Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Incredibar Mystart Virus


  • Please log in to reply
5 replies to this topic

#1 ronsingh

ronsingh

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:44 PM

Posted 11 July 2012 - 10:18 AM

Hi There

Im new to this forum and was hoping someone can help me remove the incredibar mystart virus. The problem im having is if I type a wrong url it gets redirected to their web search. Any help would be appreciated.

Thanks

Ronsingh

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,902 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:44 PM

Posted 11 July 2012 - 08:34 PM

Welcome ronsingh,I think we can get this. Let me know how it is after these.



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now run MBAM (MalwareBytes):

Please download Malwarebytes Anti-Malware Posted Image and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

-- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, go to Start > All Programs > Malwarebytes Anti-Malware folder > Tools > click on Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 ronsingh

ronsingh
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:44 PM

Posted 12 July 2012 - 07:17 AM

Hello Boopme and thanks for your reply and help.I have done as you have requested and here are the logs.

Minitoolbox
MiniToolBox by Farbar Version: 25-06-2012
Ran by Satveer (administrator) on 12-07-2012 at 09:32:17
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9285 Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Satveer-VAIO
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : Home

Wireless LAN adapter Wireless Network Connection 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
Physical Address. . . . . . . . . : 7E-DD-08-FE-B1-25
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 54-42-49-2F-B8-37
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
Physical Address. . . . . . . . . : 78-DD-08-FE-B1-25
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5c29:cb3c:e807:e4c2%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 12 July 2012 09:22:45
Lease Expires . . . . . . . . . . : 13 July 2012 09:22:49
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 192470280
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-92-F2-7D-54-42-49-2F-B8-37
DNS Servers . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{30625CBE-05E0-49E4-8016-F1FA70204A25}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3883:39a6:4f00:b5aa(Preferred)
Link-local IPv6 Address . . . . . : fe80::3883:39a6:4f00:b5aa%20(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.Home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : Home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: SkyRouter.Home
Address: 192.168.0.1

Name: google.com
Addresses: 2a00:1450:4009:804::1000
173.194.34.130
173.194.34.131
173.194.34.132
173.194.34.133
173.194.34.134
173.194.34.135
173.194.34.136
173.194.34.137
173.194.34.142
173.194.34.128
173.194.34.129


Pinging google.com [173.194.34.130] with 32 bytes of data:
Reply from 173.194.34.130: bytes=32 time=7ms TTL=58
Reply from 173.194.34.130: bytes=32 time=7ms TTL=58

Ping statistics for 173.194.34.130:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 7ms, Maximum = 7ms, Average = 7ms
Server: SkyRouter.Home
Address: 192.168.0.1

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=200ms TTL=50
Reply from 98.139.183.24: bytes=32 time=292ms TTL=51

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 200ms, Maximum = 292ms, Average = 246ms
Server: SkyRouter.Home
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
17...7e dd 08 fe b1 25 ......Microsoft Virtual WiFi Miniport Adapter
11...54 42 49 2f b8 37 ......Realtek PCIe GBE Family Controller
10...78 dd 08 fe b1 25 ......Atheros AR9285 Wireless Network Adapter
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
22...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.5 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.5 281
192.168.0.5 255.255.255.255 On-link 192.168.0.5 281
192.168.0.255 255.255.255.255 On-link 192.168.0.5 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.5 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.5 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
20 58 ::/0 On-link
1 306 ::1/128 On-link
20 58 2001::/32 On-link
20 306 2001:0:5ef5:79fd:3883:39a6:4f00:b5aa/128
On-link
10 281 fe80::/64 On-link
20 306 fe80::/64 On-link
20 306 fe80::3883:39a6:4f00:b5aa/128
On-link
10 281 fe80::5c29:cb3c:e807:e4c2/128
On-link
1 306 ff00::/8 On-link
20 306 ff00::/8 On-link
10 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/09/2012 04:47:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5164

Error: (07/09/2012 04:47:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5164

Error: (07/09/2012 04:47:22 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/09/2012 04:47:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009

Error: (07/09/2012 04:47:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009

Error: (07/09/2012 04:47:21 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/09/2012 04:47:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011

Error: (07/09/2012 04:47:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3011

Error: (07/09/2012 04:47:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/09/2012 04:47:19 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013


System errors:
=============
Error: (07/12/2012 09:24:57 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (07/11/2012 08:39:03 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (07/11/2012 05:12:59 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (07/11/2012 03:52:21 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (07/11/2012 03:39:27 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (07/10/2012 04:54:39 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (07/10/2012 09:49:06 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (07/09/2012 03:42:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (07/09/2012 10:35:13 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.

Error: (07/08/2012 10:27:24 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.129.1186.0

Update Source: %NT AUTHORITY59

Update Stage: 4.0.1526.00

Source Path: 4.0.1526.01

Signature Type: %NT AUTHORITY602

Update Type: %NT AUTHORITY604

User: NT AUTHORITY\SYSTEM

Current Engine Version: %NT AUTHORITY605

Previous Engine Version: %NT AUTHORITY606

Error code: %NT AUTHORITY607

Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (07/09/2012 04:47:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5164

Error: (07/09/2012 04:47:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5164

Error: (07/09/2012 04:47:22 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/09/2012 04:47:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009

Error: (07/09/2012 04:47:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009

Error: (07/09/2012 04:47:21 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/09/2012 04:47:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011

Error: (07/09/2012 04:47:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3011

Error: (07/09/2012 04:47:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/09/2012 04:47:19 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2013


