Browser redirect /problems -vs

[itsvern]

Hello;

I currently am experiencing google browser redirects.

Current spyware tools (SUPERAntiSpyware, Malwarebytes pro version) were unable to correct

Reposting, rather than attaching, the DDS.txt file

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26

Run by vern at 10:38:04 on 2012-03-25

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7991.4581 [GMT -4:00]

.

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\ProgramData\OfficeGuardianV2N\UACProxy.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Windows\system32\mfevtps.exe

C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files\Verizon\McciTrayApp.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Users\vern\Local Settings\Apps\F.lux\flux.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Verizon\FiOS\ihs\IHANotify.exe

C:\ProgramData\OfficeGuardianV2N\Reminder\SacReminder.exe

C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

C:\Program Files (x86)\VueSoft\VueMinder\VueMinder.exe

C:\Program Files (x86)\Squeezebox\SqueezeTray.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files\Dell\DellDock\DellDock.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe

C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe

C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\PROGRA~2\SQUEEZ~1\server\SQUEEZ~3.EXE

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\taskhost.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

C:\Windows\SysWOW64\ping.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\ping.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\SysWOW64\ping.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

.

============== Pseudo HJT Report ===============

.

uSearch Bar = hxxp://www.google.com/ie

uSearch Page = hxxp://www.google.com

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

uInternet Settings,ProxyOverride = <local>

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mWinlogon: Userinit=userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120122152714.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [F.lux] "C:\Users\vern\Local Settings\Apps\F.lux\flux.exe" /noshow

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [CAHeadless] c:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe

uRun: [ihanotify] C:\Program Files (x86)\Verizon\FiOS\ihs\IHANotify.exe BalloonCount=111 RunNotify=fios BalloonMsg=init

uRun: [sacReminderHDDV2N] C:\ProgramData\OfficeGuardianV2N\reminder\SacReminder.exe

uRun: [googletalk] C:\Users\vern\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

uRun: [VueMinder] "C:\Program Files (x86)\VueSoft\VueMinder\VueMinder.exe" 1

mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe

mRun: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

StartupFolder: C:\Users\vern\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe

StartupFolder: C:\Users\vern\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Squeezebox\SqueezeTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

LSP: mswsock.dll

Trusted Zone: internet

Trusted Zone: mcafee.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{C9811826-9152-45CA-9EDE-FAE62E82BD2A} : DhcpNameServer = 192.168.1.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

SubSystems: Windows = basesrv,1 winsrv:UserServerDllInitialization,3 consrv:ConServerDllInitialization,2 sxssrv,4

BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO-X64: McAfee Phishing Filter - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120122152714.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

mRun-x64: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe

mRun-x64: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m

mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\vern\AppData\Roaming\Mozilla\Firefox\Profiles\ur0278cf.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.startup.homepage - hxxp://www.washingtonpost.com/regional

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?q=

FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-7-12 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-5-4 140672]

R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-18 169312]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 CFUACProxy_officeguardianv2n;CFUACProxy_officeguardianv2n;C:\ProgramData\OfficeGuardianV2N\UACProxy.exe [2011-6-3 83792]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

R2 IHA_MessageCenter;IHA_MessageCenter;C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2010-10-13 290832]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-5-12 652360]

R2 McciCMService64;McciCMService64;C:\Program Files\Common Files\Motive\McciCMService.exe [2010-12-20 517632]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-1-22 249936]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2012-1-22 199272]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2012-1-22 208536]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]

R2 SacNetAgentService_C57C4F854F53;SacNetAgentService_C57C4F854F53;C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.exe [2011-6-3 163664]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-11-24 1692480]

R2 vpnagent;Cisco AnyConnect VPN Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-10-21 592120]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-1-22 249936]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]

S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

SUnknown SPService;SPService; [x]

.

=============== Created Last 30 ================

.

2012-03-25 14:11:38 388096 ----a-r- C:\Users\vern\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-03-25 14:11:38 -------- d-----w- C:\Program Files (x86)\Trend Micro

2012-03-25 14:04:19 116016 ----a-w- C:\Windows\System32\drivers\69096004.sys

2012-03-25 14:04:19 -------- d-----w- C:\TDSSKiller_Quarantine

2012-03-23 05:10:25 0 --sha-w- C:\Windows\System32\dds_trash_log.cmd

2012-03-23 05:09:19 -------- d-----we C:\Windows\system64

2012-03-17 13:28:02 592824 ----a-w- C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll

2012-03-17 13:28:02 44472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozglue.dll

2012-03-14 07:02:06 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-03-14 07:02:06 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-03-14 07:02:05 3913584 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-03-13 22:45:13 3145728 ----a-w- C:\Windows\System32\win32k.sys

2012-03-13 22:45:12 1544192 ----a-w- C:\Windows\System32\DWrite.dll

2012-03-13 22:45:12 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll

2012-03-13 22:45:04 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-03-13 22:45:04 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-03-13 22:45:04 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-03-13 22:44:56 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll

2012-03-13 22:44:56 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys

2012-03-13 22:44:56 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-03-13 22:44:56 1031680 ----a-w- C:\Windows\System32\rdpcore.dll

2012-02-25 05:05:37 -------- d-----w- C:\Program Files (x86)\VueSoft

.

==================== Find3M ====================

.

2012-03-23 05:09:31 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-01-04 10:44:20 509952 ----a-w- C:\Windows\System32\ntshrui.dll

2012-01-04 08:58:41 442880 ----a-w- C:\Windows\SysWow64\ntshrui.dll

2011-12-30 06:26:08 515584 ----a-w- C:\Windows\System32\timedate.cpl

2011-12-30 05:27:56 478720 ----a-w- C:\Windows\SysWow64\timedate.cpl

2011-12-28 03:59:24 498688 ----a-w- C:\Windows\System32\drivers\afd.sys

.

============= FINISH: 10:38:32.37 ===============

DDS.txt

Attach.txt

[MrCharlie]

Welcome to the forum and sorry for the delay.

If you still need help......

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system (don't run any other options)

Post back the report.

MrC

[itsvern]

MrC ..... Thanks for getting back to me.

Please note that since I posted the above initial entry on March 25, I did experience some additional problems. I was instructed by my McAfee Antivirus to download a new version of their software, did the initial scan afterwards, but my system could not reboot upon restart. I was able to revert to a previous state of my Windows 7 system, and also reloaded Malarebytes. I am up and running again, but the browser redirects are still happening. I wanted to inform you of this, as that may mean that the above DDS.txt files may no longer reflect the current state of my system.

