Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

firefox redirects and my windows security wont start


  • This topic is locked This topic is locked
7 replies to this topic

#1 stevepark309

stevepark309

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 17 July 2012 - 12:58 AM

Hello. I have a Windows 7 64 bit. I keep getting redirected randomly and I tried turning on my Windows Security Center but it wont start. :( Please help.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:09 AM

Posted 17 July 2012 - 01:41 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 stevepark309

stevepark309
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 17 July 2012 - 09:21 AM

TDSS log
08:50:11.0126 2180 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
08:50:11.0407 2180 ============================================================
08:50:11.0407 2180 Current date / time: 2012/07/17 08:50:11.0407
08:50:11.0407 2180 SystemInfo:
08:50:11.0407 2180
08:50:11.0407 2180 OS Version: 6.1.7601 ServicePack: 1.0
08:50:11.0407 2180 Product type: Workstation
08:50:11.0407 2180 ComputerName: STEVE-PC
08:50:11.0407 2180 UserName: Steve
08:50:11.0407 2180 Windows directory: C:\windows
08:50:11.0407 2180 System windows directory: C:\windows
08:50:11.0407 2180 Running under WOW64
08:50:11.0407 2180 Processor architecture: Intel x64
08:50:11.0407 2180 Number of processors: 4
08:50:11.0407 2180 Page size: 0x1000
08:50:11.0407 2180 Boot type: Normal boot
08:50:11.0407 2180 ============================================================
08:50:11.0843 2180 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:50:11.0843 2180 ============================================================
08:50:11.0843 2180 \Device\Harddisk0\DR0:
08:50:11.0843 2180 MBR partitions:
08:50:11.0843 2180 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
08:50:11.0843 2180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34BA1000
08:50:11.0875 2180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x34C06000, BlocksNum 0x39FD800
08:50:11.0875 2180 ============================================================
08:50:11.0937 2180 C: <-> \Device\Harddisk0\DR0\Partition1
08:50:11.0984 2180 D: <-> \Device\Harddisk0\DR0\Partition2
08:50:11.0984 2180 ============================================================
08:50:11.0984 2180 Initialize success
08:50:11.0984 2180 ============================================================
08:50:29.0472 1932 ============================================================
08:50:29.0472 1932 Scan started
08:50:29.0472 1932 Mode: Manual; TDLFS;
08:50:29.0472 1932 ============================================================
08:50:30.0315 1932 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
08:50:30.0346 1932 1394ohci - ok
08:50:30.0424 1932 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
08:50:30.0424 1932 ACPI - ok
08:50:30.0471 1932 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
08:50:30.0471 1932 AcpiPmi - ok
08:50:30.0518 1932 ACPIVPC (5bbff8b826ec38d32c26334e079c7efc) C:\windows\system32\DRIVERS\AcpiVpc.sys
08:50:30.0518 1932 ACPIVPC - ok
08:50:30.0627 1932 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:50:30.0627 1932 AdobeARMservice - ok
08:50:30.0830 1932 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:50:30.0830 1932 AdobeFlashPlayerUpdateSvc - ok
08:50:30.0939 1932 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\drivers\adp94xx.sys
08:50:30.0970 1932 adp94xx - ok
08:50:31.0032 1932 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\drivers\adpahci.sys
08:50:31.0064 1932 adpahci - ok
08:50:31.0095 1932 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\drivers\adpu320.sys
08:50:31.0126 1932 adpu320 - ok
08:50:31.0173 1932 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
08:50:31.0173 1932 AeLookupSvc - ok
08:50:31.0251 1932 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
08:50:31.0298 1932 AFD - ok
08:50:31.0329 1932 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
08:50:31.0329 1932 agp440 - ok
08:50:31.0360 1932 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
08:50:31.0360 1932 ALG - ok
08:50:31.0391 1932 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
08:50:31.0391 1932 aliide - ok
08:50:31.0391 1932 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
08:50:31.0391 1932 amdide - ok
08:50:31.0422 1932 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\drivers\amdk8.sys
08:50:31.0422 1932 AmdK8 - ok
08:50:31.0454 1932 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\drivers\amdppm.sys
08:50:31.0454 1932 AmdPPM - ok
08:50:31.0485 1932 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
08:50:31.0485 1932 amdsata - ok
08:50:31.0532 1932 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\drivers\amdsbs.sys
08:50:31.0547 1932 amdsbs - ok
08:50:31.0563 1932 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
08:50:31.0563 1932 amdxata - ok
08:50:31.0578 1932 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
08:50:31.0578 1932 AppID - ok
08:50:31.0610 1932 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
08:50:31.0610 1932 AppIDSvc - ok
08:50:31.0656 1932 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
08:50:31.0656 1932 Appinfo - ok
08:50:31.0781 1932 Apple Mobile Device (f401929ee0cc92bfe7f15161ca535383) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:50:31.0781 1932 Apple Mobile Device - ok
08:50:31.0812 1932 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\drivers\arc.sys
08:50:31.0812 1932 arc - ok
08:50:31.0844 1932 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\drivers\arcsas.sys
08:50:31.0859 1932 arcsas - ok
08:50:31.0875 1932 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
08:50:31.0875 1932 AsyncMac - ok
08:50:31.0906 1932 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
08:50:31.0906 1932 atapi - ok
08:50:32.0031 1932 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:50:32.0031 1932 AudioEndpointBuilder - ok
08:50:32.0046 1932 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
08:50:32.0046 1932 AudioSrv - ok
08:50:32.0093 1932 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
08:50:32.0093 1932 AxInstSV - ok
08:50:32.0171 1932 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\drivers\bxvbda.sys
08:50:32.0202 1932 b06bdrv - ok
08:50:32.0280 1932 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
08:50:32.0296 1932 b57nd60a - ok
08:50:32.0764 1932 BCM43XX (b5d54119ce0bb77872c33a717cb76386) C:\windows\system32\DRIVERS\bcmwl664.sys
08:50:32.0780 1932 BCM43XX - ok
08:50:32.0951 1932 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
08:50:32.0982 1932 BDESVC - ok
08:50:33.0029 1932 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
08:50:33.0029 1932 Beep - ok
08:50:33.0170 1932 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
08:50:33.0185 1932 BITS - ok
08:50:33.0232 1932 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
08:50:33.0232 1932 blbdrive - ok
08:50:33.0357 1932 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
08:50:33.0372 1932 Bonjour Service - ok
08:50:33.0404 1932 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
08:50:33.0404 1932 bowser - ok
08:50:33.0435 1932 BPntDrv (aaa4f992f879977a000fe8b8c730cd2c) C:\windows\system32\drivers\BPntDrv.sys
08:50:33.0435 1932 BPntDrv - ok
08:50:33.0466 1932 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\drivers\BrFiltLo.sys
08:50:33.0466 1932 BrFiltLo - ok
08:50:33.0466 1932 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\drivers\BrFiltUp.sys
08:50:33.0466 1932 BrFiltUp - ok
08:50:33.0528 1932 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
08:50:33.0544 1932 Browser - ok
08:50:33.0575 1932 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
08:50:33.0591 1932 Brserid - ok
08:50:33.0622 1932 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
08:50:33.0622 1932 BrSerWdm - ok
08:50:33.0638 1932 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
08:50:33.0638 1932 BrUsbMdm - ok
08:50:33.0638 1932 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
08:50:33.0638 1932 BrUsbSer - ok
08:50:33.0700 1932 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys
08:50:33.0716 1932 BthEnum - ok
08:50:33.0731 1932 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\drivers\bthmodem.sys
08:50:33.0747 1932 BTHMODEM - ok
08:50:33.0778 1932 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
08:50:33.0794 1932 BthPan - ok
