Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Redirection problem with Firefox


  • Please log in to reply
22 replies to this topic

#1 whtwulf

whtwulf

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 02 May 2013 - 12:56 PM

I'm having a bit of an issue with Firefox in which I am occasionally redirected to a site that has the suffix ievbz.com. It usually happens only once per site on which I click a link. I am also getting ads in my Google searches, which has never happened before (I use AdBlock). I suspect malware, but a scan with Malwarebytes, AdAware, Spybot, and Advanced System Care 6 Pro all reveal nothing. Thoughts? Thanks in advance for any help you can offer.


Edited by whtwulf, 02 May 2013 - 12:57 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:37 PM

Posted 02 May 2013 - 01:11 PM

Welcome whtwulf

 

I moved this from Vista to Am I Infected.

 

Please run these,

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 

 

If still occurring, In FireFox it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.

How to disable extensions and plugins

Keeping your third-party plugins up to date


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 whtwulf

whtwulf
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 02 May 2013 - 02:41 PM

LOG file is as follows:

 

14:38:03.0047 10148  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:38:03.0588 10148  ============================================================
14:38:03.0588 10148  Current date / time: 2013/05/02 14:38:03.0588
14:38:03.0588 10148  SystemInfo:
14:38:03.0588 10148  
14:38:03.0589 10148  OS Version: 6.0.6002 ServicePack: 2.0
14:38:03.0589 10148  Product type: Workstation
14:38:03.0589 10148  ComputerName: JOHN-PC
14:38:03.0589 10148  UserName: John
14:38:03.0589 10148  Windows directory: C:\Windows
14:38:03.0589 10148  System windows directory: C:\Windows
14:38:03.0589 10148  Running under WOW64
14:38:03.0589 10148  Processor architecture: Intel x64
14:38:03.0589 10148  Number of processors: 2
14:38:03.0589 10148  Page size: 0x1000
14:38:03.0589 10148  Boot type: Normal boot
14:38:03.0589 10148  ============================================================
14:38:04.0673 10148  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:38:04.0678 10148  Drive \Device\Harddisk1\DR4 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:38:04.0703 10148  ============================================================
14:38:04.0703 10148  \Device\Harddisk0\DR0:
14:38:04.0703 10148  MBR partitions:
14:38:04.0703 10148  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C00800, BlocksNum 0x38785000
14:38:04.0703 10148  \Device\Harddisk1\DR4:
14:38:04.0704 10148  MBR partitions:
14:38:04.0704 10148  \Device\Harddisk1\DR4\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
14:38:04.0704 10148  ============================================================
14:38:04.0739 10148  C: <-> \Device\Harddisk0\DR0\Partition1
14:38:04.0764 10148  E: <-> \Device\Harddisk1\DR4\Partition1
14:38:04.0764 10148  ============================================================
14:38:04.0765 10148  Initialize success
14:38:04.0765 10148  ============================================================
14:38:30.0343 12072  ============================================================
14:38:30.0343 12072  Scan started
14:38:30.0343 12072  Mode: Manual; TDLFS;
14:38:30.0343 12072  ============================================================
14:38:30.0714 12072  ================ Scan system memory ========================
14:38:30.0714 12072  System memory - ok
14:38:30.0715 12072  ================ Scan services =============================
14:38:31.0006 12072  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
14:38:31.0011 12072  ACPI - ok
14:38:31.0478 12072  [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
14:38:31.0483 12072  Adobe Version Cue CS3 - ok
14:38:31.0567 12072  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:38:31.0569 12072  AdobeARMservice - ok
14:38:31.0711 12072  [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:38:31.0717 12072  AdobeFlashPlayerUpdateSvc - ok
14:38:31.0858 12072  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:38:31.0867 12072  adp94xx - ok
14:38:31.0900 12072  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:38:31.0906 12072  adpahci - ok
14:38:31.0942 12072  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
14:38:31.0946 12072  adpu160m - ok
14:38:31.0984 12072  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:38:31.0988 12072  adpu320 - ok
14:38:32.0116 12072  [ A9FF9831AB2BFFB1CCF849BDA19D06FD ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
14:38:32.0125 12072  AdvancedSystemCareService6 - ok
14:38:32.0151 12072  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:38:32.0153 12072  AeLookupSvc - ok
14:38:32.0234 12072  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
14:38:32.0241 12072  AFD - ok
14:38:32.0296 12072  [ D19D1AB5E69309B532107203AED346FF ] Agent           C:\Windows\agent_x64.exe
14:38:32.0298 12072  Agent - ok
14:38:32.0365 12072  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:38:32.0368 12072  agp440 - ok
14:38:32.0402 12072  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
14:38:32.0405 12072  aic78xx - ok
14:38:32.0450 12072  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
14:38:32.0452 12072  ALG - ok
14:38:32.0496 12072  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:38:32.0498 12072  aliide - ok
14:38:32.0517 12072  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
14:38:32.0519 12072  amdide - ok
14:38:32.0575 12072  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:38:32.0577 12072  AmdK8 - ok
14:38:32.0638 12072  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
14:38:32.0640 12072  Appinfo - ok
14:38:32.0759 12072  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:38:32.0762 12072  Apple Mobile Device - ok
14:38:32.0830 12072  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
14:38:32.0833 12072  arc - ok
14:38:32.0901 12072  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:38:32.0904 12072  arcsas - ok
14:38:32.0939 12072  [ B76182F203E0BD5EB6A5F6538F0FAEE4 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
14:38:32.0940 12072  aswFsBlk - ok
14:38:33.0021 12072  [ A88E9544EDDA1CE83825DD22D6A8B5F9 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
14:38:33.0022 12072  aswMonFlt - ok
14:38:33.0066 12072  [ CFAD2FB33B22E7039C9DC233BAACBF8B ] aswRdr          C:\Windows\system32\drivers\aswRdr.sys
14:38:33.0068 12072  aswRdr - ok
14:38:33.0122 12072  [ 594365E887F4A5AD3970870B352EB887 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
14:38:33.0125 12072  aswSP - ok
14:38:33.0177 12072  [ 4BA0A0E1D36F88F536180FFE5EFD8B7C ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
14:38:33.0180 12072  aswTdi - ok
14:38:33.0243 12072  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:38:33.0245 12072  AsyncMac - ok
14:38:33.0281 12072  [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi           C:\Windows\system32\drivers\atapi.sys
14:38:33.0282 12072  atapi - ok
14:38:33.0340 12072  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:38:33.0346 12072  AudioEndpointBuilder - ok
14:38:33.0357 12072  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:38:33.0361 12072  AudioSrv - ok
14:38:33.0456 12072  [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:38:33.0457 12072  avast! Antivirus - ok
14:38:33.0461 12072  [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Mail Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:38:33.0462 12072  avast! Mail Scanner - ok
14:38:33.0469 12072  [ ACB544D7254F366DFB48F380BC36CD25 ] avast! Web Scanner C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
14:38:33.0470 12072  avast! Web Scanner - ok
14:38:33.0543 12072  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll
14:38:33.0550 12072  BFE - ok
14:38:33.0626 12072  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll
14:38:33.0642 12072  BITS - ok
14:38:33.0697 12072  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:38:33.0699 12072  blbdrive - ok
14:38:33.0770 12072  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:38:33.0778 12072  Bonjour Service - ok
14:38:33.0835 12072  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:38:33.0837 12072  bowser - ok
14:38:33.0911 12072  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
14:38:33.0913 12072  BrFiltLo - ok
14:38:33.0948 12072  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
14:38:33.0950 12072  BrFiltUp - ok
14:38:33.0993 12072  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
14:38:33.0996 12072  Browser - ok
14:38:34.0033 12072  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
14:38:34.0035 12072  Brserid - ok
14:38:34.0094 12072  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
14:38:34.0096 12072  BrSerWdm - ok
14:38:34.0146 12072  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
14:38:34.0148 12072  BrUsbMdm - ok
14:38:34.0186 12072  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
14:38:34.0188 12072  BrUsbSer - ok
14:38:34.0234 12072  [ 86F46C41F773DA5A4A1D221C9201E3B8 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
14:38:34.0236 12072  BthEnum - ok
14:38:34.0271 12072  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:38:34.0274 12072  BTHMODEM - ok
14:38:34.0319 12072  [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:38:34.0322 12072  BthPan - ok
14:38:34.0336 12072  [ E76F40C8DFFD33B6F142DE90D3CABB73 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
14:38:34.0342 12072  BTHPORT - ok
14:38:34.0372 12072  [ 22E65FFD640F16968F855F5B3528D366 ] BthServ         C:\Windows\System32\bthserv.dll
14:38:34.0374 12072  BthServ - ok
14:38:34.0397 12072  [ CD52602D1884C6867269BABCB67849C5 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
14:38:34.0398 12072  BTHUSB - ok
14:38:34.0460 12072  [ C25362669072F6AA8D4C3415D8B30B7A ] CAXHWAZL        C:\Windows\system32\DRIVERS\CAXHWAZL.sys
14:38:34.0464 12072  CAXHWAZL - ok
14:38:34.0477 12072  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:38:34.0479 12072  cdfs - ok
14:38:34.0547 12072  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:38:34.0549 12072  cdrom - ok
14:38:34.0612 12072  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:38:34.0614 12072  CertPropSvc - ok
14:38:34.0643 12072  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
14:38:34.0645 12072  circlass - ok
14:38:34.0688 12072  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
14:38:34.0693 12072  CLFS - ok
14:38:34.0781 12072  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:38:34.0783 12072  clr_optimization_v2.0.50727_32 - ok
14:38:34.0833 12072  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:38:34.0835 12072  clr_optimization_v2.0.50727_64 - ok
14:38:34.0931 12072  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:38:34.0934 12072  clr_optimization_v4.0.30319_32 - ok
14:38:34.0970 12072  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:38:34.0972 12072  clr_optimization_v4.0.30319_64 - ok
14:38:35.0040 12072  [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:38:35.0042 12072  CmBatt - ok
14:38:35.0080 12072  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:38:35.0082 12072  cmdide - ok
14:38:35.0142 12072  [ 73B6990CB91D0B249CB104B7DAC1E4A3 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:38:35.0148 12072  CnxtHdAudService - ok
14:38:35.0167 12072  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:38:35.0168 12072  Compbatt - ok
14:38:35.0179 12072  COMSysApp - ok
14:38:35.0186 12072  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:38:35.0188 12072  crcdisk - ok
14:38:35.0260 12072  [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:38:35.0264 12072  CryptSvc - ok
14:38:35.0343 12072  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:38:35.0357 12072  DcomLaunch - ok
14:38:35.0428 12072  [ 2D7C1661961CE19085B6A968B1B293D4 ] DefaultTabSearch C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
14:38:35.0437 12072  DefaultTabSearch - ok
14:38:35.0558 12072  [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\John\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
14:38:35.0560 12072  DefaultTabUpdate - ok
14:38:35.0623 12072  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:38:35.0625 12072  DfsC - ok
14:38:35.0750 12072  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
14:38:35.0829 12072  DFSR - ok
14:38:35.0908 12072  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
14:38:35.0912 12072  Dhcp - ok
14:38:35.0956 12072  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
14:38:35.0958 12072  disk - ok
14:38:36.0011 12072  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:38:36.0014 12072  Dnscache - ok
14:38:36.0068 12072  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:38:36.0072 12072  dot3svc - ok
14:38:36.0128 12072  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
14:38:36.0132 12072  DPS - ok
14:38:36.0188 12072  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:38:36.0189 12072  drmkaud - ok
14:38:36.0259 12072  [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:38:36.0276 12072  DXGKrnl - ok
14:38:36.0338 12072  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