I did download the RogueKiller software, ran it, and the report is as follows .......

-----------------------

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User: vern [Admin rights]

Mode: Scan -- Date: 04/04/2012 08:23:49

¤¤¤ Bad processes: 4 ¤¤¤

[sUSP PATH] UACProxy.exe -- C:\ProgramData\OfficeGuardianV2N\UACProxy.exe -> KILLED [TermProc]

[sUSP PATH] SacNetAgent.exe -- C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.exe -> KILLED [TermProc]

[sUSP PATH] SacReminder.exe -- C:\ProgramData\OfficeGuardianV2N\Reminder\SacReminder.exe -> KILLED [TermProc]

[sUSP PATH] UACProxy.exe -- C:\ProgramData\OfficeGuardianV2N\UACProxy.exe -> KILLED [TermProc]

¤¤¤ Registry Entries: 13 ¤¤¤

[sUSP PATH] HKCU\[...]\Run : SacReminderHDDV2N (C:\ProgramData\OfficeGuardianV2N\reminder\SacReminder.exe) -> FOUND

[sUSP PATH] HKUS\S-1-5-21-638730087-4158634751-4081792236-1000[...]\Run : SacReminderHDDV2N (C:\ProgramData\OfficeGuardianV2N\reminder\SacReminder.exe) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowDownloads (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowRun (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

[HJ] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

[FOLDER] plugs : c:\users\vern\appdata\roaming\adobe\plugs --> FOUND

[FOLDER] shed : c:\users\vern\appdata\roaming\adobe\shed --> FOUND

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ZeroAccess ¤¤¤

[ZeroAccess] sys32\consrv.dll present!

¤¤¤ HOSTS File: ¤¤¤

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST31000528AS ATA Device +++++

--- User ---

[MBR] 098ec5281bc9b2ab064345400369045b

[bSP] bd88243ba1753a8780c06e4eb19307c6 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 16838 Mo

2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 34566144 | Size: 936990 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[MrCharlie]

¤¤¤ Infection : ZeroAccess ¤¤¤

[ZeroAccess] sys32\consrv.dll present!

Your computer is infected with a nasty rootkit. Please read the following information first.

You're infected with Rootkit.ZeroAccess, a BackDoor Trojan.

BACKDOOR WARNING

------------------------------

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

http://www.dslreports.com/faq/10451

When Should I Format, How Should I Reinstall

http://www.dslreports.com/faq/10063

I will try my best to clean this machine but I can't guarantee that it will be 100% secure afterwards and......

• There's a possibility that you'll lose your internet connections which I may not be able to correct and will require a repair install.
  
• There's also a possibility that during the cleaning procedure the computer will become unusable (won't boot) which will result in a repair install or complete format and install.
  
• I strongly suggest you back up all of the important items on the system before we continue.
  

Please let me know you have read this and agree to it.

Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

-----------------------------------------

Please make sure system restore is running and create a new restore point before continuing.

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

------------------------

Click the Start Scan button.

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

MrC

[itsvern]

Mr C;

Let us proceed on.

I printed your instructions, downloaded TDSSKiller, and started stepping through your instructions.

I was too hasty with one step though ....... several threats were detected, with the default 'skip' option - and one item was listed with the 'delete' option set as the default. I mistakenly hit the 'continue' button, rather than set the option for that last detection to 'Skip' before rebooting. My sincere apologies - hopefully this will not result in too many problems.

The resulting log file is presented here .....

2:59:36.0077 5772 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32

12:59:36.0311 5772 ============================================================

12:59:36.0311 5772 Current date / time: 2012/04/04 12:59:36.0311

12:59:36.0311 5772 SystemInfo:

12:59:36.0311 5772

12:59:36.0326 5772 OS Version: 6.1.7601 ServicePack: 1.0

12:59:36.0326 5772 Product type: Workstation

12:59:36.0326 5772 ComputerName: VERN-PC

12:59:36.0326 5772 UserName: vern

12:59:36.0326 5772 Windows directory: C:\Windows

12:59:36.0326 5772 System windows directory: C:\Windows

12:59:36.0326 5772 Running under WOW64

12:59:36.0326 5772 Processor architecture: Intel x64

12:59:36.0326 5772 Number of processors: 4

12:59:36.0326 5772 Page size: 0x1000

12:59:36.0326 5772 Boot type: Normal boot

12:59:36.0326 5772 ============================================================

12:59:37.0387 5772 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:59:37.0403 5772 \Device\Harddisk0\DR0:

12:59:37.0403 5772 MBR used

12:59:37.0403 5772 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x20E3000

12:59:37.0403 5772 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x20F7000, BlocksNum 0x7260F000

12:59:37.0418 5772 Initialize success

12:59:37.0418 5772 ============================================================

13:00:18.0899 4540 ============================================================

13:00:18.0899 4540 Scan started

13:00:18.0899 4540 Mode: Manual; SigCheck; TDLFS;

13:00:18.0899 4540 ============================================================

13:00:20.0818 4540 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

13:00:20.0896 4540 !SASCORE - ok

13:00:20.0974 4540 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

13:00:21.0052 4540 1394ohci - ok

13:00:21.0098 4540 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

13:00:21.0130 4540 ACPI - ok

13:00:21.0161 4540 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

13:00:21.0223 4540 AcpiPmi - ok

13:00:21.0317 4540 AdobeActiveFileMonitor8.0 (765fe0463e711e5a68ac7b69538ed922) c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

