TechSpot

Svchost.exe (Trojan.agent) Malwarebytes cannot remove/system crashing

Solved
By mmcook
Apr 12, 2012
  1. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    I'm afraid I'm still experiencing redirects.
     
  2. Broni

    Broni Malware Annihilator Posts: 48,045   +271

    Post new aswMBR log.
     
  3. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-04-18 19:24:00
    -----------------------------
    19:24:00.869 OS Version: Windows x64 6.1.7601 Service Pack 1
    19:24:00.869 Number of processors: 2 586 0x170A
    19:24:00.869 ComputerName: COOK-HOME UserName: mmcook
    19:24:01.992 Initialize success
    19:28:08.228 AVAST engine defs: 12041802
    19:28:18.883 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
    19:28:18.883 Disk 0 Vendor: WDC_WD6400AAKS-75A7B2 01.03B01 Size: 610480MB BusType: 3
    19:28:18.899 Disk 0 MBR read successfully
    19:28:18.899 Disk 0 MBR scan
    19:28:18.914 Disk 0 Windows 7 default MBR code
    19:28:18.914 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
    19:28:18.914 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 7918 MB offset 112640
    19:28:18.930 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 602506 MB offset 16328704
    19:28:18.946 Disk 0 scanning C:\Windows\system32\drivers
    19:28:26.590 Service scanning
    19:28:44.405 Modules scanning
    19:28:44.405 Disk 0 trace - called modules:
    19:28:44.436 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
    19:28:44.436 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048e86f0]
    19:28:44.452 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa800396ce40]
    19:28:44.452 5 ACPI.sys[fffff88000f457a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004459060]
    19:28:45.965 AVAST engine scan C:\Windows
    19:28:49.038 AVAST engine scan C:\Windows\system32
    19:30:59.086 AVAST engine scan C:\Windows\system32\drivers
    19:31:08.399 AVAST engine scan C:\Users\mmcook
    19:34:40.138 AVAST engine scan C:\ProgramData
    19:36:59.821 Scan finished successfully
    19:38:08.586 Disk 0 MBR has been saved successfully to "C:\Users\mmcook\Desktop\MBR.dat"
    19:38:08.601 The log file has been saved successfully to "C:\Users\mmcook\Desktop\aswMBR(3).txt"
     
  4. Broni

    Broni Malware Annihilator Posts: 48,045   +271

    Zip MBR.dat file and attach it to your next reply.
    The file is on your desktop.
     
  5. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    Not sure what you mean by Zip. When I try to open the file it tells me Windows can't open it and needs to know what program to use to open it.
     
  6. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    Is this what you meant?
     

    Attached Files:

    • MBR.zip
      File size:
      574 bytes
      Views:
      1
  7. Broni

    Broni Malware Annihilator Posts: 48,045   +271

    Yes. Hold on....
     
  8. Broni

    Broni Malware Annihilator Posts: 48,045   +271

    MBR is clean.

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
     
  9. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    Can I use the TDSSKiller that is already on the desktop or do I need to download a new one?
     
  10. Broni

    Broni Malware Annihilator Posts: 48,045   +271

    It's better to delete your file and download fresh one.
     
  11. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    Got it. Says no threats found :(

    (Part 1)

