Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keylogger or spyware?


  • Please log in to reply
10 replies to this topic

#1 adamdkennedy

adamdkennedy

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 31 January 2013 - 09:58 PM

Hello!

I have a problem with someone getting an email and iTunes account password. I think there might be a keylogger or spyware on this computer.

I've run an updated Malwarebytes and Microsoft security essentials scan and found nothing.

Do you have any recommendations on any other tool to try to confirm if there is anything?

thanks for your help!

Adam

BC AdBot (Login to Remove)

 


#2 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:04:48 AM

Posted 01 February 2013 - 06:12 AM

Hi, Adam! I'm going to try to help you out. :)

If you suspect your PC has a key-logger, then I'd highly advise typing in as little personal info as possible and changing all passwords when this infection is removed. :)

TDSSKiller

I need you to run a scan using TDSSKiller.

  • Download TDSSKiller from here, and save it to your desktop.
  • Double click the file to launch the program. Once the program starts, click Start Scan. Don't change any default scan settings.
  • Once the scan is finished, you'll find a log in your root drive (usually C: ) that will start with TDSS in the file name, please copy and paste it into your reply.

Malwarebytes

I need you to run a scan with Malwarebytes Anti-Malware.

  • Double-click the MBAM shortcut on your desktop to open MBAM.
  • Click the Update tab, and check for updates. If a new version of MBAM is included in the update, follow the prompts and install it.
  • Once the program is done updating, select the Perform full scan option on the main interface. Then click the Scan button, hit Scan, and let the scan run.
  • Once the scan is finished, a log will pop up. If any malware was found, click the Show Results button, and make sure everything present is checked and click Remove Selected. If MBAM asks you to reboot, do so immediately. Either way, please copy and paste the log into your reply. If your PC is rebooted, you can find the log by opening up MBAM and going to the Logs tab.

AdwCleaner

I need you to run AdwCleaner to see if it removes anything.

  • Download AdwCleaner from here, and save it to your desktop.
  • Close all open programs.
  • Open the file on your desktop, and click the Delete button. Confirm operations at every prompt. Your PC will be rebooted after the final prompt.
  • Once rebooted, a text file will open up. Please copy and paste it into your reply.

RogueKiller

I need you to run RogueKiller to see if it removes anything.

  • Download RogueKiller from here, and save it to your desktop.
  • Close all open programs.
  • Double click the file on your desktop. Once the automatic check completes, hit the Scan button.
  • Once the full scan has finished, click on the Delete button. Once it's done removing things, open the newest log on your desktop (should be called RKreport[2].txt) and copy and paste it into your reply.

Please tell me how the PC is running in your next reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#3 adamdkennedy

adamdkennedy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 02 February 2013 - 10:31 PM

Good evening!

The PC is working fine. Any "password needed" activity has been stopped on the machine, so no worries there :)

Here is the requested information:

TDSSKiller

19:49:37.0973 4820 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
19:49:38.0485 4820 ============================================================
19:49:38.0485 4820 Current date / time: 2013/02/01 19:49:38.0485
19:49:38.0485 4820 SystemInfo:
19:49:38.0485 4820
19:49:38.0485 4820 OS Version: 6.1.7600 ServicePack: 0.0
19:49:38.0485 4820 Product type: Workstation
19:49:38.0486 4820 ComputerName: CASSIE-PC
19:49:38.0487 4820 UserName: Cassie
19:49:38.0487 4820 Windows directory: C:\Windows
19:49:38.0487 4820 System windows directory: C:\Windows
19:49:38.0487 4820 Processor architecture: Intel x86
19:49:38.0487 4820 Number of processors: 2
19:49:38.0487 4820 Page size: 0x1000
19:49:38.0487 4820 Boot type: Normal boot
19:49:38.0487 4820 ============================================================
19:49:46.0014 4820 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:49:46.0053 4820 ============================================================
19:49:46.0053 4820 \Device\Harddisk0\DR0:
19:49:46.0055 4820 MBR partitions:
19:49:46.0055 4820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
19:49:46.0055 4820 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x1B792800
19:49:46.0055 4820 ============================================================
19:49:46.0098 4820 C: <-> \Device\Harddisk0\DR0\Partition2
19:49:46.0143 4820 ============================================================
19:49:46.0143 4820 Initialize success
19:49:46.0143 4820 ============================================================
19:50:00.0413 4884 ============================================================
19:50:00.0414 4884 Scan started
19:50:00.0414 4884 Mode: Manual;
19:50:00.0414 4884 ============================================================
19:50:00.0572 4884 ================ Scan system memory ========================
19:50:00.0573 4884 System memory - ok
19:50:00.0574 4884 ================ Scan services =============================
19:50:00.0898 4884 [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:50:00.0905 4884 1394ohci - ok
19:50:00.0942 4884 [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:50:00.0951 4884 ACPI - ok
19:50:00.0986 4884 [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:50:00.0990 4884 AcpiPmi - ok
19:50:01.0052 4884 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:50:01.0063 4884 adp94xx - ok
19:50:01.0125 4884 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:50:01.0134 4884 adpahci - ok
19:50:01.0218 4884 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:50:01.0228 4884 adpu320 - ok
19:50:01.0317 4884 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:50:01.0320 4884 AeLookupSvc - ok
19:50:01.0378 4884 [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD C:\Windows\system32\drivers\afd.sys
19:50:01.0388 4884 AFD - ok
19:50:01.0430 4884 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
19:50:01.0436 4884 agp440 - ok
19:50:01.0506 4884 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:50:01.0510 4884 aic78xx - ok
19:50:01.0578 4884 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:50:01.0581 4884 ALG - ok
19:50:01.0630 4884 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
19:50:01.0634 4884 aliide - ok
19:50:01.0676 4884 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:50:01.0682 4884 amdagp - ok
19:50:01.0729 4884 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
19:50:01.0733 4884 amdide - ok
19:50:01.0769 4884 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:50:01.0774 4884 AmdK8 - ok
19:50:01.0797 4884 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:50:01.0800 4884 AmdPPM - ok
19:50:01.0842 4884 [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:50:01.0847 4884 amdsata - ok
19:50:01.0890 4884 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:50:01.0895 4884 amdsbs - ok
19:50:01.0923 4884 [ B81C2B5616F6420A9941EA093A92B150 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:50:01.0927 4884 amdxata - ok
19:50:01.0975 4884 [ FEB834C02CE1E84B6A38F953CA067706 ] AppID C:\Windows\system32\drivers\appid.sys
19:50:01.0978 4884 AppID - ok
19:50:02.0023 4884 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:50:02.0029 4884 AppIDSvc - ok
19:50:02.0054 4884 [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo C:\Windows\System32\appinfo.dll
19:50:02.0057 4884 Appinfo - ok
19:50:02.0235 4884 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:50:02.0240 4884 Apple Mobile Device - ok
19:50:02.0290 4884 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
19:50:02.0296 4884 arc - ok
19:50:02.0316 4884 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:50:02.0324 4884 arcsas - ok
19:50:02.0368 4884 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:50:02.0371 4884 AsyncMac - ok
19:50:02.0406 4884 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
19:50:02.0410 4884 atapi - ok
19:50:02.0514 4884 [ 8D6E8178AB4379C932C34A109D27C5A9 ] athr C:\Windows\system32\DRIVERS\athr.sys
19:50:02.0570 4884 athr - ok
19:50:02.0649 4884 [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:50:02.0660 4884 AudioEndpointBuilder - ok
19:50:02.0683 4884 [ 510C873BFA135AA829F4180352772734 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:50:02.0693 4884 Audiosrv - ok
19:50:02.0744 4884 [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:50:02.0748 4884 AxInstSV - ok
19:50:02.0808 4884 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
19:50:02.0819 4884 b06bdrv - ok
19:50:02.0873 4884 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:50:02.0879 4884 b57nd60x - ok
19:50:02.0935 4884 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:50:02.0940 4884 BDESVC - ok
19:50:02.0962 4884 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:50:02.0966 4884 Beep - ok
19:50:03.0021 4884 [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE C:\Windows\System32\bfe.dll
19:50:03.0032 4884 BFE - ok
19:50:03.0080 4884 [ 53F476476F55A27F580661BDE09C4EC4 ] BITS C:\Windows\System32\qmgr.dll
19:50:03.0149 4884 BITS - ok
19:50:03.0192 4884 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:50:03.0196 4884 blbdrive - ok
19:50:03.0323 4884 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:50:03.0333 4884 Bonjour Service - ok
19:50:03.0377 4884 [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:50:03.0382 4884 bowser - ok
19:50:03.0448 4884 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:50:03.0451 4884 BrFiltLo - ok
19:50:03.0498 4884 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:50:03.0502 4884 BrFiltUp - ok
19:50:03.0578 4884 [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser C:\Windows\System32\browser.dll
19:50:03.0584 4884 Browser - ok
19:50:03.0620 4884 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:50:03.0629 4884 Brserid - ok
19:50:03.0654 4884 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:50:03.0659 4884 BrSerWdm - ok
19:50:03.0687 4884 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:50:03.0692 4884 BrUsbMdm - ok
19:50:03.0706 4884 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:50:03.0713 4884 BrUsbSer - ok
19:50:03.0738 4884 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:50:03.0743 4884 BTHMODEM - ok
19:50:03.0804 4884 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:50:03.0808 4884 bthserv - ok
19:50:03.0857 4884 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:50:03.0862 4884 cdfs - ok
19:50:03.0901 4884 [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:50:03.0905 4884 cdrom - ok
19:50:03.0961 4884 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc C:\Windows\System32\certprop.dll
19:50:03.0965 4884 CertPropSvc - ok
19:50:04.0000 4884 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
19:50:04.0005 4884 circlass - ok
19:50:04.0035 4884 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:50:04.0042 4884 CLFS - ok
19:50:04.0152 4884 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:50:04.0163 4884 clr_optimization_v2.0.50727_32 - ok
19:50:04.0202 4884 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:50:04.0245 4884 CmBatt - ok
19:50:04.0271 4884 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:50:04.0274 4884 cmdide - ok
19:50:04.0340 4884 [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG C:\Windows\system32\Drivers\cng.sys
19:50:04.0349 4884 CNG - ok
19:50:04.0393 4884 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:50:04.0400 4884 Compbatt - ok
19:50:04.0445 4884 [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:50:04.0448 4884 CompositeBus - ok
19:50:04.0482 4884 COMSysApp - ok
19:50:04.0516 4884 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:50:04.0520 4884 crcdisk - ok
19:50:04.0598 4884 [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:50:04.0604 4884 CryptSvc - ok
19:50:04.0654 4884 [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch C:\Windows\system32\rpcss.dll
19:50:04.0667 4884 DcomLaunch - ok
19:50:04.0706 4884 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:50:04.0714 4884 defragsvc - ok
19:50:04.0763 4884 [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:50:04.0767 4884 DfsC - ok
19:50:04.0820 4884 [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:50:04.0827 4884 Dhcp - ok
19:50:04.0863 4884 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:50:04.0867 4884 discache - ok
19:50:04.0909 4884 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
19:50:04.0923 4884 Disk - ok
19:50:04.0965 4884 [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:50:04.0971 4884 Dnscache - ok
19:50:05.0017 4884 [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc C:\Windows\System32\dot3svc.dll
19:50:05.0026 4884 dot3svc - ok
19:50:05.0055 4884 [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS C:\Windows\system32\dps.dll
19:50:05.0062 4884 DPS - ok
19:50:05.0119 4884 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:50:05.0123 4884 drmkaud - ok
19:50:05.0220 4884 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1 ] DsiWMIService C:\Program Files\Launch Manager\dsiwmis.exe
19:50:05.0657 4884 DsiWMIService - ok
19:50:05.0710 4884 [ C94B6C3CC628179CB9B9061C19888B99 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:50:05.0731 4884 DXGKrnl - ok
19:50:05.0785 4884 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:50:05.0791 4884 EapHost - ok
19:50:05.0920 4884 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
19:50:06.0014 4884 ebdrv - ok
19:50:06.0049 4884 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS C:\Windows\System32\lsass.exe
19:50:06.0055 4884 EFS - ok
19:50:06.0109 4884 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:50:06.0120 4884 elxstor - ok
19:50:06.0246 4884 [ 2609A5B13DE9B2EEB38F3A83A406D079 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:50:06.0267 4884 ePowerSvc - ok
19:50:06.0291 4884 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:50:06.0294 4884 ErrDev - ok
19:50:06.0375 4884 [ 4FAB8DFAF156E048AD514EABD268AB3A ] EUCR C:\Windows\system32\DRIVERS\EUCR6SK.SYS
19:50:06.0380 4884 EUCR - ok
19:50:06.0437 4884 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:50:06.0445 4884 EventSystem - ok
19:50:06.0487 4884 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:50:06.0492 4884 exfat - ok
19:50:06.0521 4884 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:50:06.0528 4884 fastfat - ok
19:50:06.0569 4884 [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax C:\Windows\system32\fxssvc.exe
19:50:06.0588 4884 Fax - ok
19:50:06.0638 4884 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
19:50:06.0643 4884 fdc - ok
19:50:06.0673 4884 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:50:06.0677 4884 fdPHost - ok
19:50:06.0696 4884 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:50:06.0702 4884 FDResPub - ok
19:50:06.0724 4884 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:50:06.0728 4884 FileInfo - ok
19:50:06.0748 4884 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:50:06.0751 4884 Filetrace - ok
19:50:06.0809 4884 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:50:06.0812 4884 flpydisk - ok
19:50:06.0848 4884 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:50:06.0854 4884 FltMgr - ok
