Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Keep getting directed to ads from google search results


  • This topic is locked This topic is locked
6 replies to this topic

#1 the kcj

the kcj

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:55 PM

Posted 17 July 2012 - 10:01 PM

Hello! I hope I'm posting this in the right forum. I see similar topics and thought this was the most appropriate place.

PROBLEM:
I'm currently using Firefox as my main browser. However, when I do any google searches and open new tabs in Chrome/Firefox/IE I keep getting redirected to ads that aren't the websites I clicked on. The problem occurs more frequently when I open a new tab using right click, but also occurs when I just click on the link without opening a new tab or window. Sometimes, a new window or tab will pop up to an ad when I haven't clicked on anything. The redirect isn't limited to google searches but when I click on links from blogs or articles I read/facebook/tumblr, they redirect me as well.

BACKGROUND:
This has been happening for about a week now. In the beginning, it wasn't that bad and I thought maybe it was just a small glitch. But now almost after several clicks, I get ads and can never get to the actual website I want to. When I try to click back to the original page, I keep getting the ad page and can't get back to the google search results or the website I was on.

Originally, I was using Chrome but then I kept getting this message of "a weak signature algorithm" when trying access gmail and other websites I used to be able to use without any problems. So I switched to Firefox (which can access gmail and other websites just fine) but noticed how the redirects kept happening more and more frequently. Not sure if this is related to the redirect problem, but I just noticed it more after getting the weak signature algorithm message from Chrome. (I get the weak signature algorithm message only on my computer. My parents' and sister's computer can access gmail on chrome just fine. The problem also still occurs when I go to the public library and use the wifi there.)

ACTIONS TAKEN:
I ran SuperAntiSpyware and it seemed to help for a little bit but the problem occurred an hour or two later.

I'm running Windows 7 Home Premium. Also, I just included some ad examples that I get redirected to on all three browsers. All of these examples occurred after I right clicked to open a new tab from a google search.

EXAMPLES:

Chrome:
1) http://sortfly.com/?s=how%20to%20lose%20weight
2) http://www.zapmeta.com/ilus/mivausc850hq/how%20to%20lose%20the%20weight/
3) http://w2.riscogs.info/uoon/info.html

Firefox:

1) http://www.google.com/webhp (This just brought me back to google even though I clicked on an outgoing link.)
2) http://searchbusinesslisting.com/websearch.php?search=getting+a+job+after+college

IE:

1) http://sortfly.com/?s=how%20to%20lose%20weight


Sorry that was a lot, but I just wanted to be thorough as possible. Thank you for any future help.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:55 PM

Posted 18 July 2012 - 12:49 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)



Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 the kcj

the kcj
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:55 PM

Posted 18 July 2012 - 11:26 AM

Here are the logs. Thanks for replying so quickly!



10:20:25.0607 5828 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
10:20:25.0878 5828 ============================================================
10:20:25.0878 5828 Current date / time: 2012/07/18 10:20:25.0878
10:20:25.0878 5828 SystemInfo:
10:20:25.0878 5828
10:20:25.0879 5828 OS Version: 6.1.7601 ServicePack: 1.0
10:20:25.0879 5828 Product type: Workstation
10:20:25.0879 5828 ComputerName: CASIEJEON-PC
10:20:25.0882 5828 UserName: Casie Jeon
10:20:25.0882 5828 Windows directory: C:\Windows
10:20:25.0882 5828 System windows directory: C:\Windows
10:20:25.0882 5828 Running under WOW64
10:20:25.0882 5828 Processor architecture: Intel x64
10:20:25.0882 5828 Number of processors: 4
10:20:25.0882 5828 Page size: 0x1000
10:20:25.0882 5828 Boot type: Normal boot
10:20:25.0882 5828 ============================================================
10:20:28.0222 5828 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags

0x00000040
10:20:28.0226 5828 ============================================================
10:20:28.0226 5828 \Device\Harddisk0\DR0:
10:20:28.0226 5828 MBR partitions:
10:20:28.0226 5828 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:20:28.0226 5828 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x16800000
10:20:28.0247 5828 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x16833000, BlocksNum 0x218FE800
10:20:28.0247 5828 ============================================================
10:20:28.0294 5828 C: <-> \Device\Harddisk0\DR0\Partition1
10:20:28.0365 5828 D: <-> \Device\Harddisk0\DR0\Partition2
10:20:28.0388 5828 ============================================================
10:20:28.0388 5828 Initialize success
10:20:28.0388 5828 ============================================================
10:21:25.0691 9668 ============================================================
10:21:25.0691 9668 Scan started
10:21:25.0691 9668 Mode: Manual; TDLFS;
10:21:25.0691 9668 ============================================================
10:21:26.0564 9668 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:21:26.0566 9668 !SASCORE - ok
10:21:26.0776 9668 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:21:26.0779 9668 1394ohci - ok
10:21:26.0809 9668 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:21:26.0812 9668 ACPI - ok
10:21:26.0842 9668 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:21:26.0843 9668 AcpiPmi - ok
10:21:26.0947 9668 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:21:26.0949 9668 AdobeARMservice - ok
10:21:27.0078 9668 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:21:27.0080 9668 AdobeFlashPlayerUpdateSvc - ok
10:21:27.0186 9668 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
10:21:27.0193 9668 adp94xx - ok
10:21:27.0244 9668 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
10:21:27.0248 9668 adpahci - ok
10:21:27.0277 9668 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
10:21:27.0279 9668 adpu320 - ok
10:21:27.0322 9668 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:21:27.0323 9668 AeLookupSvc - ok
10:21:27.0386 9668 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:21:27.0391 9668 AFD - ok
10:21:27.0451 9668 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:21:27.0452 9668 agp440 - ok
10:21:27.0475 9668 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:21:27.0477 9668 ALG - ok
10:21:27.0518 9668 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:21:27.0519 9668 aliide - ok
10:21:27.0533 9668 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:21:27.0534 9668 amdide - ok
10:21:27.0565 9668 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
10:21:27.0566 9668 AmdK8 - ok
10:21:27.0585 9668 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
10:21:27.0587 9668 AmdPPM - ok
10:21:27.0637 9668 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:21:27.0639 9668 amdsata - ok
10:21:27.0671 9668 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
10:21:27.0674 9668 amdsbs - ok
10:21:27.0694 9668 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:21:27.0695 9668 amdxata - ok
10:21:27.0733 9668 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:21:27.0735 9668 AppID - ok
10:21:27.0778 9668 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:21:27.0779 9668 AppIDSvc - ok
10:21:27.0833 9668 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:21:27.0835 9668 Appinfo - ok
10:21:28.0001 9668 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:21:28.0004 9668 Apple Mobile Device - ok
10:21:28.0165 9668 Application Updater (b4a30f0a7494cdbec73f6bd30fb619d9) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
10:21:28.0178 9668 Application Updater - ok
10:21:28.0225 9668 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
10:21:28.0227 9668 arc - ok
10:21:28.0272 9668 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
10:21:28.0273 9668 arcsas - ok
10:21:28.0314 9668 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:21:28.0314 9668 AsyncMac - ok
10:21:28.0354 9668 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:21:28.0355 9668 atapi - ok
10:21:28.0442 9668 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:21:28.0449 9668 AudioEndpointBuilder - ok
10:21:28.0459 9668 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:21:28.0463 9668 AudioSrv - ok
10:21:28.0515 9668 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:21:28.0517 9668 AxInstSV - ok
10:21:28.0589 9668 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
10:21:28.0594 9668 b06bdrv - ok
10:21:28.0632 9668 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:21:28.0635 9668 b57nd60a - ok
10:21:28.0765 9668 BackupStack (db449226fe120651661cf047f32e60c1) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
10:21:28.0766 9668 BackupStack - ok
10:21:28.0944 9668 BBSvc (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
10:21:28.0946 9668 BBSvc - ok
10:21:29.0020 9668 BBUpdate (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
10:21:29.0023 9668 BBUpdate - ok
10:21:29.0057 9668 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:21:29.0059 9668 BDESVC - ok
10:21:29.0106 9668 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:21:29.0106 9668 Beep - ok
10:21:29.0182 9668 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
10:21:29.0213 9668 BITS - ok
10:21:29.0261 9668 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:21:29.0262 9668 blbdrive - ok
10:21:29.0358 9668 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:21:29.0365 9668 Bonjour Service - ok
10:21:29.0404 9668 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:21:29.0405 9668 bowser - ok
10:21:29.0451 9668 bpenum (f46dd257fad7d2d097ef32e72220a06c) C:\Windows\system32\DRIVERS\bpenum.sys
10:21:29.0452 9668 bpenum - ok
10:21:29.0493 9668 bpmp (e82060aed0f28ed8909f2b07fa276185) C:\Windows\system32\DRIVERS\bpmp.sys
10:21:29.0495 9668 bpmp - ok
10:21:29.0524 9668 bpusb (fc6313a5a45c1ae53d0491f0057d5a4d) C:\Windows\system32\Drivers\bpusb.sys
10:21:29.0526 9668 bpusb - ok
10:21:29.0547 9668 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:21:29.0548 9668 BrFiltLo - ok
10:21:29.0592 9668 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:21:29.0593 9668 BrFiltUp - ok
10:21:29.0635 9668 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:21:29.0637 9668 Browser - ok
10:21:29.0681 9668 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:21:29.0685 9668 Brserid - ok
10:21:29.0702 9668 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:21:29.0703 9668 BrSerWdm - ok
10:21:29.0710 9668 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:21:29.0711 9668 BrUsbMdm - ok
10:21:29.0721 9668 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:21:29.0722 9668 BrUsbSer - ok
10:21:29.0762 9668 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
10:21:29.0763 9668 BTHMODEM - ok
10:21:29.0807 9668 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:21:29.0809 9668 bthserv - ok
10:21:29.0837 9668 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:21:29.0839 9668 cdfs - ok
10:21:29.0892 9668 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
10:21:29.0894 9668 cdrom - ok
10:21:29.0941 9668 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:21:29.0942 9668 CertPropSvc - ok
10:21:29.0973 9668 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
10:21:29.0974 9668 circlass - ok
10:21:30.0026 9668 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:21:30.0031 9668 CLFS - ok
10:21:30.0096 9668 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:21:30.0098 9668 clr_optimization_v2.0.50727_32 - ok
10:21:30.0128 9668 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:21:30.0130 9668 clr_optimization_v2.0.50727_64 - ok
10:21:30.0249 9668 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:21:30.0272 9668 clr_optimization_v4.0.30319_32 - ok
10:21:30.0312 9668 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:21:30.0315 9668 clr_optimization_v4.0.30319_64 - ok
10:21:30.0358 9668 clwvd (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
10:21:30.0359 9668 clwvd - ok
10:21:30.0403 9668 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:21:30.0404 9668 CmBatt - ok
10:21:30.0435 9668 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:21:30.0435 9668 cmdide - ok
10:21:30.0485 9668 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
10:21:30.0490 9668 CNG - ok
10:21:30.0538 9668 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:21:30.0539 9668 Compbatt - ok
10:21:30.0576 9668 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:21:30.0577 9668 CompositeBus - ok
10:21:30.0593 9668 COMSysApp - ok
10:21:30.0610 9668 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
10:21:30.0611 9668 crcdisk - ok
10:21:30.0652 9668 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
10:21:30.0655 9668 CryptSvc - ok
10:21:30.0710 9668 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:21:30.0716 9668 DcomLaunch - ok
10:21:30.0759 9668 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:21:30.0763 9668 defragsvc - ok
10:21:30.0816 9668 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:21:30.0818 9668 DfsC - ok
