Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

slow computer, have tried a couple of things


  • Please log in to reply
23 replies to this topic

#1 tobyo

tobyo

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 24 December 2012 - 11:28 PM

first, I have no idea if this computer is infected so if this post needs to be moved, please feel free. I wasn't sure where to ask this.

I noticed a few weeks ago that every time I left my netbook idle and come back to it, it takes longer to move around(on internet, using Outlook) and I end up rebooting and then it's fine again until I let it sit again. I have tried to change when the screen saver (or lack thereof, it just goes dark) initiates but it's not recognizing that at all. I changed it in control panel to start screen saver after 120 minutes and chose a particular screen saver. that screen saver does not initiate at all. it just goes dark after about 5 minutes of being idle.

I cleaned up some temp files and removed some software that I'm not using and also ran defragmenter a couple of weeks ago. this helped for a few days. I just ran defragmenter again today and it helped for a few hours and I just rebooted after leaving it idle for a few hours.

it's an Acer netbook running Windows 7. I ran malwarebytes anti malware and Avira anti virus scans and those were clean. any ideas on what else I can do/check?

thanks much.

Edited by tobyo, 24 December 2012 - 11:50 PM.


BC AdBot (Login to Remove)

 


#2 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,284 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:06:35 AM

Posted 25 December 2012 - 05:10 AM

Hi, tobyo! I'm going to try to help you out. :)

This may or not be malware, but I'll have to exhaust as much as I can before I can tell.

TDSSKiller

I need you to run a scan using TDSSKiller.

  • Download TDSSKiller from here, and save it to your desktop.
  • Double click the file to launch the program. Once the program starts, click Start Scan. Don't change any default scan settings.
  • Once the scan is finished, you'll find a log in your root drive (usually C: ) that will start with TDSS in the file name, please copy and paste it into your reply.

Malwarebytes

I need you to run a scan with Malwarebytes Anti-Malware.

  • Double-click the MBAM shortcut on your desktop to open MBAM.
  • Click the Update tab, and check for updates. If a new version of MBAM is included in the update, follow the prompts and install it.
  • Once the program is done updating, select the Perform full scan option on the main interface. Then click the Scan button, hit Scan, and let the scan run.
  • Once the scan is finished, a log will pop up. If any malware was found, click the Show Results button, and make sure everything present is checked and click Remove Selected. If MBAM asks you to reboot, do so immediately. Either way, please copy and paste the log into your reply. If your PC is rebooted, you can find the log by opening up MBAM and going to the Logs tab.

AdwCleaner

I need you to run AdwCleaner to see if it removes anything.

  • Download AdwCleaner from here, and save it to your desktop.
  • Close all open programs.
  • Open the file on your desktop, and click the Delete button. Confirm operations at every prompt. Your PC will be rebooted after the final prompt.
  • Once rebooted, a text file will open up. Please copy and paste it into your reply.

RogueKiller

I need you to run RogueKiller to see if it removes anything.

  • Download RogueKiller from here, and save it to your desktop.
  • Close all open programs.
  • Double click the file on your desktop. Once the automatic check completes, hit the Scan button.
  • Once the full scan has finished, click on the Delete button. Once it's done removing things, open the newest log on your desktop (should be called RKreport[2].txt) and copy and paste it into your reply.

Please tell me how the PC is running in your next reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#3 tobyo

tobyo
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 25 December 2012 - 08:04 AM

Hi Gunto, thank you!! I'll be doing this in pieces and my kid just woke up so I'll post the first scan and be back later with the others. TDSSKiller didn't find anything:

06:59:15.0535 4868 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
06:59:16.0695 4868 ============================================================
06:59:16.0695 4868 Current date / time: 2012/12/25 06:59:16.0695
06:59:16.0695 4868 SystemInfo:
06:59:16.0695 4868
06:59:16.0696 4868 OS Version: 6.1.7601 ServicePack: 1.0
06:59:16.0696 4868 Product type: Workstation
06:59:16.0696 4868 ComputerName: TOBY-PC
06:59:16.0697 4868 UserName: Toby
06:59:16.0697 4868 Windows directory: C:\Windows
06:59:16.0697 4868 System windows directory: C:\Windows
06:59:16.0697 4868 Running under WOW64
06:59:16.0697 4868 Processor architecture: Intel x64
06:59:16.0697 4868 Number of processors: 2
06:59:16.0697 4868 Page size: 0x1000
06:59:16.0697 4868 Boot type: Normal boot
06:59:16.0697 4868 ============================================================
06:59:20.0624 4868 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:59:20.0634 4868 ============================================================
06:59:20.0634 4868 \Device\Harddisk0\DR0:
06:59:20.0634 4868 MBR partitions:
06:59:20.0634 4868 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
06:59:20.0634 4868 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x38953000
06:59:20.0634 4868 ============================================================
06:59:20.0680 4868 C: <-> \Device\Harddisk0\DR0\Partition2
06:59:20.0681 4868 ============================================================
06:59:20.0681 4868 Initialize success
06:59:20.0681 4868 ============================================================
06:59:26.0527 4856 ============================================================
06:59:26.0527 4856 Scan started
06:59:26.0527 4856 Mode: Manual;
06:59:26.0527 4856 ============================================================
06:59:33.0032 4856 ================ Scan system memory ========================
06:59:33.0032 4856 System memory - ok
06:59:33.0032 4856 ================ Scan services =============================
06:59:33.0329 4856 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
06:59:33.0407 4856 1394ohci - ok
06:59:33.0500 4856 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
06:59:33.0500 4856 ACPI - ok
06:59:33.0516 4856 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
06:59:33.0578 4856 AcpiPmi - ok
06:59:33.0703 4856 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
06:59:33.0703 4856 AdobeARMservice - ok
06:59:33.0797 4856 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
06:59:33.0828 4856 adp94xx - ok
06:59:33.0875 4856 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
06:59:33.0906 4856 adpahci - ok
06:59:33.0937 4856 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
06:59:33.0968 4856 adpu320 - ok
06:59:34.0031 4856 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
06:59:34.0046 4856 AeLookupSvc - ok
06:59:34.0187 4856 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
06:59:34.0218 4856 AFD - ok
06:59:34.0296 4856 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
06:59:34.0374 4856 agp440 - ok
06:59:34.0701 4856 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
06:59:34.0779 4856 ALG - ok
06:59:34.0857 4856 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
06:59:34.0873 4856 aliide - ok
06:59:34.0951 4856 [ 514089CB4A7DF38DC4DD936ADE4114D3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
06:59:34.0967 4856 AMD External Events Utility - ok
06:59:34.0998 4856 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
06:59:35.0029 4856 amdide - ok
06:59:35.0091 4856 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
06:59:35.0169 4856 AmdK8 - ok
06:59:35.0934 4856 [ 9A4B92150A5E259A7159D914CC3A60D7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
06:59:37.0806 4856 amdkmdag - ok
06:59:37.0837 4856 [ 9DEB889D152F9C9DBA98BE8986084535 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
06:59:39.0834 4856 amdkmdap - ok
06:59:40.0380 4856 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
06:59:40.0598 4856 AmdPPM - ok
06:59:40.0739 4856 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
06:59:40.0926 4856 amdsata - ok
06:59:40.0941 4856 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
06:59:40.0973 4856 amdsbs - ok
06:59:41.0253 4856 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
06:59:41.0331 4856 amdxata - ok
06:59:41.0862 4856 [ D89562A6AE8E07A457452E5B5560EB43 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
06:59:41.0862 4856 AntiVirSchedulerService - ok
06:59:42.0236 4856 [ E953EB70B3C4F0BA108C35D45420B86B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
06:59:42.0252 4856 AntiVirService - ok
06:59:42.0361 4856 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
06:59:42.0392 4856 AppID - ok
06:59:42.0455 4856 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
06:59:43.0266 4856 AppIDSvc - ok
06:59:43.0328 4856 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
06:59:43.0328 4856 Appinfo - ok
06:59:43.0359 4856 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
06:59:43.0406 4856 arc - ok
06:59:43.0484 4856 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
06:59:43.0640 4856 arcsas - ok
06:59:43.0687 4856 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
06:59:43.0874 4856 AsyncMac - ok
06:59:43.0968 4856 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
06:59:43.0968 4856 atapi - ok
06:59:44.0030 4856 [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
06:59:44.0108 4856 AtiHDAudioService - ok
06:59:44.0389 4856 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
06:59:44.0405 4856 AudioEndpointBuilder - ok
06:59:44.0561 4856 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
06:59:44.0561 4856 AudioSrv - ok
06:59:44.0795 4856 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
06:59:44.0826 4856 avgntflt - ok
06:59:44.0873 4856 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
06:59:44.0919 4856 avipbb - ok
06:59:45.0091 4856 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
06:59:46.0230 4856 avkmgr - ok
06:59:46.0511 4856 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
06:59:46.0589 4856 AxInstSV - ok
06:59:46.0791 4856 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
06:59:46.0823 4856 b06bdrv - ok
06:59:46.0932 4856 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
06:59:46.0963 4856 b57nd60a - ok
06:59:47.0150 4856 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
06:59:47.0197 4856 BBSvc - ok
06:59:47.0618 4856 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
06:59:47.0618 4856 BBUpdate - ok
06:59:49.0194 4856 [ 43AD3D3E7674833FCA9A7C4E7180AD54 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
06:59:49.0256 4856 BCM43XX - ok
06:59:49.0412 4856 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
06:59:49.0412 4856 BDESVC - ok
06:59:49.0537 4856 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
06:59:49.0537 4856 Beep - ok
06:59:49.0631 4856 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
06:59:49.0646 4856 BFE - ok
06:59:49.0849 4856 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
06:59:49.0865 4856 BITS - ok
06:59:49.0943 4856 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
06:59:49.0974 4856 blbdrive - ok
06:59:50.0021 4856 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
06:59:50.0067 4856 bowser - ok
06:59:50.0130 4856 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
06:59:50.0145 4856 BrFiltLo - ok
06:59:50.0192 4856 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
06:59:50.0192 4856 BrFiltUp - ok
06:59:50.0255 4856 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
06:59:50.0255 4856 Browser - ok
06:59:50.0364 4856 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
06:59:50.0411 4856 Brserid - ok
06:59:50.0473 4856 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
06:59:50.0489 4856 BrSerWdm - ok
06:59:50.0520 4856 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
06:59:50.0535 4856 BrUsbMdm - ok
06:59:50.0582 4856 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
06:59:50.0598 4856 BrUsbSer - ok
06:59:50.0645 4856 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
06:59:50.0660 4856 BTHMODEM - ok
06:59:50.0785 4856 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
06:59:50.0801 4856 bthserv - ok
06:59:50.0863 4856 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
06:59:50.0894 4856 cdfs - ok
06:59:50.0972 4856 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
06:59:51.0003 4856 cdrom - ok
06:59:51.0144 4856 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
06:59:51.0159 4856 CertPropSvc - ok
06:59:51.0284 4856 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
06:59:51.0300 4856 circlass - ok
06:59:51.0393 4856 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
06:59:51.0409 4856 CLFS - ok
06:59:51.0612 4856 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:59:51.0643 4856 clr_optimization_v2.0.50727_32 - ok
06:59:51.0737 4856 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:59:51.0752 4856 clr_optimization_v2.0.50727_64 - ok
06:59:52.0017 4856 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:59:52.0017 4856 clr_optimization_v4.0.30319_32 - ok
06:59:52.0127 4856 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:59:52.0127 4856 clr_optimization_v4.0.30319_64 - ok
06:59:52.0220 4856 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
06:59:52.0236 4856 CmBatt - ok
06:59:52.0314 4856 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
