Solved Svchost.exe (Trojan.agent) Malwarebytes cannot remove/system crashing

[mmcook]

I'm afraid I'm still experiencing redirects.

 

[Broni]

Post new aswMBR log.

 

[mmcook]

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-04-18 19:24:00
-----------------------------
19:24:00.869 OS Version: Windows x64 6.1.7601 Service Pack 1
19:24:00.869 Number of processors: 2 586 0x170A
19:24:00.869 ComputerName: COOK-HOME UserName: mmcook
19:24:01.992 Initialize success
19:28:08.228 AVAST engine defs: 12041802
19:28:18.883 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
19:28:18.883 Disk 0 Vendor: WDC_WD6400AAKS-75A7B2 01.03B01 Size: 610480MB BusType: 3
19:28:18.899 Disk 0 MBR read successfully
19:28:18.899 Disk 0 MBR scan
19:28:18.914 Disk 0 Windows 7 default MBR code
19:28:18.914 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 54 MB offset 63
19:28:18.914 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 7918 MB offset 112640
19:28:18.930 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 602506 MB offset 16328704
19:28:18.946 Disk 0 scanning C:\Windows\system32\drivers
19:28:26.590 Service scanning
19:28:44.405 Modules scanning
19:28:44.405 Disk 0 trace - called modules:
19:28:44.436 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
19:28:44.436 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048e86f0]
19:28:44.452 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa800396ce40]
19:28:44.452 5 ACPI.sys[fffff88000f457a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004459060]
19:28:45.965 AVAST engine scan C:\Windows
19:28:49.038 AVAST engine scan C:\Windows\system32
19:30:59.086 AVAST engine scan C:\Windows\system32\drivers
19:31:08.399 AVAST engine scan C:\Users\mmcook
19:34:40.138 AVAST engine scan C:\ProgramData
19:36:59.821 Scan finished successfully
19:38:08.586 Disk 0 MBR has been saved successfully to "C:\Users\mmcook\Desktop\MBR.dat"
19:38:08.601 The log file has been saved successfully to "C:\Users\mmcook\Desktop\aswMBR(3).txt"

 

[Broni]

Zip MBR.dat file and attach it to your next reply.
The file is on your desktop.

 

[mmcook]

Not sure what you mean by Zip. When I try to open the file it tells me Windows can't open it and needs to know what program to use to open it.

 

[mmcook]

Is this what you meant?

 

[Broni]

Yes. Hold on....

 

[Broni]

MBR is clean.

Download TDSSKiller and save it to your desktop.

• Extract (unzip) its contents to your desktop.
• Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

[mmcook]

Can I use the TDSSKiller that is already on the desktop or do I need to download a new one?

 

[Broni]

It's better to delete your file and download fresh one.

 

[mmcook]

Got it. Says no threats found

(Part 1)