14:38:36.0341 12072  E1G60 - ok
14:38:36.0378 12072  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
14:38:36.0381 12072  EapHost - ok
14:38:36.0439 12072  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
14:38:36.0442 12072  Ecache - ok
14:38:36.0502 12072  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:38:36.0508 12072  ehRecvr - ok
14:38:36.0525 12072  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
14:38:36.0529 12072  ehSched - ok
14:38:36.0572 12072  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
14:38:36.0574 12072  ehstart - ok
14:38:36.0639 12072  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:38:36.0649 12072  elxstor - ok
14:38:36.0698 12072  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
14:38:36.0706 12072  EMDMgmt - ok
14:38:36.0737 12072  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:38:36.0739 12072  ErrDev - ok
14:38:36.0814 12072  [ 4D06D9A26227AC485305133916888DF1 ] ETService       C:\Program Files\GATEWAY\Gateway Recovery Management\Service\ETService.exe
14:38:36.0815 12072  ETService - ok
14:38:36.0888 12072  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
14:38:36.0895 12072  EventSystem - ok
14:38:36.0953 12072  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:38:36.0957 12072  exfat - ok
14:38:37.0007 12072  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:38:37.0010 12072  fastfat - ok
14:38:37.0087 12072  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:38:37.0089 12072  fdc - ok
14:38:37.0132 12072  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
14:38:37.0134 12072  fdPHost - ok
14:38:37.0185 12072  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
14:38:37.0187 12072  FDResPub - ok
14:38:37.0225 12072  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:38:37.0226 12072  FileInfo - ok
14:38:37.0268 12072  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:38:37.0270 12072  Filetrace - ok
14:38:37.0336 12072  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
14:38:37.0346 12072  FLEXnet Licensing Service - ok
14:38:37.0378 12072  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:38:37.0380 12072  flpydisk - ok
14:38:37.0430 12072  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:38:37.0434 12072  FltMgr - ok
14:38:37.0541 12072  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll
14:38:37.0568 12072  FontCache - ok
14:38:37.0635 12072  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:38:37.0637 12072  FontCache3.0.0.0 - ok
14:38:37.0687 12072  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:38:37.0688 12072  Fs_Rec - ok
14:38:37.0723 12072  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:38:37.0725 12072  gagp30kx - ok
14:38:37.0820 12072  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
14:38:37.0823 12072  GamesAppService - ok
14:38:37.0864 12072  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:38:37.0865 12072  GEARAspiWDM - ok
14:38:37.0917 12072  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:38:37.0926 12072  gpsvc - ok
14:38:37.0983 12072  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:38:37.0986 12072  gupdate - ok
14:38:38.0016 12072  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:38:38.0018 12072  gupdatem - ok
14:38:38.0059 12072  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:38:38.0062 12072  gusvc - ok
14:38:38.0134 12072  [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:38:38.0138 12072  HdAudAddService - ok
14:38:38.0212 12072  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:38:38.0224 12072  HDAudBus - ok
14:38:38.0268 12072  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:38:38.0270 12072  HidBth - ok
14:38:38.0295 12072  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:38:38.0297 12072  HidIr - ok
14:38:38.0340 12072  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll
14:38:38.0342 12072  hidserv - ok
14:38:38.0373 12072  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:38:38.0374 12072  HidUsb - ok
14:38:38.0395 12072  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:38:38.0399 12072  hkmsvc - ok
14:38:38.0456 12072  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
14:38:38.0459 12072  HpCISSs - ok
14:38:38.0504 12072  [ 57BA73B5B321291E5114CB21350E1EA0 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:38:38.0509 12072  HSFHWAZL - ok
14:38:38.0592 12072  [ 14492080EC1C7FF89673A98F0E6162F1 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
14:38:38.0602 12072  HsfXAudioService - ok
14:38:38.0648 12072  [ C8ECF7D2FD3F20078DFB3BD5F1E51F23 ] HSF_DPV         C:\Windows\system32\DRIVERS\CAX_DPV.sys
14:38:38.0670 12072  HSF_DPV - ok
14:38:38.0715 12072  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:38:38.0725 12072  HTTP - ok
14:38:38.0762 12072  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
14:38:38.0765 12072  i2omp - ok
14:38:38.0801 12072  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:38:38.0804 12072  i8042prt - ok
14:38:38.0891 12072  [ 3E42C4691AAD4B1E8D0466F9CBF05CBE ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:38:38.0899 12072  IAANTMON - ok
14:38:38.0929 12072  [ FC28E90F2204D8FD147FA9BFA8A51C01 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
14:38:38.0934 12072  iaStor - ok
14:38:38.0988 12072  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
14:38:38.0994 12072  iaStorV - ok
14:38:39.0090 12072  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:38:39.0092 12072  IDriverT - ok
14:38:39.0180 12072  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:38:39.0196 12072  idsvc - ok
14:38:39.0436 12072  [ 8254F64C0B738C167B7F487ED7C28DB5 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:38:39.0608 12072  igfx - ok
14:38:39.0636 12072  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:38:39.0638 12072  iirsp - ok
14:38:39.0687 12072  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
14:38:39.0696 12072  IKEEXT - ok
14:38:39.0755 12072  [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4 ] int15           C:\Windows\SysWOW64\drivers\int15_64.sys
14:38:39.0757 12072  int15 - ok
14:38:39.0810 12072  [ BD37227C07179B1040A8896B9C0C146B ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
14:38:39.0814 12072  IntcHdmiAddService - ok
14:38:39.0837 12072  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
14:38:39.0840 12072  intelide - ok
14:38:39.0881 12072  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:38:39.0885 12072  intelppm - ok
14:38:39.0947 12072  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:38:39.0951 12072  IPBusEnum - ok
14:38:40.0003 12072  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:38:40.0006 12072  IpFilterDriver - ok
14:38:40.0067 12072  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:38:40.0072 12072  iphlpsvc - ok
14:38:40.0078 12072  IpInIp - ok
14:38:40.0105 12072  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
14:38:40.0108 12072  IPMIDRV - ok
14:38:40.0154 12072  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
14:38:40.0157 12072  IPNAT - ok
14:38:40.0236 12072  [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:38:40.0245 12072  iPod Service - ok
14:38:40.0275 12072  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:38:40.0277 12072  IRENUM - ok
14:38:40.0312 12072  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:38:40.0314 12072  isapnp - ok
14:38:40.0364 12072  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
14:38:40.0368 12072  iScsiPrt - ok
14:38:40.0388 12072  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
14:38:40.0390 12072  iteatapi - ok
14:38:40.0411 12072  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
14:38:40.0413 12072  iteraid - ok
14:38:40.0427 12072  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:38:40.0429 12072  kbdclass - ok
14:38:40.0464 12072  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:38:40.0465 12072  kbdhid - ok
14:38:40.0500 12072  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
14:38:40.0502 12072  KeyIso - ok
14:38:40.0630 12072  [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
14:38:40.0636 12072  Kodak AiO Network Discovery Service - ok
14:38:40.0700 12072  [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
14:38:40.0710 12072  Kodak AiO Status Monitor Service - ok
14:38:40.0762 12072  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:38:40.0769 12072  KSecDD - ok
14:38:40.0829 12072  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:38:40.0831 12072  ksthunk - ok
14:38:40.0898 12072  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:38:40.0908 12072  KtmRm - ok
14:38:40.0970 12072  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:38:40.0977 12072  LanmanServer - ok
14:38:41.0047 12072  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:38:41.0054 12072  LanmanWorkstation - ok
14:38:41.0205 12072  [ C48B0F913C944D736A455191ECD8FF45 ] Lavasoft Ad-Aware Service C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
14:38:41.0232 12072  Lavasoft Ad-Aware Service - ok
14:38:41.0286 12072  [ A352CDB69AF6E18D60C0001D540D8478 ] Lbd             C:\Windows\system32\DRIVERS\Lbd.sys
14:38:41.0288 12072  Lbd - ok
14:38:41.0315 12072  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:38:41.0317 12072  lltdio - ok
14:38:41.0369 12072  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:38:41.0375 12072  lltdsvc - ok
14:38:41.0399 12072  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:38:41.0401 12072  lmhosts - ok
14:38:41.0455 12072  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:38:41.0458 12072  LSI_FC - ok
14:38:41.0507 12072  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:38:41.0509 12072  LSI_SAS - ok
14:38:41.0542 12072  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:38:41.0545 12072  LSI_SCSI - ok
14:38:41.0574 12072  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:38:41.0575 12072  luafv - ok
14:38:41.0639 12072  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:38:41.0640 12072  MBAMProtector - ok
14:38:41.0712 12072  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:38:41.0717 12072  MBAMScheduler - ok
14:38:41.0738 12072  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:38:41.0746 12072  MBAMService - ok
14:38:41.0781 12072  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:38:41.0783 12072  Mcx2Svc - ok
14:38:41.0848 12072  [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
14:38:41.0849 12072  mdmxsdk - ok
14:38:41.0917 12072  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
14:38:41.0919 12072  megasas - ok
14:38:41.0965 12072  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
14:38:41.0971 12072  MegaSR - ok
14:38:42.0013 12072  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
14:38:42.0016 12072  MMCSS - ok
14:38:42.0030 12072  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
14:38:42.0032 12072  Modem - ok
14:38:42.0038 12072  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:38:42.0040 12072  monitor - ok
14:38:42.0104 12072  [ 5D1080DBD8EC5F2D6E550E01398E17CF ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys
14:38:42.0106 12072  motccgp - ok
14:38:42.0147 12072  [ D51E009BAEDA07EBC107D49D224C2414 ] motccgpfl       C:\Windows\system32\DRIVERS\motccgpfl.sys
14:38:42.0148 12072  motccgpfl - ok
14:38:42.0248 12072  [ 2443B978E80F8A3D1F39855AA25882AF ] MotoHelper      C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
14:38:42.0252 12072  MotoHelper - ok
14:38:42.0279 12072  [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
14:38:42.0281 12072  MotoSwitchService - ok
14:38:42.0307 12072  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:38:42.0310 12072  mouclass - ok
14:38:42.0368 12072  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:38:42.0370 12072  mouhid - ok
14:38:42.0397 12072  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
14:38:42.0399 12072  MountMgr - ok
14:38:42.0459 12072  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:38:42.0461 12072  MozillaMaintenance - ok
14:38:42.0504 12072  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:38:42.0508 12072  mpio - ok
14:38:42.0551 12072  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:38:42.0554 12072  mpsdrv - ok
14:38:42.0618 12072  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:38:42.0633 12072  MpsSvc - ok
14:38:42.0676 12072  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
14:38:42.0678 12072  Mraid35x - ok
14:38:42.0727 12072  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:38:42.0731 12072  MRxDAV - ok
14:38:42.0794 12072  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:38:42.0796 12072  mrxsmb - ok
14:38:42.0854 12072  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:38:42.0859 12072  mrxsmb10 - ok
14:38:42.0885 12072  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:38:42.0887 12072  mrxsmb20 - ok
14:38:42.0945 12072  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
14:38:42.0948 12072  msahci - ok
14:38:42.0989 12072  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:38:42.0992 12072  msdsm - ok
14:38:43.0028 12072  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
14:38:43.0032 12072  MSDTC - ok
14:38:43.0059 12072  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:38:43.0060 12072  Msfs - ok