08:50:33.0856 1932 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\System32\Drivers\BTHport.sys
08:50:33.0887 1932 BTHPORT - ok
08:50:33.0934 1932 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
08:50:33.0934 1932 bthserv - ok
08:50:33.0965 1932 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\System32\Drivers\BTHUSB.sys
08:50:33.0965 1932 BTHUSB - ok
08:50:34.0043 1932 BTWAMPFL (9de56fa4533e485ae5409d3c11747143) C:\windows\system32\DRIVERS\btwampfl.sys
08:50:34.0043 1932 BTWAMPFL - ok
08:50:34.0074 1932 btwaudio (f6135859a582a7294ba7a3336e08baa1) C:\windows\system32\drivers\btwaudio.sys
08:50:34.0106 1932 btwaudio - ok
08:50:34.0137 1932 btwavdt (3def2370e414b4e299673558ba171a51) C:\windows\system32\DRIVERS\btwavdt.sys
08:50:34.0137 1932 btwavdt - ok
08:50:34.0324 1932 btwdins (7987fffda812abc69047d1b029d446a2) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
08:50:34.0340 1932 btwdins - ok
08:50:34.0371 1932 btwl2cap (e8d2bcd080ea91e74775b9f5ea051f97) C:\windows\system32\DRIVERS\btwl2cap.sys
08:50:34.0371 1932 btwl2cap - ok
08:50:34.0402 1932 btwrchid (9937e0e4dfc0030560a6dfe9d3a94b39) C:\windows\system32\DRIVERS\btwrchid.sys
08:50:34.0402 1932 btwrchid - ok
08:50:34.0449 1932 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
08:50:34.0449 1932 cdfs - ok
08:50:34.0496 1932 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
08:50:34.0511 1932 cdrom - ok
08:50:34.0558 1932 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:50:34.0558 1932 CertPropSvc - ok
08:50:34.0574 1932 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\drivers\circlass.sys
08:50:34.0589 1932 circlass - ok
08:50:34.0636 1932 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
08:50:34.0636 1932 CLFS - ok
08:50:34.0745 1932 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:50:34.0745 1932 clr_optimization_v2.0.50727_32 - ok
08:50:34.0808 1932 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:50:34.0808 1932 clr_optimization_v2.0.50727_64 - ok
08:50:34.0917 1932 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:50:34.0948 1932 clr_optimization_v4.0.30319_32 - ok
08:50:35.0026 1932 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:50:35.0026 1932 clr_optimization_v4.0.30319_64 - ok
08:50:35.0088 1932 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\windows\system32\DRIVERS\clwvd.sys
08:50:35.0088 1932 clwvd - ok
08:50:35.0151 1932 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
08:50:35.0151 1932 CmBatt - ok
08:50:35.0166 1932 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
08:50:35.0166 1932 cmdide - ok
08:50:35.0260 1932 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\windows\system32\Drivers\cng.sys
08:50:35.0260 1932 CNG - ok
08:50:35.0510 1932 CnxtHdAudService (99b1b888b793de320c5479b3c953781f) C:\windows\system32\drivers\CHDRT64.sys
08:50:35.0541 1932 CnxtHdAudService - ok
08:50:35.0666 1932 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\drivers\compbatt.sys
08:50:35.0666 1932 Compbatt - ok
08:50:35.0697 1932 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\DRIVERS\CompositeBus.sys
08:50:35.0712 1932 CompositeBus - ok
08:50:35.0712 1932 COMSysApp - ok
08:50:35.0744 1932 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\drivers\crcdisk.sys
08:50:35.0744 1932 crcdisk - ok
08:50:35.0806 1932 CryptSvc (4f5414602e2544a4554d95517948b705) C:\windows\system32\cryptsvc.dll
08:50:35.0822 1932 CryptSvc - ok
08:50:35.0900 1932 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:50:35.0915 1932 DcomLaunch - ok
08:50:35.0978 1932 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
08:50:35.0993 1932 defragsvc - ok
08:50:36.0024 1932 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
08:50:36.0024 1932 DfsC - ok
08:50:36.0102 1932 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
08:50:36.0118 1932 Dhcp - ok
08:50:36.0149 1932 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
08:50:36.0149 1932 discache - ok
08:50:36.0180 1932 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\drivers\disk.sys
08:50:36.0180 1932 Disk - ok
08:50:36.0243 1932 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
08:50:36.0258 1932 Dnscache - ok
08:50:36.0321 1932 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
08:50:36.0352 1932 dot3svc - ok
08:50:36.0414 1932 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
08:50:36.0414 1932 DPS - ok
08:50:36.0492 1932 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
08:50:36.0492 1932 drmkaud - ok
08:50:36.0555 1932 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\windows\system32\DRIVERS\dtsoftbus01.sys
08:50:36.0555 1932 dtsoftbus01 - ok
08:50:36.0695 1932 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
08:50:36.0711 1932 DXGKrnl - ok
08:50:36.0743 1932 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
08:50:36.0774 1932 EapHost - ok
08:50:37.0117 1932 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\drivers\evbda.sys
08:50:37.0227 1932 ebdrv - ok
08:50:37.0367 1932 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
08:50:37.0367 1932 EFS - ok
08:50:37.0507 1932 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
08:50:37.0523 1932 ehRecvr - ok
08:50:37.0554 1932 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
08:50:37.0585 1932 ehSched - ok
08:50:37.0679 1932 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\drivers\elxstor.sys
08:50:37.0695 1932 elxstor - ok
08:50:37.0710 1932 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
08:50:37.0710 1932 ErrDev - ok
08:50:37.0789 1932 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
08:50:37.0805 1932 EventSystem - ok
08:50:37.0836 1932 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
08:50:37.0852 1932 exfat - ok
08:50:37.0898 1932 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
08:50:37.0914 1932 fastfat - ok
08:50:37.0992 1932 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
08:50:38.0008 1932 Fax - ok
08:50:38.0054 1932 fbfmon (3191aca33088ee2481044fc0db736442) C:\windows\system32\drivers\fbfmon.sys
08:50:38.0054 1932 fbfmon - ok
08:50:38.0086 1932 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\drivers\fdc.sys
08:50:38.0086 1932 fdc - ok
08:50:38.0101 1932 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
08:50:38.0101 1932 fdPHost - ok
08:50:38.0148 1932 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
08:50:38.0148 1932 FDResPub - ok
08:50:38.0164 1932 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
08:50:38.0164 1932 FileInfo - ok
08:50:38.0195 1932 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
08:50:38.0195 1932 Filetrace - ok
08:50:38.0210 1932 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\drivers\flpydisk.sys
08:50:38.0210 1932 flpydisk - ok
08:50:38.0257 1932 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
08:50:38.0257 1932 FltMgr - ok
08:50:38.0413 1932 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
08:50:38.0444 1932 FontCache - ok
08:50:38.0522 1932 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:50:38.0522 1932 FontCache3.0.0.0 - ok
08:50:38.0585 1932 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
08:50:38.0585 1932 FsDepends - ok
08:50:38.0647 1932 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
08:50:38.0647 1932 Fs_Rec - ok
08:50:38.0678 1932 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
08:50:38.0694 1932 fvevol - ok
08:50:38.0725 1932 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\drivers\gagp30kx.sys
08:50:38.0725 1932 gagp30kx - ok
08:50:38.0757 1932 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
08:50:38.0757 1932 GEARAspiWDM - ok
08:50:38.0882 1932 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
08:50:38.0898 1932 gpsvc - ok
08:50:38.0929 1932 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
08:50:38.0929 1932 hcw85cir - ok
08:50:39.0007 1932 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
08:50:39.0023 1932 HdAudAddService - ok
08:50:39.0054 1932 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\DRIVERS\HDAudBus.sys
08:50:39.0069 1932 HDAudBus - ok
08:50:39.0069 1932 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\drivers\HidBatt.sys
08:50:39.0069 1932 HidBatt - ok
08:50:39.0101 1932 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\drivers\hidbth.sys
08:50:39.0101 1932 HidBth - ok
08:50:39.0116 1932 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\drivers\hidir.sys
08:50:39.0132 1932 HidIr - ok