21:06:40.0953 5104 TDSS rootkit removing tool 2.7.29.0 Apr 18 2012 16:44:20
21:06:42.0981 5104 ============================================================
21:06:42.0981 5104 Current date / time: 2012/04/18 21:06:42.0981
21:06:42.0981 5104 SystemInfo:
21:06:42.0981 5104
21:06:42.0981 5104 OS Version: 6.1.7601 ServicePack: 1.0
21:06:42.0981 5104 Product type: Workstation
21:06:42.0981 5104 ComputerName: COOK-HOME
21:06:42.0981 5104 UserName: mmcook
21:06:42.0981 5104 Windows directory: C:\Windows
21:06:42.0981 5104 System windows directory: C:\Windows
21:06:42.0981 5104 Running under WOW64
21:06:42.0981 5104 Processor architecture: Intel x64
21:06:42.0981 5104 Number of processors: 2
21:06:42.0981 5104 Page size: 0x1000
21:06:42.0981 5104 Boot type: Normal boot
21:06:42.0981 5104 ============================================================
21:06:43.0683 5104 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:06:43.0745 5104 \Device\Harddisk0\DR0:
21:06:43.0745 5104 MBR partitions:
21:06:43.0745 5104 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0xF77000
21:06:43.0745 5104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xF92800, BlocksNum 0x498C5000
21:06:43.0761 5104 C: <-> \Device\Harddisk0\DR0\Partition1
21:06:43.0761 5104 Initialize success
21:06:43.0761 5104 ============================================================
21:06:59.0423 4032 ============================================================
21:06:59.0423 4032 Scan started
21:06:59.0423 4032 Mode: Manual;
21:06:59.0423 4032 ============================================================
21:07:00.0172 4032 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:07:00.0188 4032 1394ohci - ok
21:07:00.0281 4032 ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
21:07:00.0281 4032 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
21:07:00.0344 4032 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:07:00.0344 4032 ACPI - ok
21:07:00.0390 4032 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:07:00.0390 4032 AcpiPmi - ok
21:07:00.0500 4032 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:07:00.0515 4032 AdobeFlashPlayerUpdateSvc - ok
21:07:00.0562 4032 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
21:07:00.0578 4032 adp94xx - ok
21:07:00.0624 4032 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
21:07:00.0624 4032 adpahci - ok
21:07:00.0640 4032 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
21:07:00.0640 4032 adpu320 - ok
21:07:00.0656 4032 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
21:07:00.0656 4032 AeLookupSvc - ok
21:07:00.0734 4032 AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
21:07:00.0734 4032 AERTFilters - ok
21:07:00.0780 4032 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
21:07:00.0780 4032 AFD - ok
21:07:00.0812 4032 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:07:00.0812 4032 agp440 - ok
21:07:00.0858 4032 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
21:07:00.0858 4032 ALG - ok
21:07:00.0890 4032 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:07:00.0890 4032 aliide - ok
21:07:00.0921 4032 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:07:00.0921 4032 amdide - ok
21:07:00.0921 4032 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
21:07:00.0921 4032 AmdK8 - ok
21:07:00.0968 4032 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
21:07:00.0968 4032 AmdPPM - ok
21:07:01.0014 4032 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:07:01.0014 4032 amdsata - ok
21:07:01.0046 4032 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
21:07:01.0046 4032 amdsbs - ok
21:07:01.0061 4032 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:07:01.0061 4032 amdxata - ok
21:07:01.0124 4032 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:07:01.0124 4032 AppID - ok
21:07:01.0155 4032 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
21:07:01.0155 4032 AppIDSvc - ok
21:07:01.0202 4032 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
21:07:01.0202 4032 Appinfo - ok
21:07:01.0295 4032 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:07:01.0295 4032 Apple Mobile Device - ok
21:07:01.0342 4032 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
21:07:01.0342 4032 arc - ok
21:07:01.0373 4032 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
21:07:01.0373 4032 arcsas - ok
21:07:01.0389 4032 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:07:01.0389 4032 AsyncMac - ok
21:07:01.0436 4032 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:07:01.0436 4032 atapi - ok
21:07:01.0482 4032 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:07:01.0514 4032 AudioEndpointBuilder - ok
21:07:01.0529 4032 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
21:07:01.0545 4032 AudioSrv - ok
21:07:01.0592 4032 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
21:07:01.0592 4032 AxInstSV - ok
21:07:01.0623 4032 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
21:07:01.0638 4032 b06bdrv - ok
21:07:01.0670 4032 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:07:01.0670 4032 b57nd60a - ok
21:07:01.0763 4032 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
21:07:01.0763 4032 BBSvc - ok
21:07:01.0826 4032 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
21:07:01.0826 4032 BDESVC - ok
21:07:01.0841 4032 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:07:01.0841 4032 Beep - ok
21:07:01.0919 4032 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
21:07:01.0935 4032 BFE - ok
21:07:01.0966 4032 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
21:07:01.0982 4032 BITS - ok
21:07:02.0013 4032 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:07:02.0013 4032 blbdrive - ok
21:07:02.0091 4032 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
21:07:02.0106 4032 Bonjour Service - ok
21:07:02.0138 4032 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:07:02.0138 4032 bowser - ok
21:07:02.0169 4032 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:07:02.0169 4032 BrFiltLo - ok
21:07:02.0184 4032 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:07:02.0184 4032 BrFiltUp - ok
21:07:02.0231 4032 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
21:07:02.0247 4032 BridgeMP - ok
21:07:02.0278 4032 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
21:07:02.0278 4032 Browser - ok
21:07:02.0309 4032 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:07:02.0309 4032 Brserid - ok
21:07:02.0325 4032 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:07:02.0325 4032 BrSerWdm - ok
21:07:02.0340 4032 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:07:02.0340 4032 BrUsbMdm - ok
21:07:02.0356 4032 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:07:02.0356 4032 BrUsbSer - ok
21:07:02.0403 4032 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
21:07:02.0403 4032 BthEnum - ok
21:07:02.0434 4032 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
21:07:02.0434 4032 BTHMODEM - ok
21:07:02.0481 4032 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
21:07:02.0481 4032 BthPan - ok
21:07:02.0543 4032 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
21:07:02.0559 4032 BTHPORT - ok
21:07:02.0606 4032 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
21:07:02.0606 4032 bthserv - ok
21:07:02.0637 4032 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
21:07:02.0652 4032 BTHUSB - ok
21:07:02.0684 4032 BVRPMPR5a64 (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
21:07:02.0684 4032 BVRPMPR5a64 - ok
21:07:02.0699 4032 catchme - ok
21:07:02.0777 4032 ccEvtMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
21:07:02.0777 4032 ccEvtMgr - ok
21:07:02.0793 4032 ccSetMgr (27d036fb3d22ca8a6662fe960d1a937d) C:\Program Files (x86)\Common Files\Symantec Shared\ccSvcHst.exe
21:07:02.0793 4032 ccSetMgr - ok
21:07:02.0840 4032 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:07:02.0840 4032 cdfs - ok