14:38:43.0098 12072  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:38:43.0100 12072  msisadrv - ok
14:38:43.0131 12072  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:38:43.0136 12072  MSiSCSI - ok
14:38:43.0142 12072  msiserver - ok
14:38:43.0206 12072  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:38:43.0208 12072  MSKSSRV - ok
14:38:43.0246 12072  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:38:43.0248 12072  MSPCLOCK - ok
14:38:43.0283 12072  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:38:43.0285 12072  MSPQM - ok
14:38:43.0336 12072  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:38:43.0341 12072  MsRPC - ok
14:38:43.0355 12072  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:38:43.0358 12072  mssmbios - ok
14:38:43.0380 12072  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:38:43.0381 12072  MSTEE - ok
14:38:43.0414 12072  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:38:43.0416 12072  Mup - ok
14:38:43.0467 12072  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
14:38:43.0476 12072  napagent - ok
14:38:43.0533 12072  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:38:43.0537 12072  NativeWifiP - ok
14:38:43.0618 12072  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:38:43.0633 12072  NDIS - ok
14:38:43.0661 12072  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:38:43.0663 12072  NdisTapi - ok
14:38:43.0686 12072  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:38:43.0688 12072  Ndisuio - ok
14:38:43.0727 12072  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:38:43.0730 12072  NdisWan - ok
14:38:43.0751 12072  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:38:43.0756 12072  NDProxy - ok
14:38:43.0774 12072  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:38:43.0776 12072  NetBIOS - ok
14:38:43.0821 12072  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
14:38:43.0827 12072  netbt - ok
14:38:43.0845 12072  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
14:38:43.0847 12072  Netlogon - ok
14:38:43.0890 12072  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
14:38:43.0900 12072  Netman - ok
14:38:43.0924 12072  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
14:38:43.0933 12072  netprofm - ok
14:38:43.0962 12072  [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:38:43.0965 12072  NetTcpPortSharing - ok
14:38:44.0110 12072  [ 2BDCB7B7917380794C9D87AC2153CE33 ] NETw5v64        C:\Windows\system32\DRIVERS\NETw5v64.sys
14:38:44.0229 12072  NETw5v64 - ok
14:38:44.0274 12072  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:38:44.0277 12072  nfrd960 - ok
14:38:44.0317 12072  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:38:44.0323 12072  NlaSvc - ok
14:38:44.0368 12072  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:38:44.0370 12072  Npfs - ok
14:38:44.0409 12072  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
14:38:44.0412 12072  nsi - ok
14:38:44.0430 12072  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:38:44.0432 12072  nsiproxy - ok
14:38:44.0506 12072  [ 2ACCAA3C3C55370A32F17B3595E1A217 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:38:44.0531 12072  Ntfs - ok
14:38:44.0569 12072  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
14:38:44.0571 12072  Null - ok
14:38:44.0605 12072  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:38:44.0608 12072  nvraid - ok
14:38:44.0651 12072  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:38:44.0653 12072  nvstor - ok
14:38:44.0680 12072  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:38:44.0683 12072  nv_agp - ok
14:38:44.0736 12072  [ 783787D3EB1360B0C20FB2B53FE50F5C ] NWADI           C:\Windows\system32\DRIVERS\NWADIenum.sys
14:38:44.0741 12072  NWADI - ok
14:38:44.0753 12072  NwlnkFlt - ok
14:38:44.0765 12072  NwlnkFwd - ok
14:38:44.0810 12072  [ D955D5DE998DB2476BF0892BE3A96C26 ] o2flash         C:\Program Files (x86)\O2Micro Flash Memory Card Driver\o2flash.exe
14:38:44.0811 12072  o2flash - ok
14:38:44.0866 12072  [ 2481724EACE9FC86E454402A280B56C6 ] O2MDRDR         C:\Windows\system32\DRIVERS\o2mdx64.sys
14:38:44.0868 12072  O2MDRDR - ok
14:38:44.0879 12072  [ C88959545B5F598791D30314C7DB5718 ] O2SDRDR         C:\Windows\system32\DRIVERS\o2sdx64.sys
14:38:44.0881 12072  O2SDRDR - ok
14:38:44.0950 12072  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:38:44.0957 12072  odserv - ok
14:38:45.0029 12072  [ 7B58953E2F263421FDBB09A192712A85 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:38:45.0031 12072  ohci1394 - ok
14:38:45.0089 12072  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:38:45.0092 12072  ose - ok
14:38:45.0152 12072  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
14:38:45.0164 12072  p2pimsvc - ok
14:38:45.0181 12072  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
14:38:45.0191 12072  p2psvc - ok
14:38:45.0245 12072  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
14:38:45.0248 12072  Parport - ok
14:38:45.0296 12072  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:38:45.0298 12072  partmgr - ok
14:38:45.0353 12072  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:38:45.0357 12072  PcaSvc - ok
14:38:45.0393 12072  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
14:38:45.0397 12072  pci - ok
14:38:45.0428 12072  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:38:45.0430 12072  pciide - ok
14:38:45.0468 12072  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:38:45.0472 12072  pcmcia - ok
14:38:45.0529 12072  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:38:45.0540 12072  PEAUTH - ok
14:38:45.0569 12072  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:38:45.0571 12072  PerfHost - ok
14:38:45.0675 12072  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
14:38:45.0694 12072  pla - ok
14:38:45.0741 12072  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:38:45.0747 12072  PlugPlay - ok
14:38:45.0774 12072  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
14:38:45.0782 12072  PNRPAutoReg - ok
14:38:45.0797 12072  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
14:38:45.0805 12072  PNRPsvc - ok
14:38:45.0848 12072  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:38:45.0857 12072  PolicyAgent - ok
14:38:45.0908 12072  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:38:45.0911 12072  PptpMiniport - ok
14:38:45.0951 12072  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
14:38:45.0954 12072  Processor - ok
14:38:46.0009 12072  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
14:38:46.0013 12072  ProfSvc - ok
14:38:46.0034 12072  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
14:38:46.0035 12072  ProtectedStorage - ok
14:38:46.0076 12072  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
14:38:46.0078 12072  PSched - ok
14:38:46.0133 12072  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
14:38:46.0135 12072  PxHlpa64 - ok
14:38:46.0208 12072  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:38:46.0226 12072  ql2300 - ok
14:38:46.0265 12072  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:38:46.0268 12072  ql40xx - ok
14:38:46.0297 12072  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
14:38:46.0304 12072  QWAVE - ok
14:38:46.0332 12072  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:38:46.0335 12072  QWAVEdrv - ok
14:38:46.0366 12072  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:38:46.0368 12072  RasAcd - ok
14:38:46.0415 12072  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
14:38:46.0419 12072  RasAuto - ok
14:38:46.0463 12072  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:38:46.0466 12072  Rasl2tp - ok
14:38:46.0505 12072  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
14:38:46.0513 12072  RasMan - ok
14:38:46.0567 12072  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:38:46.0570 12072  RasPppoe - ok
14:38:46.0609 12072  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:38:46.0612 12072  RasSstp - ok
14:38:46.0674 12072  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:38:46.0679 12072  rdbss - ok
14:38:46.0726 12072  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:38:46.0728 12072  RDPCDD - ok
14:38:46.0776 12072  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
14:38:46.0782 12072  rdpdr - ok
14:38:46.0789 12072  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:38:46.0791 12072  RDPENCDD - ok
14:38:46.0849 12072  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:38:46.0854 12072  RDPWD - ok
14:38:46.0887 12072  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:38:46.0890 12072  RemoteAccess - ok
14:38:46.0933 12072  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:38:46.0939 12072  RemoteRegistry - ok
14:38:47.0022 12072  [ F228CE2F778503CECB2B27097B5B3139 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:38:47.0025 12072  RFCOMM - ok
14:38:47.0074 12072  [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
14:38:47.0076 12072  RimUsb - ok
14:38:47.0130 12072  [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
14:38:47.0132 12072  RimVSerPort - ok
14:38:47.0161 12072  [ 6A0CF73B019CBC9255E23C9192EC3702 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
14:38:47.0163 12072  ROOTMODEM - ok
14:38:47.0225 12072  [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
14:38:47.0228 12072  Roxio UPnP Renderer 9 - ok
14:38:47.0272 12072  [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe
14:38:47.0278 12072  Roxio Upnp Server 9 - ok
14:38:47.0376 12072  [ 78E680A105F47B6AA0003BD23ED9FA51 ] RoxLiveShare9   C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
14:38:47.0382 12072  RoxLiveShare9 - ok
14:38:47.0432 12072  [ 9D5C024170C376D7CC66ED853FDA9068 ] RoxMediaDB9     C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
14:38:47.0450 12072  RoxMediaDB9 - ok
14:38:47.0528 12072  [ 87F175539DBBA297018AA7FCDD563FF7 ] RoxWatch9       C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
14:38:47.0532 12072  RoxWatch9 - ok
14:38:47.0554 12072  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
14:38:47.0557 12072  RpcLocator - ok
14:38:47.0610 12072  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
14:38:47.0619 12072  RpcSs - ok
14:38:47.0632 12072  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:38:47.0634 12072  rspndr - ok
14:38:47.0656 12072  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
14:38:47.0659 12072  SamSs - ok
14:38:47.0714 12072  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:38:47.0717 12072  sbp2port - ok
14:38:47.0805 12072  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
14:38:47.0823 12072  SBSDWSCService - ok
14:38:47.0873 12072  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:38:47.0878 12072  SCardSvr - ok
14:38:47.0947 12072  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
14:38:47.0965 12072  Schedule - ok
14:38:48.0002 12072  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:38:48.0003 12072  SCPolicySvc - ok
14:38:48.0069 12072  [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
14:38:48.0072 12072  sdbus - ok
14:38:48.0111 12072  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:38:48.0117 12072  SDRSVC - ok
14:38:48.0151 12072  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:38:48.0153 12072  secdrv - ok
14:38:48.0179 12072  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
14:38:48.0183 12072  seclogon - ok
14:38:48.0227 12072  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
14:38:48.0230 12072  SENS - ok
14:38:48.0261 12072  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:38:48.0264 12072  Serenum - ok
14:38:48.0304 12072  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys
14:38:48.0307 12072  Serial - ok
14:38:48.0365 12072  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:38:48.0368 12072  sermouse - ok
14:38:48.0420 12072  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:38:48.0424 12072  SessionEnv - ok
14:38:48.0456 12072  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:38:48.0458 12072  sffdisk - ok
14:38:48.0503 12072  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:38:48.0506 12072  sffp_mmc - ok
14:38:48.0550 12072  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:38:48.0553 12072  sffp_sd - ok
14:38:48.0575 12072  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:38:48.0578 12072  sfloppy - ok
14:38:48.0622 12072  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:38:48.0630 12072  SharedAccess - ok
14:38:48.0677 12072  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:38:48.0685 12072  ShellHWDetection - ok
14:38:48.0729 12072  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
14:38:48.0732 12072  SiSRaid2 - ok
14:38:48.0740 12072  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:38:48.0743 12072  SiSRaid4 - ok
14:38:48.0837 12072  [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:38:48.0840 12072  SkypeUpdate - ok
14:38:48.0934 12072  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
14:38:48.0973 12072  slsvc - ok
14:38:49.0031 12072  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
14:38:49.0034 12072  SLUINotify - ok
14:38:49.0071 12072  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:38:49.0073 12072  Smb - ok
14:38:49.0111 12072  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:38:49.0113 12072  SNMPTRAP - ok