=========================== Installed Programs ============================

Adobe Flash Player 10 ActiveX (Version: 10.0.42.34)
Adobe Flash Player 11 Plugin (Version: 11.3.300.262)
Adobe Reader X (10.1.3) (Version: 10.1.3)
Alps Pointing-device for VAIO
AMD USB Filter Driver (Version: 1.0.15.94)
AoA Audio Extractor
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects 2 (Version: 2.0.1.85)
ArcSoft WebCam Companion 3 (Version: 3.0.21.390)
ATI Catalyst Install Manager (Version: 3.0.765.0)
µTorrent (Version: 3.1.3)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Full Existing (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Full New (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Light (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Previews Common (Version: 2010.0302.2233.40412)
Catalyst Control Center Graphics Previews Vista (Version: 2010.0302.2233.40412)
Catalyst Control Center InstallProxy (Version: 2010.0302.2233.40412)
Catalyst Control Center Localization All (Version: 2010.0302.2233.40412)
ccc-core-static (Version: 2010.0302.2233.40412)
ccc-utility64 (Version: 2010.0302.2233.40412)
CCC Help Chinese Standard (Version: 2010.0302.2232.40412)
CCC Help Chinese Traditional (Version: 2010.0302.2232.40412)
CCC Help Czech (Version: 2010.0302.2232.40412)
CCC Help Danish (Version: 2010.0302.2232.40412)
CCC Help Dutch (Version: 2010.0302.2232.40412)
CCC Help English (Version: 2010.0302.2232.40412)
CCC Help Finnish (Version: 2010.0302.2232.40412)
CCC Help French (Version: 2010.0302.2232.40412)
CCC Help German (Version: 2010.0302.2232.40412)
CCC Help Greek (Version: 2010.0302.2232.40412)
CCC Help Hungarian (Version: 2010.0302.2232.40412)
CCC Help Italian (Version: 2010.0302.2232.40412)
CCC Help Japanese (Version: 2010.0302.2232.40412)
CCC Help Korean (Version: 2010.0302.2232.40412)
CCC Help Norwegian (Version: 2010.0302.2232.40412)
CCC Help Polish (Version: 2010.0302.2232.40412)
CCC Help Portuguese (Version: 2010.0302.2232.40412)
CCC Help Russian (Version: 2010.0302.2232.40412)
CCC Help Spanish (Version: 2010.0302.2232.40412)
CCC Help Swedish (Version: 2010.0302.2232.40412)
CCC Help Thai (Version: 2010.0302.2232.40412)
CCC Help Turkish (Version: 2010.0302.2232.40412)
D3DX10 (Version: 15.4.2368.0902)
Evernote (Version: 3.5.2.1525)
Funmoods Web Search
Gestionnaire de Connexion SFR 3.1
Google Chrome (Version: 20.0.1132.57)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
GoToMeeting 4.8.0.723 (Version: 4.8.0.723)
iCloud (Version: 1.0.2.17)
iLivid (Version: 1.92)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 18 (64-bit) (Version: 6.0.180)
Java™ 6 Update 33 (Version: 6.0.330)
Junk Mail filter update (Version: 15.4.3502.0922)
LizardTech DjVu Control (autoinstall)
Media Gallery (Version: 1.2.0.15040)
Media Gallery MergeModules x64 (Version: 1.0.14250)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000)
Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP1 English (Version: 3.5.5692.0)
Microsoft SQL Server Compact 3.5 SP1 x64 English (Version: 3.5.5692.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MobileMe Control Panel (Version: 3.1.8.0)
Mobistar Internet Everywhere (Version: 11.030.01.16.409)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Firefox 4.0b11 (x86 en-US) (Version: 4.0b11)
Mozilla Maintenance Service (Version: 13.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MusicStation (Version: 2.0.5.39)
PMB (Version: 5.1.02.03310)
PMB VAIO Edition Plug-in (Version: 1.5.10.05300)
Protector by IB 2.0.0.426
QuickTime (Version: 7.71.80.42)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.6034)
Realtek High Definition Audio Driver (Version: 6.0.1.6069)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30116)
Remote Play with PlayStation 3 (Version: 1.0.0.15090)
Remote Play with PlayStation®3 (Version: 1.0.0.15090)
Roxio Central Audio (Version: 3.8.0)
Roxio Central Copy (Version: 3.8.0)
Roxio Central Core (Version: 3.8.0)
Roxio Central Data (Version: 3.8.0)
Roxio Central Tools (Version: 3.8.0)
Roxio Easy Media Creator 10 LJ (Version: 10.3)
Roxio Easy Media Creator Home (Version: 10.3.263)
Safari (Version: 5.34.52.7)
Setting Utility Series (Version: 5.2.0.15250)
Setup_msm_VCMS_x64 (Version: 2.6.0.06040)
Setup_msm_VOFS_x64 (Version: 2.3.0.09270)
Setup_VEP_x64 (Version: 3.9.0.09270)
Sky Go Desktop
Skype Click to Call (Version: 6.0.10297)
Skype™ 5.10 (Version: 5.10.115)
SOHLib Merge Module (Version: 2.2.0.11240)
Sony Home Network Library (Version: 2.1.0.14240)
Sony Home Network Library (Version: 2.2.0.11240)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VAIO - PMB VAIO Edition Guide (Version: 1.5.00.03020)
VAIO - PMB VAIO Edition Plug-in (Version: 1.5.10.06150)
VAIO Care (Version: 6.4.2.11150)
VAIO Content Monitoring Settings (Version: 2.6.0.11050)
VAIO Control Center (Version: 4.2.0.15020)
VAIO Data Restore Tool (Version: 1.3.0.13150)
VAIO DVD Menu Data (Version: 2.4.00.05300)
VAIO Entertainment Platform (Version: 3.9.0.11160)
VAIO Event Service (Version: 5.2.0.15020)
VAIO Gate (Version: 2.4.0.06210)
VAIO Gate Default (Version: 2.0.0.04160)
VAIO Hardware Diagnostics (Version: 3.9.1)
VAIO Manual (Version: 1.0.0.03290)
VAIO Media plus (Version: 2.1.0.15040)
VAIO Media plus Opening Movie (Version: 2.1.0.13220)
VAIO Movie Story Template Data (Version: 2.1.00.14040)
VAIO Movie Story Template Data (Version: 2.5.00.05300)
VAIO Original Function Settings (Version: 2.3.0.11240)
VAIO Power Management (Version: 5.1.0.15250)
VAIO Premium Partners (Version: 1.0)
VAIO screensaver (Version: 1.0.0.0)
VAIO Smart Network (Version: 3.3.1.08110)
VAIO Transfer Support (Version: 1.1.1.13070)
VAIO Update (Version: 5.6.1.02150)
VAIO Update Merge Module x64 (Version: 5.5.19220)
VAIO Update Merge Module x64 (Version: 5.6.10270)
VAIO Update Merge Module x64 (Version: 5.7.13130)
VAIO Wallpaper Contents (Version: 2.1.0.14090)
VirtualDJ Home FREE (Version: 7.0.4.1)
VLC media player 2.0.0 (Version: 2.0.0)
VMp MergeModule x64 (Version: 1.0.0)
VU5x64 (Version: 1.0.0)
VU5x86 (Version: 1.0.0)
WIDCOMM Bluetooth Software (Version: 6.2.1.500)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) (Version: 09/09/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 35%
Total physical RAM: 2810.9 MB
Available physical RAM: 1812.19 MB
Total Pagefile: 5619.99 MB
Available Pagefile: 4210.64 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.33 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:288.06 GB) (Free:151.82 GB) NTFS

========================= Users: ========================================

User accounts for \\SATVEER-VAIO

Administrator Guest Satveer

========================= Minidump Files ==================================

No minidump file found


**** End of log ****


SAS
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/12/2012 at 12:06 PM

Application Version : 5.5.1012

Core Rules Database Version : 8888
Trace Rules Database Version: 6700

Scan type : Complete Scan
Total Scan Time : 02:22:17

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 755
Memory threats detected : 0
Registry items scanned : 65782
Registry threats detected : 0
File items scanned : 169432
File threats detected : 97

Adware.Tracking Cookie
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\satveer@apmebf[1].txt [ /apmebf ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\satveer@imrworldwide[2].txt [ /imrworldwide ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\satveer@microsoftwllivemkt.112.2o7[1].txt [ /microsoftwllivemkt.112.2o7 ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\satveer@perf.overture[1].txt [ /perf.overture ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\satveer@statse.webtrendslive[1].txt [ /statse.webtrendslive ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\satveer@vdwp.solution.weborama[2].txt [ /vdwp.solution.weborama ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\satveer@weborama[1].txt [ /weborama ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\JKVYSFVR.txt [ /questionmarket.com ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\V744YZMD.txt [ /serving-sys.com ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\BPVWX91Z.txt [ /atdmt.com ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\2F79IPW4.txt [ /c.atdmt.com ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\8LWNW0YI.txt [ /doubleclick.net ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\QD1VYDOD.txt [ /2o7.net ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\4GOPUB0U.txt [ /ad.yieldmanager.com ]
C:\Users\Satveer\AppData\Roaming\Microsoft\Windows\Cookies\J7UX2IIZ.txt [ /bs.serving-sys.com ]
C:\USERS\SATVEER\AppData\Roaming\Microsoft\Windows\Cookies\Low\WZWY79NK.txt [ Cookie:satveer@atdmt.com/ ]
C:\USERS\SATVEER\AppData\Roaming\Microsoft\Windows\Cookies\Low\satveer@serving-sys[1].txt [ Cookie:satveer@serving-sys.com/ ]
C:\USERS\SATVEER\AppData\Roaming\Microsoft\Windows\Cookies\Low\satveer@www.google[1].txt [ Cookie:satveer@www.google.com/accounts ]
C:\USERS\SATVEER\AppData\Roaming\Microsoft\Windows\Cookies\Low\satveer@www.google.co[2].txt [ Cookie:satveer@www.google.co.uk/accounts ]
C:\USERS\SATVEER\AppData\Roaming\Microsoft\Windows\Cookies\Low\RL1I4H4S.txt [ Cookie:satveer@google.com/accounts/ ]
C:\USERS\SATVEER\AppData\Roaming\Microsoft\Windows\Cookies\Low\L17FWW5R.txt [ Cookie:satveer@doubleclick.net/ ]
C:\USERS\SATVEER\AppData\Roaming\Microsoft\Windows\Cookies\Low\satveer@apmebf[1].txt [ Cookie:satveer@apmebf.com/ ]
C:\USERS\SATVEER\AppData\Roaming\Microsoft\Windows\Cookies\Low\FWT3LY9B.txt [ Cookie:satveer@invitemedia.com/ ]
C:\USERS\SATVEER\AppData\Roaming\Microsoft\Windows\Cookies\Low\satveer@www.google[3].txt [ Cookie:satveer@www.google.be/accounts ]
C:\USERS\SATVEER\AppData\Roaming\Microsoft\Windows\Cookies\Low\satveer@mediaplex[2].txt [ Cookie:satveer@mediaplex.com/ ]
C:\USERS\SATVEER\AppData\Roaming\Microsoft\Windows\Cookies\Low\URUUDT20.txt [ Cookie:satveer@www.googleadservices.com/pagead/conversion/1037383919/ ]
C:\USERS\SATVEER\Cookies\V744YZMD.txt [ Cookie:satveer@serving-sys.com/ ]
C:\USERS\SATVEER\Cookies\BPVWX91Z.txt [ Cookie:satveer@atdmt.com/ ]
C:\USERS\SATVEER\Cookies\2F79IPW4.txt [ Cookie:satveer@c.atdmt.com/ ]
C:\USERS\SATVEER\Cookies\satveer@weborama[1].txt [ Cookie:satveer@weborama.fr/ ]
C:\USERS\SATVEER\Cookies\8LWNW0YI.txt [ Cookie:satveer@doubleclick.net/ ]
C:\USERS\SATVEER\Cookies\satveer@apmebf[1].txt [ Cookie:satveer@apmebf.com/ ]
C:\USERS\SATVEER\Cookies\satveer@statse.webtrendslive[1].txt [ Cookie:satveer@statse.webtrendslive.com/ ]
C:\USERS\SATVEER\Cookies\satveer@perf.overture[1].txt [ Cookie:satveer@perf.overture.com/ ]
C:\USERS\SATVEER\Cookies\satveer@imrworldwide[2].txt [ Cookie:satveer@imrworldwide.com/cgi-bin ]
.atdmt.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wakiokdjwgo.stats.esomniture.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
user.lucidmedia.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\SATVEER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
C:\USERS\SATVEER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SATVEER@112.2O7[1].TXT [ /112.2O7 ]
C:\USERS\SATVEER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\SATVEER@TRADEDOUBLER[1].TXT [ /TRADEDOUBLER ]
ad.yieldmanager.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.h.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.virginmedia.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.view.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.view.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.view.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.exch-eu.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.exch-eu.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.exch-eu.atdmt.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
track.prd1.netshelter.net [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.ad.yieldmanager.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\SATVEER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\A5FPWJ0O.DEFAULT\COOKIES.SQLITE ]
C:\WINDOWS\TEMP\COOKIES\SATVEER@STATSE.WEBTRENDSLIVE[1].TXT [ /STATSE.WEBTRENDSLIVE ]