21:07:02.0933 4032 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
21:07:02.0949 4032 cdrom - ok
21:07:02.0996 4032 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:07:02.0996 4032 CertPropSvc - ok
21:07:03.0011 4032 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
21:07:03.0011 4032 circlass - ok
21:07:03.0042 4032 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:07:03.0042 4032 CLFS - ok
21:07:03.0089 4032 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:07:03.0105 4032 clr_optimization_v2.0.50727_32 - ok
21:07:03.0136 4032 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:07:03.0136 4032 clr_optimization_v2.0.50727_64 - ok
21:07:03.0214 4032 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:07:03.0214 4032 clr_optimization_v4.0.30319_32 - ok
21:07:03.0261 4032 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:07:03.0261 4032 clr_optimization_v4.0.30319_64 - ok
21:07:03.0292 4032 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
21:07:03.0292 4032 CmBatt - ok
21:07:03.0339 4032 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:07:03.0339 4032 cmdide - ok
21:07:03.0370 4032 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:07:03.0386 4032 CNG - ok
21:07:03.0401 4032 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
21:07:03.0401 4032 Compbatt - ok
21:07:03.0448 4032 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
21:07:03.0464 4032 CompositeBus - ok
21:07:03.0479 4032 COMSysApp - ok
21:07:03.0510 4032 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
21:07:03.0510 4032 crcdisk - ok
21:07:03.0542 4032 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
21:07:03.0542 4032 CryptSvc - ok
21:07:03.0604 4032 ctxusbm (ba8e5b2291c01ef71ca80e25f0c79d55) C:\Windows\system32\DRIVERS\ctxusbm.sys
21:07:03.0604 4032 ctxusbm - ok
21:07:03.0744 4032 CwAltaService20 (b183a2b73a702d4516ff262961f171d6) C:\Program Files (x86)\ContentWatch\Internet Protection\cwsvc.exe
21:07:03.0760 4032 CwAltaService20 - ok
21:07:03.0791 4032 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
21:07:03.0807 4032 DcomLaunch - ok
21:07:03.0838 4032 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
21:07:03.0838 4032 defragsvc - ok
21:07:03.0885 4032 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:07:03.0885 4032 DfsC - ok
21:07:03.0932 4032 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
21:07:03.0947 4032 Dhcp - ok
21:07:03.0978 4032 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:07:03.0978 4032 discache - ok
21:07:04.0010 4032 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
21:07:04.0010 4032 Disk - ok
21:07:04.0041 4032 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
21:07:04.0056 4032 Dnscache - ok
21:07:04.0134 4032 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
21:07:04.0134 4032 DockLoginService - ok
21:07:04.0166 4032 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
21:07:04.0181 4032 dot3svc - ok
21:07:04.0212 4032 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
21:07:04.0212 4032 DPS - ok
21:07:04.0259 4032 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:07:04.0259 4032 drmkaud - ok
21:07:04.0322 4032 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:07:04.0337 4032 DXGKrnl - ok
21:07:04.0368 4032 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
21:07:04.0384 4032 EapHost - ok
21:07:04.0479 4032 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
21:07:04.0541 4032 ebdrv - ok
21:07:04.0619 4032 eeCtrl (0c3f9eff8ddd9f9eb56d754b4620155f) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
21:07:04.0635 4032 eeCtrl - ok
21:07:04.0666 4032 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
21:07:04.0666 4032 EFS - ok
21:07:04.0728 4032 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
21:07:04.0744 4032 ehRecvr - ok
21:07:04.0775 4032 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
21:07:04.0775 4032 ehSched - ok
21:07:04.0822 4032 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
21:07:04.0837 4032 elxstor - ok
21:07:04.0931 4032 EPSON_EB_RPCV4_04 (7db097f4f6786307168c0dddec43a565) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
21:07:04.0931 4032 EPSON_EB_RPCV4_04 - ok
21:07:04.0978 4032 EPSON_PM_RPCV4_04 (258aa65a0862e19b7de6981fda3758ad) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
21:07:04.0978 4032 EPSON_PM_RPCV4_04 - ok
21:07:05.0025 4032 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:07:05.0025 4032 ErrDev - ok
21:07:05.0071 4032 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
21:07:05.0071 4032 EventSystem - ok
21:07:05.0118 4032 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:07:05.0118 4032 exfat - ok
21:07:05.0149 4032 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:07:05.0149 4032 fastfat - ok
21:07:05.0212 4032 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
21:07:05.0227 4032 Fax - ok
21:07:05.0243 4032 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
21:07:05.0243 4032 fdc - ok
21:07:05.0259 4032 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
21:07:05.0259 4032 fdPHost - ok
21:07:05.0274 4032 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
21:07:05.0274 4032 FDResPub - ok
21:07:05.0290 4032 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:07:05.0290 4032 FileInfo - ok
21:07:05.0305 4032 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:07:05.0305 4032 Filetrace - ok
21:07:05.0383 4032 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:07:05.0399 4032 FLEXnet Licensing Service - ok
21:07:05.0415 4032 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
21:07:05.0415 4032 flpydisk - ok
21:07:05.0446 4032 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:07:05.0446 4032 FltMgr - ok
21:07:05.0493 4032 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
21:07:05.0524 4032 FontCache - ok
21:07:05.0571 4032 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:07:05.0571 4032 FontCache3.0.0.0 - ok
21:07:05.0680 4032 FreeAgentGoNext Service (07af7870abf051ebbae8a8a92ff34abe) C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
21:07:05.0680 4032 FreeAgentGoNext Service - ok
21:07:05.0711 4032 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:07:05.0711 4032 FsDepends - ok
21:07:05.0773 4032 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
21:07:05.0773 4032 fssfltr - ok
21:07:05.0851 4032 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:07:05.0898 4032 fsssvc - ok
21:07:05.0929 4032 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
21:07:05.0929 4032 Fs_Rec - ok
21:07:05.0961 4032 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:07:05.0976 4032 fvevol - ok
21:07:06.0007 4032 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
21:07:06.0007 4032 gagp30kx - ok
21:07:06.0054 4032 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:07:06.0070 4032 GEARAspiWDM - ok
21:07:06.0148 4032 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
21:07:06.0148 4032 GoToAssist - ok
21:07:06.0195 4032 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
21:07:06.0210 4032 gpsvc - ok
21:07:06.0241 4032 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:07:06.0241 4032 hcw85cir - ok
21:07:06.0288 4032 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
21:07:06.0288 4032 HdAudAddService - ok
21:07:06.0335 4032 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
21:07:06.0335 4032 HDAudBus - ok
21:07:06.0351 4032 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
21:07:06.0351 4032 HidBatt - ok
21:07:06.0366 4032 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
21:07:06.0366 4032 HidBth - ok
21:07:06.0382 4032 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
21:07:06.0382 4032 HidIr - ok
21:07:06.0413 4032 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
21:07:06.0413 4032 hidserv - ok