14:38:49.0477 12072  [ 5814173A301516D1FE00F615E56A3E8A ] SNP2STD         C:\Windows\system32\DRIVERS\snp2sxp.sys
14:38:49.0745 12072  SNP2STD - ok
14:38:49.0790 12072  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
14:38:49.0791 12072  spldr - ok
14:38:49.0847 12072  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
14:38:49.0853 12072  Spooler - ok
14:38:49.0903 12072  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:38:49.0910 12072  srv - ok
14:38:49.0931 12072  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:38:49.0933 12072  srv2 - ok
14:38:49.0959 12072  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:38:49.0962 12072  srvnet - ok
14:38:50.0000 12072  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:38:50.0005 12072  SSDPSRV - ok
14:38:50.0071 12072  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:38:50.0076 12072  SstpSvc - ok
14:38:50.0138 12072  [ 14B4DB4381E4A55F570D8BB699B791D6 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
14:38:50.0139 12072  StillCam - ok
14:38:50.0192 12072  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
14:38:50.0205 12072  stisvc - ok
14:38:50.0231 12072  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:38:50.0233 12072  swenum - ok
14:38:50.0277 12072  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
14:38:50.0289 12072  swprv - ok
14:38:50.0308 12072  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
14:38:50.0311 12072  Symc8xx - ok
14:38:50.0343 12072  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
14:38:50.0346 12072  Sym_hi - ok
14:38:50.0384 12072  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
14:38:50.0387 12072  Sym_u3 - ok
14:38:50.0467 12072  [ 437A9D8B5AE2067D44EB60C953EDC8A4 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:38:50.0473 12072  SynTP - ok
14:38:50.0524 12072  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
14:38:50.0542 12072  SysMain - ok
14:38:50.0577 12072  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:38:50.0582 12072  TabletInputService - ok
14:38:50.0620 12072  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:38:50.0628 12072  TapiSrv - ok
14:38:50.0655 12072  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
14:38:50.0659 12072  TBS - ok
14:38:50.0753 12072  [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:38:50.0776 12072  Tcpip - ok
14:38:50.0803 12072  [ 0E970F59D7FBB838316176B19A2ADB82 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
14:38:50.0817 12072  Tcpip6 - ok
14:38:50.0857 12072  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:38:50.0859 12072  tcpipreg - ok
14:38:50.0902 12072  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:38:50.0904 12072  TDPIPE - ok
14:38:50.0925 12072  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:38:50.0928 12072  TDTCP - ok
14:38:50.0971 12072  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:38:50.0974 12072  tdx - ok
14:38:51.0150 12072  [ 6B1B2F8D62D606B200C2072564090104 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
14:38:51.0240 12072  TeamViewer8 - ok
14:38:51.0291 12072  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:38:51.0294 12072  TermDD - ok
14:38:51.0345 12072  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
14:38:51.0357 12072  TermService - ok
14:38:51.0377 12072  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
14:38:51.0383 12072  Themes - ok
14:38:51.0425 12072  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
14:38:51.0429 12072  THREADORDER - ok
14:38:51.0457 12072  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
14:38:51.0462 12072  TrkWks - ok
14:38:51.0519 12072  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:38:51.0521 12072  TrustedInstaller - ok
14:38:51.0549 12072  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:38:51.0551 12072  tssecsrv - ok
14:38:51.0595 12072  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
14:38:51.0597 12072  tunmp - ok
14:38:51.0635 12072  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:38:51.0637 12072  tunnel - ok
14:38:51.0671 12072  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:38:51.0674 12072  uagp35 - ok
14:38:51.0725 12072  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:38:51.0731 12072  udfs - ok
14:38:51.0766 12072  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:38:51.0770 12072  UI0Detect - ok
14:38:51.0803 12072  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:38:51.0805 12072  uliagpkx - ok
14:38:51.0833 12072  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
14:38:51.0839 12072  uliahci - ok
14:38:51.0877 12072  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
14:38:51.0881 12072  UlSata - ok
14:38:51.0917 12072  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
14:38:51.0921 12072  ulsata2 - ok
14:38:51.0949 12072  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:38:51.0952 12072  umbus - ok
14:38:51.0986 12072  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
14:38:51.0995 12072  upnphost - ok
14:38:52.0061 12072  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:38:52.0064 12072  USBAAPL64 - ok
14:38:52.0111 12072  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:38:52.0114 12072  usbaudio - ok
14:38:52.0179 12072  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:38:52.0182 12072  usbccgp - ok
14:38:52.0213 12072  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:38:52.0216 12072  usbcir - ok
14:38:52.0254 12072  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:38:52.0257 12072  usbehci - ok
14:38:52.0285 12072  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:38:52.0291 12072  usbhub - ok
14:38:52.0334 12072  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:38:52.0336 12072  usbohci - ok
14:38:52.0386 12072  [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:38:52.0388 12072  usbprint - ok
14:38:52.0426 12072  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:38:52.0429 12072  USBSTOR - ok
14:38:52.0457 12072  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:38:52.0460 12072  usbuhci - ok
14:38:52.0481 12072  [ FC33099877790D51B0927B7039059855 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
14:38:52.0485 12072  usbvideo - ok
14:38:52.0533 12072  [ C690C8B45DB67DBA284B72D1FD649D2C ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
14:38:52.0535 12072  usb_rndisx - ok
14:38:52.0576 12072  [ 56ED086F1300ECB1E6F67AC43955E5E9 ] UVCFTR          C:\Windows\system32\Drivers\UVCFTR_S.SYS
14:38:52.0579 12072  UVCFTR - ok
14:38:52.0616 12072  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
14:38:52.0620 12072  UxSms - ok
14:38:52.0676 12072  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
14:38:52.0686 12072  vds - ok
14:38:52.0716 12072  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:38:52.0718 12072  vga - ok
14:38:52.0742 12072  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:38:52.0744 12072  VgaSave - ok
14:38:52.0771 12072  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
14:38:52.0774 12072  viaide - ok
14:38:52.0801 12072  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:38:52.0803 12072  volmgr - ok
14:38:52.0850 12072  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:38:52.0856 12072  volmgrx - ok
14:38:52.0906 12072  [ 582F710097B46140F5A89A19A6573D4B ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:38:52.0911 12072  volsnap - ok
14:38:52.0920 12072  vpnva - ok
14:38:52.0965 12072  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:38:52.0969 12072  vsmraid - ok
14:38:53.0059 12072  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
14:38:53.0086 12072  VSS - ok
14:38:53.0137 12072  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
14:38:53.0147 12072  W32Time - ok
14:38:53.0184 12072  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:38:53.0186 12072  WacomPen - ok
14:38:53.0230 12072  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:38:53.0233 12072  Wanarp - ok
14:38:53.0239 12072  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:38:53.0241 12072  Wanarpv6 - ok
14:38:53.0269 12072  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:38:53.0281 12072  wcncsvc - ok
14:38:53.0312 12072  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:38:53.0316 12072  WcsPlugInService - ok
14:38:53.0347 12072  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
14:38:53.0349 12072  Wd - ok
14:38:53.0408 12072  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:38:53.0421 12072  Wdf01000 - ok
14:38:53.0446 12072  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:38:53.0451 12072  WdiServiceHost - ok
14:38:53.0457 12072  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:38:53.0461 12072  WdiSystemHost - ok
14:38:53.0481 12072  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
14:38:53.0488 12072  WebClient - ok
14:38:53.0531 12072  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:38:53.0538 12072  Wecsvc - ok
14:38:53.0552 12072  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:38:53.0557 12072  wercplsupport - ok
14:38:53.0575 12072  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
14:38:53.0580 12072  WerSvc - ok
14:38:53.0630 12072  [ 40EFEE2FD560EB0438F3AEBD5BF751B4 ] winachsf        C:\Windows\system32\DRIVERS\CAX_CNXT.sys
14:38:53.0641 12072  winachsf - ok
14:38:53.0658 12072  WinDefend - ok
14:38:53.0666 12072  WinHttpAutoProxySvc - ok
14:38:53.0738 12072  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:38:53.0743 12072  Winmgmt - ok
14:38:53.0820 12072  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
14:38:53.0855 12072  WinRM - ok
14:38:53.0910 12072  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:38:53.0922 12072  Wlansvc - ok
14:38:54.0091 12072  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:38:54.0131 12072  wlidsvc - ok
14:38:54.0172 12072  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
14:38:54.0175 12072  WmiAcpi - ok
14:38:54.0228 12072  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:38:54.0233 12072  wmiApSrv - ok
14:38:54.0261 12072  WMPNetworkSvc - ok
14:38:54.0291 12072  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:38:54.0296 12072  WPCSvc - ok
14:38:54.0338 12072  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:38:54.0343 12072  WPDBusEnum - ok
14:38:54.0376 12072  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
14:38:54.0379 12072  WpdUsb - ok
14:38:54.0518 12072  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:38:54.0536 12072  WPFFontCache_v0400 - ok
14:38:54.0579 12072  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:38:54.0581 12072  ws2ifsl - ok
14:38:54.0632 12072  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll
14:38:54.0637 12072  wscsvc - ok
14:38:54.0687 12072  [ DE5F5212AB34221DD1618B5FEFE8DB6C ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
14:38:54.0689 12072  WSDPrintDevice - ok
14:38:54.0699 12072  WSearch - ok
14:38:54.0794 12072  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:38:54.0839 12072  wuauserv - ok
14:38:54.0897 12072  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:38:54.0899 12072  WudfPf - ok
14:38:54.0953 12072  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:38:54.0958 12072  WUDFRd - ok
14:38:55.0006 12072  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:38:55.0010 12072  wudfsvc - ok
14:38:55.0060 12072  [ C22B223CC6D58E921D78E173172F66F5 ] XAudio          C:\Windows\system32\DRIVERS\xaudio64.sys
14:38:55.0062 12072  XAudio - ok
14:38:55.0102 12072  [ 963C27034BBA4AC52A13F7A3C657C708 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio64.exe
14:38:55.0108 12072  XAudioService - ok
14:38:55.0163 12072  [ 29184BA4B42847A76BFAB387A2E52FE3 ] yukonx64        C:\Windows\system32\DRIVERS\yk60x64.sys
14:38:55.0169 12072  yukonx64 - ok
14:38:55.0182 12072  ================ Scan global ===============================
14:38:55.0210 12072  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
14:38:55.0260 12072  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
14:38:55.0277 12072  [ D665D594B7E11133D29D726BDDC7A5B0 ] C:\Windows\system32\winsrv.dll
14:38:55.0332 12072  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
14:38:55.0339 12072  [Global] - ok
14:38:55.0339 12072  ================ Scan MBR ==================================
14:38:55.0352 12072  [ 7BA4C7EA1EF33A92F5F01BE63EDACB6A ] \Device\Harddisk0\DR0
14:38:58.0115 12072  \Device\Harddisk0\DR0 - ok
14:38:58.0131 12072  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR4
14:38:58.0332 12072  \Device\Harddisk1\DR4 - ok
14:38:58.0333 12072  ================ Scan VBR ==================================
14:38:58.0336 12072  [ 1EC6DD7D351F541E73C986B0E8D25A49 ] \Device\Harddisk0\DR0\Partition1
14:38:58.0338 12072  \Device\Harddisk0\DR0\Partition1 - ok
14:38:58.0344 12072  [ B32A812A662F3B087C27BB67B658DBAA ] \Device\Harddisk1\DR4\Partition1
14:38:58.0349 12072  \Device\Harddisk1\DR4\Partition1 - ok
14:38:58.0349 12072  ============================================================
14:38:58.0349 12072  Scan finished
14:38:58.0349 12072  ============================================================
14:38:58.0365 11556  Detected object count: 0
14:38:58.0366 11556  Actual detected object count: 0
14:39:10.0798 4556  Deinitialize success