08:50:39.0147 1932 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
08:50:39.0147 1932 hidserv - ok
08:50:39.0163 1932 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
08:50:39.0179 1932 HidUsb - ok
08:50:39.0194 1932 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
08:50:39.0194 1932 hkmsvc - ok
08:50:39.0241 1932 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
08:50:39.0272 1932 HomeGroupListener - ok
08:50:39.0319 1932 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
08:50:39.0366 1932 HomeGroupProvider - ok
08:50:39.0397 1932 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
08:50:39.0397 1932 HpSAMD - ok
08:50:39.0459 1932 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
08:50:39.0475 1932 HTTP - ok
08:50:39.0491 1932 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
08:50:39.0491 1932 hwpolicy - ok
08:50:39.0522 1932 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
08:50:39.0522 1932 i8042prt - ok
08:50:39.0584 1932 iaStor (53cc5bf8b5a219119953c7abb19a7705) C:\windows\system32\DRIVERS\iaStor.sys
08:50:39.0600 1932 iaStor - ok
08:50:39.0662 1932 IAStorDataMgrSvc (f5c0317af600f8c0d7e4202eb04232b1) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
08:50:39.0678 1932 IAStorDataMgrSvc - ok
08:50:39.0756 1932 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
08:50:39.0772 1932 iaStorV - ok
08:50:39.0960 1932 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:50:39.0991 1932 idsvc - ok
08:50:41.0021 1932 igfx (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\windows\system32\DRIVERS\igdkmd64.sys
08:50:41.0271 1932 igfx - ok
08:50:41.0474 1932 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\drivers\iirsp.sys
08:50:41.0474 1932 iirsp - ok
08:50:41.0614 1932 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
08:50:41.0645 1932 IKEEXT - ok
08:50:41.0708 1932 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
08:50:41.0723 1932 IntcDAud - ok
08:50:41.0739 1932 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
08:50:41.0739 1932 intelide - ok
08:50:41.0786 1932 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
08:50:41.0786 1932 intelppm - ok
08:50:41.0818 1932 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
08:50:41.0834 1932 IPBusEnum - ok
08:50:41.0865 1932 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
08:50:41.0880 1932 IpFilterDriver - ok
08:50:41.0912 1932 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
08:50:41.0912 1932 IPMIDRV - ok
08:50:41.0958 1932 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
08:50:41.0990 1932 IPNAT - ok
08:50:42.0177 1932 iPod Service (a9ab99ee7d39725eafec82732d2b3271) C:\Program Files\iPod\bin\iPodService.exe
08:50:42.0192 1932 iPod Service - ok
08:50:42.0224 1932 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
08:50:42.0224 1932 IRENUM - ok
08:50:42.0239 1932 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
08:50:42.0239 1932 isapnp - ok
08:50:42.0302 1932 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
08:50:42.0317 1932 iScsiPrt - ok
08:50:42.0348 1932 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
08:50:42.0348 1932 kbdclass - ok
08:50:42.0380 1932 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
08:50:42.0380 1932 kbdhid - ok
08:50:42.0411 1932 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:50:42.0426 1932 KeyIso - ok
08:50:42.0473 1932 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\windows\system32\Drivers\ksecdd.sys
08:50:42.0473 1932 KSecDD - ok
08:50:42.0504 1932 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\windows\system32\Drivers\ksecpkg.sys
08:50:42.0504 1932 KSecPkg - ok
08:50:42.0536 1932 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
08:50:42.0536 1932 ksthunk - ok
08:50:42.0629 1932 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
08:50:42.0645 1932 KtmRm - ok
08:50:42.0692 1932 L1C (95ca93fc12be372bb952669f37fff9c5) C:\windows\system32\DRIVERS\L1C62x64.sys
08:50:42.0692 1932 L1C - ok
08:50:42.0770 1932 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
08:50:42.0770 1932 LanmanServer - ok
08:50:42.0817 1932 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
08:50:42.0833 1932 LanmanWorkstation - ok
08:50:42.0880 1932 LGBusEnum (fa529fb35694c24bf98a9ef67c1cd9d0) C:\windows\system32\drivers\LGBusEnum.sys
08:50:42.0880 1932 LGBusEnum - ok
08:50:42.0911 1932 LGVirHid (94b29ce153765e768f004fb3440be2b0) C:\windows\system32\drivers\LGVirHid.sys
08:50:42.0911 1932 LGVirHid - ok
08:50:42.0958 1932 LHDmgr (be166935083f9c38edfdc21b9a7a679b) C:\windows\system32\DRIVERS\LhdX64.sys
08:50:42.0958 1932 LHDmgr - ok
08:50:43.0005 1932 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
08:50:43.0005 1932 lltdio - ok
08:50:43.0083 1932 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
08:50:43.0098 1932 lltdsvc - ok
08:50:43.0114 1932 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
08:50:43.0114 1932 lmhosts - ok
08:50:43.0270 1932 LMS (2ed1786b7542cda261029f6b526edf44) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
08:50:43.0301 1932 LMS - ok
08:50:43.0348 1932 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\drivers\lsi_fc.sys
08:50:43.0379 1932 LSI_FC - ok
08:50:43.0426 1932 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\drivers\lsi_sas.sys
08:50:43.0441 1932 LSI_SAS - ok
08:50:43.0504 1932 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\drivers\lsi_sas2.sys
08:50:43.0504 1932 LSI_SAS2 - ok
08:50:43.0551 1932 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\drivers\lsi_scsi.sys
08:50:43.0566 1932 LSI_SCSI - ok
08:50:43.0613 1932 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
08:50:43.0629 1932 luafv - ok
08:50:43.0691 1932 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\windows\system32\drivers\mbam.sys
08:50:43.0691 1932 MBAMProtector - ok
08:50:43.0816 1932 MBAMService (de199f3aa9c541a349af95a5c72a71af) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:50:43.0864 1932 MBAMService - ok
08:50:43.0895 1932 McMPFSvc - ok
08:50:43.0926 1932 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
08:50:43.0957 1932 Mcx2Svc - ok
08:50:43.0988 1932 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\drivers\megasas.sys
08:50:43.0988 1932 megasas - ok
08:50:44.0051 1932 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\drivers\MegaSR.sys
08:50:44.0066 1932 MegaSR - ok
08:50:44.0113 1932 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
08:50:44.0113 1932 MEIx64 - ok
08:50:44.0191 1932 Microsoft SharePoint Workspace Audit Service - ok
08:50:44.0238 1932 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:50:44.0238 1932 MMCSS - ok
08:50:44.0254 1932 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
08:50:44.0254 1932 Modem - ok
08:50:44.0285 1932 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
08:50:44.0285 1932 monitor - ok
08:50:44.0332 1932 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
08:50:44.0332 1932 mouclass - ok
08:50:44.0363 1932 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
08:50:44.0363 1932 mouhid - ok
08:50:44.0378 1932 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
08:50:44.0394 1932 mountmgr - ok
08:50:44.0519 1932 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:50:44.0519 1932 MozillaMaintenance - ok
08:50:44.0597 1932 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\windows\system32\DRIVERS\MpFilter.sys
08:50:44.0597 1932 MpFilter - ok
08:50:44.0628 1932 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
08:50:44.0644 1932 mpio - ok
08:50:44.0690 1932 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
08:50:44.0690 1932 mpsdrv - ok
08:50:44.0722 1932 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
08:50:44.0722 1932 MRxDAV - ok
08:50:44.0784 1932 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
08:50:44.0800 1932 mrxsmb - ok
08:50:44.0863 1932 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
08:50:44.0863 1932 mrxsmb10 - ok
08:50:44.0879 1932 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
08:50:44.0910 1932 mrxsmb20 - ok
08:50:44.0925 1932 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
08:50:44.0941 1932 msahci - ok
08:50:44.0972 1932 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
08:50:44.0972 1932 msdsm - ok
08:50:45.0019 1932 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
08:50:45.0035 1932 MSDTC - ok
08:50:45.0066 1932 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
08:50:45.0066 1932 Msfs - ok