21:07:06.0460 4032 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:07:06.0460 4032 HidUsb - ok
21:07:06.0491 4032 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
21:07:06.0491 4032 hkmsvc - ok
21:07:06.0522 4032 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
21:07:06.0522 4032 HomeGroupListener - ok
21:07:06.0569 4032 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
21:07:06.0569 4032 HomeGroupProvider - ok
21:07:06.0616 4032 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:07:06.0616 4032 HpSAMD - ok
21:07:06.0663 4032 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:07:06.0678 4032 HTTP - ok
21:07:06.0725 4032 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:07:06.0725 4032 hwpolicy - ok
21:07:06.0772 4032 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:07:06.0772 4032 i8042prt - ok
21:07:06.0803 4032 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:07:06.0803 4032 iaStorV - ok
21:07:06.0912 4032 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:07:06.0912 4032 IDriverT - ok
21:07:06.0990 4032 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:07:07.0021 4032 idsvc - ok
21:07:07.0146 4032 igfx (24cc43ecdeefd4c19fbbee4951b647f1) C:\Windows\system32\DRIVERS\igdkmd64.sys
21:07:07.0255 4032 igfx - ok
21:07:07.0287 4032 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
21:07:07.0287 4032 iirsp - ok
21:07:07.0349 4032 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
21:07:07.0380 4032 IKEEXT - ok
21:07:07.0474 4032 IntcAzAudAddService (dab7318ccfa8081200d5b7b486793f74) C:\Windows\system32\drivers\RTKVHD64.sys
21:07:07.0536 4032 IntcAzAudAddService - ok
21:07:07.0568 4032 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:07:07.0568 4032 intelide - ok
21:07:07.0614 4032 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:07:07.0614 4032 intelppm - ok
21:07:07.0646 4032 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
21:07:07.0646 4032 IPBusEnum - ok
21:07:07.0677 4032 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:07:07.0677 4032 IpFilterDriver - ok
21:07:07.0739 4032 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
21:07:07.0755 4032 iphlpsvc - ok
21:07:07.0786 4032 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:07:07.0786 4032 IPMIDRV - ok
21:07:07.0833 4032 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:07:07.0833 4032 IPNAT - ok
21:07:07.0958 4032 iPod Service (4472c8825b5e41d8697d5962f47ab1c9) C:\Program Files\iPod\bin\iPodService.exe
21:07:07.0973 4032 iPod Service - ok
21:07:08.0129 4032 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:07:08.0129 4032 IRENUM - ok
21:07:08.0145 4032 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:07:08.0145 4032 isapnp - ok
21:07:08.0192 4032 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:07:08.0207 4032 iScsiPrt - ok
21:07:08.0223 4032 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
21:07:08.0223 4032 kbdclass - ok
21:07:08.0254 4032 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
21:07:08.0254 4032 kbdhid - ok
21:07:08.0301 4032 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:07:08.0301 4032 KeyIso - ok
21:07:08.0332 4032 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:07:08.0332 4032 KSecDD - ok
21:07:08.0363 4032 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:07:08.0379 4032 KSecPkg - ok
21:07:08.0394 4032 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:07:08.0394 4032 ksthunk - ok
21:07:08.0441 4032 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
21:07:08.0441 4032 KtmRm - ok
21:07:08.0488 4032 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
21:07:08.0504 4032 LanmanServer - ok
21:07:08.0535 4032 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
21:07:08.0535 4032 LanmanWorkstation - ok
21:07:08.0675 4032 LiveUpdate (e34152d03caaaaa81dd66d803f392522) C:\PROGRA~2\Symantec\LIVEUP~1\LUCOMS~1.EXE
21:07:08.0738 4032 LiveUpdate - ok
21:07:08.0753 4032 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:07:08.0753 4032 lltdio - ok
21:07:08.0800 4032 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
21:07:08.0800 4032 lltdsvc - ok
21:07:08.0831 4032 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
21:07:08.0847 4032 lmhosts - ok
21:07:08.0878 4032 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
21:07:08.0878 4032 LSI_FC - ok
21:07:08.0925 4032 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
21:07:08.0925 4032 LSI_SAS - ok
21:07:08.0940 4032 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:07:08.0940 4032 LSI_SAS2 - ok
21:07:08.0956 4032 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:07:08.0956 4032 LSI_SCSI - ok
21:07:08.0972 4032 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:07:08.0972 4032 luafv - ok
21:07:09.0034 4032 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
21:07:09.0034 4032 McciCMService - ok
21:07:09.0112 4032 McciCMService64 (859e5a32485178daeca06b52e2bb44b2) C:\Program Files\Common Files\Motive\McciCMService.exe
21:07:09.0112 4032 McciCMService64 - ok
21:07:09.0143 4032 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
21:07:09.0159 4032 Mcx2Svc - ok
21:07:09.0190 4032 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
21:07:09.0190 4032 megasas - ok
21:07:09.0206 4032 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
21:07:09.0206 4032 MegaSR - ok
21:07:09.0284 4032 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:07:09.0284 4032 Microsoft Office Groove Audit Service - ok
21:07:09.0346 4032 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:07:09.0346 4032 MMCSS - ok
21:07:09.0362 4032 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:07:09.0362 4032 Modem - ok
21:07:09.0408 4032 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:07:09.0408 4032 monitor - ok
21:07:09.0455 4032 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
21:07:09.0455 4032 mouclass - ok
21:07:09.0486 4032 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:07:09.0486 4032 mouhid - ok
21:07:09.0518 4032 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:07:09.0533 4032 mountmgr - ok
21:07:09.0564 4032 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:07:09.0564 4032 mpio - ok
21:07:09.0596 4032 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:07:09.0596 4032 mpsdrv - ok
21:07:09.0674 4032 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
21:07:09.0689 4032 MpsSvc - ok
21:07:09.0752 4032 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS
21:07:09.0752 4032 MREMP50 - ok
21:07:09.0814 4032 MREMP50a64 - ok
21:07:09.0814 4032 MREMPR5 - ok
21:07:09.0830 4032 MRENDIS5 - ok
21:07:09.0845 4032 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS
21:07:09.0845 4032 MRESP50 - ok
21:07:09.0861 4032 MRESP50a64 - ok
21:07:09.0908 4032 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:07:09.0908 4032 MRxDAV - ok
21:07:09.0939 4032 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:07:09.0939 4032 mrxsmb - ok
21:07:09.0986 4032 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:07:10.0001 4032 mrxsmb10 - ok
21:07:10.0017 4032 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:07:10.0017 4032 mrxsmb20 - ok
21:07:10.0064 4032 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:07:10.0064 4032 msahci - ok
21:07:10.0095 4032 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:07:10.0095 4032 msdsm - ok
21:07:10.0142 4032 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
21:07:10.0142 4032 MSDTC - ok
21:07:10.0188 4032 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:07:10.0188 4032 Msfs - ok
21:07:10.0220 4032 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:07:10.0220 4032 mshidkmdf - ok
21:07:10.0266 4032 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:07:10.0266 4032 msisadrv - ok
21:07:10.0298 4032 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
21:07:10.0298 4032 MSiSCSI - ok
21:07:10.0313 4032 msiserver - ok