10:21:30.0904 9668 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:21:30.0907 9668 Dhcp - ok
10:21:30.0939 9668 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:21:30.0940 9668 discache - ok
10:21:30.0969 9668 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
10:21:30.0970 9668 Disk - ok
10:21:31.0043 9668 DMAgent (c4aebbeb530706b45b7916161a1f525d) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
10:21:31.0047 9668 DMAgent - ok
10:21:31.0089 9668 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:21:31.0092 9668 Dnscache - ok
10:21:31.0134 9668 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:21:31.0137 9668 dot3svc - ok
10:21:31.0172 9668 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:21:31.0174 9668 DPS - ok
10:21:31.0212 9668 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:21:31.0213 9668 drmkaud - ok
10:21:31.0282 9668 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:21:31.0293 9668 DXGKrnl - ok
10:21:31.0323 9668 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:21:31.0325 9668 EapHost - ok
10:21:31.0508 9668 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
10:21:31.0539 9668 ebdrv - ok
10:21:31.0644 9668 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:21:31.0645 9668 EFS - ok
10:21:31.0741 9668 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:21:31.0750 9668 ehRecvr - ok
10:21:31.0782 9668 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:21:31.0784 9668 ehSched - ok
10:21:31.0892 9668 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
10:21:31.0899 9668 elxstor - ok
10:21:31.0931 9668 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:21:31.0932 9668 ErrDev - ok
10:21:31.0982 9668 ETD (ace57d5012b00971cce04c61cfeefae6) C:\Windows\system32\DRIVERS\ETD.sys
10:21:31.0983 9668 ETD - ok
10:21:32.0034 9668 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:21:32.0037 9668 EventSystem - ok
10:21:32.0240 9668 EvtEng (bdf87981c5fea94fd259f110fb8b1a72) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:21:32.0258 9668 EvtEng - ok
10:21:32.0390 9668 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:21:32.0394 9668 exfat - ok
10:21:32.0413 9668 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:21:32.0416 9668 fastfat - ok
10:21:32.0483 9668 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:21:32.0490 9668 Fax - ok
10:21:32.0511 9668 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
10:21:32.0513 9668 fdc - ok
10:21:32.0544 9668 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:21:32.0545 9668 fdPHost - ok
10:21:32.0563 9668 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:21:32.0564 9668 FDResPub - ok
10:21:32.0594 9668 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:21:32.0596 9668 FileInfo - ok
10:21:32.0611 9668 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:21:32.0612 9668 Filetrace - ok
10:21:32.0642 9668 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
10:21:32.0643 9668 flpydisk - ok
10:21:32.0685 9668 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:21:32.0689 9668 FltMgr - ok
10:21:32.0772 9668 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:21:32.0785 9668 FontCache - ok
10:21:32.0854 9668 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:21:32.0856 9668 FontCache3.0.0.0 - ok
10:21:32.0906 9668 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:21:32.0907 9668 FsDepends - ok
10:21:32.0939 9668 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
10:21:32.0940 9668 Fs_Rec - ok
10:21:32.0990 9668 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:21:32.0993 9668 fvevol - ok
10:21:33.0024 9668 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
10:21:33.0025 9668 gagp30kx - ok
10:21:33.0076 9668 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:21:33.0078 9668 GEARAspiWDM - ok
10:21:33.0149 9668 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:21:33.0156 9668 gpsvc - ok
10:21:33.0257 9668 gupdate (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:21:33.0259 9668 gupdate - ok
10:21:33.0276 9668 gupdatem (506708142bc63daba64f2d3ad1dcd5bf) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:21:33.0277 9668 gupdatem - ok
10:21:33.0304 9668 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:21:33.0305 9668 hcw85cir - ok
10:21:33.0371 9668 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:21:33.0375 9668 HdAudAddService - ok
10:21:33.0411 9668 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:21:33.0414 9668 HDAudBus - ok
10:21:33.0446 9668 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
10:21:33.0447 9668 HECIx64 - ok
10:21:33.0471 9668 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
10:21:33.0472 9668 HidBatt - ok
10:21:33.0494 9668 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
10:21:33.0496 9668 HidBth - ok
10:21:33.0515 9668 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
10:21:33.0516 9668 HidIr - ok
10:21:33.0540 9668 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
10:21:33.0541 9668 hidserv - ok
10:21:33.0616 9668 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
10:21:33.0617 9668 HidUsb - ok
10:21:33.0662 9668 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:21:33.0664 9668 hkmsvc - ok
10:21:33.0697 9668 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:21:33.0701 9668 HomeGroupListener - ok
10:21:33.0740 9668 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:21:33.0744 9668 HomeGroupProvider - ok
10:21:33.0757 9668 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:21:33.0758 9668 HpSAMD - ok
10:21:33.0818 9668 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:21:33.0826 9668 HTTP - ok
10:21:33.0859 9668 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:21:33.0860 9668 hwpolicy - ok
10:21:33.0910 9668 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
10:21:33.0912 9668 i8042prt - ok
10:21:33.0964 9668 iaStor (a5f72bb0d024e7e463344105be613ae4) C:\Windows\system32\DRIVERS\iaStor.sys
10:21:33.0967 9668 iaStor - ok
10:21:34.0013 9668 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:21:34.0018 9668 iaStorV - ok
10:21:34.0138 9668 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:21:34.0152 9668 idsvc - ok
10:21:34.0654 9668 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:21:34.0838 9668 igfx - ok
10:21:34.0937 9668 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
10:21:34.0938 9668 iirsp - ok
10:21:35.0020 9668 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:21:35.0028 9668 IKEEXT - ok
10:21:35.0075 9668 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
10:21:35.0077 9668 Impcd - ok
10:21:35.0195 9668 IntcAzAudAddService (a0c2c3d4c03c4fb896cfc53873784178) C:\Windows\system32\drivers\RTKVHD64.sys
10:21:35.0222 9668 IntcAzAudAddService - ok
10:21:35.0329 9668 IntcDAud (c6c1f19205da83c801be7c25f4e2ee07) C:\Windows\system32\DRIVERS\IntcDAud.sys
10:21:35.0332 9668 IntcDAud - ok
10:21:35.0372 9668 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:21:35.0373 9668 intelide - ok
10:21:35.0422 9668 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:21:35.0423 9668 intelppm - ok
10:21:35.0470 9668 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:21:35.0472 9668 IPBusEnum - ok
10:21:35.0524 9668 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:21:35.0525 9668 IpFilterDriver - ok
10:21:35.0573 9668 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:21:35.0576 9668 IPMIDRV - ok
10:21:35.0626 9668 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:21:35.0629 9668 IPNAT - ok
10:21:35.0773 9668 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
10:21:35.0789 9668 iPod Service - ok
10:21:35.0826 9668 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:21:35.0827 9668 IRENUM - ok
10:21:35.0862 9668 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:21:35.0863 9668 isapnp - ok
10:21:35.0914 9668 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:21:35.0917 9668 iScsiPrt - ok
10:21:35.0952 9668 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
10:21:35.0953 9668 kbdclass - ok
10:21:35.0974 9668 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
10:21:35.0975 9668 kbdhid - ok
10:21:36.0012 9668 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:21:36.0013 9668 KeyIso - ok
10:21:36.0057 9668 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
10:21:36.0058 9668 KSecDD - ok
10:21:36.0072 9668 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
10:21:36.0074 9668 KSecPkg - ok
10:21:36.0089 9668 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:21:36.0090 9668 ksthunk - ok
10:21:36.0140 9668 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:21:36.0145 9668 KtmRm - ok
10:21:36.0214 9668 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
10:21:36.0218 9668 LanmanServer - ok
10:21:36.0257 9668 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:21:36.0260 9668 LanmanWorkstation - ok
10:21:36.0296 9668 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:21:36.0297 9668 lltdio - ok
10:21:36.0335 9668 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:21:36.0339 9668 lltdsvc - ok
10:21:36.0361 9668 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:21:36.0362 9668 lmhosts - ok