    21:06:40.0953 5104 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
    21:06:42.0981 5104 ============================================================
    21:06:42.0981 5104 Current date / time: 2012/04/18 21:06:42.0981
    21:06:42.0981 5104 SystemInfo:
    21:06:42.0981 5104
    21:06:42.0981 5104 OS Version: 6.1.7601 ServicePack: 1.0
    21:06:42.0981 5104 Product type: Workstation
    21:06:42.0981 5104 ComputerName: COOK-HOME
    21:06:42.0981 5104 UserName: mmcook
    21:06:42.0981 5104 Windows directory: C:\Windows
    21:06:42.0981 5104 System windows directory: C:\Windows
    21:06:42.0981 5104 Running under WOW64
    21:06:42.0981 5104 Processor architecture: Intel x64
    21:06:42.0981 5104 Number of processors: 2
    21:06:42.0981 5104 Page size: 0x1000
    21:06:42.0981 5104 Boot type: Normal boot
    21:06:42.0981 5104 ============================================================
    21:06:43.0683 5104 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    21:06:43.0745 5104 \Device\Harddisk0\DR0:
    21:06:43.0745 5104 MBR partitions:
    21:06:43.0745 5104 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0xF77000
    21:06:43.0745 5104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xF92800, BlocksNum 0x498C5000
    21:06:43.0761 5104 C: <-> \Device\Harddisk0\DR0\Partition1
    21:06:43.0761 5104 Initialize success
    21:06:43.0761 5104 ============================================================
    21:06:59.0423 4032 ============================================================
    21:06:59.0423 4032 Scan started
    21:06:59.0423 4032 Mode: Manual;
    21:06:59.0423 4032 ============================================================
    21:07:00.0172 4032 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
    21:07:00.0188 4032 1394ohci - ok
    21:07:00.0281 4032 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
    21:07:00.0281 4032 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
    21:07:00.0344 4032 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
    21:07:00.0344 4032 ACPI - ok
    21:07:00.0390 4032 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
    21:07:00.0390 4032 AcpiPmi - ok
    21:07:00.0500 4032 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    21:07:00.0515 4032 AdobeFlashPlayerUpdateSvc - ok
    21:07:00.0562 4032 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
    21:07:00.0578 4032 adp94xx - ok
    21:07:00.0624 4032 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
    21:07:00.0624 4032 adpahci - ok
    21:07:00.0640 4032 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
    21:07:00.0640 4032 adpu320 - ok
    21:07:00.0656 4032 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
    21:07:00.0656 4032 AeLookupSvc - ok
    21:07:00.0734 4032 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    21:07:00.0734 4032 AERTFilters - ok
    21:07:00.0780 4032 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
    21:07:00.0780 4032 AFD - ok
    21:07:00.0812 4032 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
    21:07:00.0812 4032 agp440 - ok
    21:07:00.0858 4032 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
    21:07:00.0858 4032 ALG - ok
    21:07:00.0890 4032 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
    21:07:00.0890 4032 aliide - ok
    21:07:00.0921 4032 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
    21:07:00.0921 4032 amdide - ok
    21:07:00.0921 4032 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
    21:07:00.0921 4032 AmdK8 - ok
    21:07:00.0968 4032 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
    21:07:00.0968 4032 AmdPPM - ok
    21:07:01.0014 4032 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
    21:07:01.0014 4032 amdsata - ok
    21:07:01.0046 4032 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
    21:07:01.0046 4032 amdsbs - ok
    21:07:01.0061 4032 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
    21:07:01.0061 4032 amdxata - ok
    21:07:01.0124 4032 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
    21:07:01.0124 4032 AppID - ok
    21:07:01.0155 4032 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
    21:07:01.0155 4032 AppIDSvc - ok
    21:07:01.0202 4032 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
    21:07:01.0202 4032 Appinfo - ok
    21:07:01.0295 4032 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    21:07:01.0295 4032 Apple Mobile Device - ok
    21:07:01.0342 4032 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
    21:07:01.0342 4032 arc - ok
    21:07:01.0373 4032 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
    21:07:01.0373 4032 arcsas - ok
    21:07:01.0389 4032 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
    21:07:01.0389 4032 AsyncMac - ok
    21:07:01.0436 4032 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
    21:07:01.0436 4032 atapi - ok
    21:07:01.0482 4032 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
    21:07:01.0514 4032 AudioEndpointBuilder - ok
    21:07:01.0529 4032 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
    21:07:01.0545 4032 AudioSrv - ok
    21:07:01.0592 4032 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
    21:07:01.0592 4032 AxInstSV - ok
    21:07:01.0623 4032 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
    21:07:01.0638 4032 b06bdrv - ok
    21:07:01.0670 4032 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
    21:07:01.0670 4032 b57nd60a - ok
    21:07:01.0763 4032 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
    21:07:01.0763 4032 BBSvc - ok
    21:07:01.0826 4032 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
    21:07:01.0826 4032 BDESVC - ok
    21:07:01.0841 4032 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
    21:07:01.0841 4032 Beep - ok
    21:07:01.0919 4032 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
    21:07:01.0935 4032 BFE - ok
    21:07:01.0966 4032 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
    21:07:01.0982 4032 BITS - ok
    21:07:02.0013 4032 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
    21:07:02.0013 4032 blbdrive - ok
    21:07:02.0091 4032 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
    21:07:02.0106 4032 Bonjour Service - ok
    21:07:02.0138 4032 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
    21:07:02.0138 4032 bowser - ok
    21:07:02.0169 4032 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
    21:07:02.0169 4032 BrFiltLo - ok
    21:07:02.0184 4032 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
    21:07:02.0184 4032 BrFiltUp - ok
    21:07:02.0231 4032 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
    21:07:02.0247 4032 BridgeMP - ok
    21:07:02.0278 4032 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
    21:07:02.0278 4032 Browser - ok
    21:07:02.0309 4032 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
    21:07:02.0309 4032 Brserid - ok
    21:07:02.0325 4032 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
    21:07:02.0325 4032 BrSerWdm - ok
    21:07:02.0340 4032 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
    21:07:02.0340 4032 BrUsbMdm - ok
    21:07:02.0356 4032 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
    21:07:02.0356 4032 BrUsbSer - ok
    21:07:02.0403 4032 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
    21:07:02.0403 4032 BthEnum - ok
    21:07:02.0434 4032 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
    21:07:02.0434 4032 BTHMODEM - ok
    21:07:02.0481 4032 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
    21:07:02.0481 4032 BthPan - ok
    21:07:02.0543 4032 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
    21:07:02.0559 4032 BTHPORT - ok
    21:07:02.0606 4032 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
    21:07:02.0606 4032 bthserv - ok
    21:07:02.0637 4032 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
    21:07:02.0652 4032 BTHUSB - ok
    21:07:02.0684 4032 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
    21:07:02.0684 4032 BVRPMPR5a64 - ok
    21:07:02.0699 4032 catchme - ok
    21:07:02.0777 4032 ccEvtMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    21:07:02.0777 4032 ccEvtMgr - ok
    21:07:02.0793 4032 ccSetMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
    21:07:02.0793 4032 ccSetMgr - ok
    21:07:02.0840 4032 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