 

[mmcook]

(part 2)


21:07:10.0344 4032 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:07:10.0344 4032 MSKSSRV - ok
21:07:10.0376 4032 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:07:10.0376 4032 MSPCLOCK - ok
21:07:10.0407 4032 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:07:10.0407 4032 MSPQM - ok
21:07:10.0438 4032 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:07:10.0454 4032 MsRPC - ok
21:07:10.0485 4032 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
21:07:10.0485 4032 mssmbios - ok
21:07:10.0485 4032 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:07:10.0500 4032 MSTEE - ok
21:07:10.0500 4032 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
21:07:10.0500 4032 MTConfig - ok
21:07:10.0532 4032 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:07:10.0532 4032 Mup - ok
21:07:10.0563 4032 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
21:07:10.0578 4032 napagent - ok
21:07:10.0625 4032 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:07:10.0625 4032 NativeWifiP - ok
21:07:10.0766 4032 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120327.008\ENG64.SYS
21:07:10.0766 4032 NAVENG - ok
21:07:10.0828 4032 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\PROGRA~3\Symantec\DEFINI~1\VIRUSD~1\20120327.008\EX64.SYS
21:07:10.0859 4032 NAVEX15 - ok
21:07:10.0906 4032 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
21:07:10.0937 4032 NDIS - ok
21:07:10.0937 4032 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:07:10.0937 4032 NdisCap - ok
21:07:10.0968 4032 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:07:10.0968 4032 NdisTapi - ok
21:07:11.0015 4032 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:07:11.0015 4032 Ndisuio - ok
21:07:11.0046 4032 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:07:11.0046 4032 NdisWan - ok
21:07:11.0093 4032 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:07:11.0093 4032 NDProxy - ok
21:07:11.0109 4032 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:07:11.0109 4032 NetBIOS - ok
21:07:11.0140 4032 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:07:11.0140 4032 NetBT - ok
21:07:11.0187 4032 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:07:11.0187 4032 Netlogon - ok
21:07:11.0218 4032 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
21:07:11.0218 4032 Netman - ok
21:07:11.0249 4032 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
21:07:11.0249 4032 netprofm - ok
21:07:11.0296 4032 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:07:11.0296 4032 NetTcpPortSharing - ok
21:07:11.0343 4032 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
21:07:11.0343 4032 nfrd960 - ok
21:07:11.0405 4032 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
21:07:11.0405 4032 NlaSvc - ok
21:07:11.0499 4032 nmservice (cd569fa91ec6f59d045c19d0d3850f44) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
21:07:11.0499 4032 nmservice - ok
21:07:11.0514 4032 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:07:11.0514 4032 Npfs - ok
21:07:11.0530 4032 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
21:07:11.0530 4032 nsi - ok
21:07:11.0546 4032 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:07:11.0546 4032 nsiproxy - ok
21:07:11.0608 4032 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:07:11.0639 4032 Ntfs - ok
21:07:11.0670 4032 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:07:11.0670 4032 Null - ok
21:07:11.0702 4032 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:07:11.0702 4032 nvraid - ok
21:07:11.0733 4032 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:07:11.0733 4032 nvstor - ok
21:07:11.0764 4032 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:07:11.0764 4032 nv_agp - ok
21:07:11.0826 4032 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:07:11.0842 4032 odserv - ok
21:07:11.0873 4032 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:07:11.0873 4032 ohci1394 - ok
21:07:11.0936 4032 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:07:11.0936 4032 ose - ok
21:07:11.0982 4032 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:07:11.0998 4032 p2pimsvc - ok
21:07:12.0029 4032 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
21:07:12.0045 4032 p2psvc - ok
21:07:12.0092 4032 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
21:07:12.0092 4032 Parport - ok
21:07:12.0138 4032 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:07:12.0138 4032 partmgr - ok
21:07:12.0154 4032 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
21:07:12.0154 4032 PcaSvc - ok
21:07:12.0170 4032 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:07:12.0170 4032 pci - ok
21:07:12.0185 4032 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:07:12.0185 4032 pciide - ok
21:07:12.0216 4032 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
21:07:12.0216 4032 pcmcia - ok
21:07:12.0232 4032 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:07:12.0232 4032 pcw - ok
21:07:12.0248 4032 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:07:12.0263 4032 PEAUTH - ok
21:07:12.0310 4032 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
21:07:12.0310 4032 PerfHost - ok
21:07:12.0372 4032 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
21:07:12.0404 4032 pla - ok
21:07:12.0466 4032 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
21:07:12.0482 4032 PlugPlay - ok
21:07:12.0528 4032 Pml Driver HPZ12 (64ca1485214340cacc315ffdfded73ef) C:\Windows\system32\HPZipm12.dll
21:07:12.0528 4032 Pml Driver HPZ12 - ok
21:07:12.0591 4032 pnarp (fb83b6c62dff5abe36304351d2bed581) C:\Windows\system32\DRIVERS\pnarp.sys
21:07:12.0591 4032 pnarp - ok
21:07:12.0622 4032 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
21:07:12.0638 4032 PNRPAutoReg - ok
21:07:12.0653 4032 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
21:07:12.0653 4032 PNRPsvc - ok
21:07:12.0684 4032 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
21:07:12.0684 4032 PolicyAgent - ok
21:07:12.0731 4032 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
21:07:12.0731 4032 Power - ok
21:07:12.0762 4032 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:07:12.0778 4032 PptpMiniport - ok
21:07:12.0809 4032 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
21:07:12.0809 4032 Processor - ok
21:07:12.0856 4032 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
21:07:12.0856 4032 ProfSvc - ok
21:07:12.0903 4032 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:07:12.0903 4032 ProtectedStorage - ok
21:07:12.0934 4032 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:07:12.0934 4032 Psched - ok
21:07:12.0981 4032 purendis (1b3434642ce3c26e6f24d3a76d749c2a) C:\Windows\system32\DRIVERS\purendis.sys
21:07:12.0981 4032 purendis - ok
21:07:13.0012 4032 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
21:07:13.0012 4032 PxHlpa64 - ok
21:07:13.0074 4032 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
21:07:13.0106 4032 ql2300 - ok
21:07:13.0152 4032 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
21:07:13.0152 4032 ql40xx - ok
21:07:13.0184 4032 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
21:07:13.0199 4032 QWAVE - ok
21:07:13.0215 4032 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:07:13.0215 4032 QWAVEdrv - ok
21:07:13.0230 4032 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:07:13.0230 4032 RasAcd - ok
21:07:13.0277 4032 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:07:13.0277 4032 RasAgileVpn - ok
21:07:13.0293 4032 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
21:07:13.0293 4032 RasAuto - ok
21:07:13.0340 4032 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:07:13.0340 4032 Rasl2tp - ok
21:07:13.0386 4032 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
21:07:13.0402 4032 RasMan - ok
21:07:13.0418 4032 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:07:13.0418 4032 RasPppoe - ok
21:07:13.0449 4032 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:07:13.0449 4032 RasSstp - ok
21:07:13.0480 4032 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:07:13.0480 4032 rdbss - ok
21:07:13.0496 4032 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