Heur.Agent/Gen-WhiteBox
C:\USERS\SATVEER\DOWNLOADS\INSTALLER_VIRTUAL_DJ_ENGLISH.EXE

MBAM

Malwarebytes Anti-Malware (Trial) 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.12.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Satveer :: SATVEER-VAIO [administrator]

Protection: Enabled

12/07/2012 13:00:48
mbam-log-2012-07-12 (13-00-48).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 210110
Time elapsed: 5 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 18
HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCR\funmoods.funmoodsHlpr.1 (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCR\funmoods.funmoodsHlpr (PUP.FunMoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\escort.escortIEPane (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.dskBnd.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoods.dskBnd (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Quarantined and deleted successfully.
HKCR\f (PUP.Funmoods) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Google\chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki (PUP.Funmoods) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: Funmoods Toolbar -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Users\Satveer\Downloads\cloud_9_music_ft_balwinder_matewaria_&_sudesh_kumari_-_kan_kar_gal_sun.mp3.exe (PUP.Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\Satveer\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> Quarantined and deleted successfully.

(end)

Just tested it out but I still have the redirect issue.

Thanks

Ronsingh

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,902 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:44 PM

Posted 12 July 2012 - 10:15 PM

OK, please do these next,

Are you on a router? Are other machines on it,if so are they redirecting?

Do you use Firefox?




Please download TDSSKiller.zip and and extract it.
  • Run TDSSKiller.exe.
  • Click Start scan.
  • When it is finished the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
  • Let reboot if needed and tell me if the tool needed a reboot.
  • Click on Report and post the contents of the text file that will open.

    Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.



If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these[/color] instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer.




I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


[color="#8B0000"]NOTE: In some instances if no malware is found there will be no log produced.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#5 ronsingh

ronsingh
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:05:44 PM

Posted 13 July 2012 - 10:48 AM

Im on a wireless router which was provided by my isp. I have 2 wireless connected computers and one connected (ethernet) to the router. none of them have this redirect issue.

I ran TDSkiller and no malicious objects were found and no reboot was required.