13:00:21.0348 4540 AdobeActiveFileMonitor8.0 - ok

13:00:21.0426 4540 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

13:00:21.0442 4540 AdobeARMservice - ok

13:00:21.0535 4540 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

13:00:21.0551 4540 AdobeFlashPlayerUpdateSvc - ok

13:00:21.0613 4540 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

13:00:21.0660 4540 adp94xx - ok

13:00:21.0676 4540 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

13:00:21.0691 4540 adpahci - ok

13:00:21.0707 4540 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

13:00:21.0722 4540 adpu320 - ok

13:00:21.0754 4540 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

13:00:21.0800 4540 AeLookupSvc - ok

13:00:21.0832 4540 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

13:00:21.0863 4540 AFD - ok

13:00:21.0910 4540 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

13:00:21.0910 4540 agp440 - ok

13:00:21.0941 4540 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

13:00:21.0972 4540 ALG - ok

13:00:22.0003 4540 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

13:00:22.0034 4540 aliide - ok

13:00:22.0050 4540 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

13:00:22.0050 4540 amdide - ok

13:00:22.0066 4540 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

13:00:22.0128 4540 AmdK8 - ok

13:00:22.0144 4540 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

13:00:22.0190 4540 AmdPPM - ok

13:00:22.0222 4540 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

13:00:22.0237 4540 amdsata - ok

13:00:22.0253 4540 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

13:00:22.0268 4540 amdsbs - ok

13:00:22.0284 4540 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

13:00:22.0300 4540 amdxata - ok

13:00:22.0346 4540 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

13:00:22.0409 4540 AppID - ok

13:00:22.0440 4540 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

13:00:22.0471 4540 AppIDSvc - ok

13:00:22.0502 4540 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

13:00:22.0565 4540 Appinfo - ok

13:00:22.0580 4540 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

13:00:22.0596 4540 arc - ok

13:00:22.0643 4540 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

13:00:22.0674 4540 arcsas - ok

13:00:22.0705 4540 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

13:00:22.0752 4540 AsyncMac - ok

13:00:22.0783 4540 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

13:00:22.0799 4540 atapi - ok

13:00:22.0846 4540 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:00:22.0908 4540 AudioEndpointBuilder - ok

13:00:22.0924 4540 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:00:22.0955 4540 AudioSrv - ok

13:00:23.0002 4540 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

13:00:23.0048 4540 AxInstSV - ok

13:00:23.0080 4540 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

13:00:23.0126 4540 b06bdrv - ok

13:00:23.0158 4540 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

13:00:23.0204 4540 b57nd60a - ok

13:00:23.0282 4540 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

13:00:23.0314 4540 BBSvc - ok

13:00:23.0345 4540 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

13:00:23.0376 4540 BDESVC - ok

13:00:23.0392 4540 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

13:00:23.0454 4540 Beep - ok

13:00:23.0485 4540 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

13:00:23.0548 4540 BITS - ok

13:00:23.0563 4540 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

13:00:23.0579 4540 blbdrive - ok

13:00:23.0657 4540 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

13:00:23.0704 4540 bowser - ok

13:00:23.0719 4540 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

13:00:23.0782 4540 BrFiltLo - ok

13:00:23.0797 4540 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

13:00:23.0813 4540 BrFiltUp - ok

13:00:23.0844 4540 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

13:00:23.0906 4540 Browser - ok

13:00:23.0938 4540 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

13:00:23.0969 4540 Brserid - ok

13:00:23.0984 4540 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

13:00:24.0016 4540 BrSerWdm - ok

13:00:24.0031 4540 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

13:00:24.0062 4540 BrUsbMdm - ok

13:00:24.0078 4540 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

13:00:24.0094 4540 BrUsbSer - ok

13:00:24.0140 4540 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

13:00:24.0187 4540 BTHMODEM - ok

13:00:24.0218 4540 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

13:00:24.0281 4540 bthserv - ok

13:00:24.0296 4540 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

13:00:24.0343 4540 cdfs - ok

13:00:24.0374 4540 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

13:00:24.0406 4540 cdrom - ok

13:00:24.0452 4540 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:00:24.0515 4540 CertPropSvc - ok

13:00:24.0577 4540 CFUACProxy_officeguardianv2n (23f5d8aee57f208e18e4edff16ee0df9) C:\ProgramData\OfficeGuardianV2N\UACProxy.exe

13:00:24.0608 4540 CFUACProxy_officeguardianv2n - ok

13:00:24.0640 4540 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys

13:00:24.0686 4540 cfwids - ok

13:00:24.0702 4540 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

13:00:24.0749 4540 circlass - ok

13:00:24.0780 4540 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

13:00:24.0811 4540 CLFS - ok

13:00:24.0874 4540 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:00:24.0889 4540 clr_optimization_v2.0.50727_32 - ok

13:00:24.0920 4540 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

13:00:24.0936 4540 clr_optimization_v2.0.50727_64 - ok

13:00:25.0014 4540 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:00:25.0030 4540 clr_optimization_v4.0.30319_32 - ok

13:00:25.0061 4540 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

13:00:25.0061 4540 clr_optimization_v4.0.30319_64 - ok

13:00:25.0092 4540 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

13:00:25.0123 4540 CmBatt - ok

13:00:25.0154 4540 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

13:00:25.0170 4540 cmdide - ok

13:00:25.0201 4540 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

13:00:25.0232 4540 CNG - ok

13:00:25.0248 4540 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

13:00:25.0264 4540 Compbatt - ok

13:00:25.0295 4540 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

13:00:25.0326 4540 CompositeBus - ok

13:00:25.0342 4540 COMSysApp - ok

13:00:25.0357 4540 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

13:00:25.0373 4540 crcdisk - ok

13:00:25.0420 4540 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

13:00:25.0482 4540 CryptSvc - ok

13:00:25.0498 4540 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:00:25.0544 4540 DcomLaunch - ok

13:00:25.0576 4540 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

13:00:25.0622 4540 defragsvc - ok

13:00:25.0654 4540 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

13:00:25.0700 4540 DfsC - ok

13:00:25.0716 4540 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

13:00:25.0778 4540 Dhcp - ok

13:00:25.0778 4540 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

13:00:25.0825 4540 discache - ok

13:00:25.0856 4540 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

13:00:25.0872 4540 Disk - ok

13:00:25.0903 4540 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

13:00:25.0950 4540 Dnscache - ok

13:00:25.0997 4540 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe

13:00:26.0012 4540 DockLoginService ( UnsignedFile.Multi.Generic ) - warning

13:00:26.0012 4540 DockLoginService - detected UnsignedFile.Multi.Generic (1)