08:50:45.0081 1932 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
08:50:45.0081 1932 mshidkmdf - ok
08:50:45.0097 1932 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
08:50:45.0097 1932 msisadrv - ok
08:50:45.0159 1932 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
08:50:45.0191 1932 MSiSCSI - ok
08:50:45.0191 1932 msiserver - ok
08:50:45.0237 1932 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
08:50:45.0253 1932 MSKSSRV - ok
08:50:45.0269 1932 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
08:50:45.0269 1932 MSPCLOCK - ok
08:50:45.0284 1932 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
08:50:45.0300 1932 MSPQM - ok
08:50:45.0331 1932 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
08:50:45.0347 1932 MsRPC - ok
08:50:45.0362 1932 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys
08:50:45.0362 1932 mssmbios - ok
08:50:45.0362 1932 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
08:50:45.0362 1932 MSTEE - ok
08:50:45.0378 1932 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\drivers\MTConfig.sys
08:50:45.0378 1932 MTConfig - ok
08:50:45.0393 1932 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
08:50:45.0393 1932 Mup - ok
08:50:45.0456 1932 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
08:50:45.0471 1932 napagent - ok
08:50:45.0518 1932 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
08:50:45.0549 1932 NativeWifiP - ok
08:50:45.0690 1932 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
08:50:45.0705 1932 NDIS - ok
08:50:45.0721 1932 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
08:50:45.0721 1932 NdisCap - ok
08:50:45.0752 1932 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
08:50:45.0752 1932 NdisTapi - ok
08:50:45.0768 1932 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
08:50:45.0768 1932 Ndisuio - ok
08:50:45.0799 1932 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
08:50:45.0799 1932 NdisWan - ok
08:50:45.0815 1932 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
08:50:45.0815 1932 NDProxy - ok
08:50:45.0862 1932 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\windows\system32\DRIVERS\netaapl64.sys
08:50:45.0862 1932 Netaapl - ok
08:50:45.0878 1932 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
08:50:45.0878 1932 NetBIOS - ok
08:50:45.0925 1932 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
08:50:45.0925 1932 NetBT - ok
08:50:45.0972 1932 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:50:45.0972 1932 Netlogon - ok
08:50:46.0050 1932 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
08:50:46.0050 1932 Netman - ok
08:50:46.0112 1932 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
08:50:46.0128 1932 netprofm - ok
08:50:46.0221 1932 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:50:46.0237 1932 NetTcpPortSharing - ok
08:50:46.0299 1932 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\drivers\nfrd960.sys
08:50:46.0299 1932 nfrd960 - ok
08:50:46.0362 1932 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\windows\system32\DRIVERS\NisDrvWFP.sys
08:50:46.0362 1932 NisDrv - ok
08:50:46.0486 1932 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
08:50:46.0518 1932 NisSrv - ok
08:50:46.0596 1932 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
08:50:46.0611 1932 NlaSvc - ok
08:50:46.0627 1932 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
08:50:46.0627 1932 Npfs - ok
08:50:46.0642 1932 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
08:50:46.0642 1932 nsi - ok
08:50:46.0674 1932 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
08:50:46.0674 1932 nsiproxy - ok
08:50:46.0892 1932 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
08:50:46.0954 1932 Ntfs - ok
08:50:47.0079 1932 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
08:50:47.0095 1932 Null - ok
08:50:47.0126 1932 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
08:50:47.0142 1932 nvraid - ok
08:50:47.0204 1932 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
08:50:47.0235 1932 nvstor - ok
08:50:47.0282 1932 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
08:50:47.0282 1932 nv_agp - ok
08:50:47.0313 1932 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
08:50:47.0313 1932 ohci1394 - ok
08:50:47.0407 1932 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:50:47.0422 1932 ose64 - ok
08:50:47.0984 1932 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:50:48.0124 1932 osppsvc - ok
08:50:48.0280 1932 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:50:48.0280 1932 p2pimsvc - ok
08:50:48.0343 1932 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
08:50:48.0358 1932 p2psvc - ok
08:50:48.0405 1932 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\drivers\parport.sys
08:50:48.0421 1932 Parport - ok
08:50:48.0468 1932 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
08:50:48.0468 1932 partmgr - ok
08:50:48.0514 1932 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
08:50:48.0514 1932 PcaSvc - ok
08:50:48.0561 1932 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
08:50:48.0561 1932 pci - ok
08:50:48.0577 1932 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
08:50:48.0577 1932 pciide - ok
08:50:48.0624 1932 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\drivers\pcmcia.sys
08:50:48.0639 1932 pcmcia - ok
08:50:48.0670 1932 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
08:50:48.0670 1932 pcw - ok
08:50:48.0748 1932 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
08:50:48.0780 1932 PEAUTH - ok
08:50:48.0873 1932 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
08:50:48.0873 1932 PerfHost - ok
08:50:49.0060 1932 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
08:50:49.0107 1932 pla - ok
08:50:49.0201 1932 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
08:50:49.0216 1932 PlugPlay - ok
08:50:49.0326 1932 pnetmdm (06841f5cd8410b6bdc0b5a631b8f8787) C:\windows\system32\DRIVERS\pnetmdm64.sys
08:50:49.0326 1932 pnetmdm - ok
08:50:49.0341 1932 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
08:50:49.0341 1932 PNRPAutoReg - ok
08:50:49.0404 1932 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
08:50:49.0404 1932 PNRPsvc - ok
08:50:49.0497 1932 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
08:50:49.0513 1932 PolicyAgent - ok
08:50:49.0575 1932 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
08:50:49.0591 1932 Power - ok
08:50:49.0638 1932 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
08:50:49.0669 1932 PptpMiniport - ok
08:50:49.0684 1932 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\drivers\processr.sys
08:50:49.0700 1932 Processor - ok
08:50:49.0762 1932 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\windows\system32\profsvc.dll
08:50:49.0762 1932 ProfSvc - ok
08:50:49.0809 1932 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:50:49.0809 1932 ProtectedStorage - ok
08:50:49.0840 1932 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
08:50:49.0840 1932 Psched - ok
08:50:50.0028 1932 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\drivers\ql2300.sys
08:50:50.0074 1932 ql2300 - ok
08:50:50.0230 1932 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\drivers\ql40xx.sys
08:50:50.0246 1932 ql40xx - ok
08:50:50.0324 1932 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
08:50:50.0340 1932 QWAVE - ok
08:50:50.0371 1932 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
08:50:50.0371 1932 QWAVEdrv - ok
08:50:50.0386 1932 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
08:50:50.0386 1932 RasAcd - ok
08:50:50.0433 1932 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
08:50:50.0433 1932 RasAgileVpn - ok
08:50:50.0464 1932 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
08:50:50.0496 1932 RasAuto - ok
08:50:50.0511 1932 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
08:50:50.0527 1932 Rasl2tp - ok
08:50:50.0589 1932 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
08:50:50.0605 1932 RasMan - ok
08:50:50.0636 1932 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
08:50:50.0636 1932 RasPppoe - ok
08:50:50.0652 1932 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
08:50:50.0667 1932 RasSstp - ok
08:50:50.0714 1932 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
08:50:50.0730 1932 rdbss - ok
08:50:50.0745 1932 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\drivers\rdpbus.sys
08:50:50.0745 1932 rdpbus - ok
08:50:50.0761 1932 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