06:59:52.0329 4856 cmdide - ok
06:59:52.0439 4856 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
06:59:52.0485 4856 CNG - ok
06:59:52.0797 4856 [ 87FF942B1954F31AD09028BCCC9DCCA2 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
06:59:52.0875 4856 CnxtHdAudService - ok
06:59:52.0922 4856 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
06:59:52.0938 4856 Compbatt - ok
06:59:52.0985 4856 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
06:59:53.0000 4856 CompositeBus - ok
06:59:53.0031 4856 COMSysApp - ok
06:59:53.0094 4856 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
06:59:53.0109 4856 crcdisk - ok
06:59:53.0234 4856 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
06:59:53.0250 4856 CryptSvc - ok
06:59:53.0343 4856 [ 9D0D050170D47E778B624A28C90F23DE ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
06:59:53.0359 4856 CxAudMsg - ok
06:59:53.0749 4856 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
06:59:53.0765 4856 DcomLaunch - ok
06:59:54.0108 4856 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
06:59:54.0139 4856 defragsvc - ok
06:59:54.0248 4856 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
06:59:54.0451 4856 DfsC - ok
06:59:54.0669 4856 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
06:59:54.0685 4856 Dhcp - ok
06:59:54.0732 4856 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
06:59:54.0732 4856 discache - ok
06:59:54.0794 4856 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
06:59:54.0810 4856 Disk - ok
06:59:54.0888 4856 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
06:59:54.0903 4856 Dnscache - ok
06:59:54.0950 4856 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
06:59:54.0981 4856 dot3svc - ok
06:59:55.0059 4856 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
06:59:55.0059 4856 DPS - ok
06:59:55.0106 4856 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
06:59:55.0122 4856 drmkaud - ok
06:59:55.0325 4856 [ 9DD3A22F804697606C2B7FF9E912FF6B ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
06:59:55.0340 4856 DsiWMIService - ok
06:59:55.0512 4856 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
06:59:55.0559 4856 DXGKrnl - ok
06:59:55.0637 4856 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
06:59:55.0637 4856 EapHost - ok
06:59:56.0183 4856 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
06:59:56.0510 4856 ebdrv - ok
06:59:56.0635 4856 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
06:59:56.0635 4856 EFS - ok
06:59:56.0791 4856 [ 18DD872DD46ACB24E106DC2C9C270466 ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
06:59:56.0822 4856 EgisTec Ticket Service - ok
06:59:56.0994 4856 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
06:59:57.0041 4856 ehRecvr - ok
06:59:57.0088 4856 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
06:59:57.0119 4856 ehSched - ok
06:59:57.0259 4856 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
06:59:57.0384 4856 elxstor - ok
06:59:57.0712 4856 [ AC5C64F828C0A6A1350971501AC2A0C7 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
06:59:57.0727 4856 ePowerSvc - ok
06:59:57.0758 4856 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
06:59:57.0774 4856 ErrDev - ok
06:59:57.0883 4856 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
06:59:57.0883 4856 EventSystem - ok
06:59:57.0977 4856 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
06:59:57.0992 4856 exfat - ok
06:59:58.0086 4856 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
06:59:58.0148 4856 fastfat - ok
06:59:58.0320 4856 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
06:59:58.0460 4856 Fax - ok
06:59:58.0710 4856 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
06:59:58.0772 4856 fdc - ok
06:59:58.0975 4856 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
06:59:58.0991 4856 fdPHost - ok
06:59:59.0022 4856 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
06:59:59.0038 4856 FDResPub - ok
06:59:59.0069 4856 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
06:59:59.0084 4856 FileInfo - ok
06:59:59.0147 4856 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
06:59:59.0162 4856 Filetrace - ok
06:59:59.0194 4856 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
06:59:59.0209 4856 flpydisk - ok
06:59:59.0272 4856 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
06:59:59.0318 4856 FltMgr - ok
06:59:59.0490 4856 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
06:59:59.0521 4856 FontCache - ok
06:59:59.0662 4856 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:59:59.0662 4856 FontCache3.0.0.0 - ok
06:59:59.0740 4856 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
06:59:59.0896 4856 FsDepends - ok
07:00:00.0286 4856 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
07:00:00.0317 4856 fssfltr - ok
07:00:00.0457 4856 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
07:00:00.0629 4856 fsssvc - ok
07:00:00.0691 4856 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
07:00:00.0722 4856 Fs_Rec - ok
07:00:00.0785 4856 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
07:00:00.0785 4856 fvevol - ok
07:00:00.0816 4856 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
07:00:00.0847 4856 gagp30kx - ok
07:00:01.0050 4856 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
07:00:01.0175 4856 GamesAppService - ok
07:00:01.0331 4856 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
07:00:01.0362 4856 gpsvc - ok
07:00:01.0534 4856 [ 84E58FEA8B1A7537696A20C59CB9B0C9 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
07:00:01.0534 4856 GREGService - ok
07:00:01.0970 4856 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
07:00:02.0485 4856 gusvc - ok
07:00:02.0579 4856 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
07:00:02.0688 4856 hcw85cir - ok
07:00:02.0860 4856 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:00:02.0906 4856 HdAudAddService - ok
07:00:02.0984 4856 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
07:00:02.0984 4856 HDAudBus - ok
07:00:03.0062 4856 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
07:00:03.0078 4856 HidBatt - ok
07:00:03.0109 4856 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
07:00:03.0140 4856 HidBth - ok
07:00:03.0172 4856 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
07:00:03.0234 4856 HidIr - ok
07:00:03.0296 4856 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
07:00:03.0468 4856 hidserv - ok
07:00:03.0593 4856 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
07:00:03.0686 4856 HidUsb - ok
07:00:03.0796 4856 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
07:00:04.0092 4856 hkmsvc - ok
07:00:04.0264 4856 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
07:00:04.0264 4856 HomeGroupListener - ok
07:00:04.0373 4856 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
07:00:04.0373 4856 HomeGroupProvider - ok
07:00:04.0466 4856 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
07:00:04.0529 4856 HpSAMD - ok
07:00:04.0810 4856 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
07:00:04.0825 4856 HTTP - ok
07:00:04.0888 4856 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
07:00:04.0888 4856 hwpolicy - ok
07:00:04.0981 4856 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
07:00:05.0090 4856 i8042prt - ok
07:00:05.0278 4856 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
07:00:05.0605 4856 iaStorV - ok
07:00:05.0761 4856 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
07:00:05.0964 4856 IDriverT - ok
07:00:06.0604 4856 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
07:00:06.0822 4856 idsvc - ok
07:00:06.0869 4856 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
07:00:06.0916 4856 iirsp - ok
07:00:07.0165 4856 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
07:00:07.0196 4856 IKEEXT - ok
07:00:07.0306 4856 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
07:00:07.0337 4856 intelide - ok
07:00:07.0415 4856 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
07:00:07.0462 4856 intelppm - ok
07:00:07.0586 4856 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
07:00:07.0633 4856 IPBusEnum - ok
07:00:07.0664 4856 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:00:07.0711 4856 IpFilterDriver - ok
07:00:07.0945 4856 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
07:00:07.0945 4856 iphlpsvc - ok
07:00:07.0992 4856 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
07:00:08.0023 4856 IPMIDRV - ok
07:00:08.0070 4856 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
07:00:08.0179 4856 IPNAT - ok
07:00:08.0195 4856 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
07:00:09.0053 4856 IRENUM - ok
07:00:09.0084 4856 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
07:00:09.0271 4856 isapnp - ok
07:00:09.0318 4856 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
07:00:10.0098 4856 iScsiPrt - ok
07:00:10.0145 4856 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
07:00:10.0285 4856 kbdclass - ok
07:00:10.0301 4856 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
07:00:10.0706 4856 kbdhid - ok
07:00:10.0738 4856 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
07:00:10.0738 4856 KeyIso - ok
07:00:10.0784 4856 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
07:00:10.0816 4856 KSecDD - ok
07:00:10.0847 4856 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
07:00:11.0050 4856 KSecPkg - ok