13:00:26.0044 4540 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

13:00:26.0106 4540 dot3svc - ok

13:00:26.0137 4540 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

13:00:26.0200 4540 DPS - ok

13:00:26.0231 4540 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

13:00:26.0278 4540 drmkaud - ok

13:00:26.0309 4540 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

13:00:26.0340 4540 DXGKrnl - ok

13:00:26.0371 4540 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

13:00:26.0434 4540 EapHost - ok

13:00:26.0527 4540 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

13:00:26.0605 4540 ebdrv - ok

13:00:26.0621 4540 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

13:00:26.0683 4540 EFS - ok

13:00:26.0761 4540 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

13:00:26.0808 4540 ehRecvr - ok

13:00:26.0824 4540 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

13:00:26.0855 4540 ehSched - ok

13:00:26.0886 4540 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

13:00:26.0917 4540 elxstor - ok

13:00:26.0964 4540 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

13:00:26.0995 4540 ErrDev - ok

13:00:27.0042 4540 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

13:00:27.0089 4540 EventSystem - ok

13:00:27.0104 4540 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

13:00:27.0136 4540 exfat - ok

13:00:27.0167 4540 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

13:00:27.0198 4540 fastfat - ok

13:00:27.0245 4540 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

13:00:27.0292 4540 Fax - ok

13:00:27.0307 4540 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

13:00:27.0338 4540 fdc - ok

13:00:27.0354 4540 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

13:00:27.0432 4540 fdPHost - ok

13:00:27.0448 4540 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

13:00:27.0494 4540 FDResPub - ok

13:00:27.0510 4540 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

13:00:27.0526 4540 FileInfo - ok

13:00:27.0526 4540 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

13:00:27.0572 4540 Filetrace - ok

13:00:27.0619 4540 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

13:00:27.0650 4540 FLEXnet Licensing Service - ok

13:00:27.0666 4540 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

13:00:27.0682 4540 flpydisk - ok

13:00:27.0697 4540 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

13:00:27.0713 4540 FltMgr - ok

13:00:27.0806 4540 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

13:00:27.0853 4540 FontCache - ok

13:00:27.0916 4540 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

13:00:27.0931 4540 FontCache3.0.0.0 - ok

13:00:27.0947 4540 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

13:00:27.0962 4540 FsDepends - ok

13:00:27.0978 4540 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

13:00:27.0994 4540 Fs_Rec - ok

13:00:28.0040 4540 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

13:00:28.0072 4540 fvevol - ok

13:00:28.0087 4540 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

13:00:28.0087 4540 gagp30kx - ok

13:00:28.0134 4540 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe

13:00:28.0165 4540 GameConsoleService - ok

13:00:28.0212 4540 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe

13:00:28.0228 4540 GoToAssist - ok

13:00:28.0274 4540 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

13:00:28.0352 4540 gpsvc - ok

13:00:28.0384 4540 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

13:00:28.0430 4540 hcw85cir - ok

13:00:28.0477 4540 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

13:00:28.0524 4540 HDAudBus - ok

13:00:28.0555 4540 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

13:00:28.0571 4540 HECIx64 - ok

13:00:28.0586 4540 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

13:00:28.0602 4540 HidBatt - ok

13:00:28.0633 4540 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

13:00:28.0664 4540 HidBth - ok

13:00:28.0680 4540 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

13:00:28.0727 4540 HidIr - ok

13:00:28.0758 4540 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

13:00:28.0820 4540 hidserv - ok

13:00:28.0852 4540 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

13:00:28.0867 4540 HidUsb - ok

13:00:28.0898 4540 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

13:00:28.0945 4540 hkmsvc - ok

13:00:28.0992 4540 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

13:00:29.0023 4540 HomeGroupListener - ok

13:00:29.0054 4540 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

13:00:29.0070 4540 HomeGroupProvider - ok

13:00:29.0101 4540 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

13:00:29.0117 4540 HpSAMD - ok

13:00:29.0179 4540 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

13:00:29.0242 4540 HTTP - ok

13:00:29.0273 4540 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

13:00:29.0288 4540 hwpolicy - ok

13:00:29.0304 4540 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

13:00:29.0320 4540 i8042prt - ok

13:00:29.0351 4540 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

13:00:29.0398 4540 iaStorV - ok

13:00:29.0460 4540 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

13:00:29.0491 4540 idsvc - ok

13:00:29.0678 4540 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys

13:00:29.0928 4540 igfx - ok

13:00:30.0053 4540 IHA_MessageCenter (c135bff15563592b8ea070ea109967f7) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

13:00:30.0068 4540 IHA_MessageCenter - ok

13:00:30.0100 4540 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

13:00:30.0100 4540 iirsp - ok

13:00:30.0146 4540 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

13:00:30.0193 4540 IKEEXT - ok

13:00:30.0224 4540 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys

13:00:30.0271 4540 Impcd - ok

13:00:30.0349 4540 IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\Windows\system32\drivers\RTKVHD64.sys

13:00:30.0412 4540 IntcAzAudAddService - ok

13:00:30.0443 4540 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys

13:00:30.0490 4540 IntcDAud - ok

13:00:30.0536 4540 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

13:00:30.0552 4540 intelide - ok

13:00:30.0583 4540 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

13:00:30.0614 4540 intelppm - ok

13:00:30.0646 4540 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

13:00:30.0708 4540 IPBusEnum - ok

13:00:30.0724 4540 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:00:30.0755 4540 IpFilterDriver - ok

13:00:30.0786 4540 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

13:00:30.0817 4540 IPMIDRV - ok

13:00:30.0848 4540 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

13:00:30.0895 4540 IPNAT - ok

13:00:30.0926 4540 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

13:00:31.0004 4540 IRENUM - ok

13:00:31.0020 4540 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

13:00:31.0036 4540 isapnp - ok

13:00:31.0051 4540 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

13:00:31.0067 4540 iScsiPrt - ok

13:00:31.0114 4540 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys

13:00:31.0129 4540 k57nd60a - ok

13:00:31.0145 4540 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

13:00:31.0145 4540 kbdclass - ok

13:00:31.0176 4540 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

13:00:31.0207 4540 kbdhid - ok

13:00:31.0238 4540 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:00:31.0254 4540 KeyIso - ok