19:50:06.0905 4884 [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache C:\Windows\system32\FntCache.dll
19:50:06.0937 4884 FontCache - ok
19:50:07.0006 4884 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:50:07.0010 4884 FontCache3.0.0.0 - ok
19:50:07.0054 4884 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:50:07.0058 4884 FsDepends - ok
19:50:07.0122 4884 [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:50:07.0125 4884 Fs_Rec - ok
19:50:07.0162 4884 [ 5592F5DBA26282D24D2B080EB438A4D7 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:50:07.0168 4884 fvevol - ok
19:50:07.0213 4884 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:50:07.0217 4884 gagp30kx - ok
19:50:07.0305 4884 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files\Acer Games\Acer Game Console\GameConsoleService.exe
19:50:07.0317 4884 GameConsoleService - ok
19:50:07.0381 4884 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:50:07.0385 4884 GEARAspiWDM - ok
19:50:07.0459 4884 [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc C:\Windows\System32\gpsvc.dll
19:50:07.0478 4884 gpsvc - ok
19:50:07.0569 4884 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files\Acer\Registration\GREGsvc.exe
19:50:07.0573 4884 GREGService - ok
19:50:07.0654 4884 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:50:07.0658 4884 gupdate - ok
19:50:07.0674 4884 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:50:07.0677 4884 gupdatem - ok
19:50:07.0730 4884 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:50:07.0737 4884 gusvc - ok
19:50:07.0773 4884 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:50:07.0777 4884 hcw85cir - ok
19:50:07.0841 4884 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:50:07.0863 4884 HdAudAddService - ok
19:50:07.0902 4884 [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:50:07.0907 4884 HDAudBus - ok
19:50:07.0937 4884 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:50:07.0941 4884 HidBatt - ok
19:50:07.0972 4884 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:50:07.0977 4884 HidBth - ok
19:50:07.0999 4884 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:50:08.0006 4884 HidIr - ok
19:50:08.0042 4884 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
19:50:08.0049 4884 hidserv - ok
19:50:08.0094 4884 [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:50:08.0098 4884 HidUsb - ok
19:50:08.0148 4884 [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:50:08.0158 4884 hkmsvc - ok
19:50:08.0188 4884 [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:50:08.0199 4884 HomeGroupListener - ok
19:50:08.0244 4884 [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:50:08.0254 4884 HomeGroupProvider - ok
19:50:08.0300 4884 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:50:08.0304 4884 HpSAMD - ok
19:50:08.0356 4884 [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:50:08.0373 4884 HTTP - ok
19:50:08.0414 4884 [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:50:08.0417 4884 hwpolicy - ok
19:50:08.0472 4884 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:50:08.0477 4884 i8042prt - ok
19:50:08.0574 4884 [ 660BF3255A1EB18ED803FD2FBA6AE400 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
19:50:08.0609 4884 IAANTMON - ok
19:50:08.0673 4884 [ 0BAA4115DFFFD6A6D809A89D65E1281A ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:50:08.0678 4884 iaStor - ok
19:50:08.0733 4884 [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:50:08.0743 4884 iaStorV - ok
19:50:08.0810 4884 [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:50:08.0845 4884 idsvc - ok
19:50:09.0023 4884 [ D0074897C6BC132F3980EA4654BF7FB9 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:50:09.0148 4884 igfx - ok
19:50:09.0191 4884 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:50:09.0195 4884 iirsp - ok
19:50:09.0264 4884 [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT C:\Windows\System32\ikeext.dll
19:50:09.0299 4884 IKEEXT - ok
19:50:09.0454 4884 [ 2A1ACEC9DA72B39188F007437DA3B008 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:50:09.0531 4884 IntcAzAudAddService - ok
19:50:09.0575 4884 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
19:50:09.0578 4884 intelide - ok
19:50:09.0608 4884 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:50:09.0612 4884 intelppm - ok
19:50:09.0647 4884 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:50:09.0655 4884 IPBusEnum - ok
19:50:09.0680 4884 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:50:09.0685 4884 IpFilterDriver - ok
19:50:09.0732 4884 [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:50:09.0751 4884 iphlpsvc - ok
19:50:09.0773 4884 [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:50:09.0778 4884 IPMIDRV - ok
19:50:09.0800 4884 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:50:09.0806 4884 IPNAT - ok
19:50:09.0879 4884 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:50:09.0912 4884 iPod Service - ok
19:50:09.0963 4884 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:50:09.0967 4884 IRENUM - ok
19:50:09.0998 4884 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:50:10.0002 4884 isapnp - ok
19:50:10.0026 4884 [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:50:10.0032 4884 iScsiPrt - ok
19:50:10.0075 4884 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:50:10.0080 4884 kbdclass - ok
19:50:10.0114 4884 [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:50:10.0119 4884 kbdhid - ok
19:50:10.0149 4884 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso C:\Windows\system32\lsass.exe
19:50:10.0154 4884 KeyIso - ok
19:50:10.0205 4884 [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:50:10.0209 4884 KSecDD - ok
19:50:10.0273 4884 [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:50:10.0278 4884 KSecPkg - ok
19:50:10.0331 4884 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:50:10.0343 4884 KtmRm - ok
19:50:10.0404 4884 [ 12DE252A44C344A7A044B3C1190DF63B ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
19:50:10.0408 4884 L1C - ok
19:50:10.0468 4884 [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer C:\Windows\system32\srvsvc.dll
19:50:10.0512 4884 LanmanServer - ok
19:50:10.0560 4884 [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:50:10.0580 4884 LanmanWorkstation - ok
19:50:10.0859 4884 [ 4CCC8AABE7880C56BA10043B8FBCA3EB ] LeapFrog Connect Device Service C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
19:50:11.0422 4884 LeapFrog Connect Device Service - ok
19:50:11.0538 4884 [ 5CFFDA921FE0C9E9EBDE3150D3C81594 ] Leapfrog-USBLAN C:\Windows\system32\DRIVERS\btblan.sys
19:50:11.0541 4884 Leapfrog-USBLAN - ok
19:50:11.0660 4884 [ B280C4608AC389DA9515A35AC4CAB0FD ] libusb0 C:\Windows\system32\drivers\libusb0.sys
19:50:11.0707 4884 libusb0 - ok
19:50:11.0771 4884 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:50:11.0775 4884 lltdio - ok
19:50:11.0833 4884 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:50:11.0842 4884 lltdsvc - ok
19:50:11.0865 4884 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:50:11.0871 4884 lmhosts - ok
19:50:11.0917 4884 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:50:11.0922 4884 LSI_FC - ok
19:50:11.0937 4884 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:50:11.0943 4884 LSI_SAS - ok
19:50:11.0969 4884 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:50:11.0974 4884 LSI_SAS2 - ok
19:50:11.0990 4884 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:50:11.0996 4884 LSI_SCSI - ok
19:50:12.0036 4884 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:50:12.0042 4884 luafv - ok
19:50:12.0122 4884 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:50:12.0126 4884 MBAMProtector - ok
19:50:12.0248 4884 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:50:12.0257 4884 MBAMScheduler - ok
19:50:12.0333 4884 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:50:12.0349 4884 MBAMService - ok
19:50:12.0380 4884 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
19:50:12.0385 4884 megasas - ok
19:50:12.0412 4884 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:50:12.0419 4884 MegaSR - ok
19:50:12.0465 4884 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:50:12.0472 4884 MMCSS - ok
19:50:12.0497 4884 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:50:12.0500 4884 Modem - ok
19:50:12.0538 4884 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:50:12.0541 4884 monitor - ok
19:50:12.0566 4884 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:50:12.0570 4884 mouclass - ok
19:50:12.0603 4884 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:50:12.0607 4884 mouhid - ok
19:50:12.0643 4884 [ 921C18727C5920D6C0300736646931C2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:50:12.0647 4884 mountmgr - ok
19:50:12.0714 4884 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:50:12.0719 4884 MpFilter - ok
19:50:12.0749 4884 [ 2AF5997438C55FB79D33D015C30E1974 ] mpio C:\Windows\system32\drivers\mpio.sys
19:50:12.0754 4884 mpio - ok
19:50:12.0973 4884 [ A69630D039C38018689190234F866D77 ] MpKsl9ecf2cc2 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6E17BCAA-00B0-4155-918E-48EC5CC6BFEC}\MpKsl9ecf2cc2.sys
19:50:12.0974 4884 MpKsl9ecf2cc2 - ok
19:50:13.0020 4884 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:50:13.0024 4884 mpsdrv - ok
19:50:13.0069 4884 [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc C:\Windows\system32\mpssvc.dll
19:50:13.0092 4884 MpsSvc - ok
19:50:13.0123 4884 [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:50:13.0131 4884 MRxDAV - ok
19:50:13.0179 4884 [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:50:13.0184 4884 mrxsmb - ok
19:50:13.0235 4884 [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:50:13.0242 4884 mrxsmb10 - ok
19:50:13.0262 4884 [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:50:13.0268 4884 mrxsmb20 - ok
19:50:13.0323 4884 [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci C:\Windows\system32\drivers\msahci.sys
19:50:13.0328 4884 msahci - ok
19:50:13.0372 4884 [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:50:13.0377 4884 msdsm - ok
19:50:13.0436 4884 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:50:13.0445 4884 MSDTC - ok
19:50:13.0490 4884 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:50:13.0493 4884 Msfs - ok
19:50:13.0539 4884 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:50:13.0544 4884 mshidkmdf - ok
19:50:13.0559 4884 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:50:13.0564 4884 msisadrv - ok
19:50:13.0636 4884 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:50:13.0644 4884 MSiSCSI - ok
19:50:13.0659 4884 msiserver - ok
19:50:13.0700 4884 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:50:13.0703 4884 MSKSSRV - ok
19:50:13.0783 4884 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:50:13.0785 4884 MsMpSvc - ok
19:50:13.0845 4884 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:50:13.0849 4884 MSPCLOCK - ok
19:50:13.0879 4884 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:50:13.0882 4884 MSPQM - ok
19:50:13.0908 4884 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:50:13.0914 4884 MsRPC - ok
19:50:13.0946 4884 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:50:13.0950 4884 mssmbios - ok
19:50:13.0980 4884 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:50:13.0983 4884 MSTEE - ok
19:50:14.0016 4884 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:50:14.0019 4884 MTConfig - ok
19:50:14.0047 4884 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:50:14.0052 4884 Mup - ok
19:50:14.0102 4884 [ CB47C414E083CA6E50E634B148F28F64 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:50:14.0106 4884 mwlPSDFilter - ok
19:50:14.0133 4884 [ 647B953019559BFF07536F5C6121F333 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:50:14.0137 4884 mwlPSDNServ - ok
19:50:14.0159 4884 [ 5A236A36DB8687D1E64DC81C03EAABE1 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:50:14.0164 4884 mwlPSDVDisk - ok
19:50:14.0252 4884 [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService C:\Program Files\EgisTec MyWinLocker\x86\MWLService.exe
19:50:14.0260 4884 MWLService - ok
19:50:14.0308 4884 [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent C:\Windows\system32\qagentRT.dll