    21:07:02.0840 4032 cdfs - ok
    21:07:02.0933 4032 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
    21:07:02.0949 4032 cdrom - ok
    21:07:02.0996 4032 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
    21:07:02.0996 4032 CertPropSvc - ok
    21:07:03.0011 4032 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
    21:07:03.0011 4032 circlass - ok
    21:07:03.0042 4032 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
    21:07:03.0042 4032 CLFS - ok
    21:07:03.0089 4032 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    21:07:03.0105 4032 clr_optimization_v2.0.50727_32 - ok
    21:07:03.0136 4032 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    21:07:03.0136 4032 clr_optimization_v2.0.50727_64 - ok
    21:07:03.0214 4032 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    21:07:03.0214 4032 clr_optimization_v4.0.30319_32 - ok
    21:07:03.0261 4032 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    21:07:03.0261 4032 clr_optimization_v4.0.30319_64 - ok
    21:07:03.0292 4032 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
    21:07:03.0292 4032 CmBatt - ok
    21:07:03.0339 4032 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
    21:07:03.0339 4032 cmdide - ok
    21:07:03.0370 4032 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
    21:07:03.0386 4032 CNG - ok
    21:07:03.0401 4032 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
    21:07:03.0401 4032 Compbatt - ok
    21:07:03.0448 4032 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
    21:07:03.0464 4032 CompositeBus - ok
    21:07:03.0479 4032 COMSysApp - ok
    21:07:03.0510 4032 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
    21:07:03.0510 4032 crcdisk - ok
    21:07:03.0542 4032 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
    21:07:03.0542 4032 CryptSvc - ok
    21:07:03.0604 4032 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
    21:07:03.0604 4032 ctxusbm - ok
    21:07:03.0744 4032 CwAltaService20 (b183a2b73a702d4516ff262961f171d6) C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe
    21:07:03.0760 4032 CwAltaService20 - ok
    21:07:03.0791 4032 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
    21:07:03.0807 4032 DcomLaunch - ok
    21:07:03.0838 4032 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
    21:07:03.0838 4032 defragsvc - ok
    21:07:03.0885 4032 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
    21:07:03.0885 4032 DfsC - ok
    21:07:03.0932 4032 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
    21:07:03.0947 4032 Dhcp - ok
    21:07:03.0978 4032 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
    21:07:03.0978 4032 discache - ok
    21:07:04.0010 4032 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
    21:07:04.0010 4032 Disk - ok
    21:07:04.0041 4032 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
    21:07:04.0056 4032 Dnscache - ok
    21:07:04.0134 4032 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
    21:07:04.0134 4032 DockLoginService - ok
    21:07:04.0166 4032 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
    21:07:04.0181 4032 dot3svc - ok
    21:07:04.0212 4032 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
    21:07:04.0212 4032 DPS - ok
    21:07:04.0259 4032 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
    21:07:04.0259 4032 drmkaud - ok
    21:07:04.0322 4032 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
    21:07:04.0337 4032 DXGKrnl - ok
    21:07:04.0368 4032 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
    21:07:04.0384 4032 EapHost - ok
    21:07:04.0479 4032 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
    21:07:04.0541 4032 ebdrv - ok
    21:07:04.0619 4032 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
    21:07:04.0635 4032 eeCtrl - ok
    21:07:04.0666 4032 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
    21:07:04.0666 4032 EFS - ok
    21:07:04.0728 4032 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
    21:07:04.0744 4032 ehRecvr - ok
    21:07:04.0775 4032 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
    21:07:04.0775 4032 ehSched - ok
    21:07:04.0822 4032 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
    21:07:04.0837 4032 elxstor - ok
    21:07:04.0931 4032 EPSON_EB_RPCV4_04 (7db097f4f6786307168c0dddec43a565) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
    21:07:04.0931 4032 EPSON_EB_RPCV4_04 - ok
    21:07:04.0978 4032 EPSON_PM_RPCV4_04 (258aa65a0862e19b7de6981fda3758ad) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
    21:07:04.0978 4032 EPSON_PM_RPCV4_04 - ok
    21:07:05.0025 4032 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
    21:07:05.0025 4032 ErrDev - ok
    21:07:05.0071 4032 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
    21:07:05.0071 4032 EventSystem - ok
    21:07:05.0118 4032 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
    21:07:05.0118 4032 exfat - ok
    21:07:05.0149 4032 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
    21:07:05.0149 4032 fastfat - ok
    21:07:05.0212 4032 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
    21:07:05.0227 4032 Fax - ok
    21:07:05.0243 4032 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
    21:07:05.0243 4032 fdc - ok
    21:07:05.0259 4032 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
    21:07:05.0259 4032 fdPHost - ok
    21:07:05.0274 4032 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
    21:07:05.0274 4032 FDResPub - ok
    21:07:05.0290 4032 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
    21:07:05.0290 4032 FileInfo - ok
    21:07:05.0305 4032 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
    21:07:05.0305 4032 Filetrace - ok
    21:07:05.0383 4032 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    21:07:05.0399 4032 FLEXnet Licensing Service - ok
    21:07:05.0415 4032 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
    21:07:05.0415 4032 flpydisk - ok
    21:07:05.0446 4032 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
    21:07:05.0446 4032 FltMgr - ok
    21:07:05.0493 4032 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
    21:07:05.0524 4032 FontCache - ok
    21:07:05.0571 4032 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    21:07:05.0571 4032 FontCache3.0.0.0 - ok
    21:07:05.0680 4032 FreeAgentGoNext Service (07af7870abf051ebbae8a8a92ff34abe) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
    21:07:05.0680 4032 FreeAgentGoNext Service - ok
    21:07:05.0711 4032 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
    21:07:05.0711 4032 FsDepends - ok
    21:07:05.0773 4032 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
    21:07:05.0773 4032 fssfltr - ok
    21:07:05.0851 4032 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
    21:07:05.0898 4032 fsssvc - ok
    21:07:05.0929 4032 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
    21:07:05.0929 4032 Fs_Rec - ok
    21:07:05.0961 4032 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
    21:07:05.0976 4032 fvevol - ok
    21:07:06.0007 4032 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
    21:07:06.0007 4032 gagp30kx - ok
    21:07:06.0054 4032 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    21:07:06.0070 4032 GEARAspiWDM - ok
    21:07:06.0148 4032 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
    21:07:06.0148 4032 GoToAssist - ok
    21:07:06.0195 4032 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
    21:07:06.0210 4032 gpsvc - ok
    21:07:06.0241 4032 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
    21:07:06.0241 4032 hcw85cir - ok
    21:07:06.0288 4032 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
    21:07:06.0288 4032 HdAudAddService - ok
    21:07:06.0335 4032 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
    21:07:06.0335 4032 HDAudBus - ok
    21:07:06.0351 4032 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
    21:07:06.0351 4032 HidBatt - ok
    21:07:06.0366 4032 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
    21:07:06.0366 4032 HidBth - ok
    21:07:06.0382 4032 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
    21:07:06.0382 4032 HidIr - ok
    21:07:06.0413 4032 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
    21:07:06.0413 4032 hidserv - ok
    21:07:06.0460 4032 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
    21:07:06.0460 4032 HidUsb - ok