#4 whtwulf

whtwulf
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 02 May 2013 - 02:59 PM

ADWCleaner LOG File is:

 

# AdwCleaner v2.300 - Logfile created 05/02/2013 at 14:42:32
# Updated 28/04/2013 by Xplode
# Operating system : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# User : John - JOHN-PC
# Boot Mode : Normal
# Running from : C:\Users\John\Downloads\AdwCleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : DefaultTabSearch
Stopped & Deleted : DefaultTabUpdate

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\adawaretb
Deleted on reboot : C:\Program Files (x86)\BitTorrentBar
Deleted on reboot : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Deleted on reboot : C:\Program Files (x86)\Common Files\Plasmoo
Deleted on reboot : C:\Program Files (x86)\Conduit
Deleted on reboot : C:\Program Files (x86)\ConduitEngine
Deleted on reboot : C:\Program Files (x86)\DefaultTab
Deleted on reboot : C:\Program Files (x86)\FantastiGames Toolbar
Deleted on reboot : C:\ProgramData\APN
Deleted on reboot : C:\ProgramData\blekko toolbars
Deleted on reboot : C:\ProgramData\boost_interprocess
Deleted on reboot : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Deleted on reboot : C:\Users\John\AppData\Local\SwvUpdater
Deleted on reboot : C:\Users\John\AppData\LocalLow\adawaretb
Deleted on reboot : C:\Users\John\AppData\LocalLow\BitTorrentBar
Deleted on reboot : C:\Users\John\AppData\LocalLow\ConduitEngine
Deleted on reboot : C:\Users\John\AppData\Roaming\DefaultTab
Deleted on reboot : C:\Users\John\AppData\Roaming\dvdvideosoftiehelpers
Deleted on reboot : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\daxip@kjvdvbop.org
Deleted on reboot : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\staged
Deleted on reboot : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\mvhhdg3c.default-1363237035663\adawaretb
Deleted on reboot : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\mvhhdg3c.default-1363237035663\jetpack
Deleted on reboot : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\vsrxx2ko.default\extensions\daxip@kjvdvbop.org
Deleted on reboot : C:\Users\Pauline\AppData\Roaming\Mozilla\Firefox\Profiles\0r0fz2k8.default\adawaretb
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml

***** [Registry] *****

Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AppDataLow\Software\BitTorrentBar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BitTorrentBar Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\Software\BitTorrentBar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7EC77DE-6275-47ED-957E-988FAE89E873}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D7EC77DE-6275-47ED-957E-988FAE89E873}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32816291-A714-45E4-825F-4E5655D88190}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB60BFA0-FBBB-4397-9B2F-BE164E6ADB86}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\DataMngr
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{88C7F2AA-F93F-432C-8F0E-B7D85967A527}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js

C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js ... Deleted !

[OK] File is clean.

File : C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\mvhhdg3c.default-1363237035663\prefs.js

C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\mvhhdg3c.default-1363237035663\user.js ... Deleted !

Deleted : user_pref("extensions.freecorder@freecorder.com.current_url", "hxxps://mail.google.com/mail/u/0/?ui=[...]
Deleted : user_pref("extensions.freecorder@freecorder.com.menuitems", "[{\"name\":\"Freecorder Menu Header\",\[...]

File : C:\Users\Pauline\AppData\Roaming\Mozilla\Firefox\Profiles\0r0fz2k8.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Pauline\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [8016 octets] - [02/05/2013 14:42:32]

########## EOF - C:\AdwCleaner[S1].txt - [8076 octets] ##########



#5 whtwulf

whtwulf
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 02 May 2013 - 03:02 PM

The issue with ads in my Google searches seems to have been resolved, but the other problem persists. I will try eliminating add-ons one-by-one to see which one caused it.

 

Thank you for the advice.



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:37 PM

Posted 02 May 2013 - 08:41 PM

You're welcome!. Let us know.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 whtwulf

whtwulf
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 04 May 2013 - 12:06 PM

Okay, the ads are back, and I have eliminated add-ons until I am at barebones and still getting the redirect problem. It seems to be that the first time I visit a website after my browser has been closed out, the first link I click on will take me to a site called [website].ievbz.com in a new window. After that, all the links work normally. For example, if I am at Netflix, then first time I click on a link, it takes me to netflix.ievbz.com. After I close that window or tab, it behaves normally, until I leave that site and exit the browser; then the problem returns.

 

I have tried rolling back the system to an earlier time, and while it was successful and the problem went awy for a short time, it is back.


Edited by whtwulf, 04 May 2013 - 12:07 PM.


#8 whtwulf

whtwulf
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 05 May 2013 - 10:51 AM

Bump for assistance, please.



#9 HD07

HD07

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:37 PM

Posted 05 May 2013 - 04:05 PM

I'm having the same problem!

 

 

*.ievbz.com Web Browser Adware

Adware Description

Both Google Chrome and Firefox browsers have been infected with an adware. The adware pops-up every few minutes or every few clicks when I click on an unrelated link on the Web. It take a website, for example-- google.com, and then creates a pop-up with the the current domain name as the sudomain: google.ievbz.com. So, the format is always subdomain.ievbz.com.


Source Code

I viewed the source code for testing.ievbz.com and it’s as follows--

Google Chrome link: view-source:http://testing.ievbz.com

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="robots" content="noindex">
<title></title>
<style>html,body{margin:0;padding:0;height:100%}body{color:#000;font-family:Verdana,Arial,Helvetica,sans-serif;font-size:12px;overflow:hidden}#iframe{height:100%;width:100%;border:0}</style>
<script>try{window.name="ov_suppress"}catch(e){}</script>
</head>
<body>
<iframe id="f" src="" height="100%" width="100%" frameborder="0" marginheight="0" marginwidth="0"></iframe>
<script>var f=document.getElementById('f');f.src=location.protocol+'//testing.ievbz.com/?c=pop&msk=1';</script>
</body>
</html>

The link forwarded my browser tab go ZipCloud.com.

 

Domain Information

The following is the WhoIs information for the ievbz.com domain name--

http://whois.net/whois/ievbz.com


Registration Service Provided By: Namecheap.com

Contact: support@namecheap.com

Visit: http://namecheap.com

Registered through: eNom, Inc.


Registrant Contact:

  WhoisGuard

  WhoisGuard Protected ()

Name Servers:

  ns-1525.awsdns-62.org

  ns-168.awsdns-21.com

  ns-1835.awsdns-37.co.uk

  ns-612.awsdns-12.net

Creation date: 26 Apr 2013 19:17:00

Expiration date: 26 Apr 2014 11:17:00


I encourage every to contact eNom.com (Report Abuse) about the ievbz.com domain name and I’m still waiting for a response.


Affiliate Links

These are some of the affiliate links related to this adware--

VistaPrint.com

ChristianMingle.com

This is the adware owner’s VistaPrint.com affilaite ID--

  • AFFID=102759

The adware owner’s Quibids.com afiliate ID is id=102759


Google Results Ads

This adware also adds cloaked affiliate ads on top of all Google search results on the infected browsers.


I did a Google search for the word “test” and the ads were displayed in this format--

<a class="l" style="color:#1122CC;text-decoration:underline">Citizenship <span style="font-weight:bold!important">Test</span> Search for Citizenship <span style="font-weight:bold!important">Test</span>.</a>
  • class="l" is how the links are cloaked.

The cloaked link goes to a redirection script at--

  • I removed my IP address from and placed 0’s in the &ip=000.000.000.000 variable.