19:50:14.0320 4884 napagent - ok
19:50:14.0382 4884 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:50:14.0390 4884 NativeWifiP - ok
19:50:14.0437 4884 [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:50:14.0457 4884 NDIS - ok
19:50:14.0483 4884 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:50:14.0487 4884 NdisCap - ok
19:50:14.0516 4884 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:50:14.0519 4884 NdisTapi - ok
19:50:14.0548 4884 [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:50:14.0562 4884 Ndisuio - ok
19:50:14.0582 4884 [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:50:14.0590 4884 NdisWan - ok
19:50:14.0614 4884 [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:50:14.0619 4884 NDProxy - ok
19:50:14.0642 4884 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:50:14.0647 4884 NetBIOS - ok
19:50:14.0674 4884 [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:50:14.0681 4884 NetBT - ok
19:50:14.0704 4884 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon C:\Windows\system32\lsass.exe
19:50:14.0709 4884 Netlogon - ok
19:50:14.0768 4884 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:50:14.0778 4884 Netman - ok
19:50:14.0807 4884 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:50:14.0820 4884 netprofm - ok
19:50:14.0862 4884 [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:50:14.0867 4884 NetTcpPortSharing - ok
19:50:14.0926 4884 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:50:14.0930 4884 nfrd960 - ok
19:50:14.0993 4884 [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:50:14.0997 4884 NisDrv - ok
19:50:15.0041 4884 [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:50:15.0048 4884 NisSrv - ok
19:50:15.0092 4884 [ 2226496E34BD40734946A054B1CD657F ] NlaSvc C:\Windows\System32\nlasvc.dll
19:50:15.0106 4884 NlaSvc - ok
19:50:15.0230 4884 [ A634584C506F2C82680039371AA1772C ] NOBU C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
19:50:15.0312 4884 NOBU - ok
19:50:15.0341 4884 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:50:15.0346 4884 Npfs - ok
19:50:15.0399 4884 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:50:15.0406 4884 nsi - ok
19:50:15.0424 4884 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:50:15.0427 4884 nsiproxy - ok
19:50:15.0505 4884 [ 3795DCD21F740EE799FB7223234215AF ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:50:15.0538 4884 Ntfs - ok
19:50:15.0561 4884 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:50:15.0566 4884 Null - ok
19:50:15.0610 4884 [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:50:15.0618 4884 nvraid - ok
19:50:15.0649 4884 [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:50:15.0655 4884 nvstor - ok
19:50:15.0678 4884 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:50:15.0684 4884 nv_agp - ok
19:50:15.0819 4884 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:50:15.0830 4884 odserv - ok
19:50:15.0905 4884 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:50:15.0910 4884 ohci1394 - ok
19:50:15.0944 4884 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:50:15.0950 4884 ose - ok
19:50:16.0011 4884 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:50:16.0023 4884 p2pimsvc - ok
19:50:16.0082 4884 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:50:16.0102 4884 p2psvc - ok
19:50:16.0142 4884 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
19:50:16.0148 4884 Parport - ok
19:50:16.0194 4884 [ 66D3415C159741ADE7038A277EFFF99F ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:50:16.0198 4884 partmgr - ok
19:50:16.0226 4884 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:50:16.0230 4884 Parvdm - ok
19:50:16.0270 4884 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:50:16.0280 4884 PcaSvc - ok
19:50:16.0302 4884 [ C858CB77C577780ECC456A892E7E7D0F ] pci C:\Windows\system32\drivers\pci.sys
19:50:16.0308 4884 pci - ok
19:50:16.0336 4884 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
19:50:16.0341 4884 pciide - ok
19:50:16.0375 4884 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:50:16.0384 4884 pcmcia - ok
19:50:16.0416 4884 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:50:16.0420 4884 pcw - ok
19:50:16.0479 4884 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:50:16.0495 4884 PEAUTH - ok
19:50:16.0603 4884 [ 9C1BFF7910C89A1D12E57343475840CB ] pla C:\Windows\system32\pla.dll
19:50:16.0666 4884 pla - ok
19:50:16.0713 4884 [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:50:16.0726 4884 PlugPlay - ok
19:50:16.0746 4884 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:50:16.0762 4884 PNRPAutoReg - ok
19:50:16.0788 4884 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:50:16.0797 4884 PNRPsvc - ok
19:50:16.0851 4884 [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:50:16.0862 4884 PolicyAgent - ok
19:50:16.0917 4884 [ DBFF83F709A91049621C1D35DD45C92C ] Power C:\Windows\system32\umpo.dll
19:50:16.0928 4884 Power - ok
19:50:16.0987 4884 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:50:16.0991 4884 PptpMiniport - ok
19:50:17.0024 4884 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
19:50:17.0030 4884 Processor - ok
19:50:17.0081 4884 [ 630CF26F0227498B7D5A92B12548960F ] ProfSvc C:\Windows\system32\profsvc.dll
19:50:17.0090 4884 ProfSvc - ok
19:50:17.0115 4884 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:50:17.0122 4884 ProtectedStorage - ok
19:50:17.0165 4884 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:50:17.0170 4884 Psched - ok
19:50:17.0244 4884 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:50:17.0291 4884 ql2300 - ok
19:50:17.0338 4884 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:50:17.0343 4884 ql40xx - ok
19:50:17.0403 4884 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:50:17.0414 4884 QWAVE - ok
19:50:17.0435 4884 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:50:17.0440 4884 QWAVEdrv - ok
19:50:17.0464 4884 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:50:17.0468 4884 RasAcd - ok
19:50:17.0513 4884 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:50:17.0517 4884 RasAgileVpn - ok
19:50:17.0546 4884 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:50:17.0555 4884 RasAuto - ok
19:50:17.0594 4884 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:50:17.0598 4884 Rasl2tp - ok
19:50:17.0635 4884 [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan C:\Windows\System32\rasmans.dll
19:50:17.0657 4884 RasMan - ok
19:50:17.0686 4884 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:50:17.0690 4884 RasPppoe - ok
19:50:17.0710 4884 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:50:17.0715 4884 RasSstp - ok
19:50:17.0744 4884 [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:50:17.0751 4884 rdbss - ok
19:50:17.0806 4884 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:50:17.0810 4884 rdpbus - ok
19:50:17.0836 4884 [ 1E016846895B15A99F9A176A05029075 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:50:17.0840 4884 RDPCDD - ok
19:50:17.0882 4884 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:50:17.0885 4884 RDPENCDD - ok
19:50:17.0914 4884 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:50:17.0919 4884 RDPREFMP - ok
19:50:17.0983 4884 [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:50:17.0991 4884 RDPWD - ok
19:50:18.0036 4884 [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:50:18.0043 4884 rdyboost - ok
19:50:18.0080 4884 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:50:18.0087 4884 RemoteAccess - ok
19:50:18.0133 4884 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:50:18.0144 4884 RemoteRegistry - ok
19:50:18.0206 4884 [ 616EAC1B0E48B236A5A9B8AE07FDB81C ] RimUsb C:\Windows\system32\Drivers\RimUsb.sys
19:50:18.0211 4884 RimUsb - ok
19:50:18.0269 4884 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial.sys
19:50:18.0273 4884 RimVSerPort - ok
19:50:18.0313 4884 [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
19:50:18.0317 4884 ROOTMODEM - ok
19:50:18.0372 4884 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:50:18.0380 4884 RpcEptMapper - ok
19:50:18.0429 4884 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:50:18.0437 4884 RpcLocator - ok
19:50:18.0476 4884 [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs C:\Windows\system32\rpcss.dll
19:50:18.0486 4884 RpcSs - ok
19:50:18.0537 4884 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:50:18.0541 4884 rspndr - ok
19:50:18.0622 4884 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files\Acer\Acer VCM\RS_Service.exe
19:50:18.0630 4884 RS_Service - ok
19:50:18.0659 4884 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs C:\Windows\system32\lsass.exe
19:50:18.0666 4884 SamSs - ok
19:50:18.0702 4884 [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:50:18.0707 4884 sbp2port - ok
19:50:18.0752 4884 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:50:18.0764 4884 SCardSvr - ok
19:50:18.0811 4884 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:50:18.0816 4884 scfilter - ok
19:50:18.0877 4884 [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule C:\Windows\system32\schedsvc.dll
19:50:18.0911 4884 Schedule - ok
19:50:18.0938 4884 [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:50:18.0941 4884 SCPolicySvc - ok
19:50:18.0982 4884 [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:50:18.0992 4884 SDRSVC - ok
19:50:19.0036 4884 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:50:19.0040 4884 secdrv - ok
19:50:19.0069 4884 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:50:19.0097 4884 seclogon - ok
19:50:19.0126 4884 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
19:50:19.0135 4884 SENS - ok
19:50:19.0170 4884 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
19:50:19.0175 4884 Serenum - ok
19:50:19.0231 4884 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
19:50:19.0238 4884 Serial - ok
19:50:19.0258 4884 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:50:19.0262 4884 sermouse - ok
19:50:19.0325 4884 [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv C:\Windows\system32\sessenv.dll
19:50:19.0336 4884 SessionEnv - ok
19:50:19.0363 4884 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:50:19.0368 4884 sffdisk - ok
19:50:19.0392 4884 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:50:19.0395 4884 sffp_mmc - ok
19:50:19.0423 4884 [ A0708BBD07D245C06FF9DE549CA47185 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:50:19.0429 4884 sffp_sd - ok
19:50:19.0459 4884 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:50:19.0463 4884 sfloppy - ok
19:50:19.0495 4884 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:50:19.0505 4884 SharedAccess - ok
19:50:19.0555 4884 [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:50:19.0569 4884 ShellHWDetection - ok
19:50:19.0627 4884 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:50:19.0633 4884 sisagp - ok
19:50:19.0667 4884 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:50:19.0671 4884 SiSRaid2 - ok
19:50:19.0704 4884 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:50:19.0710 4884 SiSRaid4 - ok
19:50:19.0794 4884 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:50:19.0802 4884 SkypeUpdate - ok
19:50:19.0843 4884 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:50:19.0847 4884 Smb - ok
19:50:19.0905 4884 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:50:19.0914 4884 SNMPTRAP - ok
19:50:19.0946 4884 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:50:19.0951 4884 spldr - ok
19:50:20.0007 4884 [ D1BB750EB51694DE183E08B9C33BE5B2 ] Spooler C:\Windows\System32\spoolsv.exe
19:50:20.0021 4884 Spooler - ok
19:50:20.0131 4884 [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc C:\Windows\system32\sppsvc.exe
19:50:20.0220 4884 sppsvc - ok
19:50:20.0253 4884 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:50:20.0264 4884 sppuinotify - ok
19:50:20.0310 4884 [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:50:20.0318 4884 srv - ok
19:50:20.0345 4884 [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:50:20.0353 4884 srv2 - ok
19:50:20.0385 4884 [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:50:20.0390 4884 srvnet - ok