13:00:31.0270 4540 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

13:00:31.0285 4540 KSecDD - ok

13:00:31.0316 4540 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

13:00:31.0332 4540 KSecPkg - ok

13:00:31.0348 4540 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

13:00:31.0394 4540 ksthunk - ok

13:00:31.0426 4540 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

13:00:31.0488 4540 KtmRm - ok

13:00:31.0535 4540 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

13:00:31.0613 4540 LanmanServer - ok

13:00:31.0644 4540 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

13:00:31.0675 4540 LanmanWorkstation - ok

13:00:31.0706 4540 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

13:00:31.0753 4540 lltdio - ok

13:00:31.0769 4540 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

13:00:31.0800 4540 lltdsvc - ok

13:00:31.0816 4540 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

13:00:31.0847 4540 lmhosts - ok

13:00:31.0878 4540 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

13:00:31.0909 4540 LSI_FC - ok

13:00:31.0925 4540 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

13:00:31.0925 4540 LSI_SAS - ok

13:00:31.0972 4540 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

13:00:31.0987 4540 LSI_SAS2 - ok

13:00:32.0018 4540 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

13:00:32.0018 4540 LSI_SCSI - ok

13:00:32.0050 4540 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

13:00:32.0112 4540 luafv - ok

13:00:32.0159 4540 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

13:00:32.0174 4540 MBAMProtector - ok

13:00:32.0253 4540 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

13:00:32.0284 4540 MBAMService - ok

13:00:32.0331 4540 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

13:00:32.0362 4540 McciCMService ( UnsignedFile.Multi.Generic ) - warning

13:00:32.0362 4540 McciCMService - detected UnsignedFile.Multi.Generic (1)

13:00:32.0393 4540 McciCMService64 (859e5a32485178daeca06b52e2bb44b2) C:\Program Files\Common Files\Motive\McciCMService.exe

13:00:32.0409 4540 McciCMService64 ( UnsignedFile.Multi.Generic ) - warning

13:00:32.0409 4540 McciCMService64 - detected UnsignedFile.Multi.Generic (1)

13:00:32.0487 4540 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

13:00:32.0502 4540 McMPFSvc - ok

13:00:32.0518 4540 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

13:00:32.0518 4540 mcmscsvc - ok

13:00:32.0549 4540 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

13:00:32.0549 4540 McNASvc - ok

13:00:32.0565 4540 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

13:00:32.0565 4540 McProxy - ok

13:00:32.0611 4540 McShield (4a463d645b48bb487ca7df12ba5d1602) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

13:00:32.0627 4540 McShield - ok

13:00:32.0658 4540 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

13:00:32.0705 4540 Mcx2Svc - ok

13:00:32.0736 4540 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

13:00:32.0736 4540 megasas - ok

13:00:32.0767 4540 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

13:00:32.0799 4540 MegaSR - ok

13:00:32.0830 4540 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys

13:00:32.0861 4540 mfeapfk - ok

13:00:32.0877 4540 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys

13:00:32.0892 4540 mfeavfk - ok

13:00:32.0908 4540 mfefire (c53b7aba204d9f7e9568ec147a1485c5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

13:00:32.0923 4540 mfefire - ok

13:00:32.0939 4540 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys

13:00:32.0955 4540 mfefirek - ok

13:00:32.0986 4540 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys

13:00:33.0001 4540 mfehidk - ok

13:00:33.0017 4540 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys

13:00:33.0017 4540 mfenlfk - ok

13:00:33.0033 4540 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys

13:00:33.0048 4540 mferkdet - ok

13:00:33.0079 4540 mfevtp (3ed58a36f7f7d60f0ef44d29810b0b80) C:\Windows\system32\mfevtps.exe

13:00:33.0079 4540 mfevtp - ok

13:00:33.0126 4540 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys

13:00:33.0142 4540 mfewfpk - ok

13:00:33.0173 4540 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:00:33.0220 4540 MMCSS - ok

13:00:33.0235 4540 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

13:00:33.0282 4540 Modem - ok

13:00:33.0313 4540 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

13:00:33.0360 4540 monitor - ok

13:00:33.0376 4540 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

13:00:33.0391 4540 mouclass - ok

13:00:33.0407 4540 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

13:00:33.0454 4540 mouhid - ok

13:00:33.0469 4540 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

13:00:33.0485 4540 mountmgr - ok

13:00:33.0501 4540 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

13:00:33.0516 4540 mpio - ok

13:00:33.0547 4540 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

13:00:33.0579 4540 mpsdrv - ok

13:00:33.0641 4540 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS

13:00:33.0672 4540 MREMP50 ( UnsignedFile.Multi.Generic ) - warning

13:00:33.0672 4540 MREMP50 - detected UnsignedFile.Multi.Generic (1)

13:00:33.0688 4540 MREMP50a64 - ok

13:00:33.0703 4540 MREMPR5 - ok

13:00:33.0703 4540 MRENDIS5 - ok

13:00:33.0719 4540 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS

13:00:33.0735 4540 MRESP50 ( UnsignedFile.Multi.Generic ) - warning

13:00:33.0735 4540 MRESP50 - detected UnsignedFile.Multi.Generic (1)

13:00:33.0735 4540 MRESP50a64 - ok

13:00:33.0766 4540 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

13:00:33.0797 4540 MRxDAV - ok

13:00:33.0828 4540 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:00:33.0875 4540 mrxsmb - ok

13:00:33.0906 4540 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:00:33.0953 4540 mrxsmb10 - ok

13:00:33.0984 4540 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:00:34.0000 4540 mrxsmb20 - ok

13:00:34.0031 4540 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

13:00:34.0047 4540 msahci - ok

13:00:34.0062 4540 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

13:00:34.0093 4540 msdsm - ok

13:00:34.0125 4540 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

13:00:34.0140 4540 MSDTC - ok

13:00:34.0156 4540 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

13:00:34.0187 4540 Msfs - ok

13:00:34.0203 4540 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

13:00:34.0234 4540 mshidkmdf - ok

13:00:34.0249 4540 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

13:00:34.0265 4540 msisadrv - ok

13:00:34.0296 4540 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

13:00:34.0327 4540 MSiSCSI - ok

13:00:34.0343 4540 msiserver - ok

13:00:34.0374 4540 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

13:00:34.0437 4540 MSKSSRV - ok

13:00:34.0468 4540 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

13:00:34.0515 4540 MSPCLOCK - ok

13:00:34.0530 4540 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

13:00:34.0593 4540 MSPQM - ok

13:00:34.0639 4540 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

13:00:34.0671 4540 MsRPC - ok

13:00:34.0702 4540 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

13:00:34.0717 4540 mssmbios - ok

13:00:34.0733 4540 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

13:00:34.0764 4540 MSTEE - ok

13:00:34.0780 4540 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

13:00:34.0795 4540 MTConfig - ok

13:00:34.0827 4540 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

13:00:34.0827 4540 Mup - ok

13:00:34.0873 4540 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

13:00:34.0920 4540 napagent - ok

13:00:34.0951 4540 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

13:00:34.0998 4540 NativeWifiP - ok

13:00:35.0061 4540 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

13:00:35.0092 4540 NDIS - ok

13:00:35.0123 4540 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

13:00:35.0154 4540 NdisCap - ok

13:00:35.0170 4540 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

13:00:35.0201 4540 NdisTapi - ok

13:00:35.0232 4540 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

13:00:35.0279 4540 Ndisuio - ok

13:00:35.0310 4540 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

13:00:35.0373 4540 NdisWan - ok

13:00:35.0404 4540 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

13:00:35.0435 4540 NDProxy - ok

13:00:35.0451 4540 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

13:00:35.0513 4540 NetBIOS - ok

13:00:35.0544 4540 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

13:00:35.0607 4540 NetBT - ok

13:00:35.0653 4540 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:00:35.0669 4540 Netlogon - ok