    21:07:06.0491 4032 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
    21:07:06.0491 4032 hkmsvc - ok
    21:07:06.0522 4032 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
    21:07:06.0522 4032 HomeGroupListener - ok
    21:07:06.0569 4032 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
    21:07:06.0569 4032 HomeGroupProvider - ok
    21:07:06.0616 4032 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
    21:07:06.0616 4032 HpSAMD - ok
    21:07:06.0663 4032 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
    21:07:06.0678 4032 HTTP - ok
    21:07:06.0725 4032 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
    21:07:06.0725 4032 hwpolicy - ok
    21:07:06.0772 4032 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
    21:07:06.0772 4032 i8042prt - ok
    21:07:06.0803 4032 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
    21:07:06.0803 4032 iaStorV - ok
    21:07:06.0912 4032 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    21:07:06.0912 4032 IDriverT - ok
    21:07:06.0990 4032 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    21:07:07.0021 4032 idsvc - ok
    21:07:07.0146 4032 igfx (24cc43ecdeefd4c19fbbee4951b647f1) C:\Windows\system32\DRIVERS\igdkmd64.sys
    21:07:07.0255 4032 igfx - ok
    21:07:07.0287 4032 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
    21:07:07.0287 4032 iirsp - ok
    21:07:07.0349 4032 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
    21:07:07.0380 4032 IKEEXT - ok
    21:07:07.0474 4032 IntcAzAudAddService (dab7318ccfa8081200d5b7b486793f74) C:\Windows\system32\drivers\RTKVHD64.sys
    21:07:07.0536 4032 IntcAzAudAddService - ok
    21:07:07.0568 4032 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
    21:07:07.0568 4032 intelide - ok
    21:07:07.0614 4032 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
    21:07:07.0614 4032 intelppm - ok
    21:07:07.0646 4032 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
    21:07:07.0646 4032 IPBusEnum - ok
    21:07:07.0677 4032 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    21:07:07.0677 4032 IpFilterDriver - ok
    21:07:07.0739 4032 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
    21:07:07.0755 4032 iphlpsvc - ok
    21:07:07.0786 4032 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
    21:07:07.0786 4032 IPMIDRV - ok
    21:07:07.0833 4032 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
    21:07:07.0833 4032 IPNAT - ok
    21:07:07.0958 4032 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe
    21:07:07.0973 4032 iPod Service - ok
    21:07:08.0129 4032 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
    21:07:08.0129 4032 IRENUM - ok
    21:07:08.0145 4032 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
    21:07:08.0145 4032 isapnp - ok
    21:07:08.0192 4032 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
    21:07:08.0207 4032 iScsiPrt - ok
    21:07:08.0223 4032 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
    21:07:08.0223 4032 kbdclass - ok
    21:07:08.0254 4032 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
    21:07:08.0254 4032 kbdhid - ok
    21:07:08.0301 4032 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    21:07:08.0301 4032 KeyIso - ok
    21:07:08.0332 4032 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
    21:07:08.0332 4032 KSecDD - ok
    21:07:08.0363 4032 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
    21:07:08.0379 4032 KSecPkg - ok
    21:07:08.0394 4032 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
    21:07:08.0394 4032 ksthunk - ok
    21:07:08.0441 4032 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
    21:07:08.0441 4032 KtmRm - ok
    21:07:08.0488 4032 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
    21:07:08.0504 4032 LanmanServer - ok
    21:07:08.0535 4032 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
    21:07:08.0535 4032 LanmanWorkstation - ok
    21:07:08.0675 4032 LiveUpdate (e34152d03caaaaa81dd66d803f392522) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
    21:07:08.0738 4032 LiveUpdate - ok
    21:07:08.0753 4032 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
    21:07:08.0753 4032 lltdio - ok
    21:07:08.0800 4032 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
    21:07:08.0800 4032 lltdsvc - ok
    21:07:08.0831 4032 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
    21:07:08.0847 4032 lmhosts - ok
    21:07:08.0878 4032 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
    21:07:08.0878 4032 LSI_FC - ok
    21:07:08.0925 4032 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
    21:07:08.0925 4032 LSI_SAS - ok
    21:07:08.0940 4032 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
    21:07:08.0940 4032 LSI_SAS2 - ok
    21:07:08.0956 4032 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
    21:07:08.0956 4032 LSI_SCSI - ok
    21:07:08.0972 4032 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
    21:07:08.0972 4032 luafv - ok
    21:07:09.0034 4032 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
    21:07:09.0034 4032 McciCMService - ok
    21:07:09.0112 4032 McciCMService64 (859e5a32485178daeca06b52e2bb44b2) C:\Program Files\Common Files\Motive\McciCMService.exe
    21:07:09.0112 4032 McciCMService64 - ok
    21:07:09.0143 4032 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
    21:07:09.0159 4032 Mcx2Svc - ok
    21:07:09.0190 4032 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
    21:07:09.0190 4032 megasas - ok
    21:07:09.0206 4032 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
    21:07:09.0206 4032 MegaSR - ok
    21:07:09.0284 4032 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
    21:07:09.0284 4032 Microsoft Office Groove Audit Service - ok
    21:07:09.0346 4032 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    21:07:09.0346 4032 MMCSS - ok
    21:07:09.0362 4032 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
    21:07:09.0362 4032 Modem - ok
    21:07:09.0408 4032 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
    21:07:09.0408 4032 monitor - ok
    21:07:09.0455 4032 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
    21:07:09.0455 4032 mouclass - ok
    21:07:09.0486 4032 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
    21:07:09.0486 4032 mouhid - ok
    21:07:09.0518 4032 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
    21:07:09.0533 4032 mountmgr - ok
    21:07:09.0564 4032 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
    21:07:09.0564 4032 mpio - ok
    21:07:09.0596 4032 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
    21:07:09.0596 4032 mpsdrv - ok
    21:07:09.0674 4032 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
    21:07:09.0689 4032 MpsSvc - ok
    21:07:09.0752 4032 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
    21:07:09.0752 4032 MREMP50 - ok
    21:07:09.0814 4032 MREMP50a64 - ok
    21:07:09.0814 4032 MREMPR5 - ok
    21:07:09.0830 4032 MRENDIS5 - ok
    21:07:09.0845 4032 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
    21:07:09.0845 4032 MRESP50 - ok
    21:07:09.0861 4032 MRESP50a64 - ok
    21:07:09.0908 4032 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
    21:07:09.0908 4032 MRxDAV - ok
    21:07:09.0939 4032 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
    21:07:09.0939 4032 mrxsmb - ok
    21:07:09.0986 4032 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    21:07:10.0001 4032 mrxsmb10 - ok
    21:07:10.0017 4032 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    21:07:10.0017 4032 mrxsmb20 - ok
    21:07:10.0064 4032 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
    21:07:10.0064 4032 msahci - ok
    21:07:10.0095 4032 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
    21:07:10.0095 4032 msdsm - ok
    21:07:10.0142 4032 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
    21:07:10.0142 4032 MSDTC - ok
    21:07:10.0188 4032 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
    21:07:10.0188 4032 Msfs - ok
    21:07:10.0220 4032 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
    21:07:10.0220 4032 mshidkmdf - ok
    21:07:10.0266 4032 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
    21:07:10.0266 4032 msisadrv - ok
    21:07:10.0298 4032 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
    21:07:10.0298 4032 MSiSCSI - ok
    21:07:10.0313 4032 msiserver - ok
     