This redirects to Ask.com

Another domain is also being used for a redirection script similar to the one on ievbz.com. This domain is used for the embeded Google Search ads:

The following is the Google Chrome source code of one of the redirection links--


The following is the code for the redirection link at a.kaytri.com--

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="refresh" content="0;url=http://67.201.62.102/index2.html?q=test&amp;u=1-2vTYNkFLk8Cgc&amp;a=410.64%20Safari%2F537.31&amp;ti=1367779915&amp;r=d3d3Lmdvb2dsZS5jb20&amp;h=fq193&amp;l=MC4wODAwMDA&amp;ci=41095|netbus|17592&amp;i=1291684538&amp;des=aHR0cDovL2NsaWNrLmFwcHJvdmVkc2VhcmNoLmNvbS9jbGljay8_cD11JTNGZSUyN2QlM0UyMSUzQiUyN3ElM0UwNDUlMjdpJTNFdWdwdSUyNHMlM0MlM0ElM0IlMjdxdiUzQzYyMSUzQjYlNUVsZnUlNjB2ciUyNHYlM0MzMDYlM0I3MzAzNDYlMjVoJTNGNDclMkMxNDElMkQwMSUzQiUyRjMlM0I3JTI0YSUzQzIlMkQxJTNBMzEyMyUyN2UlM0UxJTJDMzkyMzEyJTI1cnYlM0UwMTU2NTQ4JTNCMjQlMjRzYyUzRmt1dnMlMjQxQiUyNDBFJTI0MEUlNjBmbiU2MHBoZHYlMjYzR25kJTI3MUdxJTYwMyUyNzZHY3NyZ3ElMjQwRnFqcyUyN3FkJTNDMg">
<meta name="robots" content="noindex">
<title></title>
<script>try{window.name="ov_suppress"}catch(e){}</script>
</head>
<body></body>
</html>

The redirection script contains the following host IP address--


The following are complaints against a.kaytri.com--

https://support.mozilla.org/en-US/questions/954241

http://productforums.google.com/forum/#!topic/chrome/XBn2M4JtpfQ

 

Before some of the links, there is a hash code of what could be encrypted information--

<li class="ov_sr_ad g" style="cursor: pointer; width: 545px; list-style: none; margin-left: 0px; padding-left: 0px; margin-bottom: 17px;" rel="DSJaeAMwA3kBPVc6UiIBPAB1UXcNYAEzB3tVZl4-DipRLgUoAmsCbwMuBHNVbwN5BDMAIgBoByJWZ1p9C2ZVYwcpU3APc1AmByQFZVYmUi4NeVopAy8DeAEmVzJSbQEkAHtRJg11ATMHe1VxXjkObVFwBSgCOgIoA2IENVUwA2gEZwBkADcHOFYyWj0LNVU0BzxTNg8zUGUHYwU.VmRSag1pWmoDYQM.AXBXe1IiAWUAO1FtDWYBOQdWVXBeJQ5kUSAFMAIiAmIDIwRwVXADMQQLAC8ADgcvVjdaOAstVTQHOVMyDyhQYAdmBSRWZVJqDWtaBgN5A2IBPFczUmUBfgBlUSoNbQEmB2RVaV5oDnlRPwVsAnICbwMyBCFVMgM7BCQAdQAiB3BWblp9C3dVIwc7UzMPdVAvBycFflYxUjcNf1o7AzsDewFpVyJSPQEyAHpRNQ1CATcHY1VXXicObVF2BTwCSQJLAyIEYVUmA2oEOgBwAGkHYVY8WjsLMlU2BydTNQ8yUHMHZgU6VgdSOw0-WjsDJANiAXdXZVJGATMAZFEzDSsBYQc4VSNeNg5lUXIFMQJ0AmMDagQ1VTMDPQRgADcAZQczVjVaPQs2VSAHaFNuD3ZQbQcmBTdWMFJpDT1aaQMaA2YBNlchUmIBNAAzUXcNXwEBBzxVb141DjpRMgUsAmECZwMnBD9VaAM2BDEAcQBkBzlWJ1puC25VdgcyU28PO1AbBxcFPlYsUhQNM1ofAyEDRgEWVxZSJgFnADpRdA0.ATEHYFU4XmMOOVEyBTMCNQJ2AzkEYVV0A2kEIgBzAC4HMVY5WjsLO1U1By9TYg9rUCYHbwVjVmlSaw1rWmMDZwM9AWpXY1I1ATUAb1EiDWQBPwd5VT5eMw5tUXEFNwJhAkIDBQQ0VWMDTwQ4AHYAHgd6VlBadwtOVUIHYlMyD0pQPAcZBTpWGVIeDQBaLwMbA1gBZ1c5UlkBUQBmUWgNZgFgB2FVNF4NDktRNwVgAmICOANnBHJVWgNlBBYAXwAzB1hWQFo2C01VfAdQU3YPS1A8BwEFcFYYUjANHFogAxkDSAFmVy9STwFCAA5RaQ1mAQYHOFVoXjQOZVFUBWYCSwI5AxkENVVjA0MEFQB2ADEHblZQWn0LYFU1B2VTeQ9iUBEHAgV.Vh5SNA0PWjIDBgNeAWNXIVJlAWsAO1F3DWcBFQdMVWleGg5jUVsFOwJMAmADFgR2VUoDXwQeADQABAcyVm1aegtZVUEHMFMwD2VQLwcgBUVWAlIZDSpaaAMaA2EBE1c7Uk0BNgAeUXYNUwFiBzBVXV4ZDmJRUwVmAk0CYAM8BHZVUQNTBBUAdwAwB0dWV1pXC1lVUQdDU08PZ1AOBwUFZlYZUjENAFprAxsDcQExVyJSTQF8ABJRdg1PAQYHQFUxXgQOOFFqBV8CVAJfAyAEaFVNA2AEGgByADAHR1ZtWn0LWVVVB31TSw9cUAEHGgV4VjZSIw0MWiMDGQNYASZXE1JhAU4AHVFyDWcBBQdcVWleGg5jUVsFcwJOAmMDYwRzVUwDYQQSADAAHwdUVkBaegtNVWwHWFNxD1NQZAcSBWdWDVICDRNaKgMcA18BGFcQUk4BUgAaUTcNSQE4B0RVfV4dDmZRUAVwAlACXgMSBH5VTgNhBDQAMwAcB3pWTFo-C05VbAdQU3sPSVASBwUFZ1Y3UmgNNVo0AwYDXwEQVztSVAFoABVRdA1mAT4HbVV0Xg4OO1FTBTsCVAJMAxoEfFViA2AEMAB5ADAHMlYwWkULYFVeB1tTYg9jUDwHPAVNVjFSNw0hWhMDDwNlARhXBVJjAUEADlE1DWcBYwdAVXxeBA46UWYFcgJRAjoDPwRWVVYDOwQ0AHkAAAdrVktaeAthVVEHTFMwD1JQAgcaBV1WMVISDRdaMAMCA1wBHFc4Uk4BNgANUTUNSAEXB3FVTl4ZDmVRNwV.AlUCZwM-BEBVVQNlBBUAdgAIB1hWbVpcC1ZVUQcwU1oPUFARBw4Fe1Y3UhINC1oDAwcDZwE6VxpSTQE0AA1RNw1fARoHbVUzXgIOZFE7BX8CYQJgAzQEMFVkA04EGQB6ADEHMVY4WnwLWlU0BzhTbA9VUGYHDgVbVgJSNw0DWh0DGwNmARhXE1JjAXwAAVFlDUgBBQdPVTdeMg5fUTsFfwJWAjsDBgQ3VVkDYQQZAG4AHQdEVmVaTQtQVWsHU1NHD0lQAwcgBV9WDlISDT1aHQMBA1MBCFcVUlMBQQA7UXwNUAEVB0NVSV4zDmJRQAU6AlcCZwMFBDBVUgNMBCAAeQAzB0hWU1pDC2JVQQd9U0oPUlARByAFTVY3UgINPVoOAwwDTgFrVw1SVAFoABVRUw1RAWIHalU2Xg4OZlFQBVsCZAI7AzAEfVVWA2cEAQBUAAAHVVZ5WmcLYVVDB0RTMg9RUA4HEgVAVjZSAg0fWjADMgNdAQRXL1JVAVAAEVF.DVYBYwdtVTVeGQ5jUXIFPAJWAjoDBgQ3VWUDTgQjADAANgdrVmZaOwtWVXwHQ1N2D2RQHgcSBWRWBVIPDTFaMAMEA10BF1cuUmUBbQA7UWkNZgFhB25Vcl4EDk9RRwVzAlQCZgMRBDZVVQNdBCcATAAzB2xWT1piC2ZVQwdDU3oPZFAQBw4FclY3UhINH1otAzQDOwEAVwJSVAE3AAVRaA1mAQUHYVVLXjYOY1E7BUcCTgJdAx0EZVVXA08EPAAxAAEHblZDWlkLVFVQB19TUA9IUDoHPAVPVjZSMQ1gWgADDANcARxXBFJPAVIAFVFyDVQBPAdLVTZeNg5yUUwFYAJhAl4DMwRTVWMDZgQ7AHQABAdVVmladQthVVMHMFNlD1NQZwc8BXhWMVIdDWlaagM1A0wBa1cEUlUBawARUVMNZwEVB09VdV4ADk1RMwVNAlECXwMaBDVVVQM4BBEATQAcB2tWZVpjC0xVUwdDU3YPZ1AABzgFQ1YFUjcNPVooAwADTQEHVy9SUgFoAD9RUg1SARcHX1VJXg0OZlFyBVICZQJPAzMES1VVAzgEFQByAAsHMVZEWnULWlVrB1NTTg9iUBIHDgVHVgFSIA0PWhEDBwM7ASJXZ1JMAVIAO1FJDVMBFwdxVXBeDw45UW4FRwJhAl8DMAQwVWUDUwQ-AEgAMAd6VkdaTQtQVTYHT1N7D2VQHgceBXlWBlIxDR9aDQMFA0gBHFdmUmMBawAgUT0NZAEaB1tVNV40DktRVwVwAlECWQMCBH1VUgNiBAIAeQAAB2pWUFp3C05VQgdiUzIPSlA8BxkFOlYZUh4NAFovAxsDWAFnVzlSWQFRAGZRaA1mAWAHYVU0Xg0OS1E3BWACYgI4A2cEaFVNA2AEDQB5AAgHU1ZUWnYLUVVoB21TUw9VUA4HHgU8VhhSDw0xWioDDwNlARxXEFJaAUAABVFCDVABYgdfVTBeDQ5PUTcFUgJjAmEDZgRXVWIDUwQdAHMABwdIVmVaVwtgVVAHR1NuD15QZAcSBV1WN1IfDRNabAMCA0wBMVdjUk0BNQA7UV0NUwEVB3lVVF4ODjlRUAV9AlICTQMFBDVVUwNcBA0AbAAzB0ZWcVpIC1pVNAdDU0APYlA6BxYFOFY1UmgNE1oTAxgDOQFnVydSVQFRAGJRUA1SATwHU1U3XgMOT1FYBV0CUQJeAz8EXVVZAzoEOwBEAAgHSFZDWlYLYlVDB2FTRQ9LUD8HZQVdVgZSHQ0tWhMDAANcASVXLVJiAWgADVF0DUsBBAdhVU5eGQ5AUVQFZAJRAmcDYgR1VVMDOwQNAE8ABwdUVm1aSAtZVVMHPFNGD1NQOAcOBURWAVI3DQxaIwM0A04BY1dhUlYBbQAZUW0NVwFgB2JVfV4EDmJRWAVFAlICQgMBBG1VZANgBAEAbgABB2tWW1pJC1lVagdhU0wPVVAQBxIFU1YxUh8NYFoLAw4DOQE.V2ZSWQE3ADtRcA1TAT8HfVVNXjUOZlFMBVoCVgJgAz8ETFVZA2YEbgBQAAoHMFZbWmcLVlVDBzBTaA9IUAUHZQVTVjBSDw06Wi4DAgNnASJXBlJPAUAANFF.DUsBBwd9VVBeGg5QUUgFawJhAmQDOwRXVVcDUwQVAEsACAdYVlNaZQtZVVEHRFM2D1VQEgcdBXJWDVI2DTFaFwMEAzoBH1cuUlUBNQANUWUNZAEaB19VR14bDl5RRAVBAk0COAM-BHRVTQNeBG4ANgAFB21WMFpEC1dVbQdcU3oPZ1A9B2EFRVYDUjENE1o8AwIDXwE2VztSUQFqAD9RYg1SAQcHcVVtXgYOOVFABU4CWgI4AzsESFVSA04EDQBsABwHVFZLWnkLUFVTB1tTVw9VUGQHJAVTVgZSDQ0tWjEDAANOAWtXAlJkAVMAGVF0DVMBYwdMVSdeKg__" rev="1d5920f4b44b27a802bd77c4f0536f5a_0"><div style="position:relative"><h3 class="r"><a class="l" style="color:#1122CC;text-decoration:underline">Support System Big savings on Support System.</a></h3><div valign="top" class="s"><div class="f kv"><cite>www.ebay.com</cite></div><div style="margin-top:2px"><span class="st">Free Shipping available. Buy Now <b>...</b></span></div></div></div></li>

If you find anymore affiliate links with affiliate IDs, please share them here.

