
2014-04-18 23:57 - 2010-11-18 22:53 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\NVIDIA
2014-04-18 23:56 - 2014-04-18 23:56 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-04-18 23:56 - 2010-11-12 01:07 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-04-18 23:55 - 2013-11-15 11:46 - 00136587 _____ () C:\WINDOWS\setupapi.log
2014-04-18 23:55 - 2013-10-13 17:23 - 01144544 _____ () C:\WINDOWS\system32\nvdrsdb1.bin
2014-04-18 23:55 - 2013-10-13 17:23 - 01144544 _____ () C:\WINDOWS\system32\nvdrsdb0.bin
2014-04-18 23:55 - 2013-10-13 17:23 - 00000001 _____ () C:\WINDOWS\system32\nvdrssel.bin
2014-04-18 23:54 - 2009-08-30 14:43 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-04-18 23:43 - 2014-04-18 23:43 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Trusteer Endpoint Protection
2014-04-18 23:40 - 2011-04-05 02:36 - 00000000 ____D () C:\Program Files\WinRAR
2014-04-18 23:35 - 2009-08-26 11:00 - 00000000 ____D () C:\WINDOWS\Help
2014-04-18 23:33 - 2012-03-23 13:19 - 00009218 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-04-18 23:33 - 2012-03-23 13:16 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-04-18 21:56 - 2014-04-13 18:33 - 00000664 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-04-18 16:50 - 2014-04-18 16:11 - 00000000 ____D () C:\Documents and Settings\Francis\Desktop\CurrentScans
2014-04-18 16:41 - 2011-05-13 17:31 - 00000000 ____D () C:\Documents and Settings\Francis\Desktop\Spyware Tools & Reports
2014-04-18 14:33 - 2011-04-05 02:36 - 00000000 ____D () C:\Documents and Settings\Francis\Start Menu\Programs\WinRAR
2014-04-18 14:33 - 2011-04-05 02:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
2014-04-18 12:13 - 2014-04-18 12:13 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
2014-04-18 12:13 - 2014-04-18 12:12 - 00000000 ____D () C:\Program Files\QuickTime
2014-04-18 12:12 - 2014-04-18 12:12 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Apple Computer
2014-04-18 12:03 - 2012-11-13 11:58 - 00692400 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-04-18 12:03 - 2011-05-24 15:18 - 00070832 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-04-18 12:02 - 2011-03-19 17:43 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-04-18 11:39 - 2014-04-18 11:39 - 00000000 ____D () C:\Documents and Settings\Francis\Application Data\AVAST Software
2014-04-18 11:29 - 2014-04-18 11:29 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Avast
2014-04-18 11:28 - 2014-04-18 11:28 - 00776976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00411552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00271264 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-04-18 11:28 - 2014-04-18 11:28 - 00180632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00067824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00057672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswTdi.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00054832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00049944 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-04-18 11:28 - 2014-04-18 11:28 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-04-18 11:28 - 2014-04-18 11:28 - 00024184 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-04-18 11:27 - 2011-05-17 23:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVAST Software
2014-04-18 11:26 - 2011-05-25 16:42 - 00001945 _____ () C:\WINDOWS\epplauncher.mif
2014-04-18 11:00 - 2010-06-23 19:20 - 00000320 _____ () C:\WINDOWS\Tasks\EASEUS Partition Master 5.5.1 Home Edition.job
2014-04-18 10:48 - 2014-04-18 10:48 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-04-18 10:02 - 2014-04-18 10:02 - 00004088 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log
2014-04-18 10:02 - 2010-02-07 04:11 - 00000000 ____D () C:\Program Files\Java
2014-04-18 05:05 - 2011-05-19 05:06 - 00000260 _____ () C:\WINDOWS\Tasks\Malwarebytes' Anti-Malware.job
2014-04-16 22:57 - 2014-04-16 21:18 - 00000000 ____D () C:\Documents and Settings\Francis\Desktop\Mary's Scans
2014-04-16 22:49 - 2010-01-28 16:35 - 00000000 ____D () C:\Documents and Settings\Francis\Local Settings\Application Data\Adobe
2014-04-15 20:53 - 2010-02-12 19:00 - 00000000 ____D () C:\Documents and Settings\Francis\My Documents\Receipts
2014-04-15 10:47 - 2012-03-23 13:46 - 00147456 _____ () C:\Documents and Settings\Francis\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-14 20:13 - 2014-04-18 10:02 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-14 20:05 - 2014-04-18 10:03 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-14 20:05 - 2014-04-18 10:02 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-14 20:04 - 2014-04-18 10:02 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-14 19:47 - 2014-04-18 10:03 - 00145408 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-04-08 19:34 - 2014-04-08 19:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-04-08 19:34 - 2014-04-08 19:29 - 00018072 _____ () C:\WINDOWS\KB2922229.log
2014-04-08 19:34 - 2014-04-08 19:28 - 00108386 _____ () C:\WINDOWS\KB2936068-IE7.log
2014-04-08 19:34 - 2010-01-25 02:58 - 00303358 _____ () C:\WINDOWS\updspapi.log
2014-04-08 19:34 - 2009-08-26 11:06 - 02107656 _____ () C:\WINDOWS\FaxSetup.log
2014-04-08 19:34 - 2009-08-26 11:06 - 01016697 _____ () C:\WINDOWS\ocgen.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00966906 _____ () C:\WINDOWS\tsoc.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00712648 _____ () C:\WINDOWS\comsetup.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00647872 _____ () C:\WINDOWS\msmqinst.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00430158 _____ () C:\WINDOWS\ntdtcsetup.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00369927 _____ () C:\WINDOWS\netfxocm.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00307615 _____ () C:\WINDOWS\iis6.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00145562 _____ () C:\WINDOWS\MedCtrOC.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00116823 _____ () C:\WINDOWS\ocmsn.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00106681 _____ () C:\WINDOWS\tabletoc.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00105622 _____ () C:\WINDOWS\msgsocm.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-04-08 19:34 - 2009-08-26 11:06 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-04-08 19:33 - 2013-08-15 09:58 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-08 19:30 - 2010-01-25 03:00 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-08 15:00 - 2014-04-02 17:58 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-04-02 17:57 - 2014-02-15 00:36 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-29 22:50 - 2012-08-17 22:42 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-26 23:00 - 2014-03-26 23:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-03-26 23:00 - 2014-03-26 22:59 - 00005054 _____ () C:\WINDOWS\KB2934207.log

Some content of TEMP:
====================
C:\Documents and Settings\Francis\Local Settings\temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\Francis\Local Settings\temp\jre-7u51-windows-i586-iftw.exe
C:\Documents and Settings\Francis\Local Settings\temp\jre-7u55-windows-i586-iftw.exe
C:\Documents and Settings\Francis\Local Settings\temp\NVI2_29.DLL
C:\Documents and Settings\Francis\Local Settings\temp\pcDesktopAlertNotifierX.dll
C:\Documents and Settings\Francis\Local Settings\temp\vlc-2.0.8-win32.exe
C:\Documents and Settings\Francis\Local Settings\temp\vlc-2.1.2-win32.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
 

 

 

Attached Files



#4 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,267 posts

Posted 20 April 2014 - 06:17 AM

Nothing suspicious was found on your logs.