21:07:13.0496 4032 rdpbus - ok
21:07:13.0511 4032 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:07:13.0511 4032 RDPCDD - ok
21:07:13.0542 4032 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:07:13.0542 4032 RDPENCDD - ok
21:07:13.0574 4032 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:07:13.0574 4032 RDPREFMP - ok
21:07:13.0589 4032 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
21:07:13.0589 4032 RDPWD - ok
21:07:13.0620 4032 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:07:13.0620 4032 rdyboost - ok
21:07:13.0652 4032 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
21:07:13.0667 4032 RemoteAccess - ok
21:07:13.0698 4032 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
21:07:13.0698 4032 RemoteRegistry - ok
21:07:13.0745 4032 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
21:07:13.0745 4032 RFCOMM - ok
21:07:13.0761 4032 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
21:07:13.0776 4032 RpcEptMapper - ok
21:07:13.0792 4032 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
21:07:13.0792 4032 RpcLocator - ok
21:07:13.0839 4032 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
21:07:13.0854 4032 RpcSs - ok
21:07:13.0870 4032 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:07:13.0870 4032 rspndr - ok
21:07:13.0917 4032 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
21:07:13.0932 4032 RTL8167 - ok
21:07:13.0964 4032 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:07:13.0979 4032 SamSs - ok
21:07:14.0010 4032 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:07:14.0010 4032 sbp2port - ok
21:07:14.0042 4032 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
21:07:14.0042 4032 SCardSvr - ok
21:07:14.0073 4032 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:07:14.0073 4032 scfilter - ok
21:07:14.0120 4032 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
21:07:14.0151 4032 Schedule - ok
21:07:14.0182 4032 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
21:07:14.0182 4032 SCPolicySvc - ok
21:07:14.0213 4032 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
21:07:14.0213 4032 SDRSVC - ok
21:07:14.0291 4032 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
21:07:14.0291 4032 SeaPort - ok
21:07:14.0338 4032 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:07:14.0338 4032 secdrv - ok
21:07:14.0369 4032 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
21:07:14.0369 4032 seclogon - ok
21:07:14.0416 4032 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
21:07:14.0416 4032 SENS - ok
21:07:14.0432 4032 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
21:07:14.0432 4032 SensrSvc - ok
21:07:14.0447 4032 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
21:07:14.0447 4032 Serenum - ok
21:07:14.0494 4032 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
21:07:14.0494 4032 Serial - ok
21:07:14.0525 4032 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
21:07:14.0525 4032 sermouse - ok
21:07:14.0572 4032 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
21:07:14.0572 4032 SessionEnv - ok
21:07:14.0603 4032 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:07:14.0603 4032 sffdisk - ok
21:07:14.0619 4032 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:07:14.0619 4032 sffp_mmc - ok
21:07:14.0634 4032 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:07:14.0634 4032 sffp_sd - ok
21:07:14.0650 4032 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
21:07:14.0650 4032 sfloppy - ok
21:07:14.0697 4032 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
21:07:14.0697 4032 SharedAccess - ok
21:07:14.0744 4032 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
21:07:14.0744 4032 ShellHWDetection - ok
21:07:14.0759 4032 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:07:14.0759 4032 SiSRaid2 - ok
21:07:14.0775 4032 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
21:07:14.0775 4032 SiSRaid4 - ok
21:07:14.0790 4032 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:07:14.0790 4032 Smb - ok
21:07:14.0946 4032 SmcService (ad97b711074cf27da0c00f2c26e1a62c) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Smc.exe
21:07:15.0009 4032 SmcService - ok
21:07:15.0040 4032 SNAC (91bd8e268d93aaf5f59aac9de84a25bb) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\SNAC64.EXE
21:07:15.0040 4032 SNAC - ok
21:07:15.0087 4032 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
21:07:15.0087 4032 SNMPTRAP - ok
21:07:15.0102 4032 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:07:15.0102 4032 spldr - ok
21:07:15.0134 4032 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
21:07:15.0149 4032 Spooler - ok
21:07:15.0243 4032 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
21:07:15.0305 4032 sppsvc - ok
21:07:15.0336 4032 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
21:07:15.0336 4032 sppuinotify - ok
21:07:15.0383 4032 SRTSP (32900ac9cfdc578531279886ca16a4df) C:\Windows\system32\Drivers\SRTSP64.SYS
21:07:15.0383 4032 SRTSP - ok
21:07:15.0430 4032 SRTSPL (8929566d1f14685fd78eaf25bee3ecc7) C:\Windows\system32\Drivers\SRTSPL64.SYS
21:07:15.0430 4032 SRTSPL - ok
21:07:15.0461 4032 SRTSPX (cb2fdf47ee67f8cca5362ed9b94fe955) C:\Windows\system32\Drivers\SRTSPX64.SYS
21:07:15.0461 4032 SRTSPX - ok
21:07:15.0508 4032 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:07:15.0508 4032 srv - ok
21:07:15.0555 4032 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:07:15.0555 4032 srv2 - ok
21:07:15.0570 4032 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:07:15.0570 4032 srvnet - ok
21:07:15.0617 4032 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
21:07:15.0617 4032 SSDPSRV - ok
21:07:15.0648 4032 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
21:07:15.0648 4032 SstpSvc - ok
21:07:15.0711 4032 Steam Client Service - ok
21:07:15.0726 4032 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
21:07:15.0726 4032 stexstor - ok
21:07:15.0758 4032 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
21:07:15.0773 4032 stisvc - ok
21:07:15.0804 4032 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
21:07:15.0804 4032 swenum - ok
21:07:15.0836 4032 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
21:07:15.0836 4032 swprv - ok
21:07:15.0929 4032 Symantec AntiVirus (ba2fb8f8ab24d0279caa98a4c118150e) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\Rtvscan.exe
21:07:15.0945 4032 Symantec AntiVirus - ok
21:07:15.0976 4032 SymEvent (7e4d281982e19abd06728c7ee9ac40a8) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
21:07:15.0976 4032 SymEvent - ok
21:07:16.0038 4032 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
21:07:16.0085 4032 SysMain - ok
21:07:16.0116 4032 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
21:07:16.0116 4032 TabletInputService - ok
21:07:16.0163 4032 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
21:07:16.0163 4032 TapiSrv - ok
21:07:16.0179 4032 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
21:07:16.0179 4032 TBS - ok
21:07:16.0272 4032 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:07:16.0304 4032 Tcpip - ok
21:07:16.0366 4032 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:07:16.0382 4032 TCPIP6 - ok
21:07:16.0413 4032 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:07:16.0413 4032 tcpipreg - ok
21:07:16.0444 4032 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:07:16.0444 4032 TDPIPE - ok
21:07:16.0491 4032 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
21:07:16.0491 4032 TDTCP - ok
21:07:16.0538 4032 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:07:16.0538 4032 tdx - ok
21:07:16.0569 4032 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
21:07:16.0569 4032 TermDD - ok
21:07:16.0600 4032 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
21:07:16.0616 4032 TermService - ok
21:07:16.0631 4032 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
21:07:16.0631 4032 Themes - ok
21:07:16.0678 4032 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
21:07:16.0678 4032 THREADORDER - ok
21:07:16.0678 4032 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
21:07:16.0694 4032 TrkWks - ok