19:50:20.0415 4884 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:50:20.0426 4884 SSDPSRV - ok
19:50:20.0450 4884 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:50:20.0462 4884 SstpSvc - ok
19:50:20.0497 4884 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:50:20.0502 4884 stexstor - ok
19:50:20.0547 4884 [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc C:\Windows\System32\wiaservc.dll
19:50:20.0569 4884 StiSvc - ok
19:50:20.0593 4884 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
19:50:20.0597 4884 swenum - ok
19:50:20.0647 4884 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:50:20.0667 4884 swprv - ok
19:50:20.0720 4884 [ 5CDD124913E91C7F79B4D5CAE1C7C4DE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:50:20.0727 4884 SynTP - ok
19:50:20.0793 4884 [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain C:\Windows\system32\sysmain.dll
19:50:20.0838 4884 SysMain - ok
19:50:20.0864 4884 [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:50:20.0876 4884 TabletInputService - ok
19:50:20.0904 4884 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv C:\Windows\System32\tapisrv.dll
19:50:20.0918 4884 TapiSrv - ok
19:50:20.0947 4884 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:50:20.0959 4884 TBS - ok
19:50:21.0066 4884 [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:50:21.0110 4884 Tcpip - ok
19:50:21.0156 4884 [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:50:21.0171 4884 TCPIP6 - ok
19:50:21.0220 4884 [ E64444523ADD154F86567C469BC0B17F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:50:21.0224 4884 tcpipreg - ok
19:50:21.0274 4884 [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:50:21.0278 4884 TDPIPE - ok
19:50:21.0318 4884 [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:50:21.0323 4884 TDTCP - ok
19:50:21.0353 4884 [ CB39E896A2A83702D1737BFD402B3542 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:50:21.0358 4884 tdx - ok
19:50:21.0378 4884 [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:50:21.0382 4884 TermDD - ok
19:50:21.0438 4884 [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService C:\Windows\System32\termsrv.dll
19:50:21.0472 4884 TermService - ok
19:50:21.0493 4884 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:50:21.0502 4884 Themes - ok
19:50:21.0531 4884 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:50:21.0536 4884 THREADORDER - ok
19:50:21.0584 4884 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:50:21.0593 4884 TrkWks - ok
19:50:21.0661 4884 [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:50:21.0669 4884 TrustedInstaller - ok
19:50:21.0704 4884 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:50:21.0710 4884 tssecsrv - ok
19:50:21.0764 4884 [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:50:21.0769 4884 tunnel - ok
19:50:21.0792 4884 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:50:21.0799 4884 uagp35 - ok
19:50:21.0832 4884 [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:50:21.0841 4884 udfs - ok
19:50:21.0894 4884 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:50:21.0903 4884 UI0Detect - ok
19:50:21.0948 4884 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:50:21.0955 4884 uliagpkx - ok
19:50:22.0005 4884 [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:50:22.0009 4884 umbus - ok
19:50:22.0033 4884 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
19:50:22.0037 4884 UmPass - ok
19:50:22.0110 4884 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:50:22.0117 4884 Updater Service - ok
19:50:22.0169 4884 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:50:22.0182 4884 upnphost - ok
19:50:22.0239 4884 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
19:50:22.0244 4884 USBAAPL - ok
19:50:22.0281 4884 [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:50:22.0285 4884 usbccgp - ok
19:50:22.0317 4884 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:50:22.0322 4884 usbcir - ok
19:50:22.0353 4884 [ 0EEEDD78C2BEDAC75E8ED1BA8D77878B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:50:22.0357 4884 usbehci - ok
19:50:22.0411 4884 [ BA50148445E5B2B3ABDBA208FC9B6FB5 ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:50:22.0417 4884 usbhub - ok
19:50:22.0442 4884 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:50:22.0446 4884 usbohci - ok
19:50:22.0482 4884 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:50:22.0486 4884 usbprint - ok
19:50:22.0509 4884 [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:50:22.0514 4884 USBSTOR - ok
19:50:22.0540 4884 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:50:22.0543 4884 usbuhci - ok
19:50:22.0584 4884 [ B5F6A992D996282B7FAE7048E50AF83A ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:50:22.0590 4884 usbvideo - ok
19:50:22.0649 4884 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
19:50:22.0654 4884 usb_rndisx - ok
19:50:22.0700 4884 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:50:22.0711 4884 UxSms - ok
19:50:22.0738 4884 [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc C:\Windows\system32\lsass.exe
19:50:22.0742 4884 VaultSvc - ok
19:50:22.0785 4884 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:50:22.0789 4884 vdrvroot - ok
19:50:22.0838 4884 [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds C:\Windows\System32\vds.exe
19:50:22.0861 4884 vds - ok
19:50:22.0899 4884 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:50:22.0904 4884 vga - ok
19:50:22.0934 4884 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:50:22.0938 4884 VgaSave - ok
19:50:22.0966 4884 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:50:22.0973 4884 vhdmp - ok
19:50:23.0009 4884 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:50:23.0014 4884 viaagp - ok
19:50:23.0046 4884 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:50:23.0051 4884 ViaC7 - ok
19:50:23.0081 4884 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
19:50:23.0084 4884 viaide - ok
19:50:23.0113 4884 [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:50:23.0117 4884 volmgr - ok
19:50:23.0150 4884 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:50:23.0158 4884 volmgrx - ok
19:50:23.0197 4884 [ 59F06B4968E58BC83DFC56CA4517960E ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:50:23.0204 4884 volsnap - ok
19:50:23.0252 4884 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:50:23.0258 4884 vsmraid - ok
19:50:23.0333 4884 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS C:\Windows\system32\vssvc.exe
19:50:23.0378 4884 VSS - ok
19:50:23.0408 4884 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:50:23.0412 4884 vwifibus - ok
19:50:23.0462 4884 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:50:23.0467 4884 vwififlt - ok
19:50:23.0524 4884 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:50:23.0538 4884 W32Time - ok
19:50:23.0570 4884 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:50:23.0574 4884 WacomPen - ok
19:50:23.0619 4884 [ 692A712062146E96D28BA0B7D75DE31B ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:50:23.0625 4884 WANARP - ok
19:50:23.0637 4884 [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:50:23.0641 4884 Wanarpv6 - ok
19:50:23.0703 4884 [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine C:\Windows\system32\wbengine.exe
19:50:23.0759 4884 wbengine - ok
19:50:23.0789 4884 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:50:23.0802 4884 WbioSrvc - ok
19:50:23.0831 4884 [ D0F88AA11EE1A62BCC6D6A8A7783CA11 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:50:23.0853 4884 wcncsvc - ok
19:50:23.0875 4884 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:50:23.0887 4884 WcsPlugInService - ok
19:50:23.0917 4884 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
19:50:23.0921 4884 Wd - ok
19:50:23.0959 4884 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:50:23.0971 4884 Wdf01000 - ok
19:50:23.0999 4884 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:50:24.0009 4884 WdiServiceHost - ok
19:50:24.0023 4884 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:50:24.0034 4884 WdiSystemHost - ok
19:50:24.0072 4884 [ D87C7D2C517F82A5AB7A73E203063D9E ] WebClient C:\Windows\System32\webclnt.dll
19:50:24.0084 4884 WebClient - ok
19:50:24.0116 4884 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:50:24.0130 4884 Wecsvc - ok
19:50:24.0159 4884 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:50:24.0170 4884 wercplsupport - ok
19:50:24.0215 4884 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:50:24.0227 4884 WerSvc - ok
19:50:24.0277 4884 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:50:24.0281 4884 WfpLwf - ok
19:50:24.0315 4884 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:50:24.0319 4884 WIMMount - ok
19:50:24.0413 4884 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:50:24.0434 4884 WinDefend - ok
19:50:24.0526 4884 [ 59728AED28364A597040E0B7BA07AE33 ] WindowBlinds C:\Program Files\Stardock\MyColors\VistaSrv.exe
19:50:24.0532 4884 WindowBlinds - ok
19:50:24.0555 4884 WinHttpAutoProxySvc - ok
19:50:24.0656 4884 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:50:24.0669 4884 Winmgmt - ok
19:50:24.0740 4884 [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM C:\Windows\system32\WsmSvc.dll
19:50:24.0782 4884 WinRM - ok
19:50:24.0852 4884 [ 30FC6E5448D0CBAAA95280EEEF7FEDAE ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:50:24.0856 4884 WinUsb - ok
19:50:24.0927 4884 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:50:24.0961 4884 Wlansvc - ok
19:50:24.0999 4884 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:50:25.0003 4884 WmiAcpi - ok
19:50:25.0057 4884 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:50:25.0063 4884 wmiApSrv - ok
19:50:25.0166 4884 [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:50:25.0200 4884 WMPNetworkSvc - ok
19:50:25.0272 4884 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:50:25.0282 4884 WPCSvc - ok
19:50:25.0320 4884 [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:50:25.0331 4884 WPDBusEnum - ok
19:50:25.0370 4884 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:50:25.0374 4884 ws2ifsl - ok
19:50:25.0400 4884 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
19:50:25.0411 4884 wscsvc - ok
19:50:25.0427 4884 WSearch - ok
19:50:25.0559 4884 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
19:50:25.0615 4884 wuauserv - ok
19:50:25.0654 4884 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:50:25.0659 4884 WudfPf - ok
19:50:25.0709 4884 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:50:25.0714 4884 WUDFRd - ok
19:50:25.0774 4884 [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:50:25.0784 4884 wudfsvc - ok
19:50:25.0822 4884 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:50:25.0835 4884 WwanSvc - ok
19:50:25.0885 4884 ================ Scan global ===============================
19:50:25.0939 4884 [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
19:50:25.0992 4884 [ A9E43C040F405DB689FC29534EF0389B ] C:\Windows\system32\winsrv.dll
19:50:26.0020 4884 [ A9E43C040F405DB689FC29534EF0389B ] C:\Windows\system32\winsrv.dll
19:50:26.0066 4884 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:50:26.0113 4884 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:50:26.0125 4884 [Global] - ok
19:50:26.0126 4884 ================ Scan MBR ==================================
19:50:26.0147 4884 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:50:26.0995 4884 \Device\Harddisk0\DR0 - ok
19:50:26.0996 4884 ================ Scan VBR ==================================
19:50:27.0005 4884 [ FAD56FB638E1D680F7DFEE520E60B845 ] \Device\Harddisk0\DR0\Partition1
19:50:27.0012 4884 \Device\Harddisk0\DR0\Partition1 - ok
19:50:27.0032 4884 [ B40073EFD08BA3CB1029FF40551B6A10 ] \Device\Harddisk0\DR0\Partition2
19:50:27.0038 4884 \Device\Harddisk0\DR0\Partition2 - ok
19:50:27.0040 4884 ============================================================
19:50:27.0040 4884 Scan finished
19:50:27.0040 4884 ============================================================
19:50:27.0072 3452 Detected object count: 0
19:50:27.0072 3452 Actual detected object count: 0
19:50:40.0893 1348 Deinitialize success