08:50:50.0761 1932 RDPCDD - ok
08:50:50.0808 1932 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
08:50:50.0808 1932 RDPENCDD - ok
08:50:50.0823 1932 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
08:50:50.0823 1932 RDPREFMP - ok
08:50:50.0886 1932 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
08:50:50.0901 1932 RDPWD - ok
08:50:50.0948 1932 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
08:50:50.0964 1932 rdyboost - ok
08:50:51.0011 1932 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
08:50:51.0026 1932 RemoteAccess - ok
08:50:51.0073 1932 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
08:50:51.0089 1932 RemoteRegistry - ok
08:50:51.0151 1932 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
08:50:51.0182 1932 RFCOMM - ok
08:50:51.0229 1932 ROOTMODEM (388d3dd1a6457280f3badba9f3acd6b1) C:\windows\system32\Drivers\RootMdm.sys
08:50:51.0229 1932 ROOTMODEM - ok
08:50:51.0260 1932 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
08:50:51.0260 1932 RpcEptMapper - ok
08:50:51.0291 1932 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
08:50:51.0291 1932 RpcLocator - ok
08:50:51.0369 1932 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
08:50:51.0385 1932 RpcSs - ok
08:50:51.0447 1932 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
08:50:51.0447 1932 rspndr - ok
08:50:51.0510 1932 RSUSBVSTOR (89dfb71b370d82dfe75183f677043cee) C:\windows\system32\Drivers\RtsUVStor.sys
08:50:51.0525 1932 RSUSBVSTOR - ok
08:50:51.0603 1932 RTL8167 (baefee35d27a5440d35092ce10267bec) C:\windows\system32\DRIVERS\Rt64win7.sys
08:50:51.0619 1932 RTL8167 - ok
08:50:51.0666 1932 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:50:51.0666 1932 SamSs - ok
08:50:51.0697 1932 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
08:50:51.0713 1932 sbp2port - ok
08:50:51.0775 1932 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
08:50:51.0791 1932 SCardSvr - ok
08:50:51.0806 1932 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
08:50:51.0806 1932 scfilter - ok
08:50:51.0931 1932 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
08:50:51.0962 1932 Schedule - ok
08:50:51.0993 1932 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
08:50:51.0993 1932 SCPolicySvc - ok
08:50:52.0056 1932 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
08:50:52.0071 1932 SDRSVC - ok
08:50:52.0134 1932 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
08:50:52.0134 1932 secdrv - ok
08:50:52.0149 1932 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
08:50:52.0149 1932 seclogon - ok
08:50:52.0181 1932 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
08:50:52.0196 1932 SENS - ok
08:50:52.0212 1932 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
08:50:52.0212 1932 SensrSvc - ok
08:50:52.0227 1932 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\drivers\serenum.sys
08:50:52.0243 1932 Serenum - ok
08:50:52.0274 1932 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\drivers\serial.sys
08:50:52.0274 1932 Serial - ok
08:50:52.0305 1932 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\drivers\sermouse.sys
08:50:52.0305 1932 sermouse - ok
08:50:52.0352 1932 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
08:50:52.0368 1932 SessionEnv - ok
08:50:52.0383 1932 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
08:50:52.0383 1932 sffdisk - ok
08:50:52.0399 1932 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
08:50:52.0399 1932 sffp_mmc - ok
08:50:52.0415 1932 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
08:50:52.0415 1932 sffp_sd - ok
08:50:52.0430 1932 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\drivers\sfloppy.sys
08:50:52.0430 1932 sfloppy - ok
08:50:52.0493 1932 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
08:50:52.0493 1932 ShellHWDetection - ok
08:50:52.0539 1932 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\drivers\SiSRaid2.sys
08:50:52.0539 1932 SiSRaid2 - ok
08:50:52.0555 1932 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\drivers\sisraid4.sys
08:50:52.0571 1932 SiSRaid4 - ok
08:50:52.0633 1932 SkypeUpdate (17eab7852ff9f15fbaab4e95efc0b812) C:\Program Files (x86)\Skype\Updater\Updater.exe
08:50:52.0649 1932 SkypeUpdate - ok
08:50:52.0680 1932 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
08:50:52.0680 1932 Smb - ok
08:50:52.0727 1932 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
08:50:52.0727 1932 SNMPTRAP - ok
08:50:52.0742 1932 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
08:50:52.0758 1932 spldr - ok
08:50:52.0820 1932 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
08:50:52.0851 1932 Spooler - ok
08:50:53.0195 1932 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
08:50:53.0288 1932 sppsvc - ok
08:50:53.0429 1932 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
08:50:53.0429 1932 sppuinotify - ok
08:50:53.0491 1932 SPUVCbv (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
08:50:53.0507 1932 SPUVCbv - ok
08:50:53.0585 1932 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
08:50:53.0600 1932 srv - ok
08:50:53.0663 1932 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
08:50:53.0678 1932 srv2 - ok
08:50:53.0709 1932 srvnet (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
08:50:53.0741 1932 srvnet - ok
08:50:53.0787 1932 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
08:50:53.0787 1932 SSDPSRV - ok
08:50:53.0803 1932 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
08:50:53.0819 1932 SstpSvc - ok
08:50:53.0850 1932 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\drivers\stexstor.sys
08:50:53.0850 1932 stexstor - ok
08:50:53.0928 1932 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
08:50:53.0943 1932 stisvc - ok
08:50:53.0975 1932 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys
08:50:53.0975 1932 swenum - ok
08:50:54.0037 1932 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
08:50:54.0068 1932 swprv - ok
08:50:54.0271 1932 SynTP (9643991b5cfd7a9ba68626b7a005f7e6) C:\windows\system32\DRIVERS\SynTP.sys
08:50:54.0287 1932 SynTP - ok
08:50:54.0599 1932 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
08:50:54.0661 1932 SysMain - ok
08:50:54.0786 1932 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
08:50:54.0801 1932 TabletInputService - ok
08:50:54.0864 1932 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
08:50:54.0879 1932 TapiSrv - ok
08:50:54.0895 1932 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
08:50:54.0895 1932 TBS - ok
08:50:55.0160 1932 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
08:50:55.0238 1932 Tcpip - ok
08:50:55.0566 1932 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
08:50:55.0597 1932 TCPIP6 - ok
08:50:55.0706 1932 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
08:50:55.0706 1932 tcpipreg - ok
08:50:55.0737 1932 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
08:50:55.0737 1932 TDPIPE - ok
08:50:55.0753 1932 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
08:50:55.0753 1932 TDTCP - ok
08:50:55.0784 1932 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
08:50:55.0815 1932 tdx - ok
08:50:55.0831 1932 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\DRIVERS\termdd.sys
08:50:55.0831 1932 TermDD - ok
08:50:55.0925 1932 TermService (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
08:50:55.0940 1932 TermService - ok
08:50:55.0971 1932 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
08:50:55.0971 1932 Themes - ok
08:50:56.0003 1932 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
08:50:56.0003 1932 THREADORDER - ok
08:50:56.0034 1932 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
08:50:56.0049 1932 TrkWks - ok
08:50:56.0112 1932 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
08:50:56.0112 1932 TrustedInstaller - ok
08:50:56.0143 1932 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
08:50:56.0143 1932 tssecsrv - ok
08:50:56.0190 1932 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
08:50:56.0190 1932 TsUsbFlt - ok
08:50:56.0205 1932 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\windows\system32\drivers\TsUsbGD.sys
08:50:56.0221 1932 TsUsbGD - ok
08:50:56.0268 1932 tunnel (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
08:50:56.0299 1932 tunnel - ok
08:50:56.0315 1932 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\drivers\uagp35.sys
08:50:56.0315 1932 uagp35 - ok
08:50:56.0377 1932 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