21:07:16.0725 4032 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
21:07:16.0725 4032 TrustedInstaller - ok
21:07:16.0756 4032 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:07:16.0756 4032 tssecsrv - ok
21:07:16.0818 4032 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:07:16.0818 4032 TsUsbFlt - ok
21:07:16.0881 4032 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:07:16.0881 4032 tunnel - ok
21:07:16.0896 4032 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
21:07:16.0896 4032 uagp35 - ok
21:07:16.0959 4032 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:07:16.0959 4032 udfs - ok
21:07:16.0990 4032 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
21:07:16.0990 4032 UI0Detect - ok
21:07:17.0006 4032 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:07:17.0006 4032 uliagpkx - ok
21:07:17.0052 4032 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
21:07:17.0052 4032 umbus - ok
21:07:17.0084 4032 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
21:07:17.0084 4032 UmPass - ok
21:07:17.0130 4032 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
21:07:17.0130 4032 upnphost - ok
21:07:17.0162 4032 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
21:07:17.0162 4032 USBAAPL64 - ok
21:07:17.0193 4032 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
21:07:17.0193 4032 usbccgp - ok
21:07:17.0224 4032 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:07:17.0224 4032 usbcir - ok
21:07:17.0240 4032 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:07:17.0240 4032 usbehci - ok
21:07:17.0271 4032 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
21:07:17.0271 4032 usbhub - ok
21:07:17.0286 4032 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:07:17.0286 4032 usbohci - ok
21:07:17.0318 4032 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
21:07:17.0318 4032 usbprint - ok
21:07:17.0364 4032 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
21:07:17.0364 4032 usbscan - ok
21:07:17.0380 4032 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:07:17.0380 4032 USBSTOR - ok
21:07:17.0396 4032 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
21:07:17.0396 4032 usbuhci - ok
21:07:17.0411 4032 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
21:07:17.0427 4032 UxSms - ok
21:07:17.0458 4032 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
21:07:17.0458 4032 VaultSvc - ok
21:07:17.0505 4032 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:07:17.0505 4032 vdrvroot - ok
21:07:17.0552 4032 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
21:07:17.0567 4032 vds - ok
21:07:17.0598 4032 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:07:17.0598 4032 vga - ok
21:07:17.0645 4032 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:07:17.0645 4032 VgaSave - ok
21:07:17.0692 4032 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:07:17.0692 4032 vhdmp - ok
21:07:17.0723 4032 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:07:17.0723 4032 viaide - ok
21:07:17.0723 4032 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:07:17.0723 4032 volmgr - ok
21:07:17.0770 4032 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:07:17.0786 4032 volmgrx - ok
21:07:17.0801 4032 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:07:17.0817 4032 volsnap - ok
21:07:17.0832 4032 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
21:07:17.0832 4032 vsmraid - ok
21:07:17.0879 4032 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
21:07:17.0926 4032 VSS - ok
21:07:17.0942 4032 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:07:17.0942 4032 vwifibus - ok
21:07:17.0973 4032 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
21:07:17.0988 4032 W32Time - ok
21:07:17.0988 4032 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
21:07:18.0004 4032 WacomPen - ok
21:07:18.0035 4032 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:07:18.0035 4032 WANARP - ok
21:07:18.0035 4032 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:07:18.0035 4032 Wanarpv6 - ok
21:07:18.0113 4032 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
21:07:18.0129 4032 WatAdminSvc - ok
21:07:18.0191 4032 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
21:07:18.0222 4032 wbengine - ok
21:07:18.0254 4032 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
21:07:18.0254 4032 WbioSrvc - ok
21:07:18.0300 4032 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
21:07:18.0300 4032 wcncsvc - ok
21:07:18.0332 4032 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
21:07:18.0332 4032 WcsPlugInService - ok
21:07:18.0347 4032 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
21:07:18.0347 4032 Wd - ok
21:07:18.0378 4032 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:07:18.0394 4032 Wdf01000 - ok
21:07:18.0394 4032 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:07:18.0410 4032 WdiServiceHost - ok
21:07:18.0410 4032 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
21:07:18.0410 4032 WdiSystemHost - ok
21:07:18.0441 4032 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
21:07:18.0456 4032 WebClient - ok
21:07:18.0472 4032 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
21:07:18.0488 4032 Wecsvc - ok
21:07:18.0503 4032 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
21:07:18.0503 4032 wercplsupport - ok
21:07:18.0534 4032 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
21:07:18.0534 4032 WerSvc - ok
21:07:18.0566 4032 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:07:18.0566 4032 WfpLwf - ok
21:07:18.0597 4032 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:07:18.0597 4032 WIMMount - ok
21:07:18.0690 4032 WinDefend - ok
21:07:18.0690 4032 WinHttpAutoProxySvc - ok
21:07:18.0753 4032 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
21:07:18.0768 4032 Winmgmt - ok
21:07:18.0831 4032 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
21:07:18.0878 4032 WinRM - ok
21:07:18.0924 4032 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
21:07:18.0924 4032 WinUsb - ok
21:07:18.0987 4032 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
21:07:19.0002 4032 Wlansvc - ok
21:07:19.0127 4032 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:07:19.0174 4032 wlidsvc - ok
21:07:19.0205 4032 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:07:19.0205 4032 WmiAcpi - ok
21:07:19.0252 4032 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
21:07:19.0252 4032 wmiApSrv - ok
21:07:19.0283 4032 WMPNetworkSvc - ok
21:07:19.0330 4032 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
21:07:19.0330 4032 WPCSvc - ok
21:07:19.0377 4032 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
21:07:19.0377 4032 WPDBusEnum - ok
21:07:19.0408 4032 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:07:19.0408 4032 ws2ifsl - ok
21:07:19.0470 4032 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
21:07:19.0486 4032 wscsvc - ok
21:07:19.0486 4032 WSearch - ok
21:07:19.0580 4032 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
21:07:19.0626 4032 wuauserv - ok
21:07:19.0658 4032 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:07:19.0658 4032 WudfPf - ok
21:07:19.0689 4032 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:07:19.0689 4032 WUDFRd - ok
21:07:19.0720 4032 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
21:07:19.0720 4032 wudfsvc - ok
21:07:19.0751 4032 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
21:07:19.0751 4032 WwanSvc - ok
21:07:19.0782 4032 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
21:07:19.0860 4032 \Device\Harddisk0\DR0 - ok
21:07:19.0860 4032 Boot (0x1200) (64d62d7edf746ce3c8ec88750a07cfc6) \Device\Harddisk0\DR0\Partition0
21:07:19.0860 4032 \Device\Harddisk0\DR0\Partition0 - ok
21:07:19.0876 4032 Boot (0x1200) (837166823f8125234e9447aedcc86f9b) \Device\Harddisk0\DR0\Partition1
21:07:19.0876 4032 \Device\Harddisk0\DR0\Partition1 - ok
21:07:19.0876 4032 ============================================================
21:07:19.0876 4032 Scan finished
21:07:19.0876 4032 ============================================================
21:07:19.0907 4660 Detected object count: 0
21:07:19.0907 4660 Actual detected object count: 0