I attached the txt file just in case you may require it

10:30:55.0404 1900 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
10:30:55.0734 1900 ============================================================
10:30:55.0734 1900 Current date / time: 2012/07/13 10:30:55.0734
10:30:55.0734 1900 SystemInfo:
10:30:55.0734 1900
10:30:55.0734 1900 OS Version: 6.1.7601 ServicePack: 1.0
10:30:55.0734 1900 Product type: Workstation
10:30:55.0734 1900 ComputerName: SATVEER-VAIO
10:30:55.0734 1900 UserName: Satveer
10:30:55.0734 1900 Windows directory: C:\Windows
10:30:55.0734 1900 System windows directory: C:\Windows
10:30:55.0734 1900 Running under WOW64
10:30:55.0734 1900 Processor architecture: Intel x64
10:30:55.0734 1900 Number of processors: 2
10:30:55.0734 1900 Page size: 0x1000
10:30:55.0734 1900 Boot type: Normal boot
10:30:55.0734 1900 ============================================================
10:31:01.0307 1900 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:31:01.0323 1900 ============================================================
10:31:01.0323 1900 \Device\Harddisk0\DR0:
10:31:01.0323 1900 MBR partitions:
10:31:01.0323 1900 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x13E0800, BlocksNum 0x32000
10:31:01.0323 1900 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1412800, BlocksNum 0x2401C2B0
10:31:01.0323 1900 ============================================================
10:31:01.0494 1900 C: <-> \Device\Harddisk0\DR0\Partition1
10:31:01.0494 1900 ============================================================
10:31:01.0494 1900 Initialize success
10:31:01.0494 1900 ============================================================
10:31:28.0614 4124 ============================================================
10:31:28.0614 4124 Scan started
10:31:28.0614 4124 Mode: Manual;
10:31:28.0614 4124 ============================================================
10:31:29.0566 4124 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
10:31:29.0566 4124 !SASCORE - ok
10:31:29.0800 4124 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:31:29.0800 4124 1394ohci - ok
10:31:29.0878 4124 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:31:29.0878 4124 ACDaemon - ok
10:31:29.0956 4124 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:31:29.0956 4124 ACPI - ok
10:31:30.0003 4124 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:31:30.0003 4124 AcpiPmi - ok
10:31:30.0174 4124 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:31:30.0174 4124 AdobeARMservice - ok
10:31:30.0346 4124 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:31:30.0346 4124 AdobeFlashPlayerUpdateSvc - ok
10:31:30.0408 4124 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
10:31:30.0424 4124 adp94xx - ok
10:31:30.0651 4124 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
10:31:30.0761 4124 adpahci - ok
10:31:30.0821 4124 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
10:31:30.0831 4124 adpu320 - ok
10:31:30.0871 4124 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:31:30.0871 4124 AeLookupSvc - ok
10:31:30.0961 4124 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:31:30.0971 4124 AFD - ok
10:31:31.0011 4124 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:31:31.0011 4124 agp440 - ok
10:31:31.0061 4124 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:31:31.0061 4124 ALG - ok
10:31:31.0111 4124 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:31:31.0121 4124 aliide - ok
10:31:31.0171 4124 AMD External Events Utility (b4143cb1dd16ae73c6177c72f33450a6) C:\Windows\system32\atiesrxx.exe
10:31:31.0171 4124 AMD External Events Utility - ok
10:31:31.0221 4124 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:31:31.0221 4124 amdide - ok
10:31:31.0261 4124 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
10:31:31.0261 4124 AmdK8 - ok
10:31:31.0712 4124 amdkmdag (d1d06810bf7e21f5763eb06cb7e7262b) C:\Windows\system32\DRIVERS\atipmdag.sys
10:31:31.0882 4124 amdkmdag - ok
10:31:32.0012 4124 amdkmdap (6ba71d6616b56816e57394d77dd1bb6f) C:\Windows\system32\DRIVERS\atikmpag.sys
10:31:32.0022 4124 amdkmdap - ok
10:31:32.0062 4124 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
10:31:32.0062 4124 AmdPPM - ok
10:31:32.0112 4124 amdsata (53d8d46d51d390abdb54eca623165cb7) C:\Windows\system32\drivers\amdsata.sys
10:31:32.0122 4124 amdsata - ok
10:31:32.0152 4124 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
10:31:32.0162 4124 amdsbs - ok
10:31:32.0192 4124 amdxata (75c51148154e34eb3d7bb84749a758d5) C:\Windows\system32\drivers\amdxata.sys
10:31:32.0192 4124 amdxata - ok
10:31:32.0222 4124 amd_sata (08e8a4172c57abd7693a6915cf1e7a99) C:\Windows\system32\DRIVERS\amd_sata.sys
10:31:32.0222 4124 amd_sata - ok
10:31:32.0232 4124 amd_xata (9866af4e4ad7f16e810b6c0b8473f9cd) C:\Windows\system32\DRIVERS\amd_xata.sys
10:31:32.0232 4124 amd_xata - ok
10:31:32.0302 4124 ApfiltrService (29d63d80f23da504baa2db5d260dd4bd) C:\Windows\system32\DRIVERS\Apfiltr.sys
10:31:32.0312 4124 ApfiltrService - ok
10:31:32.0362 4124 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:31:32.0362 4124 AppID - ok
10:31:32.0392 4124 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:31:32.0392 4124 AppIDSvc - ok
10:31:32.0452 4124 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:31:32.0452 4124 Appinfo - ok
10:31:32.0554 4124 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:31:32.0554 4124 Apple Mobile Device - ok
10:31:32.0617 4124 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
10:31:32.0617 4124 arc - ok
10:31:32.0663 4124 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
10:31:32.0663 4124 arcsas - ok
10:31:32.0726 4124 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
10:31:32.0726 4124 ArcSoftKsUFilter - ok
10:31:32.0773 4124 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:31:32.0788 4124 AsyncMac - ok
10:31:32.0835 4124 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:31:32.0835 4124 atapi - ok
10:31:33.0022 4124 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
10:31:33.0053 4124 athr - ok
10:31:33.0178 4124 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\drivers\AtiPcie.sys
10:31:33.0178 4124 AtiPcie - ok
10:31:33.0272 4124 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:31:33.0287 4124 AudioEndpointBuilder - ok
10:31:33.0303 4124 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:31:33.0319 4124 AudioSrv - ok
10:31:33.0381 4124 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:31:33.0381 4124 AxInstSV - ok
10:31:33.0459 4124 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
10:31:33.0475 4124 b06bdrv - ok
10:31:33.0521 4124 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:31:33.0537 4124 b57nd60a - ok
10:31:33.0568 4124 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:31:33.0584 4124 BDESVC - ok
10:31:33.0599 4124 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:31:33.0599 4124 Beep - ok
10:31:33.0740 4124 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
10:31:33.0755 4124 BFE - ok
10:31:33.0833 4124 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
10:31:33.0849 4124 BITS - ok
10:31:33.0911 4124 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
10:31:33.0911 4124 blbdrive - ok
10:31:34.0021 4124 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:31:34.0036 4124 Bonjour Service - ok
10:31:34.0099 4124 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:31:34.0099 4124 bowser - ok
10:31:34.0130 4124 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
10:31:34.0130 4124 BrFiltLo - ok
10:31:34.0161 4124 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
10:31:34.0161 4124 BrFiltUp - ok
10:31:34.0208 4124 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:31:34.0208 4124 Browser - ok
10:31:34.0270 4124 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:31:34.0270 4124 Brserid - ok
10:31:34.0301 4124 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:31:34.0301 4124 BrSerWdm - ok
10:31:34.0317 4124 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:31:34.0317 4124 BrUsbMdm - ok
10:31:34.0348 4124 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:31:34.0348 4124 BrUsbSer - ok
10:31:34.0395 4124 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
10:31:34.0395 4124 BthEnum - ok
10:31:34.0426 4124 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
10:31:34.0426 4124 BTHMODEM - ok
10:31:34.0489 4124 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:31:34.0489 4124 BthPan - ok
10:31:34.0567 4124 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
10:31:34.0613 4124 BTHPORT - ok
10:31:34.0660 4124 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:31:34.0660 4124 bthserv - ok
10:31:34.0738 4124 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
10:31:34.0738 4124 BTHUSB - ok
10:31:34.0785 4124 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
10:31:34.0785 4124 btwavdt - ok
10:31:34.0972 4124 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
10:31:34.0988 4124 btwdins - ok
10:31:35.0035 4124 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys
10:31:35.0035 4124 btwrchid - ok
10:31:35.0081 4124 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:31:35.0081 4124 cdfs - ok
10:31:35.0144 4124 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
10:31:35.0144 4124 cdrom - ok
10:31:35.0206 4124 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:31:35.0206 4124 CertPropSvc - ok
10:31:35.0237 4124 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
10:31:35.0237 4124 circlass - ok
10:31:35.0300 4124 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:31:35.0300 4124 CLFS - ok
10:31:35.0378 4124 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:31:35.0378 4124 clr_optimization_v2.0.50727_32 - ok
10:31:35.0440 4124 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:31:35.0440 4124 clr_optimization_v2.0.50727_64 - ok
10:31:35.0518 4124 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:31:35.0612 4124 clr_optimization_v4.0.30319_32 - ok
10:31:35.0705 4124 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:31:35.0705 4124 clr_optimization_v4.0.30319_64 - ok
10:31:35.0768 4124 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
10:31:35.0768 4124 CmBatt - ok
10:31:35.0799 4124 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:31:35.0799 4124 cmdide - ok
10:31:36.0251 4124 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
10:31:36.0267 4124 CNG - ok
10:31:36.0314 4124 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
10:31:36.0314 4124 Compbatt - ok
10:31:36.0376 4124 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
10:31:36.0376 4124 CompositeBus - ok
10:31:36.0392 4124 COMSysApp - ok
