Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by ad.xtendmedia.com


  • Please log in to reply
12 replies to this topic

#1 RottNKorpse

RottNKorpse

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama, USA
  • Local time:03:27 PM

Posted 16 May 2013 - 12:58 PM

I have seen many topics on this and I have noticed that each issue is different so that is why I am creating this topic and would heavily appreciate some assistance with this.

 

I have the ad.xtendmedia infection. Ads are showing up on the bottom left of almost every website (skips Google for some reason) and occasionally shows up on the right side as well.

 

The infection is not affecting the homepage or the search results. I deleted some viruses before realizing I had this infection using MSE so maybe that is noteworthy, not sure.

 

What do I need to do to get some assistance?

 

---thank you in advance...love this site. (I don't post here but I have read a lot of content here)

 

 

Note* - I am using a different computer to use this forum and get help so losing instructions will not be an issue.


Edited by RottNKorpse, 16 May 2013 - 12:59 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:27 PM

Posted 16 May 2013 - 01:43 PM

Welcome, lets run these and see how it is.

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply.




Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 RottNKorpse

RottNKorpse
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama, USA
  • Local time:03:27 PM

Posted 16 May 2013 - 05:50 PM

TDSSkiller

 

Nothing detected

 

 

aswMBR

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-05-16 14:02:57
-----------------------------
14:02:57.524    OS Version: Windows x64 6.1.7601 Service Pack 1
14:02:57.524    Number of processors: 2 586 0x100
14:02:57.524    ComputerName: STEVEFARMER086Y  UserName:  
14:02:59.177    Initialize success
14:38:39.561    AVAST engine defs: 13051600
14:39:28.795    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
14:39:28.795    Disk 0 Vendor: WDC_WD32 02.0 Size: 305245MB BusType: 11
14:39:28.951    Disk 0 MBR read successfully
14:39:28.951    Disk 0 MBR scan
14:39:28.982    Disk 0 Windows 7 default MBR code
14:39:28.982    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          199 MB offset 2048
14:39:29.060    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       286070 MB offset 409600
14:39:29.153    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        14911 MB offset 586280960
14:39:29.247    Disk 0 Partition 4 00     0C    FAT32 LBA MSDOS5.0     4063 MB offset 616818688
14:39:29.746    Disk 0 scanning C:\Windows\system32\drivers
14:39:51.321    Service scanning
14:40:51.225    Modules scanning
14:40:51.256    Disk 0 trace - called modules:
14:40:51.802    ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys ACPI.sys storport.sys hal.dll amd_sata.sys  
14:40:51.834    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80030ff060]
14:40:51.849    3 CLASSPNP.SYS[fffff8800191e43f] -> nt!IofCallDriver -> [0xfffffa8002fdcac0]
14:40:51.865    5 amd_xata.sys[fffff880010daa1d] -> nt!IofCallDriver -> [0xfffffa8002fd2860]
14:40:51.865    7 ACPI.sys[fffff88000f637a1] -> nt!IofCallDriver -> \Device\00000064[0xfffffa8002a669c0]
14:40:53.830    AVAST engine scan C:\Windows
14:40:59.462    AVAST engine scan C:\Windows\system32
14:47:06.531    AVAST engine scan C:\Windows\system32\drivers
14:47:32.676    AVAST engine scan C:\Users\stevefarmer086@yahoo
15:09:19.802    AVAST engine scan C:\ProgramData
15:12:04.975    Scan finished successfully
15:13:55.888    Disk 0 MBR has been saved successfully to "C:\Users\stevefarmer086@yahoo\Desktop\MBR.dat"
15:13:55.903    The log file has been saved successfully to "C:\Users\stevefarmer086@yahoo\Desktop\aswMBR.txt"
 

 

ESET online scanner

 

C:\Users\stevefarmer086@yahoo\AppData\Local\Temp\DIQ\FlashPlayer_151\software\OptimizerPro.exe    a variant of Win32/SpeedingUpMyPC.B application    cleaned by deleting - quarantined

 

 

MiniToolBox

 

MiniToolBox by Farbar  Version:21-04-2013
Ran by stevefarmer086@yahoo (administrator) on 16-05-2013 at 17:42:44
Running from "G:\bc-stuff"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ==============================  
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1             localhost
 
78.46.61.26 www.google-analytics.com.
78.46.61.26 ad-emea.doubleclick.net.
78.46.61.26 www.statcounter.com.
108.163.215.51 www.google-analytics.com.
108.163.215.51 ad-emea.doubleclick.net.
108.163.215.51 www.statcounter.com.
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek PCIe FE Family Controller = Local Area Connection (Connected)
Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : stevefarmer086y
   Primary Dns Suffix  . . . . . . . :  
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :  
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 38-59-F9-A0-B9-84
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . :  
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 10-1F-74-56-B4-B9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::f5a6:ee2e:30d5:eb69%12(Preferred)  
   IPv4 Address. . . . . . . . . . . : 192.168.0.101(Preferred)  
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, May 16, 2013 1:47:50 PM
   Lease Expires . . . . . . . . . . : Thursday, May 16, 2013 7:47:50 PM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 336600948
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-E3-38-A1-38-59-F9-A0-B9-85
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : att.net
   Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 38-59-F9-A0-B9-85
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{96EBFA96-5DF4-49DA-965D-50257FCB2E85}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :  
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{1DD5C3DB-60C4-4036-A83C-D5E19A4E651E}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :  
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 9:
 
   Connection-specific DNS Suffix  . :  
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2478:2e7c:3f57:ff9a(Preferred)  
   Link-local IPv6 Address . . . . . : fe80::2478:2e7c:3f57:ff9a%16(Preferred)  
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.att.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :  
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2607:f8b0:4002:c02::71
      173.194.37.70
      173.194.37.72
      173.194.37.73
      173.194.37.67
      173.194.37.68
      173.194.37.66
      173.194.37.64
      173.194.37.69
      173.194.37.78
      173.194.37.71
      173.194.37.65
 
 
Pinging google.com [74.125.137.139] with 32 bytes of data:
Reply from 74.125.137.139: bytes=32 time=19ms TTL=44
Reply from 74.125.137.139: bytes=32 time=19ms TTL=44
 
Ping statistics for 74.125.137.139:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 19ms, Maximum = 19ms, Average = 19ms
Server:  UnKnown
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  206.190.36.45
      98.138.253.109
      98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=202ms TTL=44
Reply from 206.190.36.45: bytes=32 time=138ms TTL=44
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 138ms, Maximum = 202ms, Average = 170ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...38 59 f9 a0 b9 84 ......Microsoft Virtual WiFi Miniport Adapter
 12...10 1f 74 56 b4 b9 ......Realtek PCIe FE Family Controller
 11...38 59 f9 a0 b9 85 ......Ralink RT5390 802.11b/g/n WiFi Adapter
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.101     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.101    276
    192.168.0.101  255.255.255.255         On-link     192.168.0.101    276
    192.168.0.255  255.255.255.255         On-link     192.168.0.101    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.101    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.101    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 16     58 2001::/32                On-link
 16    306 2001:0:9d38:953c:2478:2e7c:3f57:ff9a/128
                                    On-link
 12    276 fe80::/64                On-link
 16    306 fe80::/64                On-link
 16    306 fe80::2478:2e7c:3f57:ff9a/128
                                    On-link
 12    276 fe80::f5a6:ee2e:30d5:eb69/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    306 ff00::/8                 On-link
 12    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/16/2013 03:15:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/16/2013 01:49:40 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (05/16/2013 01:49:21 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/16/2013 00:04:19 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (05/16/2013 00:03:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/16/2013 01:41:01 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
The system cannot find the file specified.
.
 