Malwarebytes

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.01.11

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Cassie :: CASSIE-PC [administrator]

01/02/2013 7:52:33 PM
mbam-log-2013-02-01 (19-52-33).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 335002
Time elapsed: 1 hour(s), 49 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

AdwCleaner

# AdwCleaner v2.109 - Logfile created 02/02/2013 at 06:50:32
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Starter (32 bits)
# User : Cassie - CASSIE-PC
# Boot Mode : Normal
# Running from : C:\Users\Cassie\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Partner

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKU\S-1-5-21-1128836838-1990528549-1465253133-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.7600.17153

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [1267 octets] - [02/02/2013 06:50:32]

########## EOF - C:\AdwCleaner[S1].txt - [1327 octets] ##########

RogueKiller

RogueKiller V8.4.4 [Feb 1 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7600 ) 32 bits version
Started in : Normal mode
User : Cassie [Admin rights]
Mode : Remove -- Date : 02/02/2013 22:13:01
| ARK || MBR |

Bad processes : 0

Registry Entries : 2
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

Driver : [LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts



MBR Check:

+++++ PhysicalDrive0: WDC WD2500BEVT-22A23T0 +++++
--- User ---
[MBR] 512d69a4f49c2560c425b478982e83a6
[BSP] 8bfa0d5cf11123b11e43270772e56896 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13312 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27265024 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27469824 | Size: 225061 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_02022013_02d2213.txt >>
RKreport[1]_S_02022013_02d2212.txt ; RKreport[2]_D_02022013_02d2213.txt



Do you see anything of note?

Adam

#4 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:04:48 AM

Posted 02 February 2013 - 10:51 PM

Hi,

AdwCleaner and RogueKiller removed a few things, but not much of note. I'll run a few more scans to verify if you're clean. :)

SUPERAntiSpyware

I need you to run a scan with SUPERAntiSpyware.

  • Download SAS from here, and save it to your desktop.
  • Double click the installer to start the installation. If you do not want to start the trial of the full version, please decline, and feel free to uncheck options to install external toolbars/software, unless you want them. Otherwise, follow the prompts and let the program install.
  • Once the program is done installing and updating, tick the Complete Scan option on the interface, and press the big Scan your Computer... button. Ensure that the options Activate Scan Boost™ > Low boost and Scan inside .ZIP archives are selected and Start Complete Scan.
  • After scanning, be sure to remove all detected threats if any were detected. If asked to reboot to remove threats, do so immediately.
  • Once finished, return to the main interface, go to View Scan Logs and view the newest log. Copy and paste it into your reply.

ESET Online Scanner

I need you to run a scan with ESET Online Scanner.

  • Download the scanner from here, and save it to your desktop.
  • Double click the file to install the program. Once it's done, accept the terms of use and click Start. Be sure the following settings are checked before beginning:
    Scan archives
    Remove found threats
    Scan potentially unwanted applications
    Scan for potentially unsafe applications
    Enable Anti-Stealth technology
  • Once the scan is done, if anything was found, click List of found threats, and then Export to text file..., and save the log to your desktop.
  • Click << Back, and then Finish. If you have to reboot, do so immediately.
  • After ESET finishes scanning and removing threats, copy and paste the log into your reply.

Junkware Removal Tool

I need you to run a scan with Junkware Removal Tool.

  • Download JRT from here, and save it to your desktop.
  • Double click the file to open it, and hit any key as per the instructions of the popped up window.
  • Once the scan is done, copy and paste the contents of the resulting log into your reply.

Gunto

Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#5 adamdkennedy

adamdkennedy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 15 February 2013 - 10:18 PM

Hello,

 

Sorry for the delay in response.  I was able to run all the suggested applications, how does it look?

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 02/03/2013 at 01:54 PM

Application Version : 5.6.1014

Core Rules Database Version : 9964
Trace Rules Database Version: 7776

Scan type       : Complete Scan
Total Scan Time : 01:17:17

Operating System Information
Windows 7 Starter 32-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned      : 659
Memory threats detected   : 0
Registry items scanned    : 36902
Registry threats detected : 0
File items scanned        : 31830
File threats detected     : 186