13:00:35.0700 4540 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

13:00:35.0747 4540 Netman - ok

13:00:35.0763 4540 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

13:00:35.0825 4540 netprofm - ok

13:00:35.0887 4540 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:00:35.0903 4540 NetTcpPortSharing - ok

13:00:35.0934 4540 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

13:00:35.0950 4540 nfrd960 - ok

13:00:35.0965 4540 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

13:00:36.0012 4540 NlaSvc - ok

13:00:36.0028 4540 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

13:00:36.0059 4540 Npfs - ok

13:00:36.0090 4540 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

13:00:36.0153 4540 nsi - ok

13:00:36.0168 4540 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

13:00:36.0199 4540 nsiproxy - ok

13:00:36.0277 4540 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

13:00:36.0340 4540 Ntfs - ok

13:00:36.0340 4540 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

13:00:36.0387 4540 Null - ok

13:00:36.0433 4540 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

13:00:36.0465 4540 nvraid - ok

13:00:36.0480 4540 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

13:00:36.0496 4540 nvstor - ok

13:00:36.0527 4540 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

13:00:36.0543 4540 nv_agp - ok

13:00:36.0574 4540 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

13:00:36.0621 4540 ohci1394 - ok

13:00:36.0683 4540 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:00:36.0699 4540 ose - ok

13:00:36.0839 4540 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

13:00:36.0948 4540 osppsvc - ok

13:00:36.0995 4540 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:00:37.0042 4540 p2pimsvc - ok

13:00:37.0073 4540 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

13:00:37.0089 4540 p2psvc - ok

13:00:37.0151 4540 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

13:00:37.0167 4540 Parport - ok

13:00:37.0213 4540 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

13:00:37.0213 4540 partmgr - ok

13:00:37.0229 4540 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

13:00:37.0276 4540 PcaSvc - ok

13:00:37.0323 4540 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

13:00:37.0338 4540 pci - ok

13:00:37.0354 4540 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

13:00:37.0385 4540 pciide - ok

13:00:37.0401 4540 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

13:00:37.0416 4540 pcmcia - ok

13:00:37.0447 4540 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

13:00:37.0447 4540 pcw - ok

13:00:37.0463 4540 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

13:00:37.0525 4540 PEAUTH - ok

13:00:37.0572 4540 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

13:00:37.0603 4540 PerfHost - ok

13:00:37.0666 4540 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

13:00:37.0728 4540 pla - ok

13:00:37.0775 4540 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

13:00:37.0837 4540 PlugPlay - ok

13:00:37.0853 4540 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

13:00:37.0869 4540 PNRPAutoReg - ok

13:00:37.0900 4540 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:00:37.0915 4540 PNRPsvc - ok

13:00:37.0947 4540 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

13:00:38.0009 4540 PolicyAgent - ok

13:00:38.0040 4540 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

13:00:38.0087 4540 Power - ok

13:00:38.0134 4540 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

13:00:38.0165 4540 PptpMiniport - ok

13:00:38.0196 4540 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

13:00:38.0227 4540 Processor - ok

13:00:38.0259 4540 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

13:00:38.0321 4540 ProfSvc - ok

13:00:38.0352 4540 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:00:38.0368 4540 ProtectedStorage - ok

13:00:38.0399 4540 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

13:00:38.0446 4540 Psched - ok

13:00:38.0461 4540 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

13:00:38.0477 4540 PxHlpa64 - ok

13:00:38.0539 4540 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

13:00:38.0602 4540 ql2300 - ok

13:00:38.0633 4540 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

13:00:38.0649 4540 ql40xx - ok

13:00:38.0664 4540 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

13:00:38.0695 4540 QWAVE - ok

13:00:38.0711 4540 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

13:00:38.0742 4540 QWAVEdrv - ok

13:00:38.0758 4540 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

13:00:38.0789 4540 RasAcd - ok

13:00:38.0820 4540 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

13:00:38.0851 4540 RasAgileVpn - ok

13:00:38.0867 4540 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

13:00:38.0914 4540 RasAuto - ok

13:00:38.0945 4540 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:00:38.0992 4540 Rasl2tp - ok

13:00:39.0023 4540 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

13:00:39.0054 4540 RasMan - ok

13:00:39.0070 4540 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

13:00:39.0117 4540 RasPppoe - ok

13:00:39.0148 4540 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

13:00:39.0179 4540 RasSstp - ok

13:00:39.0210 4540 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

13:00:39.0241 4540 rdbss - ok

13:00:39.0257 4540 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

13:00:39.0273 4540 rdpbus - ok

13:00:39.0304 4540 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:00:39.0335 4540 RDPCDD - ok

13:00:39.0335 4540 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

13:00:39.0382 4540 RDPENCDD - ok

13:00:39.0397 4540 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

13:00:39.0475 4540 RDPREFMP - ok

13:00:39.0538 4540 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

13:00:39.0569 4540 RDPWD - ok

13:00:39.0616 4540 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

13:00:39.0631 4540 rdyboost - ok

13:00:39.0663 4540 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

13:00:39.0725 4540 RemoteAccess - ok

13:00:39.0756 4540 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

13:00:39.0819 4540 RemoteRegistry - ok

13:00:39.0850 4540 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

13:00:39.0912 4540 RpcEptMapper - ok

13:00:39.0928 4540 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

13:00:39.0943 4540 RpcLocator - ok

13:00:39.0975 4540 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:00:40.0037 4540 RpcSs - ok

13:00:40.0053 4540 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

13:00:40.0084 4540 rspndr - ok

13:00:40.0209 4540 SacNetAgentService_C57C4F854F53 (4e548fc2c427455836b37a7c7d9923db) C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.exe