Error: (05/16/2013 01:41:01 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
The system cannot find the file specified.
.
 
Error: (05/15/2013 05:39:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
The system cannot find the file specified.
.
 
Error: (05/15/2013 05:39:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
The system cannot find the file specified.
.
 
Error: (05/15/2013 05:39:32 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
The system cannot find the file specified.
.
 
 
System errors:
=============
Error: (05/16/2013 01:17:24 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (05/16/2013 01:40:46 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (05/15/2013 10:41:47 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (05/15/2013 08:50:52 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
 
Error: (05/15/2013 05:18:04 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/15/2013 05:17:31 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:15:52 PM on ?5/?15/?2013 was unexpected.
 
Error: (05/15/2013 05:12:40 PM) (Source: Service Control Manager) (User: )
Description: The DefaultTabSearch service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/15/2013 05:12:29 PM) (Source: Service Control Manager) (User: )
Description: The WLAN AutoConfig service hung on starting.
 
Error: (05/15/2013 05:11:04 PM) (Source: Service Control Manager) (User: )
Description: The AMD External Events Utility service failed to start due to the following error:  
%%1053
 
Error: (05/15/2013 05:11:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AMD External Events Utility service to connect.
 
 
Microsoft Office Sessions:
=========================
Error: (05/16/2013 03:15:03 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestG:\bc-stuff\esetsmartinstaller_enu.exe
 
Error: (05/16/2013 01:49:40 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestG:\bc-stuff\esetsmartinstaller_enu.exe
 
Error: (05/16/2013 01:49:21 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/16/2013 00:04:19 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "System.Security, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies .  The error returned was Error: The specified assembly is not installed.
.
 
Error: (05/16/2013 00:03:54 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (05/16/2013 01:41:01 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:  
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
The system cannot find the file specified.
 
Error: (05/16/2013 01:41:01 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:  
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
The system cannot find the file specified.
 
Error: (05/15/2013 05:39:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:  
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
The system cannot find the file specified.
 
Error: (05/15/2013 05:39:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:  
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
The system cannot find the file specified.
 
Error: (05/15/2013 05:39:32 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:  
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
The system cannot find the file specified.
 
 
=========================== Installed Programs ============================
 
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Reader X (10.1.6) MUI (Version: 10.1.6)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
AMD APP SDK Runtime (Version: 2.4.650.9)
AMD Fuel (Version: 2011.0616.2209.37946)
AMD Media Foundation Decoders (Version: 1.0.60616.2211)
AMD VISION Engine Control Center (Version: 2011.0616.2209.37946)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2011.0616.2209.37946)
Catalyst Control Center InstallProxy (Version: 2011.0616.2209.37946)
Catalyst Control Center Localization All (Version: 2011.0616.2209.37946)
CCC Help Chinese Standard (Version: 2011.0616.2208.37946)
CCC Help Chinese Traditional (Version: 2011.0616.2208.37946)
CCC Help Czech (Version: 2011.0616.2208.37946)
CCC Help Danish (Version: 2011.0616.2208.37946)
CCC Help Dutch (Version: 2011.0616.2208.37946)
CCC Help English (Version: 2011.0616.2208.37946)
CCC Help Finnish (Version: 2011.0616.2208.37946)
CCC Help French (Version: 2011.0616.2208.37946)
CCC Help German (Version: 2011.0616.2208.37946)
CCC Help Greek (Version: 2011.0616.2208.37946)
CCC Help Hungarian (Version: 2011.0616.2208.37946)
CCC Help Italian (Version: 2011.0616.2208.37946)
CCC Help Japanese (Version: 2011.0616.2208.37946)
CCC Help Korean (Version: 2011.0616.2208.37946)
CCC Help Norwegian (Version: 2011.0616.2208.37946)
CCC Help Polish (Version: 2011.0616.2208.37946)
CCC Help Portuguese (Version: 2011.0616.2208.37946)
CCC Help Russian (Version: 2011.0616.2208.37946)
CCC Help Spanish (Version: 2011.0616.2208.37946)
CCC Help Swedish (Version: 2011.0616.2208.37946)
CCC Help Thai (Version: 2011.0616.2208.37946)
CCC Help Turkish (Version: 2011.0616.2208.37946)
ccc-utility64 (Version: 2011.0616.2209.37946)
CyberLink YouCam (Version: 3.5.1.4119)
D3DX10 (Version: 15.4.2368.0902)
Epson CreativeZone
Epson Easy Photo Print 2 (Version: 2.2.3.1)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (Version: 1.00.0000)
Epson Event Manager (Version: 2.40.0001)
Epson FAX Utility (Version: 1.10.00)
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 520 Series Printer Uninstall
EpsonNet Print (Version: 2.4j)
EpsonNet Setup 3.3 (Version: 3.3b)
ESET Online Scanner v3
ESU for Microsoft Windows 7 SP1 (Version: 2.1.1)
Evernote v. 4.2.3 (Version: 4.2.3.22)
Google Chrome (Version: 26.0.1410.64)
Google Update Helper (Version: 1.3.21.145)
Hewlett-Packard ACLM.NET v1.1.1.0 (Version: 1.00.0000)
HP Auto (Version: 1.0.12935.3667)
HP Client Services (Version: 1.1.12938.3539)
HP Customer Experience Enhancements (Version: 6.0.1.7)
HP Documentation (Version: 1.1.0.0)
HP Launch Box (Version: 1.0.11)
HP MovieStore (Version: 1.0.057)
HP MovieStore (Version: 2.0)
HP On Screen Display (Version: 1.2.2)
HP Power Manager (Version: 1.4.8)
HP Quick Launch (Version: 2.7.2)
HP QuickWeb (Version: 3.1.0.9742)
HP Setup (Version: 8.7.4751.3798)
HP Setup Manager (Version: 1.1.13476.3753)
HP Software Framework (Version: 4.1.7.1)
HP Support Assistant (Version: 6.0.5.4)
Junk Mail filter update (Version: 15.4.3502.0922)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.5131.5000)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
PlayReady PC Runtime x86 (Version: 1.3.0)
Ralink RT5390 802.11b/g/n WiFi Adapter (Version: 3.2.12.0)
Realtek Ethernet Controller Driver (Version: 7.42.304.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6287)
Realtek PCIE Card Reader (Version: 6.1.7600.77)
Recovery Manager (Version: 2.0.0)
Synaptics TouchPad Driver (Version: 15.3.11.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 46%
Total physical RAM: 2666.91 MB
Available physical RAM: 1432.41 MB
Total Pagefile: 5332 MB
Available Pagefile: 3998.17 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.52 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:279.37 GB) (Free:235.37 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:14.56 GB) (Free:1.62 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32
4 Drive f: (Epson) (CDROM) (Total:0.32 GB) (Free:0 GB) CDFS
5 Drive g: (VISUEX USB) (Removable) (Total:1.91 GB) (Free:1.09 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\STEVEFARMER086Y
 
Administrator            Guest                    stevefarmer086@yahoo      
 
 
**** End of log ****



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:27 PM

Posted 16 May 2013 - 08:41 PM

Ok no rootkit, that's a good thing.

Please run this next and tell me how it is.