08:50:56.0377 1932 udfs - ok
08:50:56.0408 1932 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
08:50:56.0424 1932 UI0Detect - ok
08:50:56.0455 1932 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
08:50:56.0455 1932 uliagpkx - ok
08:50:56.0486 1932 umbus (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\DRIVERS\umbus.sys
08:50:56.0486 1932 umbus - ok
08:50:56.0517 1932 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\drivers\umpass.sys
08:50:56.0517 1932 UmPass - ok
08:50:56.0892 1932 UNS (7e5e1603d0ff2d240ae70295c5c3fefc) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
08:50:56.0970 1932 UNS - ok
08:50:57.0157 1932 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
08:50:57.0173 1932 upnphost - ok
08:50:57.0219 1932 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\windows\system32\Drivers\usbaapl64.sys
08:50:57.0219 1932 USBAAPL64 - ok
08:50:57.0251 1932 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
08:50:57.0282 1932 usbccgp - ok
08:50:57.0313 1932 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
08:50:57.0329 1932 usbcir - ok
08:50:57.0391 1932 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\DRIVERS\usbehci.sys
08:50:57.0391 1932 usbehci - ok
08:50:57.0453 1932 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
08:50:57.0500 1932 usbhub - ok
08:50:57.0563 1932 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
08:50:57.0563 1932 usbohci - ok
08:50:57.0594 1932 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
08:50:57.0594 1932 usbprint - ok
08:50:57.0641 1932 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
08:50:57.0641 1932 USBSTOR - ok
08:50:57.0672 1932 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
08:50:57.0672 1932 usbuhci - ok
08:50:57.0719 1932 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\windows\system32\Drivers\usbvideo.sys
08:50:57.0719 1932 usbvideo - ok
08:50:57.0750 1932 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
08:50:57.0750 1932 UxSms - ok
08:50:57.0797 1932 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
08:50:57.0797 1932 VaultSvc - ok
08:50:57.0828 1932 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
08:50:57.0828 1932 vdrvroot - ok
08:50:57.0906 1932 vds (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
08:50:57.0921 1932 vds - ok
08:50:57.0937 1932 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
08:50:57.0937 1932 vga - ok
08:50:57.0953 1932 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
08:50:57.0953 1932 VgaSave - ok
08:50:57.0984 1932 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
08:50:57.0999 1932 vhdmp - ok
08:50:58.0015 1932 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
08:50:58.0015 1932 viaide - ok
08:50:58.0031 1932 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
08:50:58.0031 1932 volmgr - ok
08:50:58.0077 1932 volmgrx (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
08:50:58.0077 1932 volmgrx - ok
08:50:58.0124 1932 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
08:50:58.0124 1932 volsnap - ok
08:50:58.0187 1932 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\drivers\vsmraid.sys
08:50:58.0202 1932 vsmraid - ok
08:50:58.0405 1932 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
08:50:58.0452 1932 VSS - ok
08:50:58.0577 1932 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
08:50:58.0577 1932 vwifibus - ok
08:50:58.0608 1932 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
08:50:58.0608 1932 vwififlt - ok
08:50:58.0670 1932 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
08:50:58.0701 1932 W32Time - ok
08:50:58.0701 1932 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\drivers\wacompen.sys
08:50:58.0717 1932 WacomPen - ok
08:50:58.0748 1932 WANARP (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:50:58.0764 1932 WANARP - ok
08:50:58.0764 1932 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
08:50:58.0779 1932 Wanarpv6 - ok
08:50:58.0982 1932 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe
08:50:59.0029 1932 WatAdminSvc - ok
08:50:59.0216 1932 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
08:50:59.0263 1932 wbengine - ok
08:50:59.0419 1932 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
08:50:59.0435 1932 WbioSrvc - ok
08:50:59.0497 1932 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
08:50:59.0497 1932 wcncsvc - ok
08:50:59.0528 1932 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
08:50:59.0528 1932 WcsPlugInService - ok
08:50:59.0559 1932 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\drivers\wd.sys
08:50:59.0575 1932 Wd - ok
08:50:59.0653 1932 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
08:50:59.0653 1932 Wdf01000 - ok
08:50:59.0684 1932 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:50:59.0684 1932 WdiServiceHost - ok
08:50:59.0684 1932 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
08:50:59.0700 1932 WdiSystemHost - ok
08:50:59.0731 1932 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
08:50:59.0747 1932 WebClient - ok
08:50:59.0778 1932 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
08:50:59.0793 1932 Wecsvc - ok
08:50:59.0825 1932 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
08:50:59.0825 1932 wercplsupport - ok
08:50:59.0856 1932 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
08:50:59.0856 1932 WerSvc - ok
08:50:59.0949 1932 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
08:50:59.0949 1932 WfpLwf - ok
08:50:59.0965 1932 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
08:50:59.0965 1932 WIMMount - ok
08:50:59.0981 1932 WinHttpAutoProxySvc - ok
08:51:00.0043 1932 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
08:51:00.0043 1932 Winmgmt - ok
08:51:00.0261 1932 WinRM (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
08:51:00.0324 1932 WinRM - ok
08:51:00.0480 1932 WinUsb (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
08:51:00.0480 1932 WinUsb - ok
08:51:00.0620 1932 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
08:51:00.0636 1932 Wlansvc - ok
08:51:00.0698 1932 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:51:00.0698 1932 wlcrasvc - ok
08:51:00.0979 1932 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:51:01.0041 1932 wlidsvc - ok
08:51:01.0213 1932 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
08:51:01.0213 1932 WmiAcpi - ok
08:51:01.0291 1932 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
08:51:01.0338 1932 wmiApSrv - ok
08:51:01.0400 1932 WMPNetworkSvc - ok
08:51:01.0463 1932 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
08:51:01.0463 1932 WPCSvc - ok
08:51:01.0494 1932 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
08:51:01.0525 1932 WPDBusEnum - ok
08:51:01.0556 1932 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
08:51:01.0556 1932 ws2ifsl - ok
08:51:01.0572 1932 WSearch - ok
08:51:01.0634 1932 wsvd (83575c43b2bfe9ab0661a7f957e843c0) C:\windows\system32\DRIVERS\wsvd.sys
08:51:01.0650 1932 wsvd - ok
08:51:01.0931 1932 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
08:51:02.0024 1932 wuauserv - ok
08:51:02.0150 1932 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
08:51:02.0181 1932 WudfPf - ok
08:51:02.0228 1932 WUDFRd (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
08:51:02.0244 1932 WUDFRd - ok
08:51:02.0290 1932 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
08:51:02.0290 1932 wudfsvc - ok
08:51:02.0337 1932 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
08:51:02.0337 1932 WwanSvc - ok
08:51:02.0415 1932 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:51:02.0914 1932 \Device\Harddisk0\DR0 - ok
08:51:02.0914 1932 Boot (0x1200) (94958b7d2583f1fe5f9394a3177ee2a5) \Device\Harddisk0\DR0\Partition0
08:51:02.0914 1932 \Device\Harddisk0\DR0\Partition0 - ok
08:51:02.0946 1932 Boot (0x1200) (b96c12cabbb8c62b03437371f789f08f) \Device\Harddisk0\DR0\Partition1
08:51:02.0961 1932 \Device\Harddisk0\DR0\Partition1 - ok
08:51:02.0992 1932 Boot (0x1200) (cfba3180deee7dee705076d57055166d) \Device\Harddisk0\DR0\Partition2
08:51:02.0992 1932 \Device\Harddisk0\DR0\Partition2 - ok
08:51:02.0992 1932 ============================================================
08:51:02.0992 1932 Scan finished
08:51:02.0992 1932 ============================================================
08:51:03.0024 3120 Detected object count: 0
08:51:03.0024 3120 Actual detected object count: 0
08:51:07.0969 4852 Deinitialize success