10:21:36.0469 9668 LMS (23d990150d56b670a62b21b9abdd45ee) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
10:21:36.0473 9668 LMS - ok
10:21:36.0525 9668 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
10:21:36.0528 9668 LSI_FC - ok
10:21:36.0550 9668 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
10:21:36.0552 9668 LSI_SAS - ok
10:21:36.0566 9668 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:21:36.0567 9668 LSI_SAS2 - ok
10:21:36.0590 9668 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:21:36.0592 9668 LSI_SCSI - ok
10:21:36.0615 9668 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:21:36.0617 9668 luafv - ok
10:21:36.0668 9668 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:21:36.0671 9668 Mcx2Svc - ok
10:21:36.0682 9668 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
10:21:36.0684 9668 megasas - ok
10:21:36.0719 9668 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
10:21:36.0722 9668 MegaSR - ok
10:21:36.0754 9668 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:21:36.0755 9668 MMCSS - ok
10:21:36.0778 9668 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:21:36.0779 9668 Modem - ok
10:21:36.0807 9668 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:21:36.0808 9668 monitor - ok
10:21:36.0859 9668 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
10:21:36.0860 9668 mouclass - ok
10:21:36.0896 9668 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
10:21:36.0897 9668 mouhid - ok
10:21:36.0940 9668 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:21:36.0941 9668 mountmgr - ok
10:21:37.0042 9668 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:21:37.0044 9668 MozillaMaintenance - ok
10:21:37.0079 9668 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:21:37.0081 9668 mpio - ok
10:21:37.0109 9668 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:21:37.0110 9668 mpsdrv - ok
10:21:37.0145 9668 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:21:37.0147 9668 MRxDAV - ok
10:21:37.0191 9668 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:21:37.0193 9668 mrxsmb - ok
10:21:37.0238 9668 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:21:37.0242 9668 mrxsmb10 - ok
10:21:37.0256 9668 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:21:37.0259 9668 mrxsmb20 - ok
10:21:37.0288 9668 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:21:37.0290 9668 msahci - ok
10:21:37.0324 9668 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:21:37.0326 9668 msdsm - ok
10:21:37.0356 9668 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:21:37.0358 9668 MSDTC - ok
10:21:37.0390 9668 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:21:37.0391 9668 Msfs - ok
10:21:37.0411 9668 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:21:37.0412 9668 mshidkmdf - ok
10:21:37.0426 9668 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:21:37.0426 9668 msisadrv - ok
10:21:37.0448 9668 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:21:37.0451 9668 MSiSCSI - ok
10:21:37.0455 9668 msiserver - ok
10:21:37.0490 9668 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:21:37.0491 9668 MSKSSRV - ok
10:21:37.0509 9668 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:21:37.0510 9668 MSPCLOCK - ok
10:21:37.0530 9668 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:21:37.0530 9668 MSPQM - ok
10:21:37.0570 9668 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:21:37.0574 9668 MsRPC - ok
10:21:37.0614 9668 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:21:37.0615 9668 mssmbios - ok
10:21:37.0643 9668 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:21:37.0644 9668 MSTEE - ok
10:21:37.0659 9668 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
10:21:37.0660 9668 MTConfig - ok
10:21:37.0680 9668 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:21:37.0681 9668 Mup - ok
10:21:37.0758 9668 MyWiFiDHCPDNS (59aa4cff0c9eda2252bbf5b6c7c5aa21) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:21:37.0764 9668 MyWiFiDHCPDNS - ok
10:21:37.0817 9668 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:21:37.0822 9668 napagent - ok
10:21:37.0876 9668 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:21:37.0879 9668 NativeWifiP - ok
10:21:37.0973 9668 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:21:37.0984 9668 NDIS - ok
10:21:38.0022 9668 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:21:38.0023 9668 NdisCap - ok
10:21:38.0042 9668 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:21:38.0043 9668 NdisTapi - ok
10:21:38.0079 9668 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:21:38.0080 9668 Ndisuio - ok
10:21:38.0122 9668 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:21:38.0125 9668 NdisWan - ok
10:21:38.0167 9668 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:21:38.0168 9668 NDProxy - ok
10:21:38.0236 9668 Net Driver HPZ12 (dc6530a291d4bdf6df399f1f128e7f8f) C:\Windows\system32\HPZinw12.dll
10:21:38.0238 9668 Net Driver HPZ12 - ok
10:21:38.0274 9668 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:21:38.0275 9668 NetBIOS - ok
10:21:38.0328 9668 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:21:38.0331 9668 NetBT - ok
10:21:38.0368 9668 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:21:38.0369 9668 Netlogon - ok
10:21:38.0431 9668 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:21:38.0436 9668 Netman - ok
10:21:38.0463 9668 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:21:38.0469 9668 netprofm - ok
10:21:38.0545 9668 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:21:38.0547 9668 NetTcpPortSharing - ok
10:21:38.0867 9668 NETwNs64 (9aa75919d0a5f33bea0df7b9db09b755) C:\Windows\system32\DRIVERS\NETwNs64.sys
10:21:39.0016 9668 NETwNs64 - ok
10:21:39.0108 9668 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
10:21:39.0109 9668 nfrd960 - ok
10:21:39.0163 9668 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:21:39.0168 9668 NlaSvc - ok
10:21:39.0184 9668 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:21:39.0185 9668 Npfs - ok
10:21:39.0210 9668 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:21:39.0213 9668 nsi - ok
10:21:39.0223 9668 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:21:39.0223 9668 nsiproxy - ok
10:21:39.0309 9668 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:21:39.0326 9668 Ntfs - ok
10:21:39.0414 9668 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:21:39.0415 9668 Null - ok
10:21:39.0453 9668 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:21:39.0455 9668 nvraid - ok
10:21:39.0490 9668 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:21:39.0493 9668 nvstor - ok
10:21:39.0519 9668 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:21:39.0521 9668 nv_agp - ok
10:21:39.0547 9668 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:21:39.0549 9668 ohci1394 - ok
10:21:39.0646 9668 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:21:39.0650 9668 ose - ok
10:21:39.0967 9668 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:21:40.0085 9668 osppsvc - ok
10:21:40.0207 9668 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:21:40.0212 9668 p2pimsvc - ok
10:21:40.0241 9668 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:21:40.0246 9668 p2psvc - ok
10:21:40.0317 9668 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
10:21:40.0319 9668 Parport - ok
10:21:40.0350 9668 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
10:21:40.0352 9668 partmgr - ok
10:21:40.0388 9668 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:21:40.0391 9668 PcaSvc - ok
10:21:40.0438 9668 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:21:40.0441 9668 pci - ok
10:21:40.0456 9668 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:21:40.0457 9668 pciide - ok
10:21:40.0489 9668 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
10:21:40.0492 9668 pcmcia - ok
10:21:40.0505 9668 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:21:40.0507 9668 pcw - ok
10:21:40.0545 9668 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:21:40.0552 9668 PEAUTH - ok
10:21:40.0617 9668 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:21:40.0618 9668 PerfHost - ok
10:21:40.0753 9668 Pharos Systems ComTaskMaster (99f2dabc45056bac7d714c04296b1cc3) C:\PROGRA~2\PHAROS~1\Core\CTskMstr.exe
10:21:40.0757 9668 Pharos Systems ComTaskMaster - ok
10:21:40.0905 9668 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:21:40.0921 9668 pla - ok
10:21:40.0961 9668 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:21:40.0966 9668 PlugPlay - ok
10:21:41.0018 9668 Pml Driver HPZ12 (71f62c51dfdfbc04c83c5c64b2b8058e) C:\Windows\system32\HPZipm12.dll
10:21:41.0020 9668 Pml Driver HPZ12 - ok
10:21:41.0045 9668 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:21:41.0047 9668 PNRPAutoReg - ok
10:21:41.0071 9668 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:21:41.0074 9668 PNRPsvc - ok
10:21:41.0123 9668 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:21:41.0128 9668 PolicyAgent - ok
10:21:41.0173 9668 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:21:41.0175 9668 Power - ok