13:00:40.0224 4540 SacNetAgentService_C57C4F854F53 - ok

13:00:40.0271 4540 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:00:40.0271 4540 SamSs - ok

13:00:40.0318 4540 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

13:00:40.0333 4540 SASDIFSV - ok

13:00:40.0349 4540 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

13:00:40.0349 4540 SASKUTIL - ok

13:00:40.0380 4540 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

13:00:40.0396 4540 sbp2port - ok

13:00:40.0411 4540 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

13:00:40.0458 4540 SCardSvr - ok

13:00:40.0489 4540 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

13:00:40.0552 4540 scfilter - ok

13:00:40.0583 4540 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

13:00:40.0645 4540 Schedule - ok

13:00:40.0677 4540 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:00:40.0708 4540 SCPolicySvc - ok

13:00:40.0739 4540 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

13:00:40.0801 4540 SDRSVC - ok

13:00:40.0879 4540 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

13:00:40.0911 4540 SeaPort - ok

13:00:40.0926 4540 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

13:00:40.0989 4540 secdrv - ok

13:00:41.0004 4540 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

13:00:41.0035 4540 seclogon - ok

13:00:41.0067 4540 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

13:00:41.0098 4540 SENS - ok

13:00:41.0113 4540 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

13:00:41.0129 4540 SensrSvc - ok

13:00:41.0191 4540 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

13:00:41.0254 4540 Serenum - ok

13:00:41.0332 4540 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

13:00:41.0363 4540 Serial - ok

13:00:41.0394 4540 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

13:00:41.0425 4540 sermouse - ok

13:00:41.0457 4540 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

13:00:41.0519 4540 SessionEnv - ok

13:00:41.0535 4540 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

13:00:41.0581 4540 sffdisk - ok

13:00:41.0597 4540 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

13:00:41.0628 4540 sffp_mmc - ok

13:00:41.0644 4540 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

13:00:41.0675 4540 sffp_sd - ok

13:00:41.0691 4540 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

13:00:41.0706 4540 sfloppy - ok

13:00:41.0815 4540 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

13:00:41.0862 4540 SftService - ok

13:00:41.0878 4540 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

13:00:41.0940 4540 SharedAccess - ok

13:00:41.0971 4540 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

13:00:42.0003 4540 ShellHWDetection - ok

13:00:42.0034 4540 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

13:00:42.0049 4540 SiSRaid2 - ok

13:00:42.0065 4540 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

13:00:42.0065 4540 SiSRaid4 - ok

13:00:42.0096 4540 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

13:00:42.0159 4540 Smb - ok

13:00:42.0174 4540 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

13:00:42.0190 4540 SNMPTRAP - ok

13:00:42.0205 4540 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

13:00:42.0221 4540 spldr - ok

13:00:42.0252 4540 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

13:00:42.0299 4540 Spooler - ok

13:00:42.0393 4540 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

13:00:42.0502 4540 sppsvc - ok

13:00:42.0517 4540 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

13:00:42.0564 4540 sppuinotify - ok

13:00:42.0595 4540 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

13:00:42.0627 4540 srv - ok

13:00:42.0673 4540 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

13:00:42.0705 4540 srv2 - ok

13:00:42.0767 4540 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

13:00:42.0814 4540 srvnet - ok

13:00:42.0845 4540 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

13:00:42.0907 4540 SSDPSRV - ok

13:00:42.0923 4540 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

13:00:42.0954 4540 SstpSvc - ok

13:00:42.0970 4540 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

13:00:42.0985 4540 stexstor - ok

13:00:43.0017 4540 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

13:00:43.0048 4540 stisvc - ok

13:00:43.0079 4540 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

13:00:43.0095 4540 swenum - ok

13:00:43.0110 4540 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

13:00:43.0173 4540 swprv - ok

13:00:43.0235 4540 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

13:00:43.0297 4540 SysMain - ok

13:00:43.0313 4540 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

13:00:43.0329 4540 TabletInputService - ok

13:00:43.0344 4540 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

13:00:43.0391 4540 TapiSrv - ok

13:00:43.0407 4540 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

13:00:43.0438 4540 TBS - ok

13:00:43.0500 4540 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

13:00:43.0578 4540 Tcpip - ok

13:00:43.0625 4540 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

13:00:43.0656 4540 TCPIP6 - ok

13:00:43.0687 4540 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

13:00:43.0750 4540 tcpipreg - ok

13:00:43.0765 4540 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

13:00:43.0781 4540 TDPIPE - ok

13:00:43.0812 4540 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

13:00:43.0828 4540 TDTCP - ok

13:00:43.0843 4540 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

13:00:43.0875 4540 tdx - ok

13:00:43.0890 4540 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

13:00:43.0906 4540 TermDD - ok

13:00:43.0937 4540 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

13:00:43.0984 4540 TermService - ok

13:00:44.0015 4540 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

13:00:44.0031 4540 Themes - ok

13:00:44.0046 4540 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:00:44.0077 4540 THREADORDER - ok

13:00:44.0093 4540 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

13:00:44.0140 4540 TrkWks - ok

13:00:44.0187 4540 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

13:00:44.0249 4540 TrustedInstaller - ok

13:00:44.0280 4540 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:00:44.0327 4540 tssecsrv - ok

13:00:44.0374 4540 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

13:00:44.0389 4540 TsUsbFlt - ok

13:00:44.0436 4540 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

13:00:44.0499 4540 tunnel - ok

13:00:44.0530 4540 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

13:00:44.0530 4540 uagp35 - ok

13:00:44.0577 4540 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

13:00:44.0623 4540 udfs - ok

13:00:44.0655 4540 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

13:00:44.0670 4540 UI0Detect - ok

13:00:44.0701 4540 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

13:00:44.0717 4540 uliagpkx - ok

13:00:44.0733 4540 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

13:00:44.0733 4540 umbus - ok

13:00:44.0779 4540 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

13:00:44.0779 4540 UmPass - ok

13:00:44.0857 4540 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

13:00:44.0889 4540 upnphost - ok

13:00:44.0935 4540 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

13:00:44.0967 4540 usbccgp - ok

13:00:45.0013 4540 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

13:00:45.0029 4540 usbcir - ok

13:00:45.0060 4540 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

13:00:45.0107 4540 usbehci - ok

13:00:45.0138 4540 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

13:00:45.0169 4540 usbhub - ok

13:00:45.0185 4540 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

13:00:45.0201 4540 usbohci - ok

13:00:45.0232 4540 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

13:00:45.0263 4540 usbprint - ok

13:00:45.0294 4540 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

13:00:45.0310 4540 usbscan - ok

13:00:45.0341 4540 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:00:45.0357 4540 USBSTOR - ok