10:31:36.0423 4124 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
10:31:36.0439 4124 crcdisk - ok
10:31:36.0518 4124 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
10:31:36.0518 4124 CryptSvc - ok
10:31:36.0705 4124 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:31:36.0705 4124 cvhsvc - ok
10:31:36.0814 4124 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:31:36.0830 4124 DcomLaunch - ok
10:31:36.0876 4124 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:31:36.0892 4124 defragsvc - ok
10:31:36.0970 4124 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:31:36.0970 4124 DfsC - ok
10:31:37.0048 4124 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:31:37.0048 4124 Dhcp - ok
10:31:37.0064 4124 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:31:37.0079 4124 discache - ok
10:31:37.0126 4124 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
10:31:37.0126 4124 Disk - ok
10:31:37.0173 4124 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:31:37.0188 4124 Dnscache - ok
10:31:37.0251 4124 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:31:37.0266 4124 dot3svc - ok
10:31:37.0298 4124 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:31:37.0298 4124 DPS - ok
10:31:37.0344 4124 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:31:37.0344 4124 drmkaud - ok
10:31:37.0454 4124 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:31:37.0469 4124 DXGKrnl - ok
10:31:37.0516 4124 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:31:37.0516 4124 EapHost - ok
10:31:37.0828 4124 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
10:31:37.0937 4124 ebdrv - ok
10:31:38.0031 4124 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:31:38.0031 4124 EFS - ok
10:31:38.0140 4124 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:31:38.0156 4124 ehRecvr - ok
10:31:38.0265 4124 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:31:38.0265 4124 ehSched - ok
10:31:38.0343 4124 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
10:31:38.0358 4124 elxstor - ok
10:31:38.0390 4124 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:31:38.0390 4124 ErrDev - ok
10:31:38.0483 4124 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:31:38.0499 4124 EventSystem - ok
10:31:38.0530 4124 ew_hwusbdev - ok
10:31:38.0561 4124 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:31:38.0577 4124 exfat - ok
10:31:38.0592 4124 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:31:38.0608 4124 fastfat - ok
10:31:38.0717 4124 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:31:38.0733 4124 Fax - ok
10:31:38.0764 4124 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
10:31:38.0764 4124 fdc - ok
10:31:38.0795 4124 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:31:38.0795 4124 fdPHost - ok
10:31:38.0826 4124 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:31:38.0826 4124 FDResPub - ok
10:31:38.0858 4124 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:31:38.0858 4124 FileInfo - ok
10:31:38.0889 4124 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:31:38.0889 4124 Filetrace - ok
10:31:38.0920 4124 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
10:31:38.0920 4124 flpydisk - ok
10:31:38.0982 4124 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:31:38.0982 4124 FltMgr - ok
10:31:39.0076 4124 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:31:39.0107 4124 FontCache - ok
10:31:39.0185 4124 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:31:39.0185 4124 FontCache3.0.0.0 - ok
10:31:39.0216 4124 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:31:39.0216 4124 FsDepends - ok
10:31:39.0263 4124 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
10:31:39.0263 4124 fssfltr - ok
10:31:39.0466 4124 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:31:39.0497 4124 fsssvc - ok
10:31:39.0622 4124 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
10:31:39.0622 4124 Fs_Rec - ok
10:31:39.0684 4124 FTDIBUS (fa169871d8fadcc6539c4e8726610286) C:\Windows\system32\drivers\ftdibus.sys
10:31:39.0684 4124 FTDIBUS - ok
10:31:39.0731 4124 FTSER2K (24237091348d1efb5635a1cf9649e311) C:\Windows\system32\drivers\ftser2k.sys
10:31:39.0731 4124 FTSER2K - ok
10:31:39.0794 4124 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:31:39.0794 4124 fvevol - ok
10:31:39.0840 4124 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
10:31:39.0840 4124 gagp30kx - ok
10:31:39.0872 4124 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:31:39.0872 4124 GEARAspiWDM - ok
10:31:39.0965 4124 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:31:39.0981 4124 gpsvc - ok
10:31:40.0074 4124 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:31:40.0074 4124 gupdate - ok
10:31:40.0106 4124 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:31:40.0106 4124 gupdatem - ok
10:31:40.0152 4124 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:31:40.0152 4124 gusvc - ok
10:31:40.0184 4124 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:31:40.0184 4124 hcw85cir - ok
10:31:40.0246 4124 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:31:40.0262 4124 HdAudAddService - ok
10:31:40.0293 4124 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
10:31:40.0308 4124 HDAudBus - ok
10:31:40.0340 4124 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
10:31:40.0340 4124 HidBatt - ok
10:31:40.0371 4124 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
10:31:40.0371 4124 HidBth - ok
10:31:40.0402 4124 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
10:31:40.0402 4124 HidIr - ok
10:31:40.0433 4124 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
10:31:40.0449 4124 hidserv - ok
10:31:40.0496 4124 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
10:31:40.0511 4124 HidUsb - ok
10:31:40.0542 4124 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:31:40.0558 4124 hkmsvc - ok
10:31:40.0605 4124 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:31:40.0605 4124 HomeGroupListener - ok
10:31:40.0667 4124 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:31:40.0667 4124 HomeGroupProvider - ok
10:31:40.0761 4124 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:31:40.0761 4124 HpSAMD - ok
10:31:40.0854 4124 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:31:40.0870 4124 HTTP - ok
10:31:40.0901 4124 huawei_cdcacm - ok
10:31:40.0901 4124 huawei_enumerator - ok
10:31:40.0979 4124 hwdatacard (8f9b0fc4ec3a8194bd4cbc5ed3e7abeb) C:\Windows\system32\DRIVERS\ewusbmdm.sys
10:31:40.0979 4124 hwdatacard - ok
10:31:41.0026 4124 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:31:41.0026 4124 hwpolicy - ok
10:31:41.0088 4124 hwusbdev (230c041af8df1d2308c3ac5146e3ff4f) C:\Windows\system32\DRIVERS\ewusbdev.sys
10:31:41.0088 4124 hwusbdev - ok
10:31:41.0104 4124 hwusbfake - ok
10:31:41.0276 4124 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
10:31:41.0322 4124 i8042prt - ok
10:31:41.0385 4124 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:31:41.0400 4124 iaStorV - ok
10:31:41.0541 4124 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:31:41.0556 4124 idsvc - ok
10:31:41.0588 4124 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
10:31:41.0603 4124 iirsp - ok
10:31:41.0744 4124 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:31:41.0759 4124 IKEEXT - ok
10:31:41.0978 4124 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\Windows\system32\drivers\RTKVHD64.sys
10:31:42.0024 4124 IntcAzAudAddService - ok
10:31:42.0134 4124 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:31:42.0134 4124 intelide - ok
10:31:42.0180 4124 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
10:31:42.0180 4124 intelppm - ok
10:31:42.0227 4124 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:31:42.0227 4124 IPBusEnum - ok
10:31:42.0274 4124 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:31:42.0274 4124 IpFilterDriver - ok
10:31:42.0336 4124 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
10:31:42.0336 4124 iphlpsvc - ok
10:31:42.0383 4124 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:31:42.0383 4124 IPMIDRV - ok
10:31:42.0430 4124 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:31:42.0430 4124 IPNAT - ok
10:31:42.0602 4124 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
10:31:42.0617 4124 iPod Service - ok
10:31:42.0664 4124 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:31:42.0664 4124 IRENUM - ok
10:31:42.0711 4124 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:31:42.0711 4124 isapnp - ok
10:31:42.0758 4124 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:31:42.0758 4124 iScsiPrt - ok
10:31:42.0804 4124 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
10:31:42.0804 4124 kbdclass - ok
10:31:42.0851 4124 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
10:31:42.0851 4124 kbdhid - ok
10:31:42.0867 4124 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:31:42.0882 4124 KeyIso - ok
10:31:42.0929 4124 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
10:31:42.0929 4124 KSecDD - ok
10:31:42.0976 4124 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
10:31:42.0976 4124 KSecPkg - ok
10:31:43.0038 4124 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:31:43.0038 4124 ksthunk - ok
10:31:43.0085 4124 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:31:43.0101 4124 KtmRm - ok
10:31:43.0179 4124 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
10:31:43.0194 4124 LanmanServer - ok
10:31:43.0241 4124 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:31:43.0257 4124 LanmanWorkstation - ok
10:31:43.0288 4124 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:31:43.0304 4124 lltdio - ok
10:31:43.0350 4124 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:31:43.0366 4124 lltdsvc - ok
10:31:43.0382 4124 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:31:43.0382 4124 lmhosts - ok
10:31:43.0428 4124 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
10:31:43.0444 4124 LSI_FC - ok
10:31:43.0460 4124 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
10:31:43.0460 4124 LSI_SAS - ok
10:31:43.0506 4124 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
10:31:43.0506 4124 LSI_SAS2 - ok
10:31:43.0538 4124 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
10:31:43.0538 4124 LSI_SCSI - ok
10:31:43.0584 4124 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:31:43.0584 4124 luafv - ok
10:31:43.0662 4124 massfilter (bb6f30527eea0d3f61095a8afa31e2d6) C:\Windows\system32\drivers\massfilter.sys
10:31:43.0662 4124 massfilter - ok
10:31:43.0725 4124 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
10:31:43.0725 4124 MBAMProtector - ok
10:31:43.0834 4124 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\mbma\mbamservice.exe