 

 

Please download AdwCleaner by Xplode onto your desktop.
•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 PhucNg

PhucNg

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:27 AM

Posted 16 May 2013 - 10:24 PM

ad.xtendmedia removal instructions:

1. First of all, download recommended anti-malware software and run a full system scan. It will detect and remove this infection from your computer. You may then follow the manual removal instructions below to remove the leftover traces of this browser hijacker. Hopefully you won't have to do that.

2. Uninstall recently installed web browser toolbars and other web browser add-ons. You should also remove recently installed software, especially freeware and shareware because there's a good chance that the popups and ad.xtendmedia redirects you are experiencing are caused by either these programs or web browser add-ons that came with them.

3. Opt-out from ad.xtendmedia here: http://xtendmedia.com/opt-out
 
(research)

Mod edit: If you are going to Copy/paste from another's work, please give them their credit ~~ Global Mod boopme
http://deletemalware.blogspot.com/2013/05/remove-ad-xtendmedia-pop-up-virus.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+MalwareRemovalTips+(Malware+removal+tips

Edited by boopme, 17 May 2013 - 09:12 AM.


#6 RottNKorpse

RottNKorpse
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama, USA
  • Local time:03:27 PM

Posted 17 May 2013 - 12:18 AM

AdwCleaner

 

# AdwCleaner v2.301 - Logfile created 05/17/2013 at 00:10:10
# Updated 16/05/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : stevefarmer086@yahoo - STEVEFARMER086Y
# Boot Mode : Normal
# Running from : G:\bc-stuff\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Users\STEVEF~1\AppData\Local\Temp\Searchqu.ini
File Deleted : C:\Users\STEVEF~1\AppData\Local\Temp\searchqutoolbar-manifest.xml
File Deleted : C:\Users\STEVEF~1\AppData\Local\Temp\SetupDataMngr_Searchqu.exe
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\stevefarmer086@yahoo\AppData\Local\Conduit
Folder Deleted : C:\Users\stevefarmer086@yahoo\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\stevefarmer086@yahoo\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\stevefarmer086@yahoo\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\stevefarmer086@yahoo\AppData\LocalLow\PriceGong

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16576

[OK] Registry is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\stevefarmer086@yahoo\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [4439 octets] - [17/05/2013 00:10:10]

########## EOF - C:\AdwCleaner[S1].txt - [4499 octets] ##########
 

 

-----------------------------------

 

TDSSKiller

 

The GUI said there were not any infections but I didn't know there was a log file made in the C:\ drive so just in case this is needed I have included the log file as well.

 