ASW log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-17 08:58:12
-----------------------------
08:58:12.523 OS Version: Windows x64 6.1.7601 Service Pack 1
08:58:12.523 Number of processors: 4 586 0x2A07
08:58:12.523 ComputerName: STEVE-PC UserName: Steve
08:58:15.426 Initialize success
08:58:21.214 AVAST engine defs: 12071700
08:58:24.694 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:58:24.710 Disk 0 Vendor: WDC_WD50 03.0 Size: 476940MB BusType: 3
08:58:24.725 Disk 0 MBR read successfully
08:58:24.725 Disk 0 MBR scan
08:58:24.741 Disk 0 Windows 7 default MBR code
08:58:24.757 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
08:58:24.772 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 431938 MB offset 411648
08:58:24.788 Disk 0 Partition - 00 0F Extended LBA 29692 MB offset 885020672
08:58:24.819 Disk 0 Partition 3 00 12 Compaq diag NTFS 15109 MB offset 945829888
08:58:24.850 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 29691 MB offset 885022720
08:58:24.913 Disk 0 scanning C:\windows\system32\drivers
08:58:45.258 Service scanning
09:00:28.734 Modules scanning
09:00:29.248 Disk 0 trace - called modules:
09:00:29.295 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
09:00:29.311 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80065ef060]
09:00:29.326 3 CLASSPNP.SYS[fffff88001ba343f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004734050]
09:00:32.462 AVAST engine scan C:\windows
09:00:41.916 AVAST engine scan C:\windows\system32
09:02:46.607 File: C:\windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
09:02:49.072 File: C:\windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
09:04:34.018 AVAST engine scan C:\windows\system32\drivers
09:04:58.495 AVAST engine scan C:\Users\Steve
09:05:39.980 File: C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YX7AXFK\0[1].rar **INFECTED** Win32:Malware-gen
09:08:23.159 File: C:\Users\Steve\AppData\Local\Temp\HIMYM.DLL.1Xe.tmp **INFECTED** Win32:Malware-gen
09:08:33.307 File: C:\Users\Steve\AppData\Local\{b7229863-b099-39c9-a832-0b2c3ca33751}\n **INFECTED** Win32:Sirefef-PL [Rtk]
09:08:33.393 File: C:\Users\Steve\AppData\Local\{b7229863-b099-39c9-a832-0b2c3ca33751}\U\00000004.@ **INFECTED** Win32:Malware-gen
09:08:33.534 File: C:\Users\Steve\AppData\Local\{b7229863-b099-39c9-a832-0b2c3ca33751}\U\80000000.@ **INFECTED** Win32:Malware-gen
09:08:33.579 File: C:\Users\Steve\AppData\Local\{b7229863-b099-39c9-a832-0b2c3ca33751}\U\80000032.@ **INFECTED** Win32:Downloader-PKU [Trj]
09:08:33.621 File: C:\Users\Steve\AppData\Local\{b7229863-b099-39c9-a832-0b2c3ca33751}\U\80000064.@ **INFECTED** Win32:Malware-gen
09:11:10.199 File: C:\Users\Steve\AppData\Roaming\Ynyqpa\obuwkyi.exe **INFECTED** Win32:Malware-gen
09:11:38.272 AVAST engine scan C:\ProgramData
09:12:14.999 Scan finished successfully
09:13:05.229 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
09:13:05.234 The log file has been saved successfully to "C:\aswMBR.txt"