10:21:41.0252 9668 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:21:41.0253 9668 PptpMiniport - ok
10:21:41.0264 9668 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
10:21:41.0265 9668 Processor - ok
10:21:41.0307 9668 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
10:21:41.0311 9668 ProfSvc - ok
10:21:41.0345 9668 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:21:41.0346 9668 ProtectedStorage - ok
10:21:41.0399 9668 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:21:41.0403 9668 Psched - ok
10:21:41.0513 9668 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
10:21:41.0531 9668 ql2300 - ok
10:21:41.0640 9668 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
10:21:41.0642 9668 ql40xx - ok
10:21:41.0695 9668 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:21:41.0698 9668 QWAVE - ok
10:21:41.0714 9668 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:21:41.0716 9668 QWAVEdrv - ok
10:21:41.0739 9668 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:21:41.0739 9668 RasAcd - ok
10:21:41.0781 9668 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:21:41.0782 9668 RasAgileVpn - ok
10:21:41.0807 9668 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:21:41.0809 9668 RasAuto - ok
10:21:41.0846 9668 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:21:41.0847 9668 Rasl2tp - ok
10:21:41.0899 9668 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:21:41.0903 9668 RasMan - ok
10:21:41.0939 9668 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:21:41.0940 9668 RasPppoe - ok
10:21:41.0983 9668 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:21:41.0984 9668 RasSstp - ok
10:21:42.0052 9668 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:21:42.0056 9668 rdbss - ok
10:21:42.0078 9668 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
10:21:42.0079 9668 rdpbus - ok
10:21:42.0114 9668 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:21:42.0114 9668 RDPCDD - ok
10:21:42.0135 9668 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:21:42.0135 9668 RDPENCDD - ok
10:21:42.0163 9668 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:21:42.0164 9668 RDPREFMP - ok
10:21:42.0204 9668 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
10:21:42.0207 9668 RDPWD - ok
10:21:42.0269 9668 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:21:42.0272 9668 rdyboost - ok
10:21:42.0385 9668 RegSrvc (2528d733da7f5ac8d3d32c74ee4cff16) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:21:42.0393 9668 RegSrvc - ok
10:21:42.0431 9668 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:21:42.0433 9668 RemoteAccess - ok
10:21:42.0461 9668 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:21:42.0464 9668 RemoteRegistry - ok
10:21:42.0561 9668 RichVideo (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:21:42.0564 9668 RichVideo - ok
10:21:42.0585 9668 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:21:42.0587 9668 RpcEptMapper - ok
10:21:42.0620 9668 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:21:42.0621 9668 RpcLocator - ok
10:21:42.0683 9668 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:21:42.0687 9668 RpcSs - ok
10:21:42.0755 9668 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:21:42.0756 9668 rspndr - ok
10:21:42.0799 9668 RTL8167 (bfe0ef0c4c15820698f50ad73af5e35f) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:21:42.0804 9668 RTL8167 - ok
10:21:42.0863 9668 rtport (4ca0dba9e224473d664c25e411f5a3bd) C:\Windows\SysWOW64\drivers\rtport.sys
10:21:42.0864 9668 rtport - ok
10:21:42.0895 9668 SABI (62db6cc4b0818f1b5f3441241b098f12) C:\Windows\system32\Drivers\SABI.sys
10:21:42.0896 9668 SABI - ok
10:21:42.0957 9668 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:21:42.0958 9668 SamSs - ok
10:21:42.0989 9668 Samsung UPD Service (d641337b75b9a9d5ae10687aa1097755) C:\Windows\System32\SUPDSvc.exe
10:21:42.0992 9668 Samsung UPD Service - ok
10:21:43.0089 9668 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:21:43.0090 9668 SASDIFSV - ok
10:21:43.0111 9668 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:21:43.0112 9668 SASKUTIL - ok
10:21:43.0151 9668 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:21:43.0153 9668 sbp2port - ok
10:21:43.0191 9668 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:21:43.0194 9668 SCardSvr - ok
10:21:43.0236 9668 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:21:43.0237 9668 scfilter - ok
10:21:43.0312 9668 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:21:43.0324 9668 Schedule - ok
10:21:43.0364 9668 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:21:43.0365 9668 SCPolicySvc - ok
10:21:43.0389 9668 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:21:43.0392 9668 SDRSVC - ok
10:21:43.0468 9668 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:21:43.0469 9668 secdrv - ok
10:21:43.0502 9668 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:21:43.0504 9668 seclogon - ok
10:21:43.0541 9668 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
10:21:43.0542 9668 SENS - ok
10:21:43.0568 9668 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:21:43.0570 9668 SensrSvc - ok
10:21:43.0603 9668 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:21:43.0604 9668 Serenum - ok
10:21:43.0636 9668 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
10:21:43.0638 9668 Serial - ok
10:21:43.0682 9668 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
10:21:43.0683 9668 sermouse - ok
10:21:43.0745 9668 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:21:43.0748 9668 SessionEnv - ok
10:21:43.0790 9668 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:21:43.0791 9668 sffdisk - ok
10:21:43.0807 9668 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:21:43.0807 9668 sffp_mmc - ok
10:21:43.0819 9668 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:21:43.0820 9668 sffp_sd - ok
10:21:43.0833 9668 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
10:21:43.0834 9668 sfloppy - ok
10:21:43.0887 9668 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:21:43.0891 9668 ShellHWDetection - ok
10:21:43.0923 9668 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:21:43.0925 9668 SiSRaid2 - ok
10:21:43.0952 9668 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
10:21:43.0954 9668 SiSRaid4 - ok
10:21:44.0011 9668 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:21:44.0012 9668 Smb - ok
10:21:44.0067 9668 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:21:44.0068 9668 SNMPTRAP - ok
10:21:44.0100 9668 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:21:44.0101 9668 spldr - ok
10:21:44.0172 9668 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:21:44.0179 9668 Spooler - ok
10:21:44.0478 9668 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:21:44.0561 9668 sppsvc - ok
10:21:44.0670 9668 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:21:44.0673 9668 sppuinotify - ok
10:21:44.0769 9668 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:21:44.0778 9668 srv - ok
10:21:44.0820 9668 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:21:44.0826 9668 srv2 - ok
10:21:44.0842 9668 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:21:44.0845 9668 srvnet - ok
10:21:44.0884 9668 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:21:44.0888 9668 SSDPSRV - ok
10:21:44.0917 9668 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:21:44.0920 9668 SstpSvc - ok
10:21:44.0944 9668 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
10:21:44.0945 9668 stexstor - ok
10:21:44.0977 9668 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
10:21:44.0979 9668 StillCam - ok
10:21:45.0060 9668 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:21:45.0067 9668 stisvc - ok
10:21:45.0107 9668 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:21:45.0108 9668 swenum - ok
10:21:45.0147 9668 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:21:45.0154 9668 swprv - ok
10:21:45.0269 9668 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:21:45.0293 9668 SysMain - ok
10:21:45.0407 9668 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:21:45.0411 9668 TabletInputService - ok
10:21:45.0444 9668 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:21:45.0451 9668 TapiSrv - ok
10:21:45.0501 9668 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:21:45.0504 9668 TBS - ok
10:21:45.0717 9668 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
10:21:45.0747 9668 Tcpip - ok
10:21:45.0947 9668 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
10:21:45.0957 9668 TCPIP6 - ok
10:21:46.0054 9668 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:21:46.0056 9668 tcpipreg - ok
10:21:46.0088 9668 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:21:46.0089 9668 TDPIPE - ok
10:21:46.0127 9668 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:21:46.0129 9668 TDTCP - ok
10:21:46.0172 9668 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:21:46.0174 9668 tdx - ok
10:21:46.0203 9668 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:21:46.0205 9668 TermDD - ok
10:21:46.0246 9668 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:21:46.0256 9668 TermService - ok