07:00:11.0174 4856 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
07:00:11.0190 4856 ksthunk - ok
07:00:11.0268 4856 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
07:00:11.0424 4856 KtmRm - ok
07:00:11.0720 4856 [ 6DD5383C9413AAE3113FAF89E345663D ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
07:00:11.0752 4856 L1C - ok
07:00:12.0110 4856 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
07:00:12.0126 4856 LanmanServer - ok
07:00:12.0157 4856 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:00:12.0173 4856 LanmanWorkstation - ok
07:00:12.0282 4856 [ B705C7097F9A0EC941D02DCE7C7D426C ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
07:00:12.0298 4856 Live Updater Service - ok
07:00:12.0391 4856 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
07:00:12.0438 4856 lltdio - ok
07:00:12.0532 4856 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
07:00:12.0547 4856 lltdsvc - ok
07:00:12.0625 4856 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
07:00:12.0625 4856 lmhosts - ok
07:00:12.0703 4856 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
07:00:12.0719 4856 LSI_FC - ok
07:00:12.0781 4856 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
07:00:12.0797 4856 LSI_SAS - ok
07:00:12.0859 4856 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
07:00:12.0875 4856 LSI_SAS2 - ok
07:00:12.0922 4856 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
07:00:12.0937 4856 LSI_SCSI - ok
07:00:12.0984 4856 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
07:00:13.0000 4856 luafv - ok
07:00:13.0093 4856 [ B891E3920F24FF1A3BEAD6CD2B42ED99 ] McAfee SiteAdvisor Service c:\PROGRA~2\mcafee\SITEAD~1\McSACore.exe
07:00:13.0093 4856 McAfee SiteAdvisor Service - ok
07:00:13.0202 4856 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
07:00:13.0218 4856 Mcx2Svc - ok
07:00:13.0280 4856 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
07:00:13.0280 4856 megasas - ok
07:00:13.0358 4856 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
07:00:13.0436 4856 MegaSR - ok
07:00:13.0670 4856 Microsoft SharePoint Workspace Audit Service - ok
07:00:13.0795 4856 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
07:00:13.0795 4856 MMCSS - ok
07:00:13.0873 4856 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
07:00:13.0920 4856 Modem - ok
07:00:13.0951 4856 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
07:00:13.0951 4856 monitor - ok
07:00:13.0982 4856 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
07:00:14.0014 4856 mouclass - ok
07:00:14.0045 4856 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
07:00:14.0076 4856 mouhid - ok
07:00:14.0170 4856 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
07:00:14.0170 4856 mountmgr - ok
07:00:14.0216 4856 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
07:00:14.0248 4856 mpio - ok
07:00:14.0310 4856 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
07:00:14.0326 4856 mpsdrv - ok
07:00:14.0404 4856 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
07:00:14.0435 4856 MpsSvc - ok
07:00:14.0560 4856 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
07:00:14.0575 4856 MRxDAV - ok
07:00:14.0606 4856 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
07:00:14.0622 4856 mrxsmb - ok
07:00:14.0747 4856 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:00:14.0762 4856 mrxsmb10 - ok
07:00:14.0809 4856 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:00:14.0825 4856 mrxsmb20 - ok
07:00:14.0903 4856 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
07:00:14.0918 4856 msahci - ok
07:00:14.0965 4856 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
07:00:14.0996 4856 msdsm - ok
07:00:15.0028 4856 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
07:00:15.0043 4856 MSDTC - ok
07:00:15.0106 4856 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
07:00:15.0121 4856 Msfs - ok
07:00:15.0137 4856 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
07:00:15.0152 4856 mshidkmdf - ok
07:00:15.0184 4856 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
07:00:15.0215 4856 msisadrv - ok
07:00:15.0246 4856 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
07:00:15.0262 4856 MSiSCSI - ok
07:00:15.0277 4856 msiserver - ok
07:00:15.0324 4856 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
07:00:15.0340 4856 MSKSSRV - ok
07:00:15.0402 4856 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
07:00:15.0418 4856 MSPCLOCK - ok
07:00:15.0464 4856 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
07:00:15.0480 4856 MSPQM - ok
07:00:15.0511 4856 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
07:00:15.0542 4856 MsRPC - ok
07:00:15.0574 4856 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
07:00:15.0574 4856 mssmbios - ok
07:00:15.0605 4856 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
07:00:15.0605 4856 MSTEE - ok
07:00:15.0667 4856 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
07:00:15.0683 4856 MTConfig - ok
07:00:15.0730 4856 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
07:00:15.0745 4856 Mup - ok
07:00:15.0776 4856 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
07:00:15.0792 4856 mwlPSDFilter - ok
07:00:15.0839 4856 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
07:00:15.0839 4856 mwlPSDNServ - ok
07:00:15.0870 4856 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
07:00:15.0886 4856 mwlPSDVDisk - ok
07:00:16.0026 4856 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
07:00:16.0042 4856 napagent - ok
07:00:16.0104 4856 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
07:00:16.0182 4856 NativeWifiP - ok
07:00:16.0416 4856 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
07:00:16.0447 4856 NDIS - ok
07:00:16.0478 4856 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
07:00:16.0494 4856 NdisCap - ok
07:00:16.0541 4856 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
07:00:16.0541 4856 NdisTapi - ok
07:00:16.0588 4856 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
07:00:16.0603 4856 Ndisuio - ok
07:00:16.0650 4856 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
07:00:16.0666 4856 NdisWan - ok
07:00:16.0728 4856 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
07:00:16.0744 4856 NDProxy - ok
07:00:16.0775 4856 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
07:00:16.0853 4856 NetBIOS - ok
07:00:16.0993 4856 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
07:00:17.0087 4856 NetBT - ok
07:00:17.0258 4856 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
07:00:17.0258 4856 Netlogon - ok
07:00:17.0383 4856 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
07:00:17.0399 4856 Netman - ok
07:00:17.0446 4856 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
07:00:17.0446 4856 netprofm - ok
07:00:17.0555 4856 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:00:17.0602 4856 NetTcpPortSharing - ok
07:00:17.0648 4856 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
07:00:17.0664 4856 nfrd960 - ok
07:00:17.0742 4856 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
07:00:17.0742 4856 NlaSvc - ok
07:00:17.0789 4856 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
07:00:17.0820 4856 Npfs - ok
07:00:17.0898 4856 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
07:00:17.0898 4856 nsi - ok
07:00:17.0929 4856 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
07:00:17.0929 4856 nsiproxy - ok
07:00:18.0132 4856 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
07:00:18.0210 4856 Ntfs - ok
07:00:18.0304 4856 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
07:00:18.0319 4856 Null - ok
07:00:18.0382 4856 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
07:00:18.0413 4856 nvraid - ok
07:00:18.0444 4856 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
07:00:18.0460 4856 nvstor - ok
07:00:18.0522 4856 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
07:00:18.0538 4856 nv_agp - ok
07:00:18.0584 4856 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
07:00:18.0600 4856 ohci1394 - ok
07:00:18.0803 4856 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:00:18.0834 4856 ose - ok
07:00:19.0910 4856 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
07:00:20.0191 4856 osppsvc - ok
07:00:20.0628 4856 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
07:00:20.0628 4856 p2pimsvc - ok
07:00:20.0675 4856 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
07:00:20.0690 4856 p2psvc - ok
07:00:20.0753 4856 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
07:00:20.0768 4856 Parport - ok
07:00:20.0800 4856 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
07:00:20.0846 4856 partmgr - ok
07:00:20.0862 4856 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
07:00:20.0862 4856 PcaSvc - ok
07:00:20.0909 4856 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
07:00:20.0909 4856 pci - ok
07:00:20.0956 4856 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
07:00:21.0002 4856 pciide - ok
07:00:21.0158 4856 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
07:00:21.0221 4856 pcmcia - ok
07:00:21.0283 4856 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
07:00:21.0299 4856 pcw - ok
07:00:21.0377 4856 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
07:00:21.0517 4856 PEAUTH - ok
07:00:21.0736 4856 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
07:00:21.0751 4856 PerfHost - ok
07:00:21.0860 4856 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