13:49:32.0983 0920  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:49:34.0122 0920  ============================================================
13:49:34.0122 0920  Current date / time: 2013/05/16 13:49:34.0122
13:49:34.0122 0920  SystemInfo:
13:49:34.0122 0920  
13:49:34.0122 0920  OS Version: 6.1.7601 ServicePack: 1.0
13:49:34.0122 0920  Product type: Workstation
13:49:34.0122 0920  ComputerName: STEVEFARMER086Y
13:49:34.0122 0920  UserName: stevefarmer086@yahoo
13:49:34.0122 0920  Windows directory: C:\Windows
13:49:34.0122 0920  System windows directory: C:\Windows
13:49:34.0122 0920  Running under WOW64
13:49:34.0122 0920  Processor architecture: Intel x64
13:49:34.0122 0920  Number of processors: 2
13:49:34.0122 0920  Page size: 0x1000
13:49:34.0122 0920  Boot type: Normal boot
13:49:34.0122 0920  ============================================================
13:49:36.0805 0920  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:49:37.0024 0920  Drive \Device\Harddisk1\DR1 - Size: 0x7A7D1A00 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:49:37.0024 0920  ============================================================
13:49:37.0024 0920  \Device\Harddisk0\DR0:
13:49:37.0024 0920  MBR partitions:
13:49:37.0024 0920  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
13:49:37.0024 0920  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x22EBB000
13:49:37.0024 0920  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x22F1F000, BlocksNum 0x1D1F800
13:49:37.0024 0920  \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x24C3E800, BlocksNum 0x7EFAB0
13:49:37.0024 0920  \Device\Harddisk1\DR1:
13:49:37.0024 0920  MBR partitions:
13:49:37.0024 0920  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x3D3E4E
13:49:37.0024 0920  ============================================================
13:49:37.0055 0920  C: <-> \Device\Harddisk0\DR0\Partition2
13:49:37.0102 0920  D: <-> \Device\Harddisk0\DR0\Partition3
13:49:37.0102 0920  E: <-> \Device\Harddisk0\DR0\Partition4
13:49:37.0102 0920  ============================================================
13:49:37.0102 0920  Initialize success
13:49:37.0102 0920  ============================================================
14:00:45.0204 3836  ============================================================
14:00:45.0204 3836  Scan started
14:00:45.0204 3836  Mode: Manual; TDLFS;
14:00:45.0204 3836  ============================================================
14:00:45.0485 3836  ================ Scan system memory ========================
14:00:45.0485 3836  System memory - ok
14:00:45.0485 3836  ================ Scan services =============================
14:00:45.0750 3836  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:00:45.0750 3836  1394ohci - ok
14:00:45.0797 3836  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:00:45.0813 3836  ACPI - ok
14:00:45.0828 3836  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:00:45.0828 3836  AcpiPmi - ok
14:00:45.0984 3836  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:00:45.0984 3836  AdobeARMservice - ok
14:00:46.0171 3836  [ 76D5A3D2A50402A0B9B6ED13C4371E79 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:00:46.0171 3836  AdobeFlashPlayerUpdateSvc - ok
14:00:46.0234 3836  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:00:46.0234 3836  adp94xx - ok
14:00:46.0281 3836  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:00:46.0296 3836  adpahci - ok
14:00:46.0296 3836  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:00:46.0312 3836  adpu320 - ok
14:00:46.0343 3836  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:00:46.0343 3836  AeLookupSvc - ok
14:00:46.0421 3836  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
14:00:46.0421 3836  AERTFilters - ok
14:00:46.0468 3836  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:00:46.0483 3836  AFD - ok
14:00:46.0530 3836  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:00:46.0530 3836  agp440 - ok
14:00:46.0577 3836  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:00:46.0577 3836  ALG - ok
14:00:46.0624 3836  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:00:46.0624 3836  aliide - ok
14:00:46.0686 3836  [ 814E7787E2A80F0C9B4C528F628153D1 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:00:46.0686 3836  AMD External Events Utility - ok
14:00:46.0733 3836  AMD FUEL Service - ok
14:00:46.0780 3836  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:00:46.0795 3836  amdide - ok
14:00:46.0811 3836  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
14:00:46.0811 3836  amdiox64 - ok
14:00:46.0858 3836  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:00:46.0858 3836  AmdK8 - ok
14:00:47.0123 3836  [ 8E1F914E0C802E4E28AFFC30BBFE8439 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:00:47.0341 3836  amdkmdag - ok
14:00:47.0435 3836  [ 2A3FCA5A0BF17202C2DEBBB898672769 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:00:47.0435 3836  amdkmdap - ok
14:00:47.0482 3836  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:00:47.0482 3836  AmdPPM - ok
14:00:47.0544 3836  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:00:47.0544 3836  amdsata - ok
14:00:47.0591 3836  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:00:47.0591 3836  amdsbs - ok
14:00:47.0607 3836  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:00:47.0622 3836  amdxata - ok
14:00:47.0638 3836  [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
14:00:47.0638 3836  amd_sata - ok
14:00:47.0669 3836  [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
14:00:47.0669 3836  amd_xata - ok
14:00:47.0731 3836  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:00:47.0731 3836  AppID - ok
14:00:47.0763 3836  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:00:47.0763 3836  AppIDSvc - ok
14:00:47.0794 3836  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
14:00:47.0794 3836  Appinfo - ok
14:00:47.0856 3836  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
14:00:47.0856 3836  arc - ok
14:00:47.0872 3836  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:00:47.0887 3836  arcsas - ok
14:00:47.0919 3836  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:00:47.0919 3836  AsyncMac - ok
14:00:47.0965 3836  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:00:47.0965 3836  atapi - ok
14:00:48.0043 3836  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:00:48.0043 3836  AudioEndpointBuilder - ok
14:00:48.0059 3836  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:00:48.0075 3836  AudioSrv - ok
14:00:48.0121 3836  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:00:48.0121 3836  AxInstSV - ok
14:00:48.0168 3836  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:00:48.0184 3836  b06bdrv - ok
14:00:48.0246 3836  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:00:48.0246 3836  b57nd60a - ok
14:00:48.0309 3836  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
14:00:48.0340 3836  BCM43XX - ok
14:00:48.0387 3836  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:00:48.0387 3836  BDESVC - ok
14:00:48.0433 3836  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:00:48.0433 3836  Beep - ok
14:00:48.0496 3836  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:00:48.0496 3836  BFE - ok
14:00:48.0558 3836  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:00:48.0558 3836  BITS - ok
14:00:48.0605 3836  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:00:48.0621 3836  blbdrive - ok
14:00:48.0667 3836  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:00:48.0667 3836  bowser - ok
14:00:48.0699 3836  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:00:48.0699 3836  BrFiltLo - ok
14:00:48.0714 3836  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:00:48.0714 3836  BrFiltUp - ok
14:00:48.0761 3836  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:00:48.0761 3836  Browser - ok
14:00:48.0792 3836  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:00:48.0792 3836  Brserid - ok
14:00:48.0823 3836  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:00:48.0823 3836  BrSerWdm - ok
14:00:48.0855 3836  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:00:48.0870 3836  BrUsbMdm - ok
14:00:48.0886 3836  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:00:48.0886 3836  BrUsbSer - ok
14:00:48.0933 3836  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:00:48.0933 3836  BTHMODEM - ok
14:00:48.0979 3836  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:00:48.0979 3836  bthserv - ok
14:00:49.0011 3836  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:00:49.0026 3836  cdfs - ok
14:00:49.0073 3836  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:00:49.0073 3836  cdrom - ok
14:00:49.0104 3836  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:00:49.0104 3836  CertPropSvc - ok
14:00:49.0135 3836  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
14:00:49.0135 3836  circlass - ok
14:00:49.0182 3836  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:00:49.0182 3836  CLFS - ok
14:00:49.0276 3836  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:00:49.0276 3836  clr_optimization_v2.0.50727_32 - ok
14:00:49.0338 3836  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:00:49.0338 3836  clr_optimization_v2.0.50727_64 - ok
14:00:49.0463 3836  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:00:49.0479 3836  clr_optimization_v4.0.30319_32 - ok
14:00:49.0572 3836  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:00:49.0588 3836  clr_optimization_v4.0.30319_64 - ok
14:00:49.0635 3836  [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
14:00:49.0650 3836  clwvd - ok
14:00:49.0697 3836  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:00:49.0697 3836  CmBatt - ok
14:00:49.0744 3836  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:00:49.0744 3836  cmdide - ok
14:00:49.0806 3836  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
14:00:49.0806 3836  CNG - ok
14:00:49.0853 3836  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:00:49.0853 3836  Compbatt - ok
14:00:49.0884 3836  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:00:49.0900 3836  CompositeBus - ok
14:00:49.0915 3836  COMSysApp - ok
14:00:49.0962 3836  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:00:49.0962 3836  crcdisk - ok
14:00:50.0025 3836  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:00:50.0025 3836  CryptSvc - ok
14:00:50.0134 3836  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:00:50.0149 3836  cvhsvc - ok
14:00:50.0196 3836  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:00:50.0212 3836  DcomLaunch - ok
14:00:50.0243 3836  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:00:50.0259 3836  defragsvc - ok
14:00:50.0290 3836  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:00:50.0305 3836  DfsC - ok
14:00:50.0352 3836  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:00:50.0368 3836  Dhcp - ok
14:00:50.0415 3836  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:00:50.0415 3836  discache - ok
14:00:50.0477 3836  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
14:00:50.0493 3836  Disk - ok
14:00:50.0524 3836  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:00:50.0524 3836  Dnscache - ok
14:00:50.0571 3836  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:00:50.0586 3836  dot3svc - ok
14:00:50.0633 3836  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:00:50.0649 3836  DPS - ok
14:00:50.0695 3836  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:00:50.0695 3836  drmkaud - ok
14:00:50.0773 3836  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:00:50.0789 3836  DXGKrnl - ok
14:00:50.0836 3836  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:00:50.0836 3836  EapHost - ok
14:00:50.0929 3836  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:00:51.0039 3836  ebdrv - ok
14:00:51.0070 3836  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:00:51.0070 3836  EFS - ok
14:00:51.0148 3836  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:00:51.0163 3836  ehRecvr - ok
14:00:51.0179 3836  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:00:51.0195 3836  ehSched - ok
14:00:51.0257 3836  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:00:51.0257 3836  elxstor - ok