10:21:46.0282 9668 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:21:46.0285 9668 Themes - ok
10:21:46.0309 9668 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:21:46.0311 9668 THREADORDER - ok
10:21:46.0318 9668 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:21:46.0321 9668 TrkWks - ok
10:21:46.0388 9668 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:21:46.0390 9668 TrustedInstaller - ok
10:21:46.0424 9668 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:21:46.0426 9668 tssecsrv - ok
10:21:46.0465 9668 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:21:46.0467 9668 TsUsbFlt - ok
10:21:46.0525 9668 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:21:46.0527 9668 tunnel - ok
10:21:46.0553 9668 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
10:21:46.0554 9668 uagp35 - ok
10:21:46.0609 9668 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:21:46.0613 9668 udfs - ok
10:21:46.0656 9668 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:21:46.0658 9668 UI0Detect - ok
10:21:46.0690 9668 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:21:46.0692 9668 uliagpkx - ok
10:21:46.0745 9668 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
10:21:46.0746 9668 umbus - ok
10:21:46.0770 9668 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
10:21:46.0771 9668 UmPass - ok
10:21:46.0953 9668 UNS (cbdee152d73200ee49031a26310b9d3e) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
10:21:46.0980 9668 UNS - ok
10:21:47.0096 9668 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:21:47.0104 9668 upnphost - ok
10:21:47.0160 9668 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
10:21:47.0163 9668 USBAAPL64 - ok
10:21:47.0213 9668 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:21:47.0215 9668 usbccgp - ok
10:21:47.0265 9668 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:21:47.0267 9668 usbcir - ok
10:21:47.0288 9668 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
10:21:47.0289 9668 usbehci - ok
10:21:47.0336 9668 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:21:47.0340 9668 usbhub - ok
10:21:47.0352 9668 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
10:21:47.0353 9668 usbohci - ok
10:21:47.0373 9668 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:21:47.0374 9668 usbprint - ok
10:21:47.0399 9668 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:21:47.0401 9668 USBSTOR - ok
10:21:47.0413 9668 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
10:21:47.0414 9668 usbuhci - ok
10:21:47.0477 9668 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
10:21:47.0480 9668 usbvideo - ok
10:21:47.0510 9668 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:21:47.0512 9668 UxSms - ok
10:21:47.0557 9668 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:21:47.0558 9668 VaultSvc - ok
10:21:47.0607 9668 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:21:47.0608 9668 vdrvroot - ok
10:21:47.0680 9668 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:21:47.0688 9668 vds - ok
10:21:47.0727 9668 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:21:47.0729 9668 vga - ok
10:21:47.0758 9668 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:21:47.0759 9668 VgaSave - ok
10:21:47.0800 9668 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:21:47.0803 9668 vhdmp - ok
10:21:47.0830 9668 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:21:47.0831 9668 viaide - ok
10:21:47.0855 9668 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:21:47.0857 9668 volmgr - ok
10:21:47.0904 9668 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:21:47.0909 9668 volmgrx - ok
10:21:47.0944 9668 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:21:47.0947 9668 volsnap - ok
10:21:48.0006 9668 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
10:21:48.0008 9668 vsmraid - ok
10:21:48.0166 9668 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:21:48.0201 9668 VSS - ok
10:21:48.0306 9668 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:21:48.0307 9668 vwifibus - ok
10:21:48.0328 9668 VWiFiFlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:21:48.0329 9668 VWiFiFlt - ok
10:21:48.0368 9668 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:21:48.0369 9668 vwifimp - ok
10:21:48.0408 9668 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:21:48.0413 9668 W32Time - ok
10:21:48.0448 9668 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
10:21:48.0449 9668 WacomPen - ok
10:21:48.0499 9668 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:21:48.0500 9668 WANARP - ok
10:21:48.0504 9668 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:21:48.0505 9668 Wanarpv6 - ok
10:21:48.0601 9668 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:21:48.0614 9668 WatAdminSvc - ok
10:21:48.0689 9668 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:21:48.0707 9668 wbengine - ok
10:21:48.0807 9668 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:21:48.0810 9668 WbioSrvc - ok
10:21:48.0853 9668 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:21:48.0858 9668 wcncsvc - ok
10:21:48.0870 9668 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:21:48.0874 9668 WcsPlugInService - ok
10:21:48.0918 9668 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
10:21:48.0919 9668 Wd - ok
10:21:48.0961 9668 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:21:48.0968 9668 Wdf01000 - ok
10:21:48.0983 9668 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:21:48.0984 9668 WdiServiceHost - ok
10:21:48.0988 9668 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:21:48.0990 9668 WdiSystemHost - ok
10:21:49.0019 9668 wdkmd (d655b1a102e352d7801e7c8b36317a6d) C:\Windows\system32\DRIVERS\WDKMD.sys
10:21:49.0020 9668 wdkmd - ok
10:21:49.0053 9668 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:21:49.0062 9668 WebClient - ok
10:21:49.0109 9668 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:21:49.0113 9668 Wecsvc - ok
10:21:49.0132 9668 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:21:49.0135 9668 wercplsupport - ok
10:21:49.0155 9668 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:21:49.0157 9668 WerSvc - ok
10:21:49.0202 9668 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:21:49.0203 9668 WfpLwf - ok
10:21:49.0281 9668 WiMAXAppSrv (f3c522691316a24328a7b58b0a86028d) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
10:21:49.0292 9668 WiMAXAppSrv - ok
10:21:49.0308 9668 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:21:49.0309 9668 WIMMount - ok
10:21:49.0317 9668 WinHttpAutoProxySvc - ok
10:21:49.0360 9668 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:21:49.0363 9668 Winmgmt - ok
10:21:49.0509 9668 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:21:49.0530 9668 WinRM - ok
10:21:49.0731 9668 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
10:21:49.0732 9668 WinUsb - ok
10:21:49.0798 9668 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:21:49.0807 9668 Wlansvc - ok
10:21:49.0873 9668 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:21:49.0875 9668 wlcrasvc - ok
10:21:50.0067 9668 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:21:50.0089 9668 wlidsvc - ok
10:21:50.0239 9668 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:21:50.0240 9668 WmiAcpi - ok
10:21:50.0306 9668 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:21:50.0309 9668 wmiApSrv - ok
10:21:50.0350 9668 WMPNetworkSvc - ok
10:21:50.0389 9668 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:21:50.0391 9668 WPCSvc - ok
10:21:50.0428 9668 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:21:50.0430 9668 WPDBusEnum - ok
10:21:50.0464 9668 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:21:50.0466 9668 ws2ifsl - ok
10:21:50.0469 9668 WSearch - ok
10:21:50.0621 9668 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
10:21:50.0645 9668 wuauserv - ok
10:21:50.0754 9668 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:21:50.0756 9668 WudfPf - ok
10:21:50.0788 9668 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:21:50.0790 9668 WUDFRd - ok
10:21:50.0825 9668 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:21:50.0828 9668 wudfsvc - ok
10:21:50.0866 9668 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:21:50.0871 9668 WwanSvc - ok
10:21:50.0920 9668 MBR (0x1B8) (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0
10:21:51.0266 9668 \Device\Harddisk0\DR0 - ok
10:21:51.0269 9668 Boot (0x1200) (0f68e8f12c0e3a1cfcca39ccf34c0ce4) \Device\Harddisk0\DR0\Partition0
10:21:51.0271 9668 \Device\Harddisk0\DR0\Partition0 - ok
10:21:51.0299 9668 Boot (0x1200) (e2e4a3ca059165c40a25aedb1618d261) \Device\Harddisk0\DR0\Partition1
10:21:51.0300 9668 \Device\Harddisk0\DR0\Partition1 - ok
10:21:51.0325 9668 Boot (0x1200) (708cd5eed12ddbee58d612f0648a963f) \Device\Harddisk0\DR0\Partition2
10:21:51.0326 9668 \Device\Harddisk0\DR0\Partition2 - ok
10:21:51.0327 9668 ============================================================
10:21:51.0327 9668 Scan finished
10:21:51.0327 9668 ============================================================
10:21:51.0341 6792 Detected object count: 0
10:21:51.0341 6792 Actual detected object count: 0








aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-07-18 10:26:25
-----------------------------
10:26:25.259 OS Version: Windows x64 6.1.7601 Service Pack 1
10:26:25.259 Number of processors: 4 586 0x2505
10:26:25.259 ComputerName: CASIEJEON-PC UserName: Casie Jeon
10:26:26.341 Initialize success
10:28:25.613 AVAST engine defs: 12071800
10:28:29.147 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
10:28:29.150 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 3
10:28:29.159 Disk 0 MBR read successfully
10:28:29.161 Disk 0 MBR scan
10:28:29.169 Disk 0 unknown MBR code
10:28:29.180 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
10:28:29.194 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 184320 MB offset 206848
10:28:29.199 Disk 0 Partition - 00 0F Extended LBA 274942 MB offset 377694208
10:28:29.228 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 17575 MB offset 940775424
10:28:29.265 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 274941 MB offset 377696256
10:28:29.290 Disk 0 scanning C:\Windows\system32\drivers
10:28:39.358 Service scanning
10:29:11.556 Modules scanning
10:29:11.900 Disk 0 trace - called modules:
10:29:11.930 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
10:29:11.939 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80045c6060]
10:29:11.947 3 CLASSPNP.SYS[fffff88001bb143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004354050]
10:29:14.625 AVAST engine scan C:\Windows
10:29:17.481 AVAST engine scan C:\Windows\system32
10:31:07.204 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
10:31:10.153 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
10:32:29.201 AVAST engine scan C:\Windows\system32\drivers
10:32:49.436 AVAST engine scan C:\Users\Casie Jeon
10:41:02.553 File: C:\Users\Casie Jeon\AppData\Local\{e7d089c1-d3da-76b8-c2e2-c5740b08b62d}\n **INFECTED** Win32:Sirefef-PL [Rtk]
10:45:50.474 AVAST engine scan C:\ProgramData
10:47:30.792 Scan finished successfully
10:48:25.256 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
10:48:25.794 The log file has been saved successfully to "C:\aswMBR.txt"