07:00:21.0938 4856 pla - ok
07:00:22.0032 4856 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
07:00:22.0048 4856 PlugPlay - ok
07:00:22.0094 4856 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
07:00:22.0110 4856 PNRPAutoReg - ok
07:00:22.0157 4856 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
07:00:22.0157 4856 PNRPsvc - ok
07:00:22.0297 4856 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
07:00:22.0313 4856 PolicyAgent - ok
07:00:22.0531 4856 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
07:00:22.0547 4856 Power - ok
07:00:22.0687 4856 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
07:00:22.0703 4856 PptpMiniport - ok
07:00:22.0734 4856 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
07:00:22.0750 4856 Processor - ok
07:00:22.0843 4856 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
07:00:22.0843 4856 ProfSvc - ok
07:00:22.0874 4856 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:00:22.0874 4856 ProtectedStorage - ok
07:00:22.0906 4856 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
07:00:22.0906 4856 Psched - ok
07:00:23.0171 4856 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
07:00:23.0264 4856 ql2300 - ok
07:00:23.0311 4856 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
07:00:23.0374 4856 ql40xx - ok
07:00:23.0483 4856 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
07:00:23.0498 4856 QWAVE - ok
07:00:23.0530 4856 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
07:00:23.0561 4856 QWAVEdrv - ok
07:00:23.0623 4856 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
07:00:23.0639 4856 RasAcd - ok
07:00:23.0686 4856 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
07:00:23.0701 4856 RasAgileVpn - ok
07:00:23.0795 4856 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
07:00:23.0826 4856 RasAuto - ok
07:00:23.0857 4856 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
07:00:23.0888 4856 Rasl2tp - ok
07:00:24.0044 4856 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
07:00:24.0091 4856 RasMan - ok
07:00:24.0138 4856 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
07:00:24.0154 4856 RasPppoe - ok
07:00:24.0185 4856 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
07:00:24.0200 4856 RasSstp - ok
07:00:24.0278 4856 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
07:00:24.0419 4856 rdbss - ok
07:00:24.0481 4856 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
07:00:24.0512 4856 rdpbus - ok
07:00:24.0544 4856 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
07:00:24.0544 4856 RDPCDD - ok
07:00:24.0653 4856 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
07:00:24.0653 4856 RDPENCDD - ok
07:00:24.0684 4856 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
07:00:24.0684 4856 RDPREFMP - ok
07:00:24.0778 4856 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
07:00:24.0824 4856 RDPWD - ok
07:00:24.0918 4856 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
07:00:24.0996 4856 rdyboost - ok
07:00:25.0027 4856 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
07:00:25.0058 4856 RemoteAccess - ok
07:00:25.0136 4856 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
07:00:25.0168 4856 RemoteRegistry - ok
07:00:25.0199 4856 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
07:00:25.0199 4856 RpcEptMapper - ok
07:00:25.0246 4856 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
07:00:25.0246 4856 RpcLocator - ok
07:00:25.0292 4856 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
07:00:25.0308 4856 RpcSs - ok
07:00:25.0370 4856 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
07:00:25.0386 4856 rspndr - ok
07:00:25.0480 4856 [ 135A64530D7699AD48F29D73A658DD11 ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
07:00:25.0495 4856 RSUSBSTOR - ok
07:00:25.0558 4856 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
07:00:25.0558 4856 RS_Service - ok
07:00:25.0589 4856 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
07:00:25.0589 4856 SamSs - ok
07:00:25.0636 4856 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
07:00:25.0651 4856 sbp2port - ok
07:00:25.0698 4856 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
07:00:25.0729 4856 SCardSvr - ok
07:00:25.0792 4856 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
07:00:25.0807 4856 scfilter - ok
07:00:25.0854 4856 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
07:00:25.0885 4856 Schedule - ok
07:00:25.0979 4856 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
07:00:25.0994 4856 SCPolicySvc - ok
07:00:26.0041 4856 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
07:00:26.0072 4856 SDRSVC - ok
07:00:26.0135 4856 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
07:00:26.0150 4856 secdrv - ok
07:00:26.0197 4856 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
07:00:26.0244 4856 seclogon - ok
07:00:26.0291 4856 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
07:00:26.0306 4856 SENS - ok
07:00:26.0369 4856 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
07:00:26.0384 4856 SensrSvc - ok
07:00:26.0447 4856 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
07:00:26.0462 4856 Serenum - ok
07:00:26.0478 4856 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
07:00:26.0509 4856 Serial - ok
07:00:26.0556 4856 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
07:00:26.0556 4856 sermouse - ok
07:00:26.0618 4856 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
07:00:26.0634 4856 SessionEnv - ok
07:00:26.0665 4856 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
07:00:26.0681 4856 sffdisk - ok
07:00:26.0728 4856 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
07:00:26.0743 4856 sffp_mmc - ok
07:00:26.0790 4856 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
07:00:26.0790 4856 sffp_sd - ok
07:00:26.0884 4856 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
07:00:26.0884 4856 sfloppy - ok
07:00:27.0008 4856 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
07:00:27.0102 4856 SharedAccess - ok
07:00:27.0180 4856 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:00:27.0180 4856 ShellHWDetection - ok
07:00:27.0211 4856 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
07:00:27.0227 4856 SiSRaid2 - ok
07:00:27.0258 4856 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
07:00:27.0289 4856 SiSRaid4 - ok
07:00:27.0305 4856 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
07:00:27.0336 4856 Smb - ok
07:00:27.0430 4856 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
07:00:27.0461 4856 SNMPTRAP - ok
07:00:27.0508 4856 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
07:00:27.0523 4856 spldr - ok
07:00:27.0710 4856 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
07:00:27.0726 4856 Spooler - ok
07:00:27.0882 4856 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
07:00:27.0929 4856 sppsvc - ok
07:00:27.0960 4856 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
07:00:27.0976 4856 sppuinotify - ok
07:00:28.0007 4856 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
07:00:28.0038 4856 srv - ok
07:00:28.0100 4856 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
07:00:28.0132 4856 srv2 - ok
07:00:28.0163 4856 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
07:00:28.0178 4856 srvnet - ok
07:00:28.0381 4856 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
07:00:28.0397 4856 SSDPSRV - ok
07:00:28.0428 4856 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
07:00:28.0506 4856 SstpSvc - ok
07:00:28.0553 4856 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
07:00:28.0615 4856 stexstor - ok
07:00:29.0005 4856 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
07:00:29.0021 4856 stisvc - ok
07:00:29.0068 4856 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
07:00:29.0068 4856 swenum - ok
07:00:29.0177 4856 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
07:00:29.0224 4856 swprv - ok
07:00:29.0426 4856 [ 02364D8BE46A51361B0905736C3F7438 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
07:00:29.0458 4856 SynTP - ok
07:00:29.0692 4856 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
07:00:29.0723 4856 SysMain - ok
07:00:29.0816 4856 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:00:29.0832 4856 TabletInputService - ok
07:00:29.0863 4856 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
07:00:29.0910 4856 TapiSrv - ok
07:00:29.0972 4856 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
07:00:29.0972 4856 TBS - ok
07:00:30.0316 4856 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
07:00:30.0440 4856 Tcpip - ok
07:00:30.0518 4856 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
07:00:30.0534 4856 TCPIP6 - ok
07:00:30.0612 4856 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
07:00:30.0643 4856 tcpipreg - ok
07:00:30.0752 4856 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
07:00:30.0768 4856 TDPIPE - ok
07:00:30.0815 4856 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
07:00:30.0830 4856 TDTCP - ok
07:00:30.0877 4856 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
07:00:30.0893 4856 tdx - ok
07:00:30.0955 4856 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
07:00:30.0971 4856 TermDD - ok
07:00:31.0080 4856 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
07:00:31.0127 4856 TermService - ok
07:00:31.0174 4856 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
07:00:31.0189 4856 Themes - ok