#4 stevepark309

stevepark309
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 17 July 2012 - 09:22 AM

ESET log

C:\Program Files (x86)\Starcraft\maps\config.exe a variant of Win32/TrojanDownloader.Agent.RGX trojan cleaned by deleting - quarantined
C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2YX7AXFK\0[1].rar Win32/Delf.QMR trojan cleaned by deleting - quarantined
C:\Users\Steve\AppData\Local\Temp\HIMYM.DLL.1Xe.tmp a variant of Win32/PSW.OnLineGames.PYR trojan cleaned by deleting - quarantined
C:\Users\Steve\AppData\Local\{b7229863-b099-39c9-a832-0b2c3ca33751}\n Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Steve\AppData\Local\{b7229863-b099-39c9-a832-0b2c3ca33751}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Users\Steve\AppData\Local\{b7229863-b099-39c9-a832-0b2c3ca33751}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Users\Steve\AppData\Local\{b7229863-b099-39c9-a832-0b2c3ca33751}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Users\Steve\AppData\Roaming\Ynyqpa\obuwkyi.exe a variant of Win32/Kryptik.ABNN trojan cleaned by deleting - quarantined
C:\Windows\Installer\{b7229863-b099-39c9-a832-0b2c3ca33751}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined
C:\Windows\Installer\{b7229863-b099-39c9-a832-0b2c3ca33751}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{b7229863-b099-39c9-a832-0b2c3ca33751}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{b7229863-b099-39c9-a832-0b2c3ca33751}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\home[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Windows\winsxs\Temp\PendingDeletes\$$DeleteMe.services.exe.01cd63e036087368.0000 Win64/Patched.B.Gen trojan deleted - quarantined
Operating memory a variant of Win32/Sirefef.FD trojan

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:09 AM

Posted 17 July 2012 - 09:51 AM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#6 stevepark309

stevepark309
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:05:09 AM

Posted 17 July 2012 - 10:04 AM

Thank you

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:09 AM

Posted 17 July 2012 - 04:07 PM

You're welcome :)

#8 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,049 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:05:09 AM

Posted 20 July 2012 - 10:30 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic461068.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take a few more days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users