ESET online scanner


C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting (after the next restart) - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.11 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.12 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.13 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.14 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\pdfforge Toolbar\IE\6.0\pdfforgeToolbarIE.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\Casie Jeon\AppData\Local\Temp\NOD289E.tmp a variant of Win32/Toolbar.Widgi application cleaned by deleting (after the next restart) - quarantined
C:\Users\Casie Jeon\AppData\Local\{e7d089c1-d3da-76b8-c2e2-c5740b08b62d}\n Win64/Sirefef.W trojan cleaned by deleting (after the next restart) - quarantined
C:\Users\Casie Jeon\Documents\Software\PDF Creator\PDFCreator-1_2_3_setup.exe Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Users\Casie Jeon\Downloads\mozilla firefox setup.exe a variant of Win32/Soft32Downloader.B application cleaned by deleting - quarantined
C:\Windows\Installer\{e7d089c1-d3da-76b8-c2e2-c5740b08b62d}\n Win64/Sirefef.W trojan cleaned by deleting - quarantined
C:\Windows\Installer\{e7d089c1-d3da-76b8-c2e2-c5740b08b62d}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{e7d089c1-d3da-76b8-c2e2-c5740b08b62d}\U\80000000.@ Win64/Sirefef.AE trojan cleaned by deleting - quarantined
C:\Windows\Installer\{e7d089c1-d3da-76b8-c2e2-c5740b08b62d}\U\80000032.@ a variant of Win32/Sirefef.FD trojan cleaned by deleting - quarantined
Operating memory multiple threats

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:55 PM

Posted 18 July 2012 - 02:45 PM

We need advanced tools to remove this one

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck

#5 the kcj

the kcj
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:55 PM

Posted 18 July 2012 - 06:07 PM

I made the topic and followed the steps according to the Preparation Guide you linked except for the Firewall. I kept getting an error and got this message: "Windows Firewall can't change some of your settings. Error code 0x80070424".

Thanks for your help!

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:08:55 PM

Posted 18 July 2012 - 08:41 PM

You're welcome :)

#7 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,942 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:09:55 PM

Posted 20 July 2012 - 11:08 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/topic461305.html you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

Orange Blossom :cherry:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users