07:00:31.0236 4856 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
07:00:31.0252 4856 THREADORDER - ok
07:00:31.0314 4856 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
07:00:31.0314 4856 TrkWks - ok
07:00:31.0439 4856 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:00:31.0439 4856 TrustedInstaller - ok
07:00:31.0486 4856 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
07:00:31.0501 4856 tssecsrv - ok
07:00:31.0564 4856 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
07:00:31.0579 4856 TsUsbFlt - ok
07:00:31.0626 4856 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
07:00:31.0642 4856 TsUsbGD - ok
07:00:31.0735 4856 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
07:00:31.0735 4856 tunnel - ok
07:00:31.0766 4856 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
07:00:31.0798 4856 uagp35 - ok
07:00:31.0813 4856 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
07:00:31.0844 4856 udfs - ok
07:00:31.0922 4856 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
07:00:31.0938 4856 UI0Detect - ok
07:00:31.0969 4856 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
07:00:32.0000 4856 uliagpkx - ok
07:00:32.0016 4856 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
07:00:32.0032 4856 umbus - ok
07:00:32.0063 4856 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
07:00:32.0078 4856 UmPass - ok
07:00:32.0110 4856 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
07:00:32.0125 4856 upnphost - ok
07:00:32.0188 4856 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
07:00:32.0203 4856 usbccgp - ok
07:00:32.0266 4856 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
07:00:32.0312 4856 usbcir - ok
07:00:32.0344 4856 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
07:00:32.0375 4856 usbehci - ok
07:00:32.0500 4856 [ 76E2FFAD301490BA27B947C6507752FB ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
07:00:32.0500 4856 usbfilter - ok
07:00:32.0562 4856 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
07:00:32.0593 4856 usbhub - ok
07:00:32.0624 4856 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
07:00:32.0640 4856 usbohci - ok
07:00:32.0671 4856 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
07:00:32.0671 4856 usbprint - ok
07:00:32.0718 4856 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:00:32.0734 4856 USBSTOR - ok
07:00:32.0780 4856 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
07:00:32.0796 4856 usbuhci - ok
07:00:32.0827 4856 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
07:00:32.0890 4856 usbvideo - ok
07:00:32.0952 4856 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
07:00:32.0952 4856 UxSms - ok
07:00:32.0983 4856 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
07:00:32.0983 4856 VaultSvc - ok
07:00:33.0014 4856 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
07:00:33.0014 4856 vdrvroot - ok
07:00:33.0139 4856 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
07:00:33.0202 4856 vds - ok
07:00:33.0217 4856 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
07:00:33.0233 4856 vga - ok
07:00:33.0264 4856 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
07:00:33.0264 4856 VgaSave - ok
07:00:33.0295 4856 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
07:00:33.0326 4856 vhdmp - ok
07:00:33.0342 4856 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
07:00:33.0342 4856 viaide - ok
07:00:33.0373 4856 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
07:00:33.0389 4856 volmgr - ok
07:00:33.0451 4856 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
07:00:33.0451 4856 volmgrx - ok
07:00:33.0514 4856 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
07:00:33.0545 4856 volsnap - ok
07:00:33.0576 4856 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
07:00:33.0623 4856 vsmraid - ok
07:00:33.0732 4856 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
07:00:33.0794 4856 VSS - ok
07:00:33.0826 4856 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
07:00:33.0841 4856 vwifibus - ok
07:00:33.0888 4856 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
07:00:33.0919 4856 vwififlt - ok
07:00:34.0044 4856 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
07:00:34.0075 4856 W32Time - ok
07:00:34.0122 4856 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
07:00:34.0184 4856 WacomPen - ok
07:00:34.0356 4856 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
07:00:34.0403 4856 WANARP - ok
07:00:34.0418 4856 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
07:00:34.0418 4856 Wanarpv6 - ok
07:00:34.0933 4856 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
07:00:35.0120 4856 WatAdminSvc - ok
07:00:35.0354 4856 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
07:00:35.0401 4856 wbengine - ok
07:00:35.0448 4856 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
07:00:35.0479 4856 WbioSrvc - ok
07:00:35.0542 4856 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
07:00:35.0573 4856 wcncsvc - ok
07:00:35.0604 4856 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:00:35.0635 4856 WcsPlugInService - ok
07:00:35.0760 4856 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
07:00:35.0822 4856 Wd - ok
07:00:36.0041 4856 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
07:00:36.0088 4856 Wdf01000 - ok
07:00:36.0181 4856 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
07:00:36.0197 4856 WdiServiceHost - ok
07:00:36.0259 4856 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
07:00:36.0275 4856 WdiSystemHost - ok
07:00:36.0524 4856 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
07:00:36.0680 4856 WebClient - ok
07:00:36.0758 4856 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
07:00:36.0805 4856 Wecsvc - ok
07:00:36.0883 4856 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
07:00:36.0883 4856 wercplsupport - ok
07:00:36.0946 4856 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
07:00:36.0977 4856 WerSvc - ok
07:00:37.0180 4856 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
07:00:37.0180 4856 WfpLwf - ok
07:00:37.0304 4856 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
07:00:37.0320 4856 WIMMount - ok
07:00:37.0351 4856 WinDefend - ok
07:00:37.0398 4856 WinHttpAutoProxySvc - ok
07:00:37.0476 4856 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
07:00:37.0476 4856 Winmgmt - ok
07:00:37.0601 4856 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
07:00:37.0741 4856 WinRM - ok
07:00:37.0850 4856 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
07:00:37.0866 4856 WinUsb - ok
07:00:37.0975 4856 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
07:00:38.0100 4856 Wlansvc - ok
07:00:38.0412 4856 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
07:00:38.0490 4856 wlcrasvc - ok
07:00:38.0802 4856 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
07:00:38.0849 4856 wlidsvc - ok
07:00:38.0896 4856 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
07:00:38.0911 4856 WmiAcpi - ok
07:00:38.0989 4856 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
07:00:39.0020 4856 wmiApSrv - ok
07:00:39.0176 4856 WMPNetworkSvc - ok
07:00:39.0223 4856 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
07:00:39.0317 4856 WPCSvc - ok
07:00:39.0426 4856 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
07:00:39.0457 4856 WPDBusEnum - ok
07:00:39.0722 4856 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
07:00:39.0738 4856 ws2ifsl - ok
07:00:39.0785 4856 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
07:00:39.0785 4856 wscsvc - ok
07:00:39.0816 4856 WSearch - ok
07:00:39.0956 4856 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
07:00:40.0066 4856 wuauserv - ok
07:00:40.0159 4856 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
07:00:40.0190 4856 WudfPf - ok
07:00:40.0284 4856 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
07:00:40.0331 4856 WUDFRd - ok
07:00:40.0393 4856 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
07:00:40.0393 4856 wudfsvc - ok
07:00:40.0534 4856 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
07:00:40.0565 4856 WwanSvc - ok
07:00:40.0627 4856 ================ Scan global ===============================
07:00:40.0658 4856 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
07:00:40.0768 4856 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
07:00:40.0846 4856 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
07:00:41.0126 4856 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
07:00:41.0267 4856 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
07:00:41.0267 4856 [Global] - ok
07:00:41.0282 4856 ================ Scan MBR ==================================
07:00:41.0298 4856 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
07:00:43.0217 4856 \Device\Harddisk0\DR0 - ok
07:00:43.0217 4856 ================ Scan VBR ==================================
07:00:43.0232 4856 [ 90E2C5BEBDC357662098A88CDC62479D ] \Device\Harddisk0\DR0\Partition1
07:00:43.0248 4856 \Device\Harddisk0\DR0\Partition1 - ok
07:00:43.0264 4856 [ 1DC07426CA206A89C785E21835935885 ] \Device\Harddisk0\DR0\Partition2
07:00:43.0264 4856 \Device\Harddisk0\DR0\Partition2 - ok
07:00:43.0264 4856 ============================================================
07:00:43.0264 4856 Scan finished
07:00:43.0264 4856 ============================================================
07:00:43.0295 4832 Detected object count: 0
07:00:43.0295 4832 Actual detected object count: 0