14:00:51.0319 3836  [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
14:00:51.0319 3836  EpsonBidirectionalService - ok
14:00:51.0351 3836  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:00:51.0351 3836  ErrDev - ok
14:00:51.0397 3836  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:00:51.0413 3836  EventSystem - ok
14:00:51.0444 3836  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:00:51.0444 3836  exfat - ok
14:00:51.0475 3836  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:00:51.0475 3836  fastfat - ok
14:00:51.0538 3836  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:00:51.0569 3836  Fax - ok
14:00:51.0600 3836  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
14:00:51.0600 3836  fdc - ok
14:00:51.0631 3836  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:00:51.0631 3836  fdPHost - ok
14:00:51.0647 3836  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:00:51.0647 3836  FDResPub - ok
14:00:51.0694 3836  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:00:51.0694 3836  FileInfo - ok
14:00:51.0725 3836  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:00:51.0725 3836  Filetrace - ok
14:00:51.0756 3836  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:00:51.0772 3836  flpydisk - ok
14:00:51.0803 3836  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:00:51.0803 3836  FltMgr - ok
14:00:51.0865 3836  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
14:00:51.0912 3836  FontCache - ok
14:00:51.0990 3836  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:00:51.0990 3836  FontCache3.0.0.0 - ok
14:00:52.0006 3836  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:00:52.0021 3836  FsDepends - ok
14:00:52.0053 3836  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:00:52.0053 3836  Fs_Rec - ok
14:00:52.0099 3836  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:00:52.0115 3836  fvevol - ok
14:00:52.0162 3836  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:00:52.0162 3836  gagp30kx - ok
14:00:52.0193 3836  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:00:52.0209 3836  gpsvc - ok
14:00:52.0302 3836  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:00:52.0302 3836  gupdate - ok
14:00:52.0318 3836  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:00:52.0318 3836  gupdatem - ok
14:00:52.0365 3836  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:00:52.0365 3836  hcw85cir - ok
14:00:52.0427 3836  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:00:52.0443 3836  HdAudAddService - ok
14:00:52.0489 3836  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:00:52.0489 3836  HDAudBus - ok
14:00:52.0505 3836  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:00:52.0521 3836  HidBatt - ok
14:00:52.0536 3836  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:00:52.0552 3836  HidBth - ok
14:00:52.0567 3836  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:00:52.0567 3836  HidIr - ok
14:00:52.0614 3836  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:00:52.0614 3836  hidserv - ok
14:00:52.0661 3836  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:00:52.0661 3836  HidUsb - ok
14:00:52.0692 3836  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:00:52.0692 3836  hkmsvc - ok
14:00:52.0708 3836  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:00:52.0723 3836  HomeGroupListener - ok
14:00:52.0755 3836  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:00:52.0755 3836  HomeGroupProvider - ok
14:00:52.0879 3836  [ 170233B8D743EFE35F462A5D516B93E3 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:00:52.0879 3836  HP Support Assistant Service - ok
14:00:52.0942 3836  [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
14:00:52.0942 3836  HPClientSvc - ok
14:00:53.0035 3836  [ 5EC22CEC65AA3C2C38327472FD5A27D2 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
14:00:53.0051 3836  hpqwmiex - ok
14:00:53.0113 3836  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:00:53.0113 3836  HpSAMD - ok
14:00:53.0223 3836  [ 2BEC76BDCD1BC080210325E7B5094834 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
14:00:53.0223 3836  HPWMISVC - ok
14:00:53.0269 3836  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:00:53.0285 3836  HTTP - ok
14:00:53.0316 3836  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:00:53.0316 3836  hwpolicy - ok
14:00:53.0379 3836  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:00:53.0379 3836  i8042prt - ok
14:00:53.0410 3836  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:00:53.0425 3836  iaStorV - ok
14:00:53.0550 3836  [ E4693409D06785477A49FB34AFAE1B92 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:00:53.0753 3836  IconMan_R - ok
14:00:53.0815 3836  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:00:53.0847 3836  idsvc - ok
14:00:53.0878 3836  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:00:53.0878 3836  iirsp - ok
14:00:53.0925 3836  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:00:53.0940 3836  IKEEXT - ok
14:00:54.0065 3836  [ 336C3A6BF14D5A9AF35AF07C6B6B29CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:00:54.0096 3836  IntcAzAudAddService - ok
14:00:54.0143 3836  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:00:54.0143 3836  intelide - ok
14:00:54.0174 3836  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
14:00:54.0174 3836  intelppm - ok
14:00:54.0221 3836  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:00:54.0221 3836  IPBusEnum - ok
14:00:54.0252 3836  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:00:54.0252 3836  IpFilterDriver - ok
14:00:54.0299 3836  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:00:54.0299 3836  iphlpsvc - ok
14:00:54.0330 3836  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:00:54.0330 3836  IPMIDRV - ok
14:00:54.0377 3836  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:00:54.0377 3836  IPNAT - ok
14:00:54.0408 3836  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:00:54.0408 3836  IRENUM - ok
14:00:54.0439 3836  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:00:54.0455 3836  isapnp - ok
14:00:54.0486 3836  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:00:54.0486 3836  iScsiPrt - ok
14:00:54.0533 3836  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:00:54.0533 3836  kbdclass - ok
14:00:54.0564 3836  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:00:54.0564 3836  kbdhid - ok
14:00:54.0580 3836  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:00:54.0580 3836  KeyIso - ok
14:00:54.0627 3836  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:00:54.0627 3836  KSecDD - ok
14:00:54.0658 3836  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:00:54.0658 3836  KSecPkg - ok
14:00:54.0689 3836  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:00:54.0705 3836  ksthunk - ok
14:00:54.0736 3836  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:00:54.0736 3836  KtmRm - ok
14:00:54.0783 3836  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:00:54.0798 3836  LanmanServer - ok
14:00:54.0861 3836  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:00:54.0876 3836  LanmanWorkstation - ok
14:00:54.0923 3836  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:00:54.0923 3836  lltdio - ok
14:00:54.0970 3836  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:00:54.0970 3836  lltdsvc - ok
14:00:55.0001 3836  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:00:55.0001 3836  lmhosts - ok
14:00:55.0063 3836  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:00:55.0063 3836  LSI_FC - ok
14:00:55.0095 3836  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:00:55.0095 3836  LSI_SAS - ok
14:00:55.0110 3836  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:00:55.0126 3836  LSI_SAS2 - ok
14:00:55.0141 3836  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:00:55.0141 3836  LSI_SCSI - ok
14:00:55.0188 3836  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:00:55.0188 3836  luafv - ok
14:00:55.0235 3836  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:00:55.0251 3836  Mcx2Svc - ok
14:00:55.0266 3836  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:00:55.0266 3836  megasas - ok
14:00:55.0297 3836  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:00:55.0297 3836  MegaSR - ok
14:00:55.0329 3836  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:00:55.0344 3836  MMCSS - ok
14:00:55.0375 3836  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:00:55.0375 3836  Modem - ok
14:00:55.0407 3836  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:00:55.0407 3836  monitor - ok
14:00:55.0453 3836  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:00:55.0453 3836  mouclass - ok
14:00:55.0500 3836  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:00:55.0500 3836  mouhid - ok
14:00:55.0531 3836  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:00:55.0531 3836  mountmgr - ok
14:00:55.0594 3836  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
14:00:55.0594 3836  MpFilter - ok
14:00:55.0641 3836  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:00:55.0641 3836  mpio - ok
14:00:55.0672 3836  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:00:55.0672 3836  mpsdrv - ok
14:00:55.0734 3836  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:00:55.0765 3836  MpsSvc - ok
14:00:55.0781 3836  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:00:55.0781 3836  MRxDAV - ok
14:00:55.0812 3836  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:00:55.0828 3836  mrxsmb - ok
14:00:55.0843 3836  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:00:55.0859 3836  mrxsmb10 - ok
14:00:55.0875 3836  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:00:55.0875 3836  mrxsmb20 - ok
14:00:55.0906 3836  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:00:55.0906 3836  msahci - ok
14:00:55.0937 3836  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:00:55.0953 3836  msdsm - ok
14:00:55.0984 3836  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:00:55.0984 3836  MSDTC - ok
14:00:56.0015 3836  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:00:56.0015 3836  Msfs - ok
14:00:56.0046 3836  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:00:56.0046 3836  mshidkmdf - ok
14:00:56.0077 3836  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:00:56.0077 3836  msisadrv - ok
14:00:56.0109 3836  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:00:56.0124 3836  MSiSCSI - ok
14:00:56.0124 3836  msiserver - ok
14:00:56.0171 3836  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:00:56.0187 3836  MSKSSRV - ok
14:00:56.0233 3836  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:00:56.0233 3836  MsMpSvc - ok
14:00:56.0249 3836  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:00:56.0249 3836  MSPCLOCK - ok
14:00:56.0249 3836  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:00:56.0265 3836  MSPQM - ok
14:00:56.0280 3836  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:00:56.0296 3836  MsRPC - ok
14:00:56.0343 3836  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:00:56.0343 3836  mssmbios - ok
14:00:56.0374 3836  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:00:56.0374 3836  MSTEE - ok
14:00:56.0389 3836  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:00:56.0405 3836  MTConfig - ok
14:00:56.0436 3836  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:00:56.0436 3836  Mup - ok
14:00:56.0483 3836  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:00:56.0499 3836  napagent - ok
14:00:56.0561 3836  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:00:56.0561 3836  NativeWifiP - ok
14:00:56.0623 3836  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:00:56.0639 3836  NDIS - ok
14:00:56.0670 3836  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:00:56.0670 3836  NdisCap - ok
14:00:56.0686 3836  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:00:56.0686 3836  NdisTapi - ok
14:00:56.0701 3836  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:00:56.0701 3836  Ndisuio - ok
14:00:56.0733 3836  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:00:56.0733 3836  NdisWan - ok
14:00:56.0748 3836  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:00:56.0748 3836  NDProxy - ok