     
  12. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    (part 2)


    21:07:10.0344 4032 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
    21:07:10.0344 4032 MSKSSRV - ok
    21:07:10.0376 4032 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
    21:07:10.0376 4032 MSPCLOCK - ok
    21:07:10.0407 4032 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
    21:07:10.0407 4032 MSPQM - ok
    21:07:10.0438 4032 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
    21:07:10.0454 4032 MsRPC - ok
    21:07:10.0485 4032 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
    21:07:10.0485 4032 mssmbios - ok
    21:07:10.0485 4032 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
    21:07:10.0500 4032 MSTEE - ok
    21:07:10.0500 4032 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
    21:07:10.0500 4032 MTConfig - ok
    21:07:10.0532 4032 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
    21:07:10.0532 4032 Mup - ok
    21:07:10.0563 4032 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
    21:07:10.0578 4032 napagent - ok
    21:07:10.0625 4032 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
    21:07:10.0625 4032 NativeWifiP - ok
    21:07:10.0766 4032 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120327.008\ENG64.SYS
    21:07:10.0766 4032 NAVENG - ok
    21:07:10.0828 4032 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120327.008\EX64.SYS
    21:07:10.0859 4032 NAVEX15 - ok
    21:07:10.0906 4032 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
    21:07:10.0937 4032 NDIS - ok
    21:07:10.0937 4032 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
    21:07:10.0937 4032 NdisCap - ok
    21:07:10.0968 4032 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
    21:07:10.0968 4032 NdisTapi - ok
    21:07:11.0015 4032 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
    21:07:11.0015 4032 Ndisuio - ok
    21:07:11.0046 4032 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
    21:07:11.0046 4032 NdisWan - ok
    21:07:11.0093 4032 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
    21:07:11.0093 4032 NDProxy - ok
    21:07:11.0109 4032 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
    21:07:11.0109 4032 NetBIOS - ok
    21:07:11.0140 4032 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
    21:07:11.0140 4032 NetBT - ok
    21:07:11.0187 4032 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    21:07:11.0187 4032 Netlogon - ok
    21:07:11.0218 4032 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
    21:07:11.0218 4032 Netman - ok
    21:07:11.0249 4032 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
    21:07:11.0249 4032 netprofm - ok
    21:07:11.0296 4032 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    21:07:11.0296 4032 NetTcpPortSharing - ok
    21:07:11.0343 4032 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
    21:07:11.0343 4032 nfrd960 - ok
    21:07:11.0405 4032 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
    21:07:11.0405 4032 NlaSvc - ok
    21:07:11.0499 4032 nmservice (cd569fa91ec6f59d045c19d0d3850f44) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
    21:07:11.0499 4032 nmservice - ok
    21:07:11.0514 4032 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
    21:07:11.0514 4032 Npfs - ok
    21:07:11.0530 4032 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
    21:07:11.0530 4032 nsi - ok
    21:07:11.0546 4032 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
    21:07:11.0546 4032 nsiproxy - ok
    21:07:11.0608 4032 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
    21:07:11.0639 4032 Ntfs - ok
    21:07:11.0670 4032 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
    21:07:11.0670 4032 Null - ok
    21:07:11.0702 4032 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
    21:07:11.0702 4032 nvraid - ok
    21:07:11.0733 4032 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
    21:07:11.0733 4032 nvstor - ok
    21:07:11.0764 4032 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
    21:07:11.0764 4032 nv_agp - ok
    21:07:11.0826 4032 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    21:07:11.0842 4032 odserv - ok
    21:07:11.0873 4032 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
    21:07:11.0873 4032 ohci1394 - ok
    21:07:11.0936 4032 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    21:07:11.0936 4032 ose - ok
    21:07:11.0982 4032 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    21:07:11.0998 4032 p2pimsvc - ok
    21:07:12.0029 4032 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
    21:07:12.0045 4032 p2psvc - ok
    21:07:12.0092 4032 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
    21:07:12.0092 4032 Parport - ok
    21:07:12.0138 4032 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
    21:07:12.0138 4032 partmgr - ok
    21:07:12.0154 4032 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
    21:07:12.0154 4032 PcaSvc - ok
    21:07:12.0170 4032 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
    21:07:12.0170 4032 pci - ok
    21:07:12.0185 4032 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
    21:07:12.0185 4032 pciide - ok
    21:07:12.0216 4032 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
    21:07:12.0216 4032 pcmcia - ok
    21:07:12.0232 4032 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
    21:07:12.0232 4032 pcw - ok
    21:07:12.0248 4032 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
    21:07:12.0263 4032 PEAUTH - ok
    21:07:12.0310 4032 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
    21:07:12.0310 4032 PerfHost - ok
    21:07:12.0372 4032 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
    21:07:12.0404 4032 pla - ok
    21:07:12.0466 4032 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
    21:07:12.0482 4032 PlugPlay - ok
    21:07:12.0528 4032 Pml Driver HPZ12 (64ca1485214340cacc315ffdfded73ef) C:\Windows\system32\HPZipm12.dll
    21:07:12.0528 4032 Pml Driver HPZ12 - ok
    21:07:12.0591 4032 pnarp (fb83b6c62dff5abe36304351d2bed581) C:\Windows\system32\DRIVERS\pnarp.sys
    21:07:12.0591 4032 pnarp - ok
    21:07:12.0622 4032 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
    21:07:12.0638 4032 PNRPAutoReg - ok
    21:07:12.0653 4032 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
    21:07:12.0653 4032 PNRPsvc - ok
    21:07:12.0684 4032 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
    21:07:12.0684 4032 PolicyAgent - ok
    21:07:12.0731 4032 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
    21:07:12.0731 4032 Power - ok
    21:07:12.0762 4032 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
    21:07:12.0778 4032 PptpMiniport - ok
    21:07:12.0809 4032 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
    21:07:12.0809 4032 Processor - ok
    21:07:12.0856 4032 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
    21:07:12.0856 4032 ProfSvc - ok
    21:07:12.0903 4032 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    21:07:12.0903 4032 ProtectedStorage - ok
    21:07:12.0934 4032 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
    21:07:12.0934 4032 Psched - ok
    21:07:12.0981 4032 purendis (1b3434642ce3c26e6f24d3a76d749c2a) C:\Windows\system32\DRIVERS\purendis.sys
    21:07:12.0981 4032 purendis - ok
    21:07:13.0012 4032 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
    21:07:13.0012 4032 PxHlpa64 - ok
    21:07:13.0074 4032 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
    21:07:13.0106 4032 ql2300 - ok
    21:07:13.0152 4032 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
    21:07:13.0152 4032 ql40xx - ok
    21:07:13.0184 4032 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
    21:07:13.0199 4032 QWAVE - ok
    21:07:13.0215 4032 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
    21:07:13.0215 4032 QWAVEdrv - ok
    21:07:13.0230 4032 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
    21:07:13.0230 4032 RasAcd - ok
    21:07:13.0277 4032 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
    21:07:13.0277 4032 RasAgileVpn - ok
    21:07:13.0293 4032 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
    21:07:13.0293 4032 RasAuto - ok
    21:07:13.0340 4032 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
    21:07:13.0340 4032 Rasl2tp - ok
    21:07:13.0386 4032 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
    21:07:13.0402 4032 RasMan - ok
    21:07:13.0418 4032 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
    21:07:13.0418 4032 RasPppoe - ok
    21:07:13.0449 4032 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
    21:07:13.0449 4032 RasSstp - ok
    21:07:13.0480 4032 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
    21:07:13.0480 4032 rdbss - ok