#4 tobyo

tobyo
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 25 December 2012 - 10:09 AM

malwarebytes scan log:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.12.25.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Toby :: TOBY-PC [administrator]

12/25/2012 7:16:50 AM
mbam-log-2012-12-25 (07-16-50).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 331729
Time elapsed: 1 hour(s), 30 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#5 tobyo

tobyo
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 25 December 2012 - 10:37 AM

ADW cleaner:

# AdwCleaner v2.102 - Logfile created 12/25/2012 at 09:11:47
# Updated 23/12/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Toby - TOBY-PC
# Boot Mode : Normal
# Running from : C:\Users\Toby\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Toby\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [750 octets] - [25/12/2012 09:11:47]

########## EOF - C:\AdwCleaner[S1].txt - [809 octets] ##########

#6 tobyo

tobyo
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 25 December 2012 - 10:48 AM

well...Rogue Killer found a couple of things and I deleted them. here's the scan:

RogueKiller V8.4.1 [Dec 24 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Toby [Admin rights]
Mode : Remove -- Date : 12/25/2012 09:46:00

Bad processes : 0

Registry Entries : 2
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts



MBR Check:

+++++ PhysicalDrive0: WDC WD5000BPVT-22HXZT3 ATA Device +++++
--- User ---
[MBR] 82193ff0d71bc34031f1c0261970f416
[BSP] 42b2d2f05c66555c4304c9ea7618659b : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 463526 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_12252012_02d0946.txt >>
RKreport[1]_S_12252012_02d0945.txt ; RKreport[2]_D_12252012_02d0946.txt

I'll monitor the computer and let you know if it's any better. stay tuned!! and thanks :)

#7 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,284 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:06:35 AM

Posted 25 December 2012 - 10:52 AM

Hi,

Let's try a few more things just to be sure. :)

SUPERAntiSpyware

I need you to run a scan with SUPERAntiSpyware.