Lets check the Master Boot Record.

Read carefully and follow these steps.
TDSS
  • Download TDSSKiller and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application.
  • Then click on Start Scan.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.

    TDSSKillerSuspicious-1.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • Important: Do NOT change the default action on your own unless instructed by a malware Helper! Doing so may render your computer unbootable.
    TDSSKillerMal-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

    TDSSKillerCompleted.png
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
===

Download http://public.avast....erek/aswMBR.exe (aswMBR.exe) to your desktop. Double click the aswMBR.exe to run it
  • Click the "Scan" button to start scan.
  • Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANT
  • Please post the contents of that log in your next reply.
  • There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

    Note: You may be asked if you want to download Avast Free Antivirus I suggest you deny this download unless you do not have any Antivirus protection on the computer.
    ===

nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#5 oneeyedfranc

oneeyedfranc

    Member

  • Full Member
  • Pip
  • 98 posts

Posted 20 April 2014 - 01:01 PM

11:23:11.0843 0x1348  TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
11:24:32.0359 0x1348  ============================================================
11:24:32.0359 0x1348  Current date / time: 2014/04/20 11:24:32.0359
11:24:32.0359 0x1348  SystemInfo:
11:24:32.0359 0x1348  
11:24:32.0359 0x1348  OS Version: 5.1.2600 ServicePack: 3.0
11:24:32.0359 0x1348  Product type: Workstation
11:24:32.0359 0x1348  ComputerName: FRANC-E0B09C9DC
11:24:32.0359 0x1348  UserName: Francis
11:24:32.0359 0x1348  Windows directory: C:\WINDOWS
11:24:32.0359 0x1348  System windows directory: C:\WINDOWS
11:24:32.0359 0x1348  Processor architecture: Intel x86
11:24:32.0359 0x1348  Number of processors: 2
11:24:32.0359 0x1348  Page size: 0x1000
11:24:32.0359 0x1348  Boot type: Normal boot
11:24:32.0359 0x1348  ============================================================
11:24:35.0703 0x1348  KLMD registered as C:\WINDOWS\system32\drivers\07316243.sys
11:24:36.0531 0x1348  System UUID: {2A2E4E5E-757B-6DEF-8AF6-0626FAF2C53A}
11:24:39.0562 0x1348  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:24:39.0578 0x1348  Drive \Device\Harddisk1\DR2 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:24:39.0640 0x1348  Drive \Device\Harddisk3\DR6 - Size: 0x3C100000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:24:39.0640 0x1348  ============================================================
11:24:39.0656 0x1348  \Device\Harddisk0\DR0:
11:24:39.0656 0x1348  MBR partitions:
11:24:39.0656 0x1348  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74701AC1
11:24:39.0656 0x1348  \Device\Harddisk1\DR2:
11:24:39.0656 0x1348  MBR partitions:
11:24:39.0656 0x1348  \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
11:24:39.0656 0x1348  \Device\Harddisk3\DR6:
11:24:39.0656 0x1348  MBR partitions:
11:24:39.0656 0x1348  \Device\Harddisk3\DR6\Partition1: MBR, Type 0x6, StartLBA 0xE18, BlocksNum 0x1DF9E8
11:24:39.0656 0x1348  ============================================================
11:24:39.0781 0x1348  C: <-> \Device\Harddisk0\DR0\Partition1
11:24:39.0906 0x1348  J: <-> \Device\Harddisk1\DR2\Partition1
11:24:39.0906 0x1348  ============================================================
11:24:39.0906 0x1348  Initialize success
11:24:39.0906 0x1348  ============================================================
11:25:09.0265 0x0dd0  ============================================================
11:25:09.0265 0x0dd0  Scan started
11:25:09.0265 0x0dd0  Mode: Manual;
11:25:09.0265 0x0dd0  ============================================================
11:25:09.0265 0x0dd0  KSN ping started
11:25:24.0234 0x0dd0  KSN ping finished: true
11:25:26.0203 0x0dd0  ================ Scan system memory ========================
11:25:26.0218 0x0dd0  System memory - ok
11:25:26.0218 0x0dd0  ================ Scan services =============================
11:25:26.0328 0x0dd0  Abiosdsk - ok
11:25:26.0328 0x0dd0  abp480n5 - ok
11:25:26.0390 0x0dd0  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:25:26.0406 0x0dd0  ACPI - ok
11:25:26.0500 0x0dd0  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
11:25:26.0500 0x0dd0  ACPIEC - ok
11:25:26.0609 0x0dd0  [ C2CE3311D2477B1B24CFB67020AD49B6, 5F800CDD69BA4E8813876BE82FC9FED3F2584DB8C8ADED345F7B5C2A32F809AE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:25:26.0625 0x0dd0  AdobeFlashPlayerUpdateSvc - ok
11:25:26.0625 0x0dd0  adpu160m - ok
11:25:26.0687 0x0dd0  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
11:25:26.0687 0x0dd0  aec - ok
11:25:26.0734 0x0dd0  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
11:25:26.0750 0x0dd0  AFD - ok
11:25:26.0750 0x0dd0  Aha154x - ok
11:25:26.0750 0x0dd0  aic78u2 - ok
11:25:26.0765 0x0dd0  aic78xx - ok
11:25:26.0796 0x0dd0  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
11:25:26.0796 0x0dd0  Alerter - ok
11:25:26.0828 0x0dd0  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
11:25:26.0843 0x0dd0  ALG - ok
11:25:26.0843 0x0dd0  AliIde - ok
11:25:26.0937 0x0dd0  [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
11:25:27.0015 0x0dd0  Ambfilt - ok
11:25:27.0015 0x0dd0  amsint - ok
11:25:27.0078 0x0dd0  [ 69370F2E2827FFBA910D0BFA9E62E484, 36FFD6EFA2D15460B5B8BD58BF1324AA5072CA775C19B8FEE4812CCB65DBA9D7 ] appliand        C:\WINDOWS\system32\DRIVERS\appliand.sys
11:25:27.0093 0x0dd0  appliand - ok
11:25:27.0093 0x0dd0  [ 69370F2E2827FFBA910D0BFA9E62E484, 36FFD6EFA2D15460B5B8BD58BF1324AA5072CA775C19B8FEE4812CCB65DBA9D7 ] appliandMP      C:\WINDOWS\system32\DRIVERS\appliand.sys
11:25:27.0093 0x0dd0  appliandMP - ok