10:31:43.0850 4124 MBAMService - ok
10:31:43.0912 4124 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:31:43.0928 4124 Mcx2Svc - ok
10:31:43.0943 4124 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
10:31:43.0959 4124 megasas - ok
10:31:44.0006 4124 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
10:31:44.0006 4124 MegaSR - ok
10:31:44.0052 4124 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:31:44.0052 4124 MMCSS - ok
10:31:44.0099 4124 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:31:44.0099 4124 Modem - ok
10:31:44.0130 4124 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:31:44.0130 4124 monitor - ok
10:31:44.0193 4124 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:31:44.0193 4124 mouclass - ok
10:31:44.0240 4124 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
10:31:44.0240 4124 mouhid - ok
10:31:44.0286 4124 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:31:44.0286 4124 mountmgr - ok
10:31:44.0411 4124 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:31:44.0427 4124 MozillaMaintenance - ok
10:31:44.0505 4124 MpFilter (94c66ededcdb6a126880472f9a704d8e) C:\Windows\system32\DRIVERS\MpFilter.sys
10:31:44.0505 4124 MpFilter - ok
10:31:44.0567 4124 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:31:44.0567 4124 mpio - ok
10:31:44.0614 4124 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:31:44.0614 4124 mpsdrv - ok
10:31:44.0739 4124 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
10:31:44.0754 4124 MpsSvc - ok
10:31:44.0801 4124 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:31:44.0801 4124 MRxDAV - ok
10:31:44.0848 4124 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:31:44.0848 4124 mrxsmb - ok
10:31:44.0895 4124 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:31:44.0910 4124 mrxsmb10 - ok
10:31:44.0957 4124 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:31:44.0957 4124 mrxsmb20 - ok
10:31:44.0988 4124 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:31:44.0988 4124 msahci - ok
10:31:45.0051 4124 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:31:45.0051 4124 msdsm - ok
10:31:45.0082 4124 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:31:45.0098 4124 MSDTC - ok
10:31:45.0144 4124 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:31:45.0144 4124 Msfs - ok
10:31:45.0176 4124 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:31:45.0176 4124 mshidkmdf - ok
10:31:45.0222 4124 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:31:45.0222 4124 msisadrv - ok
10:31:45.0269 4124 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:31:45.0285 4124 MSiSCSI - ok
10:31:45.0285 4124 msiserver - ok
10:31:45.0332 4124 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:31:45.0332 4124 MSKSSRV - ok
10:31:45.0456 4124 MsMpSvc (59faaf2c83c8169ea20f9e335e418907) c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:31:45.0472 4124 MsMpSvc - ok
10:31:45.0488 4124 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:31:45.0488 4124 MSPCLOCK - ok
10:31:45.0519 4124 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:31:45.0519 4124 MSPQM - ok
10:31:45.0581 4124 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:31:45.0597 4124 MsRPC - ok
10:31:45.0659 4124 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
10:31:45.0659 4124 mssmbios - ok
10:31:45.0722 4124 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:31:45.0722 4124 MSTEE - ok
10:31:45.0737 4124 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
10:31:45.0737 4124 MTConfig - ok
10:31:45.0784 4124 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:31:45.0784 4124 Mup - ok
10:31:45.0846 4124 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:31:45.0862 4124 napagent - ok
10:31:45.0940 4124 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:31:45.0940 4124 NativeWifiP - ok
10:31:46.0049 4124 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:31:46.0065 4124 NDIS - ok
10:31:46.0112 4124 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:31:46.0112 4124 NdisCap - ok
10:31:46.0143 4124 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:31:46.0143 4124 NdisTapi - ok
10:31:46.0190 4124 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:31:46.0190 4124 Ndisuio - ok
10:31:46.0252 4124 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:31:46.0252 4124 NdisWan - ok
10:31:46.0408 4124 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:31:46.0424 4124 NDProxy - ok
10:31:46.0455 4124 Netaapl (6f4607e2333fe21e9e3ff8133a88b35b) C:\Windows\system32\DRIVERS\netaapl64.sys
10:31:46.0455 4124 Netaapl - ok
10:31:46.0486 4124 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:31:46.0502 4124 NetBIOS - ok
10:31:46.0564 4124 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:31:46.0564 4124 NetBT - ok
10:31:46.0595 4124 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:31:46.0595 4124 Netlogon - ok
10:31:46.0673 4124 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:31:46.0673 4124 Netman - ok
10:31:46.0736 4124 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:31:46.0736 4124 netprofm - ok
10:31:46.0814 4124 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:31:46.0829 4124 NetTcpPortSharing - ok
10:31:46.0876 4124 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
10:31:46.0876 4124 nfrd960 - ok
10:31:46.0907 4124 NisDrv (91b4e0273d2f6c24ef845f2b41311289) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:31:46.0923 4124 NisDrv - ok
10:31:47.0032 4124 NisSrv (10a43829a9e606af3eef25a1c1665923) c:\Program Files\Microsoft Security Client\NisSrv.exe
10:31:47.0048 4124 NisSrv - ok
10:31:47.0126 4124 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:31:47.0126 4124 NlaSvc - ok
10:31:47.0157 4124 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:31:47.0157 4124 Npfs - ok
10:31:47.0188 4124 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:31:47.0204 4124 nsi - ok
10:31:47.0219 4124 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:31:47.0219 4124 nsiproxy - ok
10:31:47.0375 4124 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:31:47.0438 4124 Ntfs - ok
10:31:47.0547 4124 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:31:47.0562 4124 Null - ok
10:31:47.0625 4124 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:31:47.0625 4124 nvraid - ok
10:31:47.0656 4124 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:31:47.0656 4124 nvstor - ok
10:31:47.0718 4124 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:31:47.0718 4124 nv_agp - ok
10:31:47.0750 4124 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:31:47.0750 4124 ohci1394 - ok
10:31:47.0843 4124 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:31:47.0843 4124 ose - ok
10:31:48.0311 4124 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:31:48.0498 4124 osppsvc - ok
10:31:48.0608 4124 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:31:48.0623 4124 p2pimsvc - ok
10:31:48.0701 4124 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:31:48.0717 4124 p2psvc - ok
10:31:48.0764 4124 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
10:31:48.0779 4124 Parport - ok
10:31:48.0810 4124 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
10:31:48.0810 4124 partmgr - ok
10:31:48.0857 4124 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:31:48.0857 4124 PcaSvc - ok
10:31:48.0904 4124 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:31:48.0920 4124 pci - ok
10:31:48.0935 4124 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:31:48.0935 4124 pciide - ok
10:31:48.0966 4124 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
10:31:48.0982 4124 pcmcia - ok
10:31:49.0013 4124 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:31:49.0013 4124 pcw - ok
10:31:49.0076 4124 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:31:49.0091 4124 PEAUTH - ok
10:31:49.0169 4124 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:31:49.0169 4124 PerfHost - ok
10:31:49.0325 4124 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:31:49.0356 4124 pla - ok
10:31:49.0434 4124 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:31:49.0450 4124 PlugPlay - ok
10:31:49.0559 4124 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
10:31:49.0590 4124 PMBDeviceInfoProvider - ok
10:31:49.0622 4124 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:31:49.0622 4124 PNRPAutoReg - ok
10:31:49.0684 4124 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:31:49.0684 4124 PNRPsvc - ok
10:31:49.0762 4124 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:31:49.0778 4124 PolicyAgent - ok
10:31:49.0824 4124 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:31:49.0824 4124 Power - ok
10:31:49.0902 4124 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:31:49.0918 4124 PptpMiniport - ok
10:31:49.0949 4124 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
10:31:49.0949 4124 Processor - ok
10:31:50.0012 4124 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
10:31:50.0027 4124 ProfSvc - ok
10:31:50.0058 4124 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:31:50.0058 4124 ProtectedStorage - ok
10:31:50.0168 4124 Protector by IB Updater (58f9dbec704ff8af7804e5c416b9fc73) C:\Program Files\Protector by IB\ExtensionUpdaterService.exe
10:31:50.0168 4124 Protector by IB Updater - ok
10:31:50.0230 4124 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:31:50.0230 4124 Psched - ok
10:31:50.0261 4124 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
10:31:50.0261 4124 PxHlpa64 - ok
10:31:50.0402 4124 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
10:31:50.0433 4124 ql2300 - ok
10:31:50.0604 4124 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
10:31:50.0604 4124 ql40xx - ok
10:31:50.0651 4124 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:31:50.0651 4124 QWAVE - ok
10:31:50.0698 4124 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:31:50.0698 4124 QWAVEdrv - ok
10:31:50.0714 4124 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:31:50.0714 4124 RasAcd - ok
10:31:50.0776 4124 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:31:50.0776 4124 RasAgileVpn - ok
10:31:50.0807 4124 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:31:50.0807 4124 RasAuto - ok
10:31:50.0870 4124 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:31:50.0870 4124 Rasl2tp - ok
10:31:50.0948 4124 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:31:50.0948 4124 RasMan - ok
10:31:51.0010 4124 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:31:51.0010 4124 RasPppoe - ok
10:31:51.0041 4124 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:31:51.0057 4124 RasSstp - ok