 

[Broni]

There is absolutely nothing malicious in your logs.

I still suspect your router.
Possibly you didn't reset it correctly.

Let's try again....

Go Start>Run (Start search in Vista), type in:
cmd
Click OK (Vista and Windows 7 users: while holding CTRL, and SHIFT, press Enter).

In Command Prompt window, type in following commands, and hit Enter after each one:
ipconfig /flushdns
ipconfig /registerdns
ipconfig /release
ipconfig /renew
net stop "dns client"
net start "dns client"


Turn the computer off.

On your router, you'll find a pinhole marked "Reset".
Keep pushing the hole, using a pencil, or a paperclip until all lights briefly come off and on.
NOTE. Simple router disconnecting from a power source will NOT do.
Restart computer and check for redirections.

NOTE. You may need to re-check your router security settings, as described HERE

 

[mmcook]

Will do. Shall report back later.

 

[mmcook]

I completely restored the factory settings on the router. Had to call the phone company to get back online.

Then I was promptly redirected to "Get-Answers-Fast.com" as I tried to navigate to these forums.

 

[mmcook]

I have noticed something else, which I don't understand. When I am online there is a bookmark called .AppleSyncInfo. that appers. It is pinned to my favorites bar. It also appears at the bottom of every folder I have. Like, in my favorites settings I have folders of webpages bookmarked for Movies, Authors, News, etc. .AppleSyncInfo currently appears at the bottom of every folder. I don't know what that means....

 

[Broni]

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64-bit users go HERE

• Double-click SystemLook.exe to run it.
• Vista users:: Right click on SystemLook.exe, click Run As Administrator
• Copy the content of the following box and paste it into the main textfield:
  

  :reg
  HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes /s
  HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes /s
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes /s

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

 

[mmcook]

Wow, I had an incredibly difficult time just getting to the forums this evening. Neither Google search nor Yahoo were working. I would do a search for "Techspot" and that worked fine. But when I would try to navigate to the site, either I kept getting a "502 Bad Gateway" error or I would click the link and nothing would happen at all. I tried both Internet Explorer and Firefox and both had the same issues. Occasionally I would also get redirected.
My internet appears to be working fine otherwise. But getting HERE took something like 15-20 attempts. A couple of times I made it to the homepage, but then trying to get to the Forums failed.
I'm just posting this to let you know what's happening. I'm trying to do the SystemLook now.

 

[mmcook]

SystemLook 30.07.11 by jpshortstuff
Log created at 18:35 on 19/04/2012 by mmcook
Administrator - Elevation successful
========== reg ==========
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes]
"DownloadRetries"= 0x0000000000 (0)
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
"DownloadUpdates"= 0x0000000000 (0)
"UpgradeTime"=b7 fb 4d 37 5a ec cc 01 (REG_BINARY)
"Version"= 0x0000000003 (3)
"KnownProvidersUpgradeTime"=b7 fb 4d 37 5a ec cc 01 (REG_BINARY)
"ShowSearchSuggestionsInAddressGlobal"= 0x0000000000 (0)
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"FaviconPath"="C:\Users\mmcook\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{0633EE93-D776-472f-A0FF-E1416B8B2E3A}.ico"
"FaviconURLFallback"="http://www.bing.com/favicon.ico"
"SuggestionsURLFallback"="http://api.bing.com/qsml.aspx?query...e:sectionHeight}&FORM=IE8SSC&market={language}"
"URL"="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
"TopResultURLFallback"="http://www.bing.com/search?q={searchTerms}&src=ie9tr"
"DisplayName"="Bing"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{32E253B0-7E13-47A1-B5C5-FC1AF4587271}]
"FaviconPath"="C:\Users\mmcook\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{32E253B0-7E13-47A1-B5C5-FC1AF4587271}.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{C97B4257-6230-4F12-9EAD-229E009A1BF8}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{C97B4257-6230-4F12-9EAD-229E009A1BF8}]
"DisplayName"="Bing"
"URL"="http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox"
"ShowSearchSuggestions"= 0x0000000001 (1)
"FaviconURL"="http://www.bing.com/favicon.ico"
"SuggestionsURL"="http://api.bing.com/qsml.aspx?query...e:sectionHeight}&FORM=IE8SSC&market={Language}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{C97B4257-6230-4F12-9EAD-229E009A1BF8}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C97B4257-6230-4F12-9EAD-229E009A1BF8}]
"DisplayName"="Bing"
"URL"="http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox"
"ShowSearchSuggestions"= 0x0000000001 (1)
"FaviconURL"="http://www.bing.com/favicon.ico"
"SuggestionsURL"="http://api.bing.com/qsml.aspx?query...e:sectionHeight}&FORM=IE8SSC&market={Language}"

-= EOF =-

 

[mmcook]

I'm also getting some occasional page loading errors where the whole formatting of the webpage is off/distorted.

 

[Broni]

It was an issue with this board.
I couldn't get on for a while.
All looks normal now.

 

[Broni]

As for your issue....I'm out of tools and ideas.

There is nothing malicious there.

One more try....

Restart computer in Safe Mode with Networking and see if it happens there as well.

 

[mmcook]

Well that's...distressing? It's definitely still happening.

I tried safe mode with networking. As before, I could establish no internet in Safe mode. The only slight difference was that this time, the first time I tried to go online in safe mode, the Yahoo homepage actually loaded. But then when I tried to do anything, I was told Internet explorer could not establish the connection. After that, it wouldn't even load the homepage anymore. Firefox would not load either.

 

[Broni]

Please click HERE to download Kaspersky Virus Removal Tool.

• Double click on the file you just downloaded and let it install.
• It will install to your desktop (be patient; it may take a while).
• Accept license agreement and click "Start" button.
• Click on Settings button
  
  • In Scan scope leave pre-checked items as they're and also checkmark My Computer
  • In Actions checkmark Select action: (disinfect; delete if disinfection fails) instead of preselected Prompt on detection
• Click on Automatic Scan tab and then click on Start scanning button.
• Before it is done it may prompt for action regardless of the setting so choose delete if prompted.
• When the scan is done NO log will be produced.
• Click on Report button
  
  then on Automatic Scan report tab.
• Right click anywhere within right pane, click Select All then right click again and click Copy.
• This will copy the items that it found to the clipboard you can then open notepad (go to start then run then type in notepad) and choose paste to paste the contents into Notepad.
• You can save this on the desktop.
• Post the contents of the document in your next reply.

 

[mmcook]

I am having some trouble downloading this.
The first time it seemed like everything was working properly. The file downloaded and I saved it to the desktop. When I tried to run it, however, I got several error messages stating "There is a problem with your ContentWatch installation. Please uninstall and reinstall the program." This popped up several times.
Then when I tried to run it, the program hung up and froze. "Not responding"
I had to reboot the computer. I received several more "There is a problem with your ContentWatch installation" errors on reboot.
I then tried to start over by deleting the Kaspersky icon on the desktop, planning to do a new one.
But now I can't seem to download a new one. When I click on the download link, nothing happens. Just nothing.

I rebooted again, but still am unable to download the program. I don't understand why the link is no longer working, though I'm sure it's something I did....