11:25:27.0125 0x0dd0  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
11:25:27.0140 0x0dd0  AppMgmt - ok
11:25:27.0171 0x0dd0  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
11:25:27.0171 0x0dd0  Arp1394 - ok
11:25:27.0187 0x0dd0  asc - ok
11:25:27.0187 0x0dd0  asc3350p - ok
11:25:27.0203 0x0dd0  asc3550 - ok
11:25:27.0359 0x0dd0  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:25:27.0390 0x0dd0  aspnet_state - ok
11:25:27.0421 0x0dd0  [ 4D6C6E0505A8E5A0656DCB223497D37C, 7F9457AF4B6E4FC6C4F77BD39DB5EB5520C44D22974B9781EA0F984D6830637C ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
11:25:27.0421 0x0dd0  aswHwid - ok
11:25:27.0421 0x0dd0  [ 1A2CC93BBD77C2D95A7567938D7D7239, DD082ACA011DA63CC1A69BAD8C42B9DA3A9975194D87B5584A39C91ED92341E3 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
11:25:27.0421 0x0dd0  aswMonFlt - ok
11:25:27.0437 0x0dd0  [ 46B3ABE51856A9F5B2ABBA0221F4C360, EAAE03D497BA03EAE5EC0D29ADD7FBCED7E744B45071A9CA706D3B78F24D2868 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr.sys
11:25:27.0437 0x0dd0  aswRdr - ok
11:25:27.0453 0x0dd0  [ 24B3BDA01DB3A704E33A5266C7B52DAF, FB2555504570E8FD6AA251BE9D05EDC2B73596EF830384130556EC64E518FE65 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
11:25:27.0453 0x0dd0  aswRvrt - ok
11:25:27.0484 0x0dd0  [ A148A36F871BFDBF80654D28D6B59FAE, BA7B127D2B64EF969D0C040589CB740E068DF7CE8B964B3CABB7511BCD389DC5 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
11:25:27.0500 0x0dd0  aswSnx - ok
11:25:27.0531 0x0dd0  [ EBD3B15E2E01EE94BA5262FAFC691A8E, F58A08B5467FCF527DC97E000496284584DFF890AAC3E19BC650FF160DD2EA79 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
11:25:27.0546 0x0dd0  aswSP - ok
11:25:27.0562 0x0dd0  [ AF01CD260A9EF60B09029C9F5EF99040, C74A94598DC8DBD3AB13E43A60ED12698A121332446867FC3B75745626E0B7CB ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
11:25:27.0562 0x0dd0  aswTdi - ok
11:25:27.0578 0x0dd0  [ B2D7EE52633CA8831DDAFCA81C2D46C3, 017C6C376520380F29AF465F1464C3652D421C4B873B7AC2647498F356032361 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
11:25:27.0578 0x0dd0  aswVmm - ok
11:25:27.0593 0x0dd0  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:25:27.0593 0x0dd0  AsyncMac - ok
11:25:27.0609 0x0dd0  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
11:25:27.0609 0x0dd0  atapi - ok
11:25:27.0625 0x0dd0  Atdisk - ok
11:25:27.0625 0x0dd0  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:25:27.0640 0x0dd0  Atmarpc - ok
11:25:27.0671 0x0dd0  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
11:25:27.0671 0x0dd0  AudioSrv - ok
11:25:27.0718 0x0dd0  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
11:25:27.0718 0x0dd0  audstub - ok
11:25:27.0843 0x0dd0  [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:25:27.0843 0x0dd0  avast! Antivirus - ok
11:25:27.0875 0x0dd0  [ 8582C97889C224082578EE02AA00B2E6, AB20A502687A45E4D9D5BF6673F2D0B15439BAEC397B8DDCE02020426EBDC4CD ] AWService       C:\Program Files\Intel\IDU\awServ.exe
11:25:27.0890 0x0dd0  AWService - ok
11:25:27.0937 0x0dd0  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
11:25:27.0937 0x0dd0  Beep - ok
11:25:28.0000 0x0dd0  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
11:25:28.0031 0x0dd0  BITS - ok
11:25:28.0078 0x0dd0  [ F934D1B230F84E1D19DD00AC5A7A83ED, 32CD3A7A1F06DCCE2A4D9FA6E2AE7B3E2B57FA2D5F1C74EA79D72E5E0E352E60 ] Bridge          C:\WINDOWS\system32\DRIVERS\bridge.sys
11:25:28.0078 0x0dd0  Bridge - ok
11:25:28.0093 0x0dd0  [ F934D1B230F84E1D19DD00AC5A7A83ED, 32CD3A7A1F06DCCE2A4D9FA6E2AE7B3E2B57FA2D5F1C74EA79D72E5E0E352E60 ] BridgeMP        C:\WINDOWS\system32\DRIVERS\bridge.sys
11:25:28.0093 0x0dd0  BridgeMP - ok
11:25:28.0140 0x0dd0  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
11:25:28.0140 0x0dd0  Browser - ok
11:25:28.0140 0x0dd0  catchme - ok
11:25:28.0187 0x0dd0  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
11:25:28.0187 0x0dd0  cbidf2k - ok
11:25:28.0218 0x0dd0  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:25:28.0218 0x0dd0  CCDECODE - ok
11:25:28.0218 0x0dd0  cd20xrnt - ok
11:25:28.0265 0x0dd0  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
11:25:28.0281 0x0dd0  Cdaudio - ok
11:25:28.0281 0x0dd0  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
11:25:28.0296 0x0dd0  Cdfs - ok
11:25:28.0343 0x0dd0  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:25:28.0343 0x0dd0  Cdrom - ok
11:25:28.0343 0x0dd0  Changer - ok
11:25:28.0359 0x0dd0  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
11:25:28.0359 0x0dd0  CiSvc - ok
11:25:28.0375 0x0dd0  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
11:25:28.0375 0x0dd0  ClipSrv - ok
11:25:28.0453 0x0dd0  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:25:28.0453 0x0dd0  clr_optimization_v2.0.50727_32 - ok
11:25:28.0484 0x0dd0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:25:28.0625 0x0dd0  clr_optimization_v4.0.30319_32 - ok
11:25:28.0625 0x0dd0  CmdIde - ok
11:25:28.0640 0x0dd0  COMSysApp - ok
11:25:28.0656 0x0dd0  Cpqarray - ok
11:25:28.0671 0x0dd0  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
11:25:28.0671 0x0dd0  CryptSvc - ok
11:25:28.0671 0x0dd0  dac2w2k - ok
11:25:28.0687 0x0dd0  dac960nt - ok
11:25:28.0734 0x0dd0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
11:25:28.0750 0x0dd0  DcomLaunch - ok
11:25:28.0765 0x0dd0  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
11:25:28.0765 0x0dd0  Dhcp - ok
11:25:28.0796 0x0dd0  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
11:25:28.0796 0x0dd0  Disk - ok
11:25:28.0812 0x0dd0  dmadmin - ok
11:25:28.0859 0x0dd0  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
11:25:28.0890 0x0dd0  dmboot - ok
11:25:28.0890 0x0dd0  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
11:25:28.0906 0x0dd0  dmio - ok
11:25:28.0906 0x0dd0  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
11:25:28.0921 0x0dd0  dmload - ok