10:31:51.0119 4124 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:31:51.0119 4124 rdbss - ok
10:31:51.0150 4124 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
10:31:51.0150 4124 rdpbus - ok
10:31:51.0182 4124 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:31:51.0182 4124 RDPCDD - ok
10:31:51.0197 4124 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:31:51.0197 4124 RDPENCDD - ok
10:31:51.0244 4124 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:31:51.0244 4124 RDPREFMP - ok
10:31:51.0306 4124 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
10:31:51.0306 4124 RDPWD - ok
10:31:51.0369 4124 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:31:51.0369 4124 rdyboost - ok
10:31:51.0400 4124 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:31:51.0416 4124 RemoteAccess - ok
10:31:51.0431 4124 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:31:51.0447 4124 RemoteRegistry - ok
10:31:51.0509 4124 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
10:31:51.0509 4124 RFCOMM - ok
10:31:51.0587 4124 Roxio UPnP Renderer 10 (ba6ce930e1453677f7565ae45181ad76) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
10:31:51.0587 4124 Roxio UPnP Renderer 10 - ok
10:31:51.0634 4124 Roxio Upnp Server 10 (3a3d707a35ea30a6cf88b9e555e3d815) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
10:31:51.0634 4124 Roxio Upnp Server 10 - ok
10:31:51.0696 4124 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:31:51.0696 4124 RpcEptMapper - ok
10:31:51.0743 4124 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:31:51.0759 4124 RpcLocator - ok
10:31:51.0837 4124 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:31:51.0837 4124 RpcSs - ok
10:31:51.0899 4124 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:31:51.0899 4124 rspndr - ok
10:31:51.0977 4124 RSUSBSTOR (5aab4808e8ccae8c2ecda5b791260616) C:\Windows\system32\Drivers\RtsUStor.sys
10:31:51.0993 4124 RSUSBSTOR - ok
10:31:52.0040 4124 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys
10:31:52.0055 4124 RTHDMIAzAudService - ok
10:31:52.0102 4124 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:31:52.0118 4124 RTL8167 - ok
10:31:52.0196 4124 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:31:52.0196 4124 SamSs - ok
10:31:52.0336 4124 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
10:31:52.0336 4124 SASDIFSV - ok
10:31:52.0398 4124 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
10:31:52.0398 4124 SASKUTIL - ok
10:31:52.0445 4124 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:31:52.0445 4124 sbp2port - ok
10:31:52.0492 4124 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:31:52.0508 4124 SCardSvr - ok
10:31:52.0554 4124 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:31:52.0554 4124 scfilter - ok
10:31:52.0679 4124 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:31:52.0710 4124 Schedule - ok
10:31:52.0742 4124 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:31:52.0742 4124 SCPolicySvc - ok
10:31:52.0788 4124 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:31:52.0788 4124 SDRSVC - ok
10:31:52.0851 4124 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:31:52.0866 4124 secdrv - ok
10:31:52.0913 4124 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:31:52.0913 4124 seclogon - ok
10:31:52.0960 4124 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
10:31:52.0960 4124 SENS - ok
10:31:53.0007 4124 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:31:53.0007 4124 SensrSvc - ok
10:31:53.0038 4124 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
10:31:53.0054 4124 Serenum - ok
10:31:53.0069 4124 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
10:31:53.0069 4124 Serial - ok
10:31:53.0116 4124 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
10:31:53.0116 4124 sermouse - ok
10:31:53.0194 4124 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:31:53.0194 4124 SessionEnv - ok
10:31:53.0225 4124 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
10:31:53.0225 4124 SFEP - ok
10:31:53.0288 4124 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:31:53.0288 4124 sffdisk - ok
10:31:53.0319 4124 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:31:53.0319 4124 sffp_mmc - ok
10:31:53.0334 4124 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:31:53.0334 4124 sffp_sd - ok
10:31:53.0366 4124 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
10:31:53.0366 4124 sfloppy - ok
10:31:53.0459 4124 SFR.DashBoard.Service (bfee45008927e1919e0b2e850091fa6d) C:\Program Files (x86)\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe
10:31:53.0459 4124 SFR.DashBoard.Service - ok
10:31:53.0537 4124 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
10:31:53.0568 4124 Sftfs - ok
10:31:53.0662 4124 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:31:53.0662 4124 sftlist - ok
10:31:53.0724 4124 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:31:53.0740 4124 Sftplay - ok
10:31:53.0756 4124 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:31:53.0756 4124 Sftredir - ok
10:31:53.0787 4124 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
10:31:53.0787 4124 Sftvol - ok
10:31:53.0834 4124 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:31:53.0834 4124 sftvsa - ok
10:31:53.0896 4124 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:31:53.0912 4124 SharedAccess - ok
10:31:53.0974 4124 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:31:53.0990 4124 ShellHWDetection - ok
10:31:54.0036 4124 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
10:31:54.0036 4124 SiSRaid2 - ok
10:31:54.0068 4124 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
10:31:54.0068 4124 SiSRaid4 - ok
10:31:54.0473 4124 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:31:54.0598 4124 Skype C2C Service - ok
10:31:54.0738 4124 SkypeUpdate (ea396139541706b4b433641d62ea53ce) C:\Program Files (x86)\Skype\Updater\Updater.exe
10:31:54.0754 4124 SkypeUpdate - ok
10:31:54.0879 4124 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:31:54.0894 4124 Smb - ok
10:31:54.0941 4124 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:31:54.0941 4124 SNMPTRAP - ok
10:31:55.0050 4124 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
10:31:55.0050 4124 SOHCImp - ok
10:31:55.0128 4124 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
10:31:55.0128 4124 SOHDms - ok
10:31:55.0144 4124 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
10:31:55.0144 4124 SOHDs - ok
10:31:55.0331 4124 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
10:31:55.0425 4124 SpfService - ok
10:31:55.0456 4124 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:31:55.0456 4124 spldr - ok
10:31:55.0534 4124 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:31:55.0550 4124 Spooler - ok
10:31:55.0877 4124 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:31:55.0971 4124 sppsvc - ok
10:31:56.0064 4124 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:31:56.0080 4124 sppuinotify - ok
10:31:56.0174 4124 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:31:56.0174 4124 srv - ok
10:31:56.0252 4124 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:31:56.0252 4124 srv2 - ok
10:31:56.0298 4124 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:31:56.0314 4124 srvnet - ok
10:31:56.0361 4124 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:31:56.0361 4124 SSDPSRV - ok
10:31:56.0392 4124 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:31:56.0392 4124 SstpSvc - ok
10:31:56.0439 4124 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
10:31:56.0439 4124 stexstor - ok
10:31:56.0532 4124 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:31:56.0548 4124 stisvc - ok
10:31:56.0595 4124 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
10:31:56.0595 4124 swenum - ok
10:31:56.0673 4124 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:31:56.0688 4124 swprv - ok
10:31:56.0844 4124 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:31:56.0876 4124 SysMain - ok
10:31:57.0000 4124 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:31:57.0000 4124 TabletInputService - ok
10:31:57.0047 4124 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:31:57.0063 4124 TapiSrv - ok
10:31:57.0078 4124 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:31:57.0094 4124 TBS - ok
10:31:57.0281 4124 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
10:31:57.0312 4124 Tcpip - ok
10:31:57.0578 4124 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
10:31:57.0609 4124 TCPIP6 - ok
10:31:57.0765 4124 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:31:57.0765 4124 tcpipreg - ok
10:31:57.0796 4124 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:31:57.0812 4124 TDPIPE - ok
10:31:57.0843 4124 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:31:57.0858 4124 TDTCP - ok
10:31:57.0905 4124 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:31:57.0905 4124 tdx - ok
10:31:57.0968 4124 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
10:31:57.0968 4124 TermDD - ok
10:31:58.0046 4124 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:31:58.0061 4124 TermService - ok
10:31:58.0108 4124 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:31:58.0108 4124 Themes - ok
10:31:58.0139 4124 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:31:58.0155 4124 THREADORDER - ok
10:31:58.0202 4124 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:31:58.0202 4124 TrkWks - ok
10:31:58.0295 4124 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:31:58.0295 4124 TrustedInstaller - ok
10:31:58.0326 4124 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:31:58.0342 4124 tssecsrv - ok
10:31:58.0404 4124 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:31:58.0404 4124 TsUsbFlt - ok
10:31:58.0482 4124 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:31:58.0482 4124 tunnel - ok
10:31:58.0529 4124 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
10:31:58.0529 4124 uagp35 - ok
10:31:58.0592 4124 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
10:31:58.0607 4124 uCamMonitor - ok
10:31:58.0670 4124 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:31:58.0685 4124 udfs - ok
10:31:58.0732 4124 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:31:58.0732 4124 UI0Detect - ok
10:31:58.0779 4124 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:31:58.0779 4124 uliagpkx - ok
10:31:58.0841 4124 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
10:31:58.0841 4124 umbus - ok
10:31:58.0857 4124 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
10:31:58.0872 4124 UmPass - ok
10:31:58.0919 4124 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:31:58.0935 4124 upnphost - ok
10:31:58.0966 4124 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