14:00:56.0795 3836  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:00:56.0795 3836  NetBIOS - ok
14:00:56.0826 3836  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:00:56.0826 3836  NetBT - ok
14:00:56.0842 3836  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:00:56.0857 3836  Netlogon - ok
14:00:56.0920 3836  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:00:56.0920 3836  Netman - ok
14:00:56.0967 3836  [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:00:56.0967 3836  NetMsmqActivator - ok
14:00:56.0982 3836  [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:00:56.0998 3836  NetPipeActivator - ok
14:00:57.0029 3836  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:00:57.0045 3836  netprofm - ok
14:00:57.0138 3836  [ 9C745041E72576251BC93709633E89FF ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
14:00:57.0154 3836  netr28x - ok
14:00:57.0201 3836  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:00:57.0201 3836  NetTcpActivator - ok
14:00:57.0216 3836  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:00:57.0216 3836  NetTcpPortSharing - ok
14:00:57.0263 3836  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:00:57.0263 3836  nfrd960 - ok
14:00:57.0294 3836  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:00:57.0294 3836  NisDrv - ok
14:00:57.0357 3836  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
14:00:57.0372 3836  NisSrv - ok
14:00:57.0435 3836  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:00:57.0450 3836  NlaSvc - ok
14:00:57.0466 3836  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:00:57.0481 3836  Npfs - ok
14:00:57.0513 3836  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:00:57.0513 3836  nsi - ok
14:00:57.0528 3836  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:00:57.0528 3836  nsiproxy - ok
14:00:57.0606 3836  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:00:57.0684 3836  Ntfs - ok
14:00:57.0700 3836  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:00:57.0700 3836  Null - ok
14:00:57.0747 3836  [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x64.sys
14:00:57.0762 3836  NVENETFD - ok
14:00:57.0793 3836  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:00:57.0809 3836  nvraid - ok
14:00:57.0825 3836  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:00:57.0840 3836  nvstor - ok
14:00:57.0871 3836  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:00:57.0871 3836  nv_agp - ok
14:00:57.0903 3836  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:00:57.0903 3836  ohci1394 - ok
14:00:57.0949 3836  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:00:57.0949 3836  ose - ok
14:00:58.0121 3836  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:00:58.0246 3836  osppsvc - ok
14:00:58.0293 3836  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:00:58.0308 3836  p2pimsvc - ok
14:00:58.0339 3836  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:00:58.0355 3836  p2psvc - ok
14:00:58.0371 3836  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
14:00:58.0371 3836  Parport - ok
14:00:58.0417 3836  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:00:58.0417 3836  partmgr - ok
14:00:58.0449 3836  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:00:58.0449 3836  PcaSvc - ok
14:00:58.0480 3836  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:00:58.0480 3836  pci - ok
14:00:58.0511 3836  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:00:58.0511 3836  pciide - ok
14:00:58.0558 3836  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:00:58.0558 3836  pcmcia - ok
14:00:58.0589 3836  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:00:58.0589 3836  pcw - ok
14:00:58.0620 3836  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:00:58.0636 3836  PEAUTH - ok
14:00:58.0745 3836  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:00:58.0761 3836  PerfHost - ok
14:00:58.0854 3836  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:00:58.0901 3836  pla - ok
14:00:58.0963 3836  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:00:58.0963 3836  PlugPlay - ok
14:00:59.0010 3836  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:00:59.0026 3836  PNRPAutoReg - ok
14:00:59.0057 3836  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:00:59.0057 3836  PNRPsvc - ok
14:00:59.0104 3836  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:00:59.0104 3836  PolicyAgent - ok
14:00:59.0151 3836  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:00:59.0151 3836  Power - ok
14:00:59.0182 3836  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:00:59.0197 3836  PptpMiniport - ok
14:00:59.0213 3836  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
14:00:59.0213 3836  Processor - ok
14:00:59.0260 3836  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:00:59.0275 3836  ProfSvc - ok
14:00:59.0291 3836  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:00:59.0291 3836  ProtectedStorage - ok
14:00:59.0338 3836  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:00:59.0338 3836  Psched - ok
14:00:59.0416 3836  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:00:59.0447 3836  ql2300 - ok
14:00:59.0494 3836  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:00:59.0494 3836  ql40xx - ok
14:00:59.0525 3836  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:00:59.0541 3836  QWAVE - ok
14:00:59.0587 3836  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:00:59.0587 3836  QWAVEdrv - ok
14:00:59.0619 3836  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:00:59.0619 3836  RasAcd - ok
14:00:59.0650 3836  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:00:59.0650 3836  RasAgileVpn - ok
14:00:59.0681 3836  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:00:59.0697 3836  RasAuto - ok
14:00:59.0743 3836  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:00:59.0743 3836  Rasl2tp - ok
14:00:59.0759 3836  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:00:59.0775 3836  RasMan - ok
14:00:59.0853 3836  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:00:59.0868 3836  RasPppoe - ok
14:00:59.0884 3836  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:00:59.0899 3836  RasSstp - ok
14:00:59.0915 3836  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:00:59.0931 3836  rdbss - ok
14:00:59.0946 3836  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
14:00:59.0962 3836  rdpbus - ok
14:00:59.0977 3836  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:00:59.0977 3836  RDPCDD - ok
14:01:00.0009 3836  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:01:00.0009 3836  RDPENCDD - ok
14:01:00.0071 3836  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:01:00.0071 3836  RDPREFMP - ok
14:01:00.0102 3836  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:01:00.0102 3836  RDPWD - ok
14:01:00.0149 3836  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:01:00.0149 3836  rdyboost - ok
14:01:00.0180 3836  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:01:00.0180 3836  RemoteAccess - ok
14:01:00.0211 3836  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:01:00.0211 3836  RemoteRegistry - ok
14:01:00.0258 3836  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:01:00.0258 3836  RpcEptMapper - ok
14:01:00.0289 3836  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:01:00.0289 3836  RpcLocator - ok
14:01:00.0336 3836  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:01:00.0336 3836  RpcSs - ok
14:01:00.0383 3836  [ 546D7F426776090B90EF5F195B6AE662 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
14:01:00.0399 3836  RSPCIESTOR - ok
14:01:00.0414 3836  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:01:00.0414 3836  rspndr - ok
14:01:00.0477 3836  [ 3372196F61AF48503656EF6AA3E92D1B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:01:00.0492 3836  RTL8167 - ok
14:01:00.0508 3836  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:01:00.0508 3836  SamSs - ok
14:01:00.0539 3836  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:01:00.0539 3836  sbp2port - ok
14:01:00.0586 3836  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:01:00.0586 3836  SCardSvr - ok
14:01:00.0617 3836  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:01:00.0617 3836  scfilter - ok
14:01:00.0648 3836  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:01:00.0679 3836  Schedule - ok
14:01:00.0726 3836  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:01:00.0726 3836  SCPolicySvc - ok
14:01:00.0789 3836  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
14:01:00.0789 3836  sdbus - ok
14:01:00.0820 3836  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:01:00.0835 3836  SDRSVC - ok
14:01:00.0867 3836  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:01:00.0867 3836  secdrv - ok
14:01:00.0882 3836  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:01:00.0898 3836  seclogon - ok
14:01:00.0913 3836  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:01:00.0913 3836  SENS - ok
14:01:00.0945 3836  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:01:00.0945 3836  SensrSvc - ok
14:01:00.0991 3836  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:01:00.0991 3836  Serenum - ok
14:01:01.0007 3836  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
14:01:01.0023 3836  Serial - ok
14:01:01.0069 3836  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:01:01.0085 3836  sermouse - ok
14:01:01.0132 3836  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:01:01.0147 3836  SessionEnv - ok
14:01:01.0163 3836  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:01:01.0163 3836  sffdisk - ok
14:01:01.0194 3836  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:01:01.0194 3836  sffp_mmc - ok
14:01:01.0225 3836  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:01:01.0225 3836  sffp_sd - ok
14:01:01.0241 3836  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:01:01.0241 3836  sfloppy - ok
14:01:01.0303 3836  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
14:01:01.0303 3836  Sftfs - ok
14:01:01.0381 3836  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:01:01.0381 3836  sftlist - ok
14:01:01.0413 3836  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:01:01.0413 3836  Sftplay - ok
14:01:01.0444 3836  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:01:01.0444 3836  Sftredir - ok
14:01:01.0459 3836  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
14:01:01.0459 3836  Sftvol - ok
14:01:01.0475 3836  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:01:01.0475 3836  sftvsa - ok
14:01:01.0537 3836  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:01:01.0537 3836  SharedAccess - ok
14:01:01.0584 3836  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:01:01.0584 3836  ShellHWDetection - ok
14:01:01.0615 3836  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:01:01.0615 3836  SiSRaid2 - ok
14:01:01.0662 3836  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:01:01.0662 3836  SiSRaid4 - ok
14:01:01.0693 3836  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:01:01.0709 3836  Smb - ok
14:01:01.0787 3836  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:01:01.0803 3836  SNMPTRAP - ok
14:01:01.0834 3836  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:01:01.0834 3836  spldr - ok
14:01:01.0881 3836  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:01:01.0896 3836  Spooler - ok
14:01:02.0005 3836  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:01:02.0115 3836  sppsvc - ok
14:01:02.0130 3836  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:01:02.0146 3836  sppuinotify - ok
14:01:02.0193 3836  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:01:02.0193 3836  srv - ok
14:01:02.0224 3836  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:01:02.0224 3836  srv2 - ok
14:01:02.0286 3836  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
14:01:02.0286 3836  SrvHsfHDA - ok
14:01:02.0349 3836  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:01:02.0380 3836  SrvHsfV92 - ok
14:01:02.0395 3836  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:01:02.0411 3836  SrvHsfWinac - ok
14:01:02.0442 3836  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:01:02.0458 3836  srvnet - ok