11:25:28.0921 0x0dd0  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
11:25:28.0937 0x0dd0  dmserver - ok
11:25:28.0953 0x0dd0  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
11:25:28.0968 0x0dd0  DMusic - ok
11:25:29.0000 0x0dd0  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
11:25:29.0000 0x0dd0  Dnscache - ok
11:25:29.0015 0x0dd0  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
11:25:29.0015 0x0dd0  Dot3svc - ok
11:25:29.0031 0x0dd0  dpti2o - ok
11:25:29.0046 0x0dd0  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
11:25:29.0046 0x0dd0  drmkaud - ok
11:25:29.0093 0x0dd0  [ 8942419786970ADB32B05BB7950AEE72, 0AF023A9AABD75E2AA54A26E54A62314DDEC7320C15C33950F1B9CBC48E2D40D ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
11:25:29.0109 0x0dd0  e1express - ok
11:25:29.0140 0x0dd0  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
11:25:29.0140 0x0dd0  EapHost - ok
11:25:29.0171 0x0dd0  [ F07BA56B0235F15EFF8F10DC6389C42E, A7202CCB418D03606A97679BCF166ACA12F8341E8AB97DF044AE00401B8496B4 ] epmntdrv        C:\WINDOWS\system32\epmntdrv.sys
11:25:29.0171 0x0dd0  epmntdrv - ok
11:25:29.0203 0x0dd0  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
11:25:29.0218 0x0dd0  ERSvc - ok
11:25:29.0218 0x0dd0  [ 1F2F4AB15CE03ECC257FEB2F6DC5A013, FB06406AD9CCD946155C4E8CA769E0430589A4E4BBBDA2C90A67C84E0D2F8EE0 ] EuGdiDrv        C:\WINDOWS\system32\EuGdiDrv.sys
11:25:29.0234 0x0dd0  EuGdiDrv - ok
11:25:29.0281 0x0dd0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
11:25:29.0296 0x0dd0  Eventlog - ok
11:25:29.0343 0x0dd0  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
11:25:29.0359 0x0dd0  EventSystem - ok
11:25:29.0390 0x0dd0  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
11:25:29.0406 0x0dd0  Fastfat - ok
11:25:29.0453 0x0dd0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:25:29.0468 0x0dd0  FastUserSwitchingCompatibility - ok
11:25:29.0484 0x0dd0  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
11:25:29.0484 0x0dd0  Fdc - ok
11:25:29.0531 0x0dd0  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
11:25:29.0531 0x0dd0  Fips - ok
11:25:29.0578 0x0dd0  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
11:25:29.0578 0x0dd0  Flpydisk - ok
11:25:29.0609 0x0dd0  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:25:29.0609 0x0dd0  FltMgr - ok
11:25:29.0640 0x0dd0  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:25:29.0656 0x0dd0  FontCache3.0.0.0 - ok
11:25:29.0671 0x0dd0  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:25:29.0671 0x0dd0  Fs_Rec - ok
11:25:29.0687 0x0dd0  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:25:29.0687 0x0dd0  Ftdisk - ok
11:25:29.0703 0x0dd0  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:25:29.0703 0x0dd0  Gpc - ok
11:25:29.0718 0x0dd0  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:25:29.0718 0x0dd0  HDAudBus - ok
11:25:29.0765 0x0dd0  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:25:29.0781 0x0dd0  helpsvc - ok
11:25:29.0812 0x0dd0  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
11:25:29.0812 0x0dd0  HidServ - ok
11:25:29.0843 0x0dd0  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:25:29.0843 0x0dd0  hidusb - ok
11:25:29.0875 0x0dd0  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
11:25:29.0890 0x0dd0  hkmsvc - ok
11:25:29.0890 0x0dd0  hpn - ok
11:25:29.0953 0x0dd0  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
11:25:29.0953 0x0dd0  HTTP - ok
11:25:30.0000 0x0dd0  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
11:25:30.0000 0x0dd0  HTTPFilter - ok
11:25:30.0015 0x0dd0  i2omgmt - ok
11:25:30.0015 0x0dd0  i2omp - ok
11:25:30.0046 0x0dd0  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
11:25:30.0046 0x0dd0  i8042prt - ok
11:25:30.0125 0x0dd0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
11:25:30.0125 0x0dd0  IDriverT - ok
11:25:30.0187 0x0dd0  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:25:30.0234 0x0dd0  idsvc - ok
11:25:30.0234 0x0dd0  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
11:25:30.0250 0x0dd0  Imapi - ok
11:25:30.0281 0x0dd0  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
11:25:30.0281 0x0dd0  ImapiService - ok
11:25:30.0296 0x0dd0  ini910u - ok
11:25:30.0578 0x0dd0  [ 0CE2EAB2FFB33B8B0EF2B8E0D8B3F026, 376450624F980C4227AAE480EF1779B0F0CEE3DBCD5CDD7C2826530ACA06F654 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
11:25:31.0203 0x0dd0  IntcAzAudAddService - ok
11:25:31.0234 0x0dd0  IntelIde - ok
11:25:31.0265 0x0dd0  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:25:31.0281 0x0dd0  intelppm - ok
11:25:31.0312 0x0dd0  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:25:31.0312 0x0dd0  Ip6Fw - ok
11:25:31.0328 0x0dd0  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:25:31.0328 0x0dd0  IpFilterDriver - ok
11:25:31.0343 0x0dd0  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:25:31.0343 0x0dd0  IpInIp - ok
11:25:31.0359 0x0dd0  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:25:31.0375 0x0dd0  IpNat - ok
11:25:31.0375 0x0dd0  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:25:31.0390 0x0dd0  IPSec - ok
11:25:31.0390 0x0dd0  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
11:25:31.0390 0x0dd0  IRENUM - ok
11:25:31.0421 0x0dd0  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:25:31.0421 0x0dd0  isapnp - ok
11:25:31.0609 0x0dd0  [ 77430E8234A0050ECCC5E2F5B30A7BEF, 3D05B97C01B1B7E0700369DEB15C8B5A083309518B6FDBADE6924637DEC4ABFF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:25:31.0609 0x0dd0  JavaQuickStarterService - ok
11:25:31.0640 0x0dd0  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:25:31.0640 0x0dd0  Kbdclass - ok
11:25:31.0656 0x0dd0  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:25:31.0656 0x0dd0  kbdhid - ok
11:25:31.0703 0x0dd0  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