    21:07:13.0496 4032 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
    21:07:13.0496 4032 rdpbus - ok
    21:07:13.0511 4032 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
    21:07:13.0511 4032 RDPCDD - ok
    21:07:13.0542 4032 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
    21:07:13.0542 4032 RDPENCDD - ok
    21:07:13.0574 4032 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
    21:07:13.0574 4032 RDPREFMP - ok
    21:07:13.0589 4032 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
    21:07:13.0589 4032 RDPWD - ok
    21:07:13.0620 4032 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
    21:07:13.0620 4032 rdyboost - ok
    21:07:13.0652 4032 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
    21:07:13.0667 4032 RemoteAccess - ok
    21:07:13.0698 4032 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
    21:07:13.0698 4032 RemoteRegistry - ok
    21:07:13.0745 4032 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
    21:07:13.0745 4032 RFCOMM - ok
    21:07:13.0761 4032 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
    21:07:13.0776 4032 RpcEptMapper - ok
    21:07:13.0792 4032 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
    21:07:13.0792 4032 RpcLocator - ok
    21:07:13.0839 4032 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
    21:07:13.0854 4032 RpcSs - ok
    21:07:13.0870 4032 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
    21:07:13.0870 4032 rspndr - ok
    21:07:13.0917 4032 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
    21:07:13.0932 4032 RTL8167 - ok
    21:07:13.0964 4032 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    21:07:13.0979 4032 SamSs - ok
    21:07:14.0010 4032 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
    21:07:14.0010 4032 sbp2port - ok
    21:07:14.0042 4032 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
    21:07:14.0042 4032 SCardSvr - ok
    21:07:14.0073 4032 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
    21:07:14.0073 4032 scfilter - ok
    21:07:14.0120 4032 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
    21:07:14.0151 4032 Schedule - ok
    21:07:14.0182 4032 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
    21:07:14.0182 4032 SCPolicySvc - ok
    21:07:14.0213 4032 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
    21:07:14.0213 4032 SDRSVC - ok
    21:07:14.0291 4032 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
    21:07:14.0291 4032 SeaPort - ok
    21:07:14.0338 4032 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    21:07:14.0338 4032 secdrv - ok
    21:07:14.0369 4032 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
    21:07:14.0369 4032 seclogon - ok
    21:07:14.0416 4032 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
    21:07:14.0416 4032 SENS - ok
    21:07:14.0432 4032 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
    21:07:14.0432 4032 SensrSvc - ok
    21:07:14.0447 4032 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
    21:07:14.0447 4032 Serenum - ok
    21:07:14.0494 4032 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
    21:07:14.0494 4032 Serial - ok
    21:07:14.0525 4032 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
    21:07:14.0525 4032 sermouse - ok
    21:07:14.0572 4032 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
    21:07:14.0572 4032 SessionEnv - ok
    21:07:14.0603 4032 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
    21:07:14.0603 4032 sffdisk - ok
    21:07:14.0619 4032 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
    21:07:14.0619 4032 sffp_mmc - ok
    21:07:14.0634 4032 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
    21:07:14.0634 4032 sffp_sd - ok
    21:07:14.0650 4032 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
    21:07:14.0650 4032 sfloppy - ok
    21:07:14.0697 4032 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
    21:07:14.0697 4032 SharedAccess - ok
    21:07:14.0744 4032 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
    21:07:14.0744 4032 ShellHWDetection - ok
    21:07:14.0759 4032 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
    21:07:14.0759 4032 SiSRaid2 - ok
    21:07:14.0775 4032 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
    21:07:14.0775 4032 SiSRaid4 - ok
    21:07:14.0790 4032 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
    21:07:14.0790 4032 Smb - ok
    21:07:14.0946 4032 SmcService (ad97b711074cf27da0c00f2c26e1a62c) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
    21:07:15.0009 4032 SmcService - ok
    21:07:15.0040 4032 SNAC (91bd8e268d93aaf5f59aac9de84a25bb) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
    21:07:15.0040 4032 SNAC - ok
    21:07:15.0087 4032 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
    21:07:15.0087 4032 SNMPTRAP - ok
    21:07:15.0102 4032 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
    21:07:15.0102 4032 spldr - ok
    21:07:15.0134 4032 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
    21:07:15.0149 4032 Spooler - ok
    21:07:15.0243 4032 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
    21:07:15.0305 4032 sppsvc - ok
    21:07:15.0336 4032 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
    21:07:15.0336 4032 sppuinotify - ok
    21:07:15.0383 4032 SRTSP (32900ac9cfdc578531279886ca16a4df) C:\Windows\system32\Drivers\SRTSP64.SYS
    21:07:15.0383 4032 SRTSP - ok
    21:07:15.0430 4032 SRTSPL (8929566d1f14685fd78eaf25bee3ecc7) C:\Windows\system32\Drivers\SRTSPL64.SYS
    21:07:15.0430 4032 SRTSPL - ok
    21:07:15.0461 4032 SRTSPX (cb2fdf47ee67f8cca5362ed9b94fe955) C:\Windows\system32\Drivers\SRTSPX64.SYS
    21:07:15.0461 4032 SRTSPX - ok
    21:07:15.0508 4032 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
    21:07:15.0508 4032 srv - ok
    21:07:15.0555 4032 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
    21:07:15.0555 4032 srv2 - ok
    21:07:15.0570 4032 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
    21:07:15.0570 4032 srvnet - ok
    21:07:15.0617 4032 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
    21:07:15.0617 4032 SSDPSRV - ok
    21:07:15.0648 4032 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
    21:07:15.0648 4032 SstpSvc - ok
    21:07:15.0711 4032 Steam Client Service - ok
    21:07:15.0726 4032 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
    21:07:15.0726 4032 stexstor - ok
    21:07:15.0758 4032 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
    21:07:15.0773 4032 stisvc - ok
    21:07:15.0804 4032 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
    21:07:15.0804 4032 swenum - ok
    21:07:15.0836 4032 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
    21:07:15.0836 4032 swprv - ok
    21:07:15.0929 4032 Symantec AntiVirus (ba2fb8f8ab24d0279caa98a4c118150e) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
    21:07:15.0945 4032 Symantec AntiVirus - ok
    21:07:15.0976 4032 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
    21:07:15.0976 4032 SymEvent - ok
    21:07:16.0038 4032 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
    21:07:16.0085 4032 SysMain - ok
    21:07:16.0116 4032 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
    21:07:16.0116 4032 TabletInputService - ok
    21:07:16.0163 4032 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
    21:07:16.0163 4032 TapiSrv - ok
    21:07:16.0179 4032 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
    21:07:16.0179 4032 TBS - ok
    21:07:16.0272 4032 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
    21:07:16.0304 4032 Tcpip - ok
    21:07:16.0366 4032 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
    21:07:16.0382 4032 TCPIP6 - ok
    21:07:16.0413 4032 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
    21:07:16.0413 4032 tcpipreg - ok
    21:07:16.0444 4032 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
    21:07:16.0444 4032 TDPIPE - ok
    21:07:16.0491 4032 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
    21:07:16.0491 4032 TDTCP - ok
    21:07:16.0538 4032 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
    21:07:16.0538 4032 tdx - ok
    21:07:16.0569 4032 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
    21:07:16.0569 4032 TermDD - ok
    21:07:16.0600 4032 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
    21:07:16.0616 4032 TermService - ok
    21:07:16.0631 4032 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
    21:07:16.0631 4032 Themes - ok
    21:07:16.0678 4032 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
    21:07:16.0678 4032 THREADORDER - ok
    21:07:16.0678 4032 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
    21:07:16.0694 4032 TrkWks - ok
    21:07:16.0725 4032 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