13:00:45.0388 4540 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

13:00:45.0403 4540 usbuhci - ok

13:00:45.0435 4540 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

13:00:45.0481 4540 UxSms - ok

13:00:45.0513 4540 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:00:45.0544 4540 VaultSvc - ok

13:00:45.0559 4540 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

13:00:45.0575 4540 vdrvroot - ok

13:00:45.0606 4540 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

13:00:45.0669 4540 vds - ok

13:00:45.0700 4540 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

13:00:45.0731 4540 vga - ok

13:00:45.0762 4540 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

13:00:45.0825 4540 VgaSave - ok

13:00:45.0840 4540 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

13:00:45.0856 4540 vhdmp - ok

13:00:45.0887 4540 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

13:00:45.0887 4540 viaide - ok

13:00:45.0918 4540 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

13:00:45.0918 4540 volmgr - ok

13:00:45.0965 4540 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

13:00:45.0981 4540 volmgrx - ok

13:00:45.0996 4540 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

13:00:46.0012 4540 volsnap - ok

13:00:46.0090 4540 vpnagent (1ca935adf4353a6e27c4affa2e2708c5) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

13:00:46.0121 4540 vpnagent - ok

13:00:46.0183 4540 vpnva (e526a69d932538ae8bc96b3f4a5a90b1) C:\Windows\system32\DRIVERS\vpnva64.sys

13:00:46.0199 4540 vpnva - ok

13:00:46.0230 4540 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

13:00:46.0246 4540 vsmraid - ok

13:00:46.0308 4540 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

13:00:46.0402 4540 VSS - ok

13:00:46.0433 4540 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

13:00:46.0464 4540 vwifibus - ok

13:00:46.0480 4540 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

13:00:46.0542 4540 W32Time - ok

13:00:46.0558 4540 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

13:00:46.0573 4540 WacomPen - ok

13:00:46.0620 4540 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:00:46.0683 4540 WANARP - ok

13:00:46.0698 4540 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:00:46.0729 4540 Wanarpv6 - ok

13:00:46.0807 4540 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

13:00:46.0854 4540 WatAdminSvc - ok

13:00:46.0901 4540 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

13:00:46.0995 4540 wbengine - ok

13:00:47.0010 4540 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

13:00:47.0026 4540 WbioSrvc - ok

13:00:47.0088 4540 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

13:00:47.0119 4540 wcncsvc - ok

13:00:47.0135 4540 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

13:00:47.0166 4540 WcsPlugInService - ok

13:00:47.0182 4540 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

13:00:47.0182 4540 Wd - ok

13:00:47.0213 4540 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

13:00:47.0229 4540 Wdf01000 - ok

13:00:47.0244 4540 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:00:47.0307 4540 WdiServiceHost - ok

13:00:47.0307 4540 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:00:47.0322 4540 WdiSystemHost - ok

13:00:47.0338 4540 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

13:00:47.0400 4540 WebClient - ok

13:00:47.0416 4540 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

13:00:47.0463 4540 Wecsvc - ok

13:00:47.0494 4540 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

13:00:47.0541 4540 wercplsupport - ok

13:00:47.0572 4540 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

13:00:47.0603 4540 WerSvc - ok

13:00:47.0634 4540 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

13:00:47.0665 4540 WfpLwf - ok

13:00:47.0712 4540 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

13:00:47.0728 4540 WimFltr - ok

13:00:47.0743 4540 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

13:00:47.0743 4540 WIMMount - ok

13:00:47.0743 4540 WinHttpAutoProxySvc - ok

13:00:47.0790 4540 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

13:00:47.0837 4540 Winmgmt - ok

13:00:47.0899 4540 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

13:00:47.0977 4540 WinRM - ok

13:00:48.0024 4540 winusb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\drivers\WinUSB.SYS

13:00:48.0055 4540 winusb - ok

13:00:48.0087 4540 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

13:00:48.0118 4540 Wlansvc - ok

13:00:48.0227 4540 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

13:00:48.0258 4540 wlidsvc - ok

13:00:48.0305 4540 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

13:00:48.0321 4540 WmiAcpi - ok

13:00:48.0352 4540 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

13:00:48.0383 4540 wmiApSrv - ok

13:00:48.0399 4540 WMPNetworkSvc - ok

13:00:48.0414 4540 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

13:00:48.0445 4540 WPCSvc - ok

13:00:48.0492 4540 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

13:00:48.0523 4540 WPDBusEnum - ok

13:00:48.0555 4540 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

13:00:48.0617 4540 ws2ifsl - ok

13:00:48.0617 4540 WSearch - ok

13:00:48.0695 4540 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

13:00:48.0773 4540 wuauserv - ok

13:00:48.0804 4540 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

13:00:48.0867 4540 WudfPf - ok

13:00:48.0913 4540 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:00:48.0945 4540 WUDFRd - ok

13:00:48.0976 4540 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

13:00:49.0007 4540 wudfsvc - ok

13:00:49.0038 4540 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

13:00:49.0101 4540 WwanSvc - ok

13:00:49.0163 4540 zpaction (5f22132c9153639762708909f156b33d) C:\Windows\system32\DCamUSBGrandTek.dll

13:00:49.0163 4540 zpaction ( Backdoor.Multi.ZAccess.gen ) - infected

13:00:49.0163 4540 zpaction - detected Backdoor.Multi.ZAccess.gen (0)

13:00:49.0194 4540 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0

13:00:49.0335 4540 \Device\Harddisk0\DR0 - ok

13:00:49.0335 4540 Boot (0x1200) (d951ec5947ce172850dcbcf2a9fcb55c) \Device\Harddisk0\DR0\Partition0

13:00:49.0335 4540 \Device\Harddisk0\DR0\Partition0 - ok

13:00:49.0366 4540 Boot (0x1200) (c63431ce897ee9fe62df7d4aed00374d) \Device\Harddisk0\DR0\Partition1

13:00:49.0366 4540 \Device\Harddisk0\DR0\Partition1 - ok

13:00:49.0366