11:25:31.0718 0x0dd0  kmixer - ok
11:25:31.0750 0x0dd0  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
11:25:31.0750 0x0dd0  KSecDD - ok
11:25:31.0796 0x0dd0  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
11:25:31.0796 0x0dd0  LanmanServer - ok
11:25:31.0828 0x0dd0  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:25:31.0843 0x0dd0  lanmanworkstation - ok
11:25:31.0843 0x0dd0  lbrtfdc - ok
11:25:31.0859 0x0dd0  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
11:25:31.0875 0x0dd0  LmHosts - ok
11:25:31.0906 0x0dd0  [ 1A7DB7A00A4B0D8DA24CD691A4547291, 604E29E827841EA06313172D9063FD946CE592BF844CEA8D10173CAA397704F8 ] LVPr2Mon        C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
11:25:31.0906 0x0dd0  LVPr2Mon - ok
11:25:31.0984 0x0dd0  [ 0DDFDCAA92C7F553328DB06BA599BEA9, DB779E38B1CF1CAD69193857043F8ED8BBEB603E97363CD798F6699431D94A41 ] LVPrcSrv        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
11:25:32.0000 0x0dd0  LVPrcSrv - ok
11:25:32.0062 0x0dd0  [ 87ECCE893D8AEC5A9337B917742D339C, C5D5B4D0C4F206B67EF68D7D691B36A0249E7B41AE7DFD8445298A0F66A374A6 ] LVRS            C:\WINDOWS\system32\DRIVERS\lvrs.sys
11:25:32.0062 0x0dd0  LVRS - ok
11:25:32.0093 0x0dd0  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
11:25:32.0109 0x0dd0  Messenger - ok
11:25:32.0125 0x0dd0  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
11:25:32.0125 0x0dd0  mnmdd - ok
11:25:32.0140 0x0dd0  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
11:25:32.0156 0x0dd0  mnmsrvc - ok
11:25:32.0218 0x0dd0  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
11:25:32.0218 0x0dd0  Modem - ok
11:25:32.0296 0x0dd0  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
11:25:32.0343 0x0dd0  Monfilt - ok
11:25:32.0375 0x0dd0  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:25:32.0375 0x0dd0  Mouclass - ok
11:25:32.0390 0x0dd0  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:25:32.0390 0x0dd0  mouhid - ok
11:25:32.0406 0x0dd0  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
11:25:32.0406 0x0dd0  MountMgr - ok
11:25:32.0468 0x0dd0  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:25:32.0468 0x0dd0  MozillaMaintenance - ok
11:25:32.0484 0x0dd0  mraid35x - ok
11:25:32.0484 0x0dd0  MREMP50 - ok
11:25:32.0500 0x0dd0  MREMPR5 - ok
11:25:32.0500 0x0dd0  MRENDIS5 - ok
11:25:32.0500 0x0dd0  MRESP50 - ok
11:25:32.0515 0x0dd0  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:25:32.0515 0x0dd0  MRxDAV - ok
11:25:32.0578 0x0dd0  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:25:32.0593 0x0dd0  MRxSmb - ok
11:25:32.0640 0x0dd0  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
11:25:32.0640 0x0dd0  MSDTC - ok
11:25:32.0656 0x0dd0  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
11:25:32.0656 0x0dd0  Msfs - ok
11:25:32.0656 0x0dd0  MSIServer - ok
11:25:32.0671 0x0dd0  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:25:32.0671 0x0dd0  MSKSSRV - ok
11:25:32.0687 0x0dd0  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:25:32.0687 0x0dd0  MSPCLOCK - ok
11:25:32.0703 0x0dd0  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
11:25:32.0703 0x0dd0  MSPQM - ok
11:25:32.0734 0x0dd0  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:25:32.0734 0x0dd0  mssmbios - ok
11:25:32.0750 0x0dd0  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
11:25:32.0750 0x0dd0  MSTEE - ok
11:25:32.0765 0x0dd0  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
11:25:32.0781 0x0dd0  Mup - ok
11:25:32.0812 0x0dd0  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:25:32.0812 0x0dd0  NABTSFEC - ok
11:25:32.0843 0x0dd0  [ 8C48260FD6C281DA171BDCC7B7396379, 0732CCA305DAECDD21E2DFEADC65C43BE1460CFF8041B6A145D4B0A4855C58B9 ] NAL             C:\WINDOWS\system32\Drivers\iqvw32.sys
11:25:32.0843 0x0dd0  NAL - ok
11:25:32.0875 0x0dd0  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
11:25:32.0890 0x0dd0  napagent - ok
11:25:32.0921 0x0dd0  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
11:25:32.0921 0x0dd0  NDIS - ok
11:25:32.0953 0x0dd0  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:25:32.0953 0x0dd0  NdisIP - ok
11:25:32.0984 0x0dd0  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:25:33.0000 0x0dd0  NdisTapi - ok
11:25:33.0031 0x0dd0  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:25:33.0046 0x0dd0  Ndisuio - ok
11:25:33.0046 0x0dd0  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:25:33.0062 0x0dd0  NdisWan - ok
11:25:33.0093 0x0dd0  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
11:25:33.0109 0x0dd0  NDProxy - ok
11:25:33.0125 0x0dd0  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
11:25:33.0125 0x0dd0  NetBIOS - ok
11:25:33.0156 0x0dd0  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
11:25:33.0171 0x0dd0  NetBT - ok
11:25:33.0218 0x0dd0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
11:25:33.0218 0x0dd0  NetDDE - ok
11:25:33.0234 0x0dd0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
11:25:33.0250 0x0dd0  NetDDEdsdm - ok
11:25:33.0281 0x0dd0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
11:25:33.0281 0x0dd0  Netlogon - ok
11:25:33.0343 0x0dd0  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
11:25:33.0359 0x0dd0  Netman - ok
11:25:33.0406 0x0dd0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:25:33.0468 0x0dd0  NetTcpPortSharing - ok
11:25:33.0500 0x0dd0  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
11:25:33.0500 0x0dd0  NIC1394 - ok
11:25:33.0531 0x0dd0  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
11:25:33.0531 0x0dd0  Nla - ok
11:25:33.0546 0x0dd0  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
11:25:33.0546 0x0dd0  Npfs - ok
11:25:33.0562 0x0dd0  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
11:25:33.0593 0x0dd0  Ntfs - ok
11:25:33.0609 0x0dd0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
11:25:33.0609 0x0dd0  NtLmSsp - ok
11:25:33.0640 0x0dd0  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
11:25:33.0671 0x0dd0  NtmsSvc - ok
11:25:33.0718 0x0dd0  [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B639D6A5371F381CC ] NuidFltr        C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
11:25:33.0718 0x0dd0  NuidFltr - ok
11:25:33.0734 0x0dd0  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
11:25:33.0734 0x0dd0  Null - ok
11:25:34.0500 0x0dd0  [ FBD1AE45270F632E9C20A1D8DA1A9DAB, 8139BB08B51CC74C39C3F80353198BBC1F9FCFED2C769D7CA30EFABFFA68EF2F ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
11:25:34.0890 0x0dd0  nv - ok
11:25:35.0062 0x0dd0  [ D2FE0376285A783693469422678E878B, 9F0B1A6694CA7BDAAA3B26BE1D344A3FC7B98162518A259C273360EFF075CD75 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
11:25:35.0125 0x0dd0  NvNetworkService - ok
11:25:35.0171 0x0dd0  [ DADF7468C85F3295B5B69D0F1E40BDF3, 4ED9D11BC7F040C7144FE0E16C1A66001706247735624BC3E47B35C83F675FB5 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
11:25:35.0187 0x0dd0  NVSvc - ok
11:25:35.0218 0x0dd0  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:25:35.0218 0x0dd0  NwlnkFlt - ok
11:25:35.0234 0x0dd0  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:25:35.0234 0x0dd0  NwlnkFwd - ok
11:25:35.0328 0x0dd0  [ C1342DDE1D9D33B670DC91F146AFEBAA, F9A41B74E45278381AF3519E9ED7F8C319F5C26084BEE3164EB211B1EE24ACE5 ] OAcat           C:\Program Files\Online Armor\OAcat.exe
11:25:35.0343 0x0dd0  OAcat - ok
11:25:35.0406 0x0dd0  [ EE9DCAC3D1E7B9CD0737463B11DDA2B7, 39CD433B186444A0EC7936531F14231B44CCB6A7371A6075DA123AC904DD8652 ] OADevice        C:\WINDOWS\system32\drivers\OADriver.sys
11:25:35.0421 0x0dd0  OADevice - ok
11:25:35.0468 0x0dd0  [ AC43969DA69E97B5A8E4B63A599F309F, 0D6519381D4043E89A467047A965BE0BDC1F2A3E21BEA279F91DDB26E41281BD ] oahlpXX         C:\WINDOWS\system32\drivers\oahlp32.sys
11:25:35.0468 0x0dd0  oahlpXX - ok
11:25:35.0515 0x0dd0  [ 3A317DA68E8CDE920C0572307EDDC4BF, 6F9956ED1C32CA09D7E8D2AA44C1C0DB93F59282399682A36BB52A0151462712 ] OAmon           C:\WINDOWS\system32\drivers\OAmon.sys
11:25:35.0515 0x0dd0  OAmon - ok
11:25:35.0578 0x0dd0  [ B9913B154FE9F28914221E9A6348E950, 227E57F621CFDBBD814C3A537AB3B358A10F89210FB49DD7B52857D04039FE7A ] OAnet           C:\WINDOWS\system32\drivers\OAnet.sys
11:25:35.0578 0x0dd0  OAnet - ok
11:25:35.0593 0x0dd0  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
11:25:35.0593 0x0dd0  ohci1394 - ok
11:25:35.0656 0x0dd0  [ 1204A181AAE8D17BE8786EF8FB70A1C6, 210878F65F4EAD32AEEA229C6EE42538BC15ADEE58D3462AFEE4A0C0B333CEF0 ] osaio           C:\WINDOWS\system32\drivers\osaio.sys
11:25:35.0656 0x0dd0  osaio - ok
11:25:35.0671 0x0dd0  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
11:25:35.0687 0x0dd0  Parport - ok
11:25:35.0687 0x0dd0  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
11:25:35.0687 0x0dd0  PartMgr - ok
11:25:35.0734 0x0dd0  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
11:25:35.0734 0x0dd0  ParVdm - ok
11:25:35.0734 0x0dd0  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
11:25:35.0734 0x0dd0  PCI - ok
11:25:35.0750 0x0dd0  PCIDump - ok
11:25:35.0765 0x0dd0  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
11:25:35.0765 0x0dd0  PCIIde - ok
11:25:35.0796 0x0dd0  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
11:25:35.0812 0x0dd0  Pcmcia - ok
11:25:35.0812 0x0dd0  PDCOMP - ok
11:25:35.0828 0x0dd0  PDFRAME - ok
11:25:35.0828 0x0dd0  PDRELI - ok
11:25:35.0843 0x0dd0  PDRFRAME - ok
11:25:35.0890 0x0dd0  [ B20F958B207E6AAAC5F70D04DD2C30D8, 5572A45B0327AD72E78CFD541433BBBB54358115019FEFB324607A4F21818959 ] pepifilter      C:\WINDOWS\system32\DRIVERS\lv302af.sys
11:25:35.0890 0x0dd0  pepifilter - ok
11:25:35.0890 0x0dd0  perc2 - ok
11:25:35.0906 0x0dd0  perc2hib - ok
11:25:36.0062 0x0dd0  [ DD184D9ADFE2A8A21741DBDFE9E22F5C, 0C22966973246248FD15A6C192AA1B731D018B4FDF1BD97FE9AA67A746C9440C ] PID_PEPI        C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
11:25:36.0187 0x0dd0  PID_PEPI - ok
11:25:36.0218 0x0dd0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
11:25:36.0218 0x0dd0  PlugPlay - ok
11:25:36.0250 0x0dd0  [ A1DD33D16F277CE34124EE52AB2C0F14, DB5215409D0B6C378567A6399C0170226CB1E2FE74D96B16C97A761D487C613F ] PnkBstrA        C:\WINDOWS\system32\PnkBstrA.exe
11:25:36.0250 0x0dd0  PnkBstrA - ok
11:25:36.0281 0x0dd0  [ 38CDA1E493C6589910A3FBE81ECCD354, B5D18FC9A1BE91683F3EBE9183388D52169DE14DB43A701B5B4197511F0C1742 ] PnkBstrB        C:\WINDOWS\system32\PnkBstrB.exe
11:25:36.0281 0x0dd0  PnkBstrB - ok
11:25:36.0312 0x0dd0  [ 7EEEBB10A79D189541EBD435E7D834DE, 0019A89F66D36D1E8518E0B7162B7D105DD147D9FDC8607109E1C70C88461926 ] PnkBstrK        C:\WINDOWS\system32\drivers\PnkBstrK.sys
11:25:36.0312 0x0dd0  PnkBstrK - ok
11:25:36.0328 0x0dd0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
11:25:36.0328 0x0dd0  PolicyAgent - ok
11:25:36.0359 0x0dd0  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:25:36.0359 0x0dd0  PptpMiniport - ok
11:25:36.0375 0x0dd0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:25:36.0375 0x0dd0  ProtectedStorage - ok
11:25:36.0375 0x0dd0  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:25:36.0375 0x0dd0  Ptilink - ok
11:25:36.0390 0x0dd0  PxHelp20 - ok
11:25:36.0390 0x0dd0  ql1080 - ok
11:25:36.0406 0x0dd0  Ql10wnt - ok
11:25:36.0421 0x0dd0  ql12160 - ok
11:25:36.0421 0x0dd0  ql1240 - ok
11:25:36.0421 0x0dd0  ql1280 - ok
11:25:36.0515 0x0dd0  [ AB51E1F08C8E789D6C9E8B94D15BE9A9, 35386087B0D57D181FE39E4AFBFFE4DB5B827DACA6D87F1F5563B26547993E24 ] RapportCerberus_59849 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_59849.sys
11:25:36.0531 0x0dd0  RapportCerberus_59849 - ok
11:25:36.0625 0x0dd0  [ DAECD067A0025223C1801507C462C095, E8A9AF0D7F47650E90B6C9044DDD01DCBB245CD118B4EDE71BFBC7930CACF164 ] RapportEI       C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
11:25:36.0640 0x0dd0  RapportEI - ok
11:25:36.0687 0x0dd0  [ 9BB42221934F6FA1D32503CD00F63A3F, 58AF0A2E7299E9A2C35B2BC8B897E3188AF832BE36BB998E44362361F4333A9E ] RapportKELL     C:\WINDOWS\system32\Drivers\RapportKELL.sys
11:25:36.0687 0x0dd0  RapportKELL - ok
11:25:36.0796 0x0dd0  [ E0A588F701D3F89592B59C4B37037F52, 8A1CCC2485EEE45120090BD0EF5B865E5E085A5CF1DA3069AEE9300A99E1EFD0 ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
11:25:36.0859 0x0dd0  RapportMgmtService - ok
11:25:36.0921 0x0dd0  [ DB06FBE51FFB5E6BAAE7579DD3CADACA, 646A79434AE5DFDE3E4B5CC20B4A10ADF854020F43F77C044F123C5949DCA8FF ] RapportPG       C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
11:25:36.0921 0x0dd0  RapportPG - ok
11:25:36.0953 0x0dd0  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:25:36.0953 0x0dd0  RasAcd - ok
11:25:37.0000 0x0dd0  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
11:25:37.0015 0x0dd0  RasAuto - ok
11:25:37.0031 0x0dd0  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:25:37.0031 0x0dd0  Rasl2tp - ok
11:25:37.0062 0x0dd0  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
11:25:37.0078 0x0dd0  RasMan - ok
11:25:37.0078 0x0dd0  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:25:37.0093 0x0dd0  RasPppoe - ok
11:25:37.0093 0x0dd0  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
11:25:37.0093 0x0dd0  Raspti - ok
11:25:37.0109 0x0dd0  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:25:37.0125 0x0dd0  Rdbss - ok
11:25:37.0140 0x0dd0  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:25:37.0140 0x0dd0  RDPCDD - ok
11:25:37.0171 0x0dd0  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:25:37.0187 0x0dd0  rdpdr - ok
11:25:37.0218 0x0dd0  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
11:25:37.0234 0x0dd0  RDPWD - ok
11:25:37.0250 0x0dd0  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
11:25:37.0265 0x0dd0  RDSessMgr - ok
11:25:37.0296 0x0dd0  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
11:25:37.0312 0x0dd0  redbook - ok
11:25:37.0343 0x0dd0  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
11:25:37.0343 0x0dd0  RemoteAccess - ok
11:25:37.0375 0x0dd0  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
11:25:37.0390 0x0dd0  RemoteRegistry - ok
11:25:37.0421 0x0dd0  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
11:25:37.0437 0x0dd0  RpcLocator - ok
11:25:37.0484 0x0dd0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
11:25:37.0500 0x0dd0  RpcSs - ok
11:25:37.0531 0x0dd0  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
11:25:37.0546 0x0dd0  RSVP - ok
11:25:37.0578 0x0dd0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
11:25:37.0578 0x0dd0  SamSs - ok
11:25:37.0578 0x0dd0  SBRE - ok
11:25:37.0609 0x0dd0  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
11:25:37.0609 0x0dd0  SCardSvr - ok
11:25:37.0640 0x0dd0  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
11:25:37.0656 0x0dd0  Schedule - ok
11:25:37.0671 0x0dd0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:25:37.0687 0x0dd0  Secdrv - ok
11:25:37.0718 0x0dd0  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
11:25:37.0718 0x0dd0  seclogon - ok
11:25:37.0718 0x0dd0  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
11:25:37.0734 0x0dd0  SENS - ok
11:25:37.0750 0x0dd0  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
11:25:37.0765 0x0dd0  serenum - ok
11:25:37.0828 0x0dd0  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
11:25:37.0828 0x0dd0  Serial - ok
11:25:37.0875 0x0dd0  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
11:25:37.0875 0x0dd0  Sfloppy - ok
11:25:37.0921 0x0dd0  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
11:25:37.0937 0x0dd0  SharedAccess - ok
11:25:37.0937 0x0dd0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:25:37.0953 0x0dd0  ShellHWDetection - ok
11:25:37.0968 0x0dd0  Simbad - ok
11:25:38.0000 0x0dd0  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:25:38.0000 0x0dd0  SLIP - ok
11:25:38.0015 0x0dd0  [ 9ACBC471D86ED01A6F6BF30394C8ACEF, C3AD6B26FA45AA2CCE4AED43E3B0102668EB0735791D2D6FA5DB3CA82649122E ] smbusp          C:\WINDOWS\system32\DRIVERS\intelsmb.sys
11:25:38.0015 0x0dd0  smbusp - ok
11:25:38.0078 0x0dd0  [ A1ECEEAA5C5E74B2499EB51D38185B84, BB866DDA4D1F85A68A652204DAC7378456793E096A15F88B9C153BECD3D18C27 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
11:25:38.0078 0x0dd0  SONYPVU1 - ok
11:25:38.0078 0x0dd0  Sparrow - ok
11:25:38.0109 0x0dd0  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
11:25:38.0109 0x0dd0  splitter - ok
11:25:38.0171 0x0dd0  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
11:25:38.0187 0x0dd0  Spooler - ok
11:25:38.0250 0x0dd0  [ F42EFEFB765235F24B24E1D2B6F99F46, 5D24504D044512F3CFB05DB3968C521153562458AB86A1EA6A21CEFFF03A37F5 ] sptd            C:\WINDOWS\System32\Drivers\sptd.sys
11:25:38.0250 0x0dd0  Suspicious file ( NoAccess ): C:\WINDOWS\System32\Drivers\sptd.sys. md5: F42EFEFB765235F24B24E1D2B6F99F46, sha256: 5D24504D044512F3CFB05DB3968C521153562458AB86A1EA6A21CEFFF03A37F5
11:25:38.0265 0x0dd0  sptd - detected LockedFile.Multi.Generic ( 1 )
11:25:40.0890 0x0dd0  Detect skipped due to KSN trusted
11:25:40.0890 0x0dd0  sptd - ok
11:25:40.0953 0x0dd0  [ 5329079D8726DE34A58C2EF0BD2AC8B9, 1DE6FE21C91C5915178FB3D38D82AFEE43F67968889E9F91A820E617ABCD3010 ] spupdsvc        C:\WINDOWS\system32\spupdsvc.exe
11:25:40.0968 0x0dd0  spupdsvc - ok
11:25:41.0015 0x0dd0  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
11:25:41.0015 0x0dd0  sr - ok
11:25:41.0031 0x0dd0  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
11:25:41.0031 0x0dd0  srservice - ok
11:25:41.0078 0x0dd0  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
11:25:41.0078 0x0dd0  Srv - ok
11:25:41.0125 0x0dd0  [ 64E44ACD8C238FCBBB78F0BA4BDC4B05, 59D015DD86EA35AC8F667C063AE76FAFA9497F04225D256DF5A37EB1461F15D4 ] ssadbus         C:\WINDOWS\system32\DRIVERS\ssadbus.sys
11


#6 oneeyedfranc

oneeyedfranc

    Member

  • Full Member
  • Pip
  • 98 posts

Posted 20 April 2014 - 01:07 PM

MBR.zip attached

Attached Files

  • Attached File  MBR.zip   499bytes   70 downloads


#7 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,267 posts

Posted 21 April 2014 - 05:37 AM

All clean.

Did you have any other issues restarting the computer recently?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#8 oneeyedfranc

oneeyedfranc

    Member

  • Full Member
  • Pip
  • 98 posts

Posted 21 April 2014 - 10:59 AM

no other symptoms at this time nasdaq, thanks for ur time and effort...



#9 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,267 posts

Posted 22 April 2014 - 06:58 AM

If all is well:

You can delete the tools we used.

Please consider using these ideas to help secure your computer. While there is no way to guarantee safety when you use a computer, these steps will make it much less likely that you will need to endure another infection. While we really like to help people, we would rather help you protect yourself so that you won't need that help in the future.

Please either enable Automatic Updates under Start -> Control Panel -> Automatic Updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Having an effective antivirus is a must for everyone.
In addition to many excellent commercial products there are plenty of good free antivirus programs available. I can recommend:

If you are satisfied with your current protection programs you can ignore the instructions on Antivirus or Firewall listed below.In addition to an antivirus I recommend using a firewall. A software firewall is a software program that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. I can recommend one of the following free products:Please note: Many installer offer third-party downloads that are installed automatically when you do not uncheck certain checkboxes. While most of the time not being malicious you usually do not want these on your computer. Be careful during the installation process and you will avoid seeing tons of new unwanted toolbars in your favorite web browser.

Please consider installing and running some of the following programs; they are either free or have free versions of commercial programs:

Malwarebytes Anti-Malware (MBAM)
The free version of MBAM can be used to scan the system for traces of malware. Scanning your system regularly will make it harder for malware to reside on your system.
A tutorial on using MBAM can be found here.
Please Note: Only the paid for version has real time capabilities.

SpywareBlaster
A tutorial on using SpywareBlaster to prevent malware from ever installing on your computer may be found here.

Please keep these programs up-to-date and run them whenever you suspect a problem to prevent malware problems. A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall and scanning anti-spyware program at a time. Passive protectors, like SpywareBlaster can be run with any of them.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different than the older version of rogues mentioned above.

Please keep your programs up to date. This applies to Java, Adobe Flashplayer, Adobe Reader and your Internet Browsers in particular. Vulnerabilities in these programs are often exploited in order to install malware on your PC. Visiting a prepared web page suffices to infect your system.

In general Firefox, Opera and Google Chrome are considered to be more secure than Internet Explorer. In addition there are many useful add-ons that can protect you from possible risks:
  • WOT will warn you when you try to visit sites with poor reputation. The reputation is based on user ratings and is usually very accurate.
  • Script Blocker can help blocking many attempts to infect your system via malicious websites by only allowing scripts at sites you trust.
  • NoScript is a popular Firefox addon,
  • ScriptNo a popular Google Chrome addon.
For much more useful information, please also read Tony Klein's excellent article: How did I get infected in the first place

Hopefully these steps will help to keep you error free. If you run into more difficulty, we will certainly do what we can to help.
===
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#10 oneeyedfranc

oneeyedfranc

    Member

  • Full Member
  • Pip
  • 98 posts

Posted 22 April 2014 - 12:55 PM

should i have spywareblaster running at the same time as avast av and online armor fw?



#11 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,267 posts

Posted 22 April 2014 - 02:48 PM

Yes.
If you see a slowdown then remove it.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#12 oneeyedfranc

oneeyedfranc

    Member

  • Full Member
  • Pip
  • 98 posts

Posted 22 April 2014 - 03:29 PM

thanks nasdaq



#13 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,267 posts

Posted 23 April 2014 - 05:18 AM

Since the issue appears to be resolved this Topic is closed.

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




Member of UNITE
Support SpywareInfo Forum - click the button