    21:07:16.0725 4032 TrustedInstaller - ok
    21:07:16.0756 4032 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
    21:07:16.0756 4032 tssecsrv - ok
    21:07:16.0818 4032 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
    21:07:16.0818 4032 TsUsbFlt - ok
    21:07:16.0881 4032 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
    21:07:16.0881 4032 tunnel - ok
    21:07:16.0896 4032 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
    21:07:16.0896 4032 uagp35 - ok
    21:07:16.0959 4032 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
    21:07:16.0959 4032 udfs - ok
    21:07:16.0990 4032 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
    21:07:16.0990 4032 UI0Detect - ok
    21:07:17.0006 4032 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
    21:07:17.0006 4032 uliagpkx - ok
    21:07:17.0052 4032 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
    21:07:17.0052 4032 umbus - ok
    21:07:17.0084 4032 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
    21:07:17.0084 4032 UmPass - ok
    21:07:17.0130 4032 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
    21:07:17.0130 4032 upnphost - ok
    21:07:17.0162 4032 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
    21:07:17.0162 4032 USBAAPL64 - ok
    21:07:17.0193 4032 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
    21:07:17.0193 4032 usbccgp - ok
    21:07:17.0224 4032 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
    21:07:17.0224 4032 usbcir - ok
    21:07:17.0240 4032 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
    21:07:17.0240 4032 usbehci - ok
    21:07:17.0271 4032 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
    21:07:17.0271 4032 usbhub - ok
    21:07:17.0286 4032 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
    21:07:17.0286 4032 usbohci - ok
    21:07:17.0318 4032 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
    21:07:17.0318 4032 usbprint - ok
    21:07:17.0364 4032 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
    21:07:17.0364 4032 usbscan - ok
    21:07:17.0380 4032 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    21:07:17.0380 4032 USBSTOR - ok
    21:07:17.0396 4032 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
    21:07:17.0396 4032 usbuhci - ok
    21:07:17.0411 4032 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
    21:07:17.0427 4032 UxSms - ok
    21:07:17.0458 4032 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
    21:07:17.0458 4032 VaultSvc - ok
    21:07:17.0505 4032 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
    21:07:17.0505 4032 vdrvroot - ok
    21:07:17.0552 4032 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
    21:07:17.0567 4032 vds - ok
    21:07:17.0598 4032 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
    21:07:17.0598 4032 vga - ok
    21:07:17.0645 4032 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
    21:07:17.0645 4032 VgaSave - ok
    21:07:17.0692 4032 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
    21:07:17.0692 4032 vhdmp - ok
    21:07:17.0723 4032 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
    21:07:17.0723 4032 viaide - ok
    21:07:17.0723 4032 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
    21:07:17.0723 4032 volmgr - ok
    21:07:17.0770 4032 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
    21:07:17.0786 4032 volmgrx - ok
    21:07:17.0801 4032 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
    21:07:17.0817 4032 volsnap - ok
    21:07:17.0832 4032 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
    21:07:17.0832 4032 vsmraid - ok
    21:07:17.0879 4032 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
    21:07:17.0926 4032 VSS - ok
    21:07:17.0942 4032 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
    21:07:17.0942 4032 vwifibus - ok
    21:07:17.0973 4032 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
    21:07:17.0988 4032 W32Time - ok
    21:07:17.0988 4032 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
    21:07:18.0004 4032 WacomPen - ok
    21:07:18.0035 4032 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    21:07:18.0035 4032 WANARP - ok
    21:07:18.0035 4032 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
    21:07:18.0035 4032 Wanarpv6 - ok
    21:07:18.0113 4032 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
    21:07:18.0129 4032 WatAdminSvc - ok
    21:07:18.0191 4032 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
    21:07:18.0222 4032 wbengine - ok
    21:07:18.0254 4032 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
    21:07:18.0254 4032 WbioSrvc - ok
    21:07:18.0300 4032 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
    21:07:18.0300 4032 wcncsvc - ok
    21:07:18.0332 4032 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
    21:07:18.0332 4032 WcsPlugInService - ok
    21:07:18.0347 4032 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
    21:07:18.0347 4032 Wd - ok
    21:07:18.0378 4032 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
    21:07:18.0394 4032 Wdf01000 - ok
    21:07:18.0394 4032 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    21:07:18.0410 4032 WdiServiceHost - ok
    21:07:18.0410 4032 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
    21:07:18.0410 4032 WdiSystemHost - ok
    21:07:18.0441 4032 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
    21:07:18.0456 4032 WebClient - ok
    21:07:18.0472 4032 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
    21:07:18.0488 4032 Wecsvc - ok
    21:07:18.0503 4032 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
    21:07:18.0503 4032 wercplsupport - ok
    21:07:18.0534 4032 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
    21:07:18.0534 4032 WerSvc - ok
    21:07:18.0566 4032 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
    21:07:18.0566 4032 WfpLwf - ok
    21:07:18.0597 4032 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
    21:07:18.0597 4032 WIMMount - ok
    21:07:18.0690 4032 WinDefend - ok
    21:07:18.0690 4032 WinHttpAutoProxySvc - ok
    21:07:18.0753 4032 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
    21:07:18.0768 4032 Winmgmt - ok
    21:07:18.0831 4032 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
    21:07:18.0878 4032 WinRM - ok
    21:07:18.0924 4032 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
    21:07:18.0924 4032 WinUsb - ok
    21:07:18.0987 4032 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
    21:07:19.0002 4032 Wlansvc - ok
    21:07:19.0127 4032 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    21:07:19.0174 4032 wlidsvc - ok
    21:07:19.0205 4032 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
    21:07:19.0205 4032 WmiAcpi - ok
    21:07:19.0252 4032 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
    21:07:19.0252 4032 wmiApSrv - ok
    21:07:19.0283 4032 WMPNetworkSvc - ok
    21:07:19.0330 4032 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
    21:07:19.0330 4032 WPCSvc - ok
    21:07:19.0377 4032 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
    21:07:19.0377 4032 WPDBusEnum - ok
    21:07:19.0408 4032 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
    21:07:19.0408 4032 ws2ifsl - ok
    21:07:19.0470 4032 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
    21:07:19.0486 4032 wscsvc - ok
    21:07:19.0486 4032 WSearch - ok
    21:07:19.0580 4032 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
    21:07:19.0626 4032 wuauserv - ok
    21:07:19.0658 4032 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
    21:07:19.0658 4032 WudfPf - ok
    21:07:19.0689 4032 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
    21:07:19.0689 4032 WUDFRd - ok
    21:07:19.0720 4032 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
    21:07:19.0720 4032 wudfsvc - ok
    21:07:19.0751 4032 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
    21:07:19.0751 4032 WwanSvc - ok
    21:07:19.0782 4032 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
    21:07:19.0860 4032 \Device\Harddisk0\DR0 - ok
    21:07:19.0860 4032 Boot (0x1200) (64d62d7edf746ce3c8ec88750a07cfc6) \Device\Harddisk0\DR0\Partition0
    21:07:19.0860 4032 \Device\Harddisk0\DR0\Partition0 - ok
    21:07:19.0876 4032 Boot (0x1200) (837166823f8125234e9447aedcc86f9b) \Device\Harddisk0\DR0\Partition1
    21:07:19.0876 4032 \Device\Harddisk0\DR0\Partition1 - ok
    21:07:19.0876 4032 ============================================================
    21:07:19.0876 4032 Scan finished
    21:07:19.0876 4032 ============================================================
    21:07:19.0907 4660 Detected object count: 0
    21:07:19.0907 4660 Actual detected object count: 0
     