14:01:02.0505 3836  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:01:02.0520 3836  SSDPSRV - ok
14:01:02.0536 3836  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:01:02.0536 3836  SstpSvc - ok
14:01:02.0567 3836  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:01:02.0567 3836  stexstor - ok
14:01:02.0614 3836  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:01:02.0629 3836  stisvc - ok
14:01:02.0661 3836  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:01:02.0661 3836  swenum - ok
14:01:02.0723 3836  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:01:02.0739 3836  swprv - ok
14:01:02.0817 3836  [ C447977ED2A4AE9346FE3A0579A34D7C ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
14:01:02.0832 3836  SynTP - ok
14:01:02.0941 3836  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:01:03.0004 3836  SysMain - ok
14:01:03.0035 3836  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:01:03.0035 3836  TabletInputService - ok
14:01:03.0066 3836  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:01:03.0066 3836  TapiSrv - ok
14:01:03.0097 3836  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:01:03.0097 3836  TBS - ok
14:01:03.0191 3836  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:01:03.0253 3836  Tcpip - ok
14:01:03.0300 3836  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:01:03.0316 3836  TCPIP6 - ok
14:01:03.0363 3836  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:01:03.0378 3836  tcpipreg - ok
14:01:03.0425 3836  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:01:03.0425 3836  TDPIPE - ok
14:01:03.0456 3836  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:01:03.0456 3836  TDTCP - ok
14:01:03.0503 3836  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:01:03.0503 3836  tdx - ok
14:01:03.0534 3836  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:01:03.0550 3836  TermDD - ok
14:01:03.0581 3836  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:01:03.0597 3836  TermService - ok
14:01:03.0612 3836  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:01:03.0612 3836  Themes - ok
14:01:03.0628 3836  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:01:03.0643 3836  THREADORDER - ok
14:01:03.0675 3836  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:01:03.0690 3836  TrkWks - ok
14:01:03.0753 3836  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:01:03.0768 3836  TrustedInstaller - ok
14:01:03.0799 3836  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:01:03.0799 3836  tssecsrv - ok
14:01:03.0846 3836  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:01:03.0846 3836  TsUsbFlt - ok
14:01:03.0862 3836  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:01:03.0862 3836  TsUsbGD - ok
14:01:03.0924 3836  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:01:03.0924 3836  tunnel - ok
14:01:03.0955 3836  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:01:03.0971 3836  uagp35 - ok
14:01:03.0987 3836  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:01:04.0002 3836  udfs - ok
14:01:04.0033 3836  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:01:04.0049 3836  UI0Detect - ok
14:01:04.0080 3836  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:01:04.0080 3836  uliagpkx - ok
14:01:04.0111 3836  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:01:04.0111 3836  umbus - ok
14:01:04.0143 3836  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:01:04.0143 3836  UmPass - ok
14:01:04.0189 3836  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:01:04.0189 3836  upnphost - ok
14:01:04.0221 3836  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:01:04.0221 3836  usbccgp - ok
14:01:04.0267 3836  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:01:04.0283 3836  usbcir - ok
14:01:04.0314 3836  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:01:04.0314 3836  usbehci - ok
14:01:04.0377 3836  [ 76E2FFAD301490BA27B947C6507752FB ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
14:01:04.0377 3836  usbfilter - ok
14:01:04.0408 3836  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
14:01:04.0423 3836  usbhub - ok
14:01:04.0439 3836  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:01:04.0439 3836  usbohci - ok
14:01:04.0470 3836  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:01:04.0470 3836  usbprint - ok
14:01:04.0486 3836  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:01:04.0501 3836  USBSTOR - ok
14:01:04.0533 3836  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:01:04.0533 3836  usbuhci - ok
14:01:04.0579 3836  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
14:01:04.0579 3836  usbvideo - ok
14:01:04.0626 3836  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:01:04.0626 3836  UxSms - ok
14:01:04.0642 3836  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:01:04.0642 3836  VaultSvc - ok
14:01:04.0657 3836  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:01:04.0657 3836  vdrvroot - ok
14:01:04.0704 3836  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:01:04.0720 3836  vds - ok
14:01:04.0767 3836  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:01:04.0782 3836  vga - ok
14:01:04.0813 3836  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:01:04.0813 3836  VgaSave - ok
14:01:04.0845 3836  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:01:04.0845 3836  vhdmp - ok
14:01:04.0876 3836  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:01:04.0876 3836  viaide - ok
14:01:04.0907 3836  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:01:04.0907 3836  volmgr - ok
14:01:04.0954 3836  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:01:04.0954 3836  volmgrx - ok
14:01:05.0001 3836  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:01:05.0016 3836  volsnap - ok
14:01:05.0047 3836  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:01:05.0063 3836  vsmraid - ok
14:01:05.0141 3836  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:01:05.0188 3836  VSS - ok
14:01:05.0219 3836  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:01:05.0219 3836  vwifibus - ok
14:01:05.0266 3836  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:01:05.0266 3836  vwififlt - ok
14:01:05.0297 3836  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:01:05.0297 3836  vwifimp - ok
14:01:05.0328 3836  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:01:05.0344 3836  W32Time - ok
14:01:05.0391 3836  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:01:05.0391 3836  WacomPen - ok
14:01:05.0422 3836  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:01:05.0422 3836  WANARP - ok
14:01:05.0437 3836  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:01:05.0437 3836  Wanarpv6 - ok
14:01:05.0515 3836  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:01:05.0547 3836  WatAdminSvc - ok
14:01:05.0609 3836  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:01:05.0656 3836  wbengine - ok
14:01:05.0718 3836  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:01:05.0734 3836  WbioSrvc - ok
14:01:05.0781 3836  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:01:05.0796 3836  wcncsvc - ok
14:01:05.0812 3836  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:01:05.0812 3836  WcsPlugInService - ok
14:01:05.0843 3836  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
14:01:05.0843 3836  Wd - ok
14:01:05.0905 3836  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:01:05.0921 3836  Wdf01000 - ok
14:01:05.0937 3836  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:01:05.0952 3836  WdiServiceHost - ok
14:01:05.0952 3836  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:01:05.0968 3836  WdiSystemHost - ok
14:01:05.0999 3836  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:01:05.0999 3836  WebClient - ok
14:01:06.0030 3836  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:01:06.0030 3836  Wecsvc - ok
14:01:06.0061 3836  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:01:06.0077 3836  wercplsupport - ok
14:01:06.0108 3836  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:01:06.0108 3836  WerSvc - ok
14:01:06.0155 3836  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:01:06.0155 3836  WfpLwf - ok
14:01:06.0186 3836  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:01:06.0186 3836  WIMMount - ok
14:01:06.0217 3836  WinDefend - ok
14:01:06.0217 3836  WinHttpAutoProxySvc - ok
14:01:06.0295 3836  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:01:06.0311 3836  Winmgmt - ok
14:01:06.0389 3836  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:01:06.0451 3836  WinRM - ok
14:01:06.0529 3836  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:01:06.0529 3836  WinUsb - ok
14:01:06.0561 3836  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:01:06.0592 3836  Wlansvc - ok
14:01:06.0623 3836  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:01:06.0639 3836  wlcrasvc - ok
14:01:06.0732 3836  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:01:06.0763 3836  wlidsvc - ok
14:01:06.0795 3836  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:01:06.0795 3836  WmiAcpi - ok
14:01:06.0841 3836  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:01:06.0841 3836  wmiApSrv - ok
14:01:06.0888 3836  WMPNetworkSvc - ok
14:01:06.0935 3836  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:01:06.0951 3836  WPCSvc - ok
14:01:06.0966 3836  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:01:06.0966 3836  WPDBusEnum - ok
14:01:06.0997 3836  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:01:06.0997 3836  ws2ifsl - ok
14:01:07.0029 3836  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:01:07.0029 3836  wscsvc - ok
14:01:07.0044 3836  WSearch - ok
14:01:07.0153 3836  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:01:07.0231 3836  wuauserv - ok
14:01:07.0278 3836  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:01:07.0278 3836  WudfPf - ok
14:01:07.0325 3836  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:01:07.0341 3836  WUDFRd - ok
14:01:07.0372 3836  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:01:07.0387 3836  wudfsvc - ok
14:01:07.0419 3836  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:01:07.0434 3836  WwanSvc - ok
14:01:07.0465 3836  ================ Scan global ===============================
14:01:07.0497 3836  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:01:07.0543 3836  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:01:07.0559 3836  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:01:07.0590 3836  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:01:07.0637 3836  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:01:07.0653 3836  [Global] - ok
14:01:07.0653 3836  ================ Scan MBR ==================================
14:01:07.0731 3836  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:01:08.0339 3836  \Device\Harddisk0\DR0 - ok
14:01:08.0339 3836  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR1
14:01:41.0271 3836  \Device\Harddisk1\DR1 - ok
14:01:41.0271 3836  ================ Scan VBR ==================================
14:01:41.0271 3836  [ 85904E383488CD892B309603F7D57787 ] \Device\Harddisk0\DR0\Partition1
14:01:41.0271 3836  \Device\Harddisk0\DR0\Partition1 - ok
14:01:41.0583 3836  [ 390E1B4024A12BE170F9FA92120FD05B ] \Device\Harddisk0\DR0\Partition2
14:01:41.0583 3836  \Device\Harddisk0\DR0\Partition2 - ok
14:01:41.0614 3836  [ 41958BDCE652EA171B3B6E2EA45CC1B7 ] \Device\Harddisk0\DR0\Partition3
14:01:41.0629 3836  \Device\Harddisk0\DR0\Partition3 - ok
14:01:41.0645 3836  [ 9C96D516D44C100145E4D72953C69BA6 ] \Device\Harddisk0\DR0\Partition4
14:01:41.0645 3836  \Device\Harddisk0\DR0\Partition4 - ok
14:01:41.0661 3836  [ 243BD99D67E23F28CA7EC730E639F38B ] \Device\Harddisk1\DR1\Partition1
14:01:41.0661 3836  \Device\Harddisk1\DR1\Partition1 - ok
14:01:41.0661 3836  ============================================================
14:01:41.0661 3836  Scan finished
14:01:41.0661 3836  ============================================================
14:01:41.0692 1224  Detected object count: 0
14:01:41.0692 1224  Actual detected object count: 0
14:02:53.0031 0792  Deinitialize success
 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:27 PM