10:31:58.0966 4124 USBAAPL64 - ok
10:31:58.0997 4124 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:31:58.0997 4124 usbccgp - ok
10:31:59.0060 4124 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:31:59.0060 4124 usbcir - ok
10:31:59.0091 4124 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
10:31:59.0091 4124 usbehci - ok
10:31:59.0138 4124 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys
10:31:59.0138 4124 usbfilter - ok
10:31:59.0200 4124 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:31:59.0200 4124 usbhub - ok
10:31:59.0231 4124 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
10:31:59.0247 4124 usbohci - ok
10:31:59.0278 4124 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
10:31:59.0278 4124 usbprint - ok
10:31:59.0325 4124 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
10:31:59.0325 4124 usbscan - ok
10:31:59.0372 4124 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:31:59.0372 4124 USBSTOR - ok
10:31:59.0387 4124 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
10:31:59.0403 4124 usbuhci - ok
10:31:59.0465 4124 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
10:31:59.0465 4124 usbvideo - ok
10:31:59.0496 4124 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:31:59.0512 4124 UxSms - ok
10:31:59.0621 4124 VAIO Entertainment TV Device Arbitration Service (8e68e4aa2d7abbf7c9159d9d2a38ae0f) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
10:31:59.0746 4124 VAIO Entertainment TV Device Arbitration Service - ok
10:31:59.0824 4124 VAIO Event Service (cb5b94ee1775fa4cd6b133f1745003c6) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
10:31:59.0824 4124 VAIO Event Service - ok
10:31:59.0964 4124 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
10:31:59.0980 4124 VAIO Power Management - ok
10:32:00.0011 4124 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:32:00.0011 4124 VaultSvc - ok
10:32:00.0136 4124 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
10:32:00.0495 4124 VCFw - ok
10:32:00.0635 4124 VcmIAlzMgr (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
10:32:00.0651 4124 VcmIAlzMgr - ok
10:32:00.0729 4124 VcmINSMgr (7a88cfd3fe99f2c9b95a6e2a08b96e14) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
10:32:00.0744 4124 VcmINSMgr - ok
10:32:00.0855 4124 VcmXmlIfHelper (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
10:32:00.0933 4124 VcmXmlIfHelper - ok
10:32:00.0995 4124 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
10:32:00.0995 4124 VCService - ok
10:32:01.0135 4124 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:32:01.0135 4124 vdrvroot - ok
10:32:01.0213 4124 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:32:01.0245 4124 vds - ok
10:32:01.0307 4124 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:32:01.0307 4124 vga - ok
10:32:01.0338 4124 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:32:01.0338 4124 VgaSave - ok
10:32:01.0385 4124 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:32:01.0385 4124 vhdmp - ok
10:32:01.0416 4124 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:32:01.0416 4124 viaide - ok
10:32:01.0447 4124 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:32:01.0447 4124 volmgr - ok
10:32:01.0510 4124 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:32:01.0525 4124 volmgrx - ok
10:32:01.0572 4124 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:32:01.0588 4124 volsnap - ok
10:32:01.0635 4124 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
10:32:01.0635 4124 vsmraid - ok
10:32:01.0822 4124 VSNService (047f22bdfdae6df6f1e47e747a1237a2) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
10:32:01.0838 4124 VSNService - ok
10:32:01.0994 4124 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:32:02.0041 4124 VSS - ok
10:32:02.0260 4124 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
10:32:02.0275 4124 VUAgent - ok
10:32:02.0431 4124 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:32:02.0431 4124 vwifibus - ok
10:32:02.0478 4124 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:32:02.0478 4124 vwififlt - ok
10:32:02.0525 4124 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:32:02.0525 4124 vwifimp - ok
10:32:02.0603 4124 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:32:02.0618 4124 W32Time - ok
10:32:02.0650 4124 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
10:32:02.0650 4124 WacomPen - ok
10:32:02.0743 4124 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:32:02.0743 4124 WANARP - ok
10:32:02.0743 4124 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:32:02.0759 4124 Wanarpv6 - ok
10:32:02.0900 4124 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:32:02.0916 4124 WatAdminSvc - ok
10:32:03.0056 4124 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:32:03.0087 4124 wbengine - ok
10:32:03.0197 4124 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:32:03.0212 4124 WbioSrvc - ok
10:32:03.0275 4124 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:32:03.0290 4124 wcncsvc - ok
10:32:03.0321 4124 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:32:03.0321 4124 WcsPlugInService - ok
10:32:03.0368 4124 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
10:32:03.0368 4124 Wd - ok
10:32:03.0431 4124 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:32:03.0446 4124 Wdf01000 - ok
10:32:03.0493 4124 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:32:03.0493 4124 WdiServiceHost - ok
10:32:03.0493 4124 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:32:03.0509 4124 WdiSystemHost - ok
10:32:03.0555 4124 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:32:03.0571 4124 WebClient - ok
10:32:03.0618 4124 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:32:03.0633 4124 Wecsvc - ok
10:32:03.0665 4124 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:32:03.0665 4124 wercplsupport - ok
10:32:03.0743 4124 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:32:03.0743 4124 WerSvc - ok
10:32:03.0805 4124 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:32:03.0805 4124 WfpLwf - ok
10:32:03.0821 4124 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:32:03.0821 4124 WIMMount - ok
10:32:03.0852 4124 WinDefend - ok
10:32:03.0867 4124 WinHttpAutoProxySvc - ok
10:32:03.0961 4124 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:32:03.0961 4124 Winmgmt - ok
10:32:04.0148 4124 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:32:04.0195 4124 WinRM - ok
10:32:04.0367 4124 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
10:32:04.0367 4124 WinUsb - ok
10:32:04.0445 4124 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:32:04.0476 4124 Wlansvc - ok
10:32:04.0585 4124 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:32:04.0601 4124 wlcrasvc - ok
10:32:04.0850 4124 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:32:04.0897 4124 wlidsvc - ok
10:32:05.0022 4124 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:32:05.0022 4124 WmiAcpi - ok
10:32:05.0100 4124 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:32:05.0115 4124 wmiApSrv - ok
10:32:05.0147 4124 WMPNetworkSvc - ok
10:32:05.0178 4124 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:32:05.0178 4124 WPCSvc - ok
10:32:05.0240 4124 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:32:05.0240 4124 WPDBusEnum - ok
10:32:05.0271 4124 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:32:05.0271 4124 ws2ifsl - ok
10:32:05.0303 4124 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
10:32:05.0303 4124 wscsvc - ok
10:32:05.0318 4124 WSearch - ok
10:32:05.0537 4124 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
10:32:05.0599 4124 wuauserv - ok
10:32:05.0786 4124 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:32:05.0786 4124 WudfPf - ok
10:32:05.0817 4124 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:32:05.0833 4124 WUDFRd - ok
10:32:05.0864 4124 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:32:05.0880 4124 wudfsvc - ok
10:32:05.0927 4124 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:32:05.0927 4124 WwanSvc - ok
10:32:06.0005 4124 ZTEusbmdm6k (bcd008c9fc4b57c107cbcfc3e77b58ba) C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
10:32:06.0005 4124 ZTEusbmdm6k - ok
10:32:06.0036 4124 ZTEusbnet (9e74e0d096f8023a68a262a012153182) C:\Windows\system32\DRIVERS\ZTEusbnet.sys
10:32:06.0036 4124 ZTEusbnet - ok
10:32:06.0083 4124 ZTEusbnmea (bcd008c9fc4b57c107cbcfc3e77b58ba) C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
10:32:06.0083 4124 ZTEusbnmea - ok
10:32:06.0114 4124 ZTEusbser6k (bcd008c9fc4b57c107cbcfc3e77b58ba) C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
10:32:06.0114 4124 ZTEusbser6k - ok
10:32:06.0161 4124 ZTEusbvoice (bcd008c9fc4b57c107cbcfc3e77b58ba) C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
10:32:06.0161 4124 ZTEusbvoice - ok
10:32:06.0254 4124 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:32:06.0488 4124 \Device\Harddisk0\DR0 - ok
10:32:06.0488 4124 Boot (0x1200) (8da5696b38a1bf709ee8d9ed14e73b63) \Device\Harddisk0\DR0\Partition0
10:32:06.0488 4124 \Device\Harddisk0\DR0\Partition0 - ok
10:32:06.0519 4124 Boot (0x1200) (7c473209a671bab57308d55adddcebd0) \Device\Harddisk0\DR0\Partition1
10:32:06.0519 4124 \Device\Harddisk0\DR0\Partition1 - ok
10:32:06.0519 4124 ============================================================
10:32:06.0519 4124 Scan finished
10:32:06.0519 4124 ============================================================
10:32:06.0551 4064 Detected object count: 0
10:32:06.0551 4064 Actual detected object count: 0


Here is the log from Eset scan

C:\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Users\Satveer\AppData\Local\Temp\SetupDataMngr_Searchqu.exe a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\Users\Satveer\AppData\Local\Temp\YontooSetup-Silent.exe probably a variant of Win32/Adware.KMLIIDW application cleaned by deleting - quarantined
C:\Users\Satveer\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\2fc1f1cd-3fd7d12d a variant of Java/Agent.BP trojan deleted - quarantined
C:\Users\Satveer\Downloads\vlcmediaplayer-setup.exe Win32/DownloadAdmin.A.Gen application cleaned by deleting - quarantined

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 62,902 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:44 PM

Posted 13 July 2012 - 01:23 PM

Well ,I am surprised it's still occurring! Appears we need a deeper look. Please go here....Preparation Guide ,do steps 6-9.

Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.
If GMER won't run (it may not on a 64 bit system) skip it and move on.

Let me know if that went well.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users