  13. Broni

    Broni Malware Annihilator Posts: 48,045   +271

    There is absolutely nothing malicious in your logs.

    I still suspect your router.
    Possibly you didn't reset it correctly.

    Let's try again....

    Go Start>Run (Start search in Vista), type in:
    cmd
    Click OK (Vista and Windows 7 users: while holding CTRL, and SHIFT, press Enter).

    In Command Prompt window, type in following commands, and hit Enter after each one:
    ipconfig /flushdns
    ipconfig /registerdns
    ipconfig /release
    ipconfig /renew
    net stop "dns client"
    net start "dns client"


    Turn the computer off.

    On your router, you'll find a pinhole marked "Reset".
    Keep pushing the hole, using a pencil, or a paperclip until all lights briefly come off and on.
    NOTE. Simple router disconnecting from a power source will NOT do.
    Restart computer and check for redirections.

    NOTE. You may need to re-check your router security settings, as described HERE
     
  14. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    Will do. Shall report back later.
     
  15. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    I completely restored the factory settings on the router. Had to call the phone company to get back online.

    Then I was promptly redirected to "Get-Answers-Fast.com" as I tried to navigate to these forums.
     
  16. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    I have noticed something else, which I don't understand. When I am online there is a bookmark called .AppleSyncInfo. that appers. It is pinned to my favorites bar. It also appears at the bottom of every folder I have. Like, in my favorites settings I have folders of webpages bookmarked for Movies, Authors, News, etc. .AppleSyncInfo currently appears at the bottom of every folder. I don't know what that means....
     
  17. Broni

    Broni Malware Annihilator Posts: 48,045   +271

    Please download SystemLook from one of the links below and save it to your Desktop.
    Download Mirror #1
    Download Mirror #2

    64-bit users go HERE
    • Double-click SystemLook.exe to run it.
    • Vista users:: Right click on SystemLook.exe, click Run As Administrator
    • Copy the content of the following box and paste it into the main textfield:
      Code:
      :reg
      HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes /s
      HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes /s
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes /s
      
    • Click the Look button to start the scan.
    • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
    Note: The log can also be found on your Desktop entitled SystemLook.txt
     
  18. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    Wow, I had an incredibly difficult time just getting to the forums this evening. Neither Google search nor Yahoo were working. I would do a search for "Techspot" and that worked fine. But when I would try to navigate to the site, either I kept getting a "502 Bad Gateway" error or I would click the link and nothing would happen at all. I tried both Internet Explorer and Firefox and both had the same issues. Occasionally I would also get redirected.
    My internet appears to be working fine otherwise. But getting HERE took something like 15-20 attempts. A couple of times I made it to the homepage, but then trying to get to the Forums failed.
    I'm just posting this to let you know what's happening. I'm trying to do the SystemLook now.
     
  19. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    SystemLook 30.07.11 by jpshortstuff
    Log created at 18:35 on 19/04/2012 by mmcook
    Administrator - Elevation successful
    ========== reg ==========
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
    "DownloadRetries"= 0x0000000000 (0)
    "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
    "DownloadUpdates"= 0x0000000000 (0)
    "UpgradeTime"=b7 fb 4d 37 5a ec cc 01 (REG_BINARY)
    "Version"= 0x0000000003 (3)
    "KnownProvidersUpgradeTime"=b7 fb 4d 37 5a ec cc 01 (REG_BINARY)
    "ShowSearchSuggestionsInAddressGlobal"= 0x0000000000 (0)
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
    "FaviconPath"="C:\Users\mmcook\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico"
    "FaviconURLFallback"="http://www.bing.com/favicon.ico"
    "SuggestionsURLFallback"="http://api.bing.com/qsml.aspx?query...e:sectionHeight}&FORM=IE8SSC&market={language}"
    "URL"="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
    "TopResultURLFallback"="http://www.bing.com/search?q={searchTerms}&src=ie9tr"
    "DisplayName"="Bing"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{32E253B0-7E13-47A1-B5C5-FC1AF4587271}]
    "FaviconPath"="C:\Users\mmcook\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{32E253B0-7E13-47A1-B5C5-FC1AF4587271}.ico"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]
    "DefaultScope"="{C97B4257-6230-4F12-9EAD-229E009A1BF8}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{C97B4257-6230-4F12-9EAD-229E009A1BF8}]
    "DisplayName"="Bing"
    "URL"="http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox"
    "ShowSearchSuggestions"= 0x0000000001 (1)
    "FaviconURL"="http://www.bing.com/favicon.ico"
    "SuggestionsURL"="http://api.bing.com/qsml.aspx?query...e:sectionHeight}&FORM=IE8SSC&market={Language}"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
    "DefaultScope"="{C97B4257-6230-4F12-9EAD-229E009A1BF8}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C97B4257-6230-4F12-9EAD-229E009A1BF8}]
    "DisplayName"="Bing"
    "URL"="http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox"
    "ShowSearchSuggestions"= 0x0000000001 (1)
    "FaviconURL"="http://www.bing.com/favicon.ico"
    "SuggestionsURL"="http://api.bing.com/qsml.aspx?query...e:sectionHeight}&FORM=IE8SSC&market={Language}"

    -= EOF =-
     
  20. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    I'm also getting some occasional page loading errors where the whole formatting of the webpage is off/distorted.
     
  21. Broni

    Broni Malware Annihilator Posts: 48,045   +271

    It was an issue with this board.
    I couldn't get on for a while.
    All looks normal now.
     
  22. Broni

    Broni Malware Annihilator Posts: 48,045   +271

    As for your issue....I'm out of tools and ideas.

    There is nothing malicious there.

    One more try....

    Restart computer in Safe Mode with Networking and see if it happens there as well.
     
  23. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    Well that's...distressing? It's definitely still happening.

    I tried safe mode with networking. As before, I could establish no internet in Safe mode. The only slight difference was that this time, the first time I tried to go online in safe mode, the Yahoo homepage actually loaded. But then when I tried to do anything, I was told Internet explorer could not establish the connection. After that, it wouldn't even load the homepage anymore. Firefox would not load either.
     
  24. Broni

    Broni Malware Annihilator Posts: 48,045   +271

    Please click HERE to download Kaspersky Virus Removal Tool.

    • Double click on the file you just downloaded and let it install.
    • It will install to your desktop (be patient; it may take a while).
    • Accept license agreement and click "Start" button.
    • Click on Settings button [​IMG]
      • In Scan scope leave pre-checked items as they're and also checkmark My Computer
      • In Actions checkmark Select action: (disinfect; delete if disinfection fails) instead of preselected Prompt on detection
    • Click on Automatic Scan tab and then click on Start scanning button.
    • Before it is done it may prompt for action regardless of the setting so choose delete if prompted.
    • When the scan is done NO log will be produced.
    • Click on Report button [​IMG] then on Automatic Scan report tab.
    • Right click anywhere within right pane, click Select All then right click again and click Copy.
    • This will copy the items that it found to the clipboard you can then open notepad (go to start then run then type in notepad) and choose paste to paste the contents into Notepad.
    • You can save this on the desktop.
    • Post the contents of the document in your next reply.
     
  25. mmcook

    mmcook TS Rookie Topic Starter Posts: 75

    I am having some trouble downloading this.
    The first time it seemed like everything was working properly. The file downloaded and I saved it to the desktop. When I tried to run it, however, I got several error messages stating "There is a problem with your ContentWatch installation. Please uninstall and reinstall the program." This popped up several times.
    Then when I tried to run it, the program hung up and froze. "Not responding"
    I had to reboot the computer. I received several more "There is a problem with your ContentWatch installation" errors on reboot.
    I then tried to start over by deleting the Kaspersky icon on the desktop, planning to do a new one.
    But now I can't seem to download a new one. When I click on the download link, nothing happens. Just nothing.

    I rebooted again, but still am unable to download the program. I don't understand why the link is no longer working, though I'm sure it's something I did....
     


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.