Posted 17 May 2013 - 09:13 AM

That looks good,
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 RottNKorpse

RottNKorpse
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama, USA
  • Local time:03:27 PM

Posted 18 May 2013 - 12:16 PM

so are you saying that it is cleaned up now?



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:27 PM

Posted 18 May 2013 - 07:57 PM

Yes I am ,Unless you are seeing something.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 RottNKorpse

RottNKorpse
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama, USA
  • Local time:03:27 PM

Posted 18 May 2013 - 08:50 PM

I am still seeing the same ads in Google Chrome and in Internet Explorer.

 

Both the bottom left and the bottom right ads are still there.

 

Chrome Screenshot:

http://i.imgur.com/pp7ZGC8.png

 

IE Screenshot:

http://i.imgur.com/KmAiidA.png



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:27 PM

Posted 19 May 2013 - 11:49 AM

In Chrome it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.

OR Disable All Extensions ,see if that worked,then you need to go back to one by one to see which ps the culprit

 

do the same in internet xplorer if needdd


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 RottNKorpse

RottNKorpse
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Alabama, USA
  • Local time:03:27 PM

Posted 19 May 2013 - 02:08 PM

I have disabled all of the extensions in IE and I have deleted all of the extensions in Chrome (which weren't many) and they ads are still showing...and I just experienced a hijacking redirect but was the first time ever.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,489 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:27 PM

Posted 19 May 2013 - 02:37 PM

OK, obviously there is a protected malware here and we need stronger tools and a deeper look.

 

Please start a new topic ... Preparation Guide


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users