Adware.Tracking Cookie
    C:\Users\Cassie\AppData\Roaming\Microsoft\Windows\Cookies\cassie@ad.yieldmanager[2].txt [ /ad.yieldmanager ]
    C:\Users\Cassie\AppData\Roaming\Microsoft\Windows\Cookies\cassie@atdmt[1].txt [ /atdmt ]
    C:\Users\Cassie\AppData\Roaming\Microsoft\Windows\Cookies\cassie@bellcan.adbureau[2].txt [ /bellcan.adbureau ]
    C:\Users\Cassie\AppData\Roaming\Microsoft\Windows\Cookies\0RD9MQEC.txt [ /pbteen.com ]
    C:\Users\Cassie\AppData\Roaming\Microsoft\Windows\Cookies\EWIMFJUO.txt [ /c.atdmt.com ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\F1LQIYY3.txt [ Cookie:cassie@specificclick.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\WUYJ53WE.txt [ Cookie:cassie@vitamine.networldmedia.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\03T5PMVU.txt [ Cookie:cassie@ads.pointroll.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RLQBEV6K.txt [ Cookie:cassie@rogersmedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7YSA8CN3.txt [ Cookie:cassie@at.atwola.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\KO9JFJQC.txt [ Cookie:cassie@pro-market.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YE9FJRM4.txt [ Cookie:cassie@collective-media.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@blackberryinsight[1].txt [ Cookie:cassie@blackberryinsight.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1PQGLKEC.txt [ Cookie:cassie@apmebf.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\8I4YYKKY.txt [ Cookie:cassie@clicksor.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\JF1L8VBB.txt [ Cookie:cassie@tribalfusion.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\13W1342I.txt [ Cookie:cassie@rbc.bridgetrack.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\RD1QKS7G.txt [ Cookie:cassie@counters.gigya.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YEJ6S4EO.txt [ Cookie:cassie@media.gsimedia.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\VBAQ3DJK.txt [ Cookie:cassie@statse.webtrendslive.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3PTYW31D.txt [ Cookie:cassie@statcounter.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\J8MG1QOF.txt [ Cookie:cassie@zedo.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@imrworldwide[2].txt [ Cookie:cassie@imrworldwide.com/cgi-bin ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\X7YCQ17I.txt [ Cookie:cassie@interclick.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@www.clickmanage[2].txt [ Cookie:cassie@www.clickmanage.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@shared.rogersmedia[1].txt [ Cookie:cassie@shared.rogersmedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@eye-doctor-find[2].txt [ Cookie:cassie@eye-doctor-find.ca/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\41YRTDW8.txt [ Cookie:cassie@networldmedia.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@kb.mediatemple[1].txt [ Cookie:cassie@kb.mediatemple.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@torstardigital.122.2o7[1].txt [ Cookie:cassie@torstardigital.122.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AGUE9EAT.txt [ Cookie:cassie@tacoda.at.atwola.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@www5.addfreestats[1].txt [ Cookie:cassie@www5.addfreestats.com/cgi-bin ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@adecn[1].txt [ Cookie:cassie@adecn.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AX8CGNJZ.txt [ Cookie:cassie@kontera.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@banners.blackberryinsight[2].txt [ Cookie:cassie@banners.blackberryinsight.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\08F9TF6F.txt [ Cookie:cassie@hitbox.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@sitestat.mayoclinic[1].txt [ Cookie:cassie@sitestat.mayoclinic.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\9C4OLOQG.txt [ Cookie:cassie@ad.yieldmanager.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\8OCYNEUP.txt [ Cookie:cassie@realmedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\EKMNT301.txt [ Cookie:cassie@invitemedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FI3KNR1Q.txt [ Cookie:cassie@ru4.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\69OK4XTG.txt [ Cookie:cassie@atdmt.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@atdmt.combing[2].txt [ Cookie:cassie@atdmt.combing.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@revenue[2].txt [ Cookie:cassie@revenue.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\2CHRDPLT.txt [ Cookie:cassie@2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@msnportal.112.2o7[1].txt [ Cookie:cassie@msnportal.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@dmtracker[1].txt [ Cookie:cassie@dmtracker.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3FR48KGI.txt [ Cookie:cassie@pointroll.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7R592WU0.txt [ Cookie:cassie@adserver.adtechus.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DUQXJS3X.txt [ Cookie:cassie@ads.networldmedia.net/servlet/ajrotator ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@triseptsolutions.122.2o7[1].txt [ Cookie:cassie@triseptsolutions.122.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\W3U73PIN.txt [ Cookie:cassie@trafficmp.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@liveperson[5].txt [ Cookie:cassie@liveperson.net/hc/17490713 ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\DD7EHUZE.txt [ Cookie:cassie@questionmarket.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GT2ZZ9GB.txt [ Cookie:cassie@yieldmanager.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@specificmedia[1].txt [ Cookie:cassie@specificmedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3X3S4EZ7.txt [ Cookie:cassie@doubleclick.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NAMY49HF.txt [ Cookie:cassie@revsci.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@mediabrandsww[2].txt [ Cookie:cassie@mediabrandsww.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\CQ6FVDLK.txt [ Cookie:cassie@fastclick.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YHVN9DSM.txt [ Cookie:cassie@myroitracking.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\M4NMR1G2.txt [ Cookie:cassie@media.adfrontiers.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\KWGDP1R1.txt [ Cookie:cassie@ads.networldmedia.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@trvlnet.adbureau[2].txt [ Cookie:cassie@trvlnet.adbureau.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@atdmt[2].txt [ Cookie:cassie@atdmt.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\QVOOU94T.txt [ Cookie:cassie@advertising.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@www1.addfreestats[1].txt [ Cookie:cassie@www1.addfreestats.com/cgi-bin ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\K59KYHQW.txt [ Cookie:cassie@media6degrees.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\B7KNL6RG.txt [ Cookie:cassie@traveladvertising.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\76DK98HH.txt [ Cookie:cassie@accounts.google.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\M6CGV6JD.txt [ Cookie:cassie@e2itg.pbteen.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@eyewonder[2].txt [ Cookie:cassie@eyewonder.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\T5J96K4Z.txt [ Cookie:cassie@clickfuse.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\HQ0N5430.txt [ Cookie:cassie@h.atdmt.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@microsoftsto.112.2o7[1].txt [ Cookie:cassie@microsoftsto.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\JXPCEPGR.txt [ Cookie:cassie@content.yieldmanager.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\CRSKWQFV.txt [ Cookie:cassie@canfood.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\E88N2CE3.txt [ Cookie:cassie@paypal.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@forums.crackberry[2].txt [ Cookie:cassie@forums.crackberry.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q79LYICX.txt [ Cookie:cassie@timeinc.122.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@data.coremetrics[1].txt [ Cookie:cassie@data.coremetrics.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@trinitymirror.112.2o7[1].txt [ Cookie:cassie@trinitymirror.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\WT1UY59T.txt [ Cookie:cassie@google.com/accounts/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@audiag.112.2o7[1].txt [ Cookie:cassie@audiag.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\C5QGYUH4.txt [ Cookie:cassie@overture.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@broadwaycom.122.2o7[1].txt [ Cookie:cassie@broadwaycom.122.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\BEJBM2QC.txt [ Cookie:cassie@adinterax.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\WQQ7HCW6.txt [ Cookie:cassie@adserver.zonemedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AYZSV0KY.txt [ Cookie:cassie@counter.hitslink.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\1H5FP0RJ.txt [ Cookie:cassie@www.google.ca/accounts ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6OPB19H6.txt [ Cookie:cassie@ihg.db.advertising.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@liveperson[6].txt [ Cookie:cassie@liveperson.net/hc/12805332 ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\P2NSODFV.txt [ Cookie:cassie@in.getclicky.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@microsoftmachinetranslation.112.2o7[1].txt [ Cookie:cassie@microsoftmachinetranslation.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5JW5IUFI.txt [ Cookie:cassie@steelhousemedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@tradedoubler[2].txt [ Cookie:cassie@tradedoubler.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@media.adsvelocity[2].txt [ Cookie:cassie@media.adsvelocity.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UH6A0THD.txt [ Cookie:cassie@burstnet.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\35GV26IL.txt [ Cookie:cassie@www.google.com/accounts ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@sonycanada.112.2o7[1].txt [ Cookie:cassie@sonycanada.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@canadapost.112.2o7[1].txt [ Cookie:cassie@canadapost.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@nycandcompany.112.2o7[1].txt [ Cookie:cassie@nycandcompany.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AP8F3KIT.txt [ Cookie:cassie@hc2.humanclick.com/hc/74139060 ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\U71PKLOD.txt [ Cookie:cassie@hpi.rotator.hadj7.adjuggler.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\CVEY8742.txt [ Cookie:cassie@ehg-visionretailinginc.hitbox.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\PCSWFSED.txt [ Cookie:cassie@ar.atwola.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FM9927GH.txt [ Cookie:cassie@thestar.122.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\31TV225S.txt [ Cookie:cassie@canslice.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FRE2YI4V.txt [ Cookie:cassie@ideoclick.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AIHX63QC.txt [ Cookie:cassie@openx.microsites.transcontinentalmedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\TY13F1LI.txt [ Cookie:cassie@dealfind.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NCQ1DMXF.txt [ Cookie:cassie@oasc17.247realmedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@liveperson[2].txt [ Cookie:cassie@liveperson.net/hc/55170107 ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\CQ8142AN.txt [ Cookie:cassie@costco.pnimedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\W3J2V0TW.txt [ Cookie:cassie@tracking.dsmmadvantage.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@viacom.adbureau[1].txt [ Cookie:cassie@viacom.adbureau.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\IM6B663X.txt [ Cookie:cassie@stats.royalbank.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\G56H8QO3.txt [ Cookie:cassie@hotwire.db.advertising.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\HTC2XROC.txt [ Cookie:cassie@liveperson.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\AZQI685C.txt [ Cookie:cassie@amazon-adsystem.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6KQ61U9L.txt [ Cookie:cassie@rogersmedia.122.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\CL3GIZFH.txt [ Cookie:cassie@www.pbteen.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7KWD7C4P.txt [ Cookie:cassie@liveperson.net/hc/59963563 ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\IU3N1885.txt [ Cookie:cassie@gsimedia.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\R3L3558H.txt [ Cookie:cassie@ehg-totalsystemsservices.hitbox.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\73FX2NA3.txt [ Cookie:cassie@tripod.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\2MW8NL3X.txt [ Cookie:cassie@yadro.ru/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\4K9RI307.txt [ Cookie:cassie@c.atdmt.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\XCZKTWX1.txt [ Cookie:cassie@delivery.ctasnet.com/adserver/www/delivery/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NVDX6E9H.txt [ Cookie:cassie@intermundomedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\ALH7OTFL.txt [ Cookie:cassie@dominionenterprises.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\F750VAOY.txt [ Cookie:cassie@superstats.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\03V97FHS.txt [ Cookie:cassie@smartadserver.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\cassie@bellglobemediapublishing.122.2o7[1].txt [ Cookie:cassie@bellglobemediapublishing.122.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\K9SUNF3F.txt [ Cookie:cassie@stat.onestat.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\BKKF9DO2.txt [ Cookie:cassie@www.googleadservices.com/pagead/conversion/1010530431/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\UP0A05Z0.txt [ Cookie:cassie@histats.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\TOIDSBDB.txt [ Cookie:cassie@parentingteens.about.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\SSNWGCBO.txt [ Cookie:cassie@saymedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\W5SN3YQI.txt [ Cookie:cassie@rcci.122.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3YF4DAID.txt [ Cookie:cassie@rc2corp.112.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3MH6LUOJ.txt [ Cookie:cassie@ihg2.db.advertising.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\5Y388XH8.txt [ Cookie:cassie@oasc05.247realmedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6SVTDXCJ.txt [ Cookie:cassie@liveperson.net/hc/41084479 ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\6EXCPT6O.txt [ Cookie:cassie@bs.serving-sys.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\FR7XPEJO.txt [ Cookie:cassie@bizrate.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\YA2QOPOQ.txt [ Cookie:cassie@visionretailing.122.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\3UD8DP56.txt [ Cookie:cassie@www.googleadservices.com/pagead/conversion/1061634236/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\XE1ILLGH.txt [ Cookie:cassie@kaspersky.122.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\JUCNLHGA.txt [ Cookie:cassie@www.etracker.de/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\22HBLETB.txt [ Cookie:cassie@marthastewart.122.2o7.net/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\NPYY2CJI.txt [ Cookie:cassie@www.googleadservices.com/pagead/conversion/1041117329/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GEP3MOI3.txt [ Cookie:cassie@server.cpmstar.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\F43O6PUC.txt [ Cookie:cassie@www5.407etr.com/myaccount/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q827CYXE.txt [ Cookie:cassie@ad.mlnadvertising.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\KK1QPZ0H.txt [ Cookie:cassie@media.mtvnservices.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7E3IWMU8.txt [ Cookie:cassie@oasc14.247realmedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\O0HL35H9.txt [ Cookie:cassie@solvemedia.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7HMA2AFJ.txt [ Cookie:cassie@www6.addfreestats.com/cgi-bin ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7S2BFFHJ.txt [ Cookie:cassie@media2.legacy.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\H4VYATPC.txt [ Cookie:cassie@ww251.smartadserver.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\LPL4JTC4.txt [ Cookie:cassie@weddingwire.advertserve.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\2OE96WG4.txt [ Cookie:cassie@kanoodle.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\7545GPTD.txt [ Cookie:cassie@c1.atdmt.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\929EOOSR.txt [ Cookie:cassie@www.bizrate.com/ ]
    C:\USERS\CASSIE\AppData\Roaming\Microsoft\Windows\Cookies\Low\GFHA4BK4.txt [ Cookie:cassie@adtechus.com/ ]
    C:\USERS\CASSIE\Cookies\cassie@bellcan.adbureau[2].txt [ Cookie:cassie@bellcan.adbureau.net/ ]
    C:\USERS\CASSIE\Cookies\EWIMFJUO.txt [ Cookie:cassie@c.atdmt.com/ ]
    C:\USERS\CASSIE\APPDATA\LOCAL\TEMP\LOW\COOKIES\CASSIE@ATDMT.COMBING[1].TXT [ /ATDMT.COMBING ]
    bbca.channelfinder.net [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    cdn.media.abc.com [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    core.saymedia.com [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    dcl.wdpromedia.com [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    dlr1.wdpromedia.com [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    ia.media-imdb.com [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    media1.break.com [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    mediaserver.vrxstudios.com [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    parksandresorts.wdpromedia.com [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    s0.2mdn.net [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    secure-us.imrworldwide.com [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    sftrack.searchforce.net [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    vitamine.networldmedia.net [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    wdw1.wdpromedia.com [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    wdw2.wdpromedia.com [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    www.media.gov.on.ca [ C:\USERS\CASSIE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\HYA3G4GG ]
    C:\WINDOWS\TEMP\COOKIES\CASSIE@STATSE.WEBTRENDSLIVE[1].TXT [ /STATSE.WEBTRENDSLIVE ]
 