  • Download SAS from here, and save it to your desktop.
  • Double click the installer to start the installation. If you do not want to start the trial of the full version, please decline, and feel free to uncheck options to install external toolbars/software, unless you want them. Otherwise, follow the prompts and let the program install.
  • Once the program is done installing and updating, tick the Complete Scan option on the interface, and press the big Scan your Computer... button. Ensure that the options Activate Scan Boost™ > Low boost and Scan inside .ZIP archives are selected and Start Complete Scan.
  • After scanning, be sure to remove all detected threats if any were detected. If asked to reboot to remove threats, do so immediately.
  • Once finished, return to the main interface, go to View Scan Logs and view the newest log. Copy and paste it into your reply.

ESET Online Scanner

I need you to run a scan with ESET Online Scanner.

  • Download the scanner from here, and save it to your desktop.
  • Double click the file to install the program. Once it's done, accept the terms of use and click Start. Be sure the following settings are checked before beginning:
    Scan archives
    Remove found threats
    Scan potentially unwanted applications
    Scan for potentially unsafe applications
    Enable Anti-Stealth technology
  • Once the scan is done, if anything was found, click List of found threats, and then Export to text file..., and save the log to your desktop.
  • Click << Back, and then Finish. If you have to reboot, do so immediately.
  • After ESET finishes scanning and removing threats, copy and paste the log into your reply.

Junkware Removal Tool

I need you to run a scan with Junkware Removal Tool.

  • Download JRT from here, and save it to your desktop.
  • Double click the file to open it, and hit any key as per the instructions of the popped up window.
  • Once the scan is done, copy and paste the contents of the resulting log into your reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#8 tobyo

tobyo
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 25 December 2012 - 12:06 PM

well, screen saver still isn't working so maybe there's more to be found. back later with scan logs. thanks!

#9 tobyo

tobyo
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 25 December 2012 - 01:44 PM

SAS log:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/25/2012 at 12:18 PM

Application Version : 5.6.1014

Core Rules Database Version : 9786
Trace Rules Database Version: 7598

Scan type : Complete Scan
Total Scan Time : 01:05:46

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 719
Memory threats detected : 0
Registry items scanned : 71414
Registry threats detected : 0
File items scanned : 44238
File threats detected : 179

Adware.Tracking Cookie
C:\Users\Toby\AppData\Roaming\Microsoft\Windows\Cookies\toby@atdmt[2].txt [ /atdmt ]
C:\Users\Toby\AppData\Roaming\Microsoft\Windows\Cookies\NUZUJDVX.txt [ /accounts.google.com ]
C:\Users\Toby\AppData\Roaming\Microsoft\Windows\Cookies\QG8J1X2L.txt [ /doubleclick.net ]
C:\USERS\TOBY\AppData\Roaming\Microsoft\Windows\Cookies\Low\toby@c.atdmt[2].txt [ Cookie:toby@c.atdmt.com/ ]
C:\USERS\TOBY\AppData\Roaming\Microsoft\Windows\Cookies\Low\toby@atdmt[2].txt [ Cookie:toby@atdmt.com/ ]
C:\USERS\TOBY\Cookies\toby@atdmt[2].txt [ Cookie:toby@atdmt.com/ ]
C:\USERS\TOBY\Cookies\NUZUJDVX.txt [ Cookie:toby@accounts.google.com/ ]
.imrworldwide.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.flagcounter.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adx.investopedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtech.de [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.technoratimedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.accountingcoach.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accountingcoach.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accountingcoach.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accountingcoach.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accountingcoach.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nandomedia.112.2o7.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.weborama.fr [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.digital.solution.weborama.fr [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.digital.solution.weborama.fr [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.digital.solution.weborama.fr [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.digital.solution.weborama.fr [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ad.mlnadvertising.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adcontent.saymedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.adform.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adform.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.prisacom.112.2o7.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
mediaservices-d.openxenterprise.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.saymedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
insight.torbit.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kanoodle.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hoovers.122.2o7.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kaspersky.122.2o7.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\TOBY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\TOBY\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\TOBY@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]

#10 tobyo

tobyo
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 25 December 2012 - 09:29 PM

ESET scanner took a long, long time to scan. perhaps due to the issue I am having with this machine: the screen goes dark after about 5-10 minutes so I tried to "babysit" it as much as possible today but with making dinner, then eating and well.....the thing was 94% complete after 7.5 hours and I killed it because I needed my machine. after being 94% complete it found no threats.

so....new day tomorrow....do I bother rerunning ESET scan or go on with the other one?

thanks!

#11 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,284 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:06:35 AM

Posted 25 December 2012 - 11:31 PM

Hi,

Go ahead and run the other one, though at this point I don't think it's malware.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#12 tobyo

tobyo
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 26 December 2012 - 07:39 AM

hmmmm, well, upon clicking on your link for JRT I got a pop-up that said "this file appears malicious"?? Should that happen? I tried it twice, discarded it and didn't go further.

so, if it's not malware, what do you think it is? Screen saver still isn't working correctly.

Edited by tobyo, 26 December 2012 - 07:40 AM.


#13 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,284 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:06:35 AM

Posted 26 December 2012 - 09:00 AM

Hi,

JRT is a legit file, please bypass any warnings you're getting. :)

It could be a lot of things, like maybe corrupt system files. On that track, after you run JRT, I've got a few other things to run.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#14 tobyo

tobyo
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 26 December 2012 - 12:04 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.2.5 (12.24.2012:1)
OS: Windows 7 Home Premium x64
Ran by Toby on Wed 12/26/2012 at 10:16:57.79
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/26/2012 at 10:54:27.84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#15 tobyo

tobyo
  • Topic Starter

  • Members
  • 703 posts
  • OFFLINE
  •  
  • Local time:08:35 AM

Posted 26 December 2012 - 12:17 PM

Hi,

JRT is a legit file, please bypass any warnings you're getting. :)

It could be a lot of things, like maybe corrupt system files. On that track, after you run JRT, I've got a few other things to run.

Gunto


Done! awaiting further instructions. thanks!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users