 

Other People Experiencing Problems

 

ievbz.com

a.kaytri.com

 


Edited by HD07, 05 May 2013 - 04:31 PM.


#10 Guest_Francis Houle_*

Guest_Francis Houle_*

  • Guests
  • OFFLINE
  •  

Posted 05 May 2013 - 05:20 PM

Security Check

§  Download Security Check from here or here and save it to your Desktop.

§  Double-click on SecurityCheck.exe

§  Follow the on-screen instructions.

§  Notepad document should open automatically called checkup.txt.

§  Please post the content of that document.

 

Farbar Service Scanner

§  Download Farbar Service Scanner.

§  Run it on the computer.

§  Make sure the following options are checked:

o    Internet Services

o    Windows Firewall

o    System Restore

o    Security Center/Action Center

o    Windows Update

o    Windows Defender

o    Other Services

§  Press "Scan".

§  It will create a log (FSS.txt) in the same directory where you run the tool.

§  Please copy and paste the log to your reply.

 

MiniToolBox

§  Download MiniToolBox

§  Run it on the computer.

§  Checkmark following boxes:

§  Report IE Proxy Settings

§  Report FF Proxy Settings

§  List content of Hosts

§  List IP configuration

§  List Winsock Entries

§  List last 10 Event Viewer log

§  List Installed Programs

§  List Devices (do NOT change any settings here)

§  List Users, Partitions and Memory size

§  Click Go and post the result.

 

Malwarebytes’ Anti-Malware

§  Download Malwarebytes' Anti-Malware https://www.bleepingcomputer.com/download/malwarebytes-anti-malware/ to your desktop.

§  Double-click mbam-setup.exe and follow the prompts to install the program.

§  At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

§  If an update is found, it will download and install the latest version.

§  Once the program has loaded, select Perform quick scan, then click Scan.

§  When the scan is complete, click OK, then Show Results to view the results.

§  Be sure that everything is checked, and click Remove Selected.

§  When completed, a log will open in Notepad.

§  Post the log back here.

§  Be sure to restart the computer.

§  The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

 

Malwarebytes’ Anti-Rootkit

§  Download Malwarebytes Anti-Rootkit from HERE to your Desktop.

§  Unzip downloaded file.

§  Open the folder where the contents were unzipped and run mbar.exe

§  Follow the instructions in the wizard to update and allow the program to scan your computer for threats.

§  DO NOT click on the Cleanup button. Simply exit the program.

§  When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

 

 AdwCleaner

·         Please download AdwCleaner by Xplode onto your desktop.

·         Close all open programs and internet browsers.

·         Double click on adwcleaner.exe to run the tool.

·         Click on Delete.

·         Confirm each time with Ok.

·         Your computer will be rebooted automatically. A text file will open after the restart.

·         Please post the contents of that logfile with your next reply.

·         You can find the logfile at C:\AdwCleaner[S1].txt as well.

Junkware Removal Tool

§  Please download Junkware Removal Tool to your desktop.

§  Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

§  The tool will open and start scanning your system.

§  Please be patient as this can take a while to complete depending on your system's specifications.

§  On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

§  Post the contents of JRT.txt into your next message.

 

Temp File Cleaner

§  Download Temp File Cleaner (TFC) Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe

§  Double click on TFC.exe to run the program.

§  Click on Start button to begin cleaning process.

§  TFC will close all running programs, and it may ask you to restart computer.

§  NOTE. If it freezes in normal mode run it from safe mode. Be patient

 

Reset browsers

 

How to restore Google Chrome:
1. Close the Google Chrome browser, if it is running.
2. Go to Start menu, search for Run and open it. Or find it out from the Start menu, All programs, Accessories.
3. Type the following line according to the OS in the run box.

%LOCALAPPDATA%\Google\Chrome\User Data\ (in Windows 8/7/Vista)
%USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\ (in Windows Xp). And hit Enter.

4. There is a folder named Default and this folder contains all the current settings.

5. Rename the Default folder to Default.old.

6. Now lunch the Google Chrome.

See, all the original settings are restored. A new folder "Default" will be created and it will hold all settings for now.

 

How to restore Internet Explorer in Windows 8:

1.     Swipe in from the right edge of the screen (if you're using a mouse, point to the upper-right corner of the screen and move the mouse pointer down), and then tap or click Search. Enter Internet options in the search box, and then tap or click Settings.

 

2.     In the search results, tap or click Internet Options. Tap or click the Advanced tab and then tap or click Reset… 
Note:
 Select the Delete personal settings check box if you would also like to remove browsing history, search providers, Accelerators, home pages, Tracking Protection, and ActiveX Filtering data. 

 

3.     In the Reset Internet Explorer Settings window tap or click Reset 
Note: 
To delete all personal settings,tap or click the checkbox for Delete personal settings.

 

4.     Close and then restart Internet Explorer for the changes to take effect.

 

How to restore Internet Explorer in Windows XP, Vista or 7:

1.     Exit all programs, including Internet Explorer.

 

2.     If you use Windows XP, click Start, and then click Run. Type the following command in the Open box, and then press Enter: inetcpl.cpl

If you use Windows 7 or Windows Vista, click Start

Type the following command in the Search box, and then press Enter: inetcpl.cpl

The Internet Options dialog box appears.

 

3.     Click the Advanced tab.

 

4.     Under Reset Internet Explorer settings, click Reset. Then click Reset again.
Click to select the Delete personal settings check box if you also want to remove browsing history, search providers, Accelerators, home pages, Tracking Protection, and ActiveX Filtering data.

 

5.     When Internet Explorer finishes resetting the settings, click Close in the Reset Internet Explorer Settings dialog box.

 

6.     Start Internet Explorer again.

 

How to restore Firefox:

1. At the top of the Firefox window, click the Firefox button, go over to the Help sub-menu
and select Troubleshooting Information.

2. Click the Reset Firefox button in the upper-right corner of the Troubleshooting Information page.

3. To continue, click Reset Firefox in the confirmation window that opens.

4. Firefox will close and be reset. When it's done, a window will list the information that was imported. Click Finish and Firefox will open.

 

Please do the following :

§  Update Internet Explorer, Mozilla Firefox and Google Chrome

§  Update Java

§  Update Adobe Flash, Shockwave, Air and Reader

§  Update Windows

 

NOTE 1. Make sure all logs are pasted not attached.

NOTE 2. You must have only ONE antivirus on the computer. I recommend a paid antivirus like Norton 360, Kaspersky Pure or Malwarebytes Pro or a free antivirus like Avast, AVG or Microsoft Security Essentials



#11 whtwulf

whtwulf
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 05 May 2013 - 05:32 PM

Checkup.txt Logfile

 

Results of screen317's Security Check version 0.99.63  
 Windows Vista Service Pack 2 x64 (UAC is enabled)  
 Internet Explorer 9  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Ad-Aware
 WinPatrol
 WinPatrol  2009 (Outdated! Latest version is WinPatrol 2012)
 Spybot - Search & Destroy
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java™ 6 Update 23  
 Java 7 Update 17  
 Java version out of Date!
 Adobe Flash Player     11.7.700.169  
 Adobe Reader 9 Adobe Reader out of Date!
 Adobe Reader 10.1.6 Adobe Reader out of Date!  
 Mozilla Firefox (20.0.1)
 Mozilla Thunderbird (17.0.5)
 Google Chrome 26.0.1410.43  
 Google Chrome 26.0.1410.64  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSASCui.exe
 Ad-Aware AAWService.exe is disabled!
 Ad-Aware AAWTray.exe is disabled!
 WinPatrol winpatrol.exe
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamgui.exe  
 Malwarebytes' Anti-Malware mbamscheduler.exe   
 Windows Defender MSASCui.exe   
 Alwil Software Avast5 AvastSvc.exe  
 Alwil Software Avast5 AvastUI.exe  
 BillP Studios WinPatrol WinPatrol.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 2 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````



#12 whtwulf

whtwulf
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 05 May 2013 - 05:36 PM

Farbar Services LOGFile:

 

Farbar Service Scanner Version: 14-04-2013
Ran by John (administrator) on 05-05-2013 at 17:34:22
Running from "C:\Users\John\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcsvc.dll
[2009-12-03 09:37] - [2009-04-11 02:11] - 0268288 ____A (Microsoft Corporation) 3ED0321127CE70ACDAABBF77E157C2A7

C:\Windows\System32\drivers\afd.sys
[2012-02-15 23:08] - [2012-01-03 09:25] - 0404992 ____A (Microsoft Corporation) C4F6CE6087760AD70960C9EB130E7943

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-02-13 08:03] - [2013-01-04 06:31] - 1423720 ____A (Microsoft Corporation) 0E970F59D7FBB838316176B19A2ADB82

C:\Windows\System32\dnsrslvr.dll
[2011-04-14 21:33] - [2011-03-02 11:12] - 0117760 ____A (Microsoft Corporation) 06230F1B721494A6DF8D47FD395BB1B0

C:\Windows\System32\mpssvc.dll
[2009-12-03 09:37] - [2009-04-11 02:11] - 0603136 ____A (Microsoft Corporation) 897E3BAF68BA406A61682AE39C83900C

C:\Windows\System32\bfe.dll
[2009-12-03 09:37] - [2009-04-11 02:11] - 0458240 ____A (Microsoft Corporation) FFB96C2589FFA60473EAD78B39FBDE29

C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe
[2009-12-03 09:38] - [2009-04-11 02:11] - 1433600 ____A (Microsoft Corporation) B75232DAD33BFD95BF6F0A3E6BFF51E1

C:\Windows\System32\wscsvc.dll
[2009-12-03 09:37] - [2009-04-11 02:11] - 0074752 ____A (Microsoft Corporation) 9EA3E6D0EF7A5C2B9181961052A4B01A

C:\Windows\System32\wbem\WMIsvc.dll
[2009-12-03 09:37] - [2009-04-11 02:11] - 0221696 ____A (Microsoft Corporation) D2E7296ED1BD26D8DB2799770C077A02

C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll
[2009-12-03 09:38] - [2009-04-11 02:11] - 1081856 ____A (Microsoft Corporation) 6D316F4859634071CC25C4FD4589AD2C

C:\Windows\System32\es.dll
[2009-12-03 09:38] - [2009-04-11 02:11] - 0361984 ____A (Microsoft Corporation) E12F22B73F153DECE721CD45EC05B4AF