 

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=a358e94cdb589441baa4fff624f09ec6
# engine=11077
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-02-11 12:33:01
# local_time=2013-02-11 07:33:01 (-0500, Eastern Standard Time)
# country="Canada"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 0 112130772 0 0
# scanned=158581
# found=0
# cleaned=0
# scan_time=67920

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.3 (02.12.2013:1)
OS: Windows 7 Starter x86
Ran by Cassie on 15/02/2013 at 21:54:49.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15/02/2013 at 22:02:00.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


 



#6 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:04:48 AM

Posted 18 February 2013 - 09:25 PM

Hi,

 

Whoa, sorry for the late reply... I wasn't notified of your post. sad.png

 

Anyway, looking pretty good, let me run another check to have a look at some of your programs. smile.png

 

Security Check

I need you to run a checkup with Security Check.
 

  • Download Security Check here, and save it to your desktop.
  • Double click the file to run it. In the first screen, hit any key and let the scan run.
  • Once the scan is finished, copy and paste the resulting log into your reply.

 

 

Gunto


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#7 adamdkennedy

adamdkennedy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 01 March 2013 - 09:29 PM

Hi,

 

No problem with the late reply!  I have been even worse :)

 

Below is the log file.....

 

Thanks!

 

Adam

 

 Results of screen317's Security Check version 0.99.60 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 8 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Microsoft Security Essentials  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 SUPERAntiSpyware    
 Malwarebytes Anti-Malware version 1.70.0.1100 
 Adobe Flash Player  11.3.300.268 
 Adobe Reader 9 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Malwarebytes' Anti-Malware mbamscheduler.exe  
 Symantec Norton Online Backup NOBuAgent.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 



#8 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:04:48 AM

Posted 01 March 2013 - 11:46 PM

Hi,

 

Looking good! :) We just need to update a couple things.

 

Uninstall Programs

I need you to uninstall some programs using either Programs and Features or Revo Uninstaller.

If you want to use Programs and Features:
 

  • Go to Start > Control Panel > Programs and Features.
  • Once it loads all the programs, uninstall the following, if present, one at a time:
    Adobe Reader 9
    by clicking Change/Remove.

Note: If you have any problems uninstalling a program using Programs/Features, proceed to the below method.

If you want to use Revo Uninstaller (which cleans up a bit better):



  • Download Revo from here, and save it to your desktop.
  • Double-click the installer on your desktop, and let the program install.
  • Once it's done, double click the Revo Uninstaller shortcut on your desktop to run it. Once it loads all the programs, uninstall the following, if present, one at a time:
    Adobe Reader 9
  • Double-click the program, and say Yes on the prompt. Ensure the Moderate option is ticked, click Next.
  • Follow the prompts in the built-in uninstaller, and then click Next in Revo.
  • If any registry remnants are found, check only the bolded items. If there is a closed folder visible, click the + to expand it until you find the bolded item. Then Delete the remnants.
  • Proceed again, and if any files/folders were found, delete those, too. Repeat this with the other programs to uninstall.

 

 

Windows Update

Your Windows software is outdated. Newer versions have performance, security and bug fixes that were absent from older versions. Because of this, you need to update.
 

  • Visit Windows Update, and check for high-priority updates.
  • If any are found, install them all. If asked to reboot, please do so.
  • Repeat until there are no more updates to download.

 

 

Adobe Reader

I need you to install the latest version of Adobe Reader. Your old version was outdated, and new versions have security and bug fixes that older versions didn't, so you need to update.
 

  • Download Reader from here, and save it to your desktop.
  • Double-click the installer to start the installation. Feel free to uncheck to install third-party toolbars or software, as they aren't required for the Adobe Reader installation. Otherwise, follow the prompts and let the program install.

 

 

Gunto


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#9 adamdkennedy

adamdkennedy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 04 March 2013 - 09:58 PM

Done!  Any other suggestions?  Are we good? :)

 

Adam



#10 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Response Team
  • 1,291 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:04:48 AM

Posted 04 March 2013 - 10:51 PM

Hi,

 

Congrats, your computer looks free of malware! :woot:

However, here are some steps to improve how your computer works, and to help you from getting infected again.

Keep all your software updated. This is especially true for your antivirus. Keeping your software up-to-date is one of the most important steps to keeping malware out of your system. For new software version updates, I recommend FileHippo Update Checker. However, FH doesn't find all updates, so be sure and manually check for updates, too.

Browse safely. Much of the time, malware gets in because the user isn't cautious. Examples of safe browsing include not opening emails from people you don't know, especially if it has an attachment. Files, especially those with a .exe, .com, .bat and .scr extension should never be trusted unless you know for a fact you can trust the source. You should also be careful with these files even from friends, since their email might actually not be from them.

You should also clean out your System Restore points. SR is used to restore your computer to an earlier time if it's damaged, and since many of your old restore points are probably infected, let's clean out your old points and create a new, clean one.

  • Go to Start > Programs > Accessories > System Tools > System Restore.
  • Select Create a new restore point, then click the Next button.
  • Give the point a name, then click Create.
  • Go to Start > Run... and enter cleanmgr.
  • Once the utility opens, click the More Options tab, and under System Restore, click Clean up..., then say Yes.


Happy surfing! :)

 

Gunto


Beautiful avatar by Plumbeck!

 

Bury me in honor; when I'm dead and hit the ground, a love back home, it unfolds...


#11 adamdkennedy

adamdkennedy
  • Topic Starter

  • Members
  • 45 posts
  • OFFLINE
  •  
  • Local time:06:48 AM

Posted 05 March 2013 - 11:01 PM

Awesome!!!  thank you for all your help!!

 

Adam






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users