C:\Windows\System32\cryptsvc.dll
[2012-10-10 12:14] - [2012-06-01 19:20] - 0174592 ____A (Microsoft Corporation) CA78B312C44E4D52E842C2C8BD48E452

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2009-12-03 09:38] - [2009-04-11 02:11] - 0719872 ____A (Microsoft Corporation) CF8B9A3A5E7DC57724A89D0C3E8CF9EF



**** End of log ****



#13 whtwulf

whtwulf
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 05 May 2013 - 05:39 PM

Mini ToolBar LOGFile:

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by John (administrator) on 05-05-2013 at 17:37:22
Running from "C:\Users\John\Downloads"
Windows Vista ™ Home Premium Service Pack 2 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® WiFi Link 5100 AGN = Wireless Network Connection (Connected)
Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : John-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel® WiFi Link 5100 AGN
   Physical Address. . . . . . . . . : 00-21-6B-CC-08-42
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3896:d6fb:5ec0:c373%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.105(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, May 05, 2013 10:53:34 AM
   Lease Expires . . . . . . . . . . : Monday, May 06, 2013 10:53:36 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 184557931
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-37-CD-7A-00-23-8B-7E-2D-67
   DNS Servers . . . . . . . . . . . : 24.116.2.50
                                       24.116.2.34
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller
   Physical Address. . . . . . . . . : 00-23-8B-7E-2D-67
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 6:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:20fa:6cf2:9fec:c1e4(Preferred)
   Link-local IPv6 Address . . . . . : fe80::20fa:6cf2:9fec:c1e4%12(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 7:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{1A7A0D9B-727F-47A1-849C-B77C00CBE1F5}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : isatap.{B6399252-B23F-45A2-BC6F-CE7E737FBCBF}
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  local.speedtest.cableone.net
Address:  24.116.2.50

Name:    google.com
Addresses:  2607:f8b0:4000:805::1000
      74.125.227.199
      74.125.227.200
      74.125.227.201
      74.125.227.206
      74.125.227.192
      74.125.227.193
      74.125.227.194
      74.125.227.195
      74.125.227.196
      74.125.227.197
      74.125.227.198



Pinging google.com [74.125.227.198] with 32 bytes of data:

Reply from 74.125.227.198: bytes=32 time=49ms TTL=52

Reply from 74.125.227.198: bytes=32 time=58ms TTL=52



Ping statistics for 74.125.227.198:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 49ms, Maximum = 58ms, Average = 53ms

Server:  local2.speedtest.cableone.net
Address:  24.116.2.50

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=109ms TTL=45

Reply from 206.190.36.45: bytes=32 time=130ms TTL=45



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 109ms, Maximum = 130ms, Average = 119ms



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
 11 ...00 21 6b cc 08 42 ...... Intel® WiFi Link 5100 AGN
 10 ...00 23 8b 7e 2d 67 ...... Marvell Yukon 88E8057 PCI-E Gigabit Ethernet Controller
  1 ........................... Software Loopback Interface 1
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 15 ...00 00 00 00 00 00 00 e0  isatap.{1A7A0D9B-727F-47A1-849C-B77C00CBE1F5}
 13 ...00 00 00 00 00 00 00 e0  isatap.{B6399252-B23F-45A2-BC6F-CE7E737FBCBF}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.105     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.105    281
    192.168.1.105  255.255.255.255         On-link     192.168.1.105    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.105    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.105    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.105    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12     18 ::/0                     On-link
  1    306 ::1/128                  On-link
 12     18 2001::/32                On-link
 12    266 2001:0:9d38:6ab8:20fa:6cf2:9fec:c1e4/128
                                    On-link
 11    281 fe80::/64                On-link
 12    266 fe80::/64                On-link
 12    266 fe80::20fa:6cf2:9fec:c1e4/128
                                    On-link
 11    281 fe80::3896:d6fb:5ec0:c373/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    266 ff00::/8                 On-link
 11    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [34304] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [44032] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/05/2013 00:49:01 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16476, time stamp 0x5126e7ac, faulting module igdumdx32.dll, version 7.15.10.1527, time stamp 0x4877958a, exception code 0xc0000005, fault offset 0x00008bf4,
process id 0xfac, application start time 0xiexplore.exe0.

Error: (05/05/2013 00:48:57 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16476 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 1180
Start Time: 01ce49b89a86e950
Termination Time: 0

Error: (05/05/2013 00:48:53 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16476 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel.
Process ID: 16b0
Start Time: 01ce49b8a4bb00a0
Termination Time: 15

Error: (05/05/2013 00:47:33 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 9.0.8112.16476, time stamp 0x5126e7ac, faulting module igdumdx32.dll, version 7.15.10.1527, time stamp 0x4877958a, exception code 0xc0000005, fault offset 0x00008bf4,
process id 0x7e8, application start time 0xiexplore.exe0.

Error: (05/05/2013 00:37:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/05/2013 00:37:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/05/2013 00:37:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/05/2013 00:37:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (05/05/2013 10:57:44 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JOHN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\MVHHDG3C.DEFAULT-1363237035663\CACHE\A\91> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (05/05/2013 10:57:44 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JOHN\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\MVHHDG3C.DEFAULT-1363237035663\CACHE\A\91> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============
Error: (05/05/2013 10:54:54 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (05/05/2013 10:54:47 AM) (Source: Service Control Manager) (User: )
Description: 30000Roxio Hard Drive Watcher 9

Error: (05/05/2013 10:53:28 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 10:51:15 AM on 5/5/2013 was unexpected.

Error: (05/05/2013 10:53:14 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (05/05/2013 10:53:07 AM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (05/05/2013 00:22:42 AM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (05/04/2013 05:06:57 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.255.137 for the Network Card with network address 00216BCC0842 has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).

Error: (05/04/2013 01:35:28 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.1.105 for the Network Card with network address 00216BCC0842 has been denied by the DHCP server 68.138.18.246 (The DHCP Server sent a DHCPNACK message).

Error: (05/03/2013 10:51:53 AM) (Source: Service Control Manager) (User: )
Description: Windows Search%%1053

Error: (05/03/2013 10:51:53 AM) (Source: Service Control Manager) (User: )
Description: 30000Windows Search


Microsoft Office Sessions:
=========================
Error: (04/11/2013 04:29:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7878 seconds with 2820 seconds of active time.  This session ended with a crash.

Error: (03/24/2013 04:12:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17659 seconds with 1140 seconds of active time.  This session ended with a crash.

Error: (03/15/2013 05:44:15 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: , Microsoft Office Version: 12.0.6612.1000. This session lasted 26 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/15/2013 05:36:11 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: ??????, Microsoft Office Version: 12.0.6612.1000. This session lasted 7 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/15/2013 05:35:41 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: ??????, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/15/2013 05:34:59 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: ??????, Microsoft Office Version: 12.0.6612.1000. This session lasted 14 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/15/2013 05:32:51 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: ??????, Microsoft Office Version: 12.0.6612.1000. This session lasted 107 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/01/2013 09:27:36 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 196 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (02/21/2013 05:42:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19458 seconds with 3060 seconds of active time.  This session ended with a crash.

Error: (02/02/2013 01:19:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6364 seconds with 1320 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-05-01 14:11:25.049
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-01 14:11:24.721
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-01 14:11:24.394
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-01 14:11:24.066
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-01 14:11:23.723
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-01 14:11:23.411
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-01 14:11:22.990
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-01 14:11:22.678
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-01 14:11:22.334
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.

  Date: 2013-05-01 14:11:22.007
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

Apple Mobile Device Support (Version: 6.1.0.13)
Bonjour (Version: 3.0.0.10)
Conexant HD Audio (Version: 4.75.0.0)
DownloadTerms (Version: 1.0)
Dropbox (Version: 1.6.18)
EasyBits GO
Emulator Starter (Version: 1.0.0.130)
HDAUDIO Soft Data Fax Modem with SmartCP (Version: 7.80.2.0)
iCloud (Version: 2.1.1.3)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes (Version: 11.0.2.26)
Kodak AIO Printer (Version: 7.0.3.0)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Motorola Mobile Drivers Installation 5.0.0 (Version: 5.0.0)
Move Media Player
O2Micro Flash Memory Card Reader Driver (x64) (Version: 3.25)
Synaptics Pointing Device Driver (Version: 11.1.22.0)
Unity Web Player (Version: )
VD64Inst (Version: 1.00.0000)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 74%
Total physical RAM: 3960 MB
Available physical RAM: 1014.81 MB
Total Pagefile: 8115.26 MB
Available Pagefile: 5352.57 MB
Total Virtual: 4095.88 MB
Available Virtual: 3996.67 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:451.76 GB) (Free:209.73 GB) NTFS
3 Drive g: (Archive) (Fixed) (Total:465.76 GB) (Free:24.33 GB) NTFS

========================= Users: ========================================

User accounts for \\JOHN-PC

Administrator            Guest                    John                     
Pauline                  

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

23-04-2013 07:14:40 Scheduled Checkpoint
23-04-2013 07:21:10 Windows Update
24-04-2013 06:42:08 Scheduled Checkpoint
25-04-2013 06:50:48 Scheduled Checkpoint
25-04-2013 08:00:14 Windows Update
26-04-2013 10:39:35 Scheduled Checkpoint
27-04-2013 03:35:41 Installed SpyHunter
27-04-2013 04:00:03 Removed SpyHunter
27-04-2013 05:37:10 Removed SpyHunter
27-04-2013 05:51:39 Removed SimCity™ Societies
27-04-2013 20:07:28 Windows Update
29-04-2013 02:56:36 Installed Java 7 Update 21
30-04-2013 07:16:43 Windows Update
01-05-2013 02:16:21 Scheduled Checkpoint
01-05-2013 23:50:11 Windows Update
02-05-2013 06:27:55 Restore Operation
02-05-2013 17:20:07 Windows Update
03-05-2013 06:12:56 Scheduled Checkpoint
04-05-2013 07:09:09 Scheduled Checkpoint
05-05-2013 08:52:21 Scheduled Checkpoint

**** End of log ****



#14 Guest_Francis Houle_*

Guest_Francis Houle_*

  • Guests
  • OFFLINE
  •  

Posted 05 May 2013 - 07:50 PM

You have several antivirus on your computer. Please only keep one (avast)
You can uninstall 
 
Please remove:
DownloadTerms (Version: 1.0)
EasyBits GO
Java™ 6 Update 23  
Java 7 Update 17  
Ad-Aware
WinPatrol
WinPatrol  2009
Spybot - Search & Destroy
 
Please update:
Java
Adobe Reader

 

After that, please continue with the other steps



#15 HD07

HD07

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:37 PM

Posted 06 May 2013 - 11:27 AM

I've found a solution to the Google Search affiliate ads!

  • For Firefox, go to Add-Ons and remove the "DownloadTerms" version 1.0 add-on by Unlimited Downloads, LLC.
  • For Google Chrome, go to Extensions and remove the "DownloadTerms" version 1.0 extension by Unlimited Downloads, LLC.

Edited by HD07, 06 May 2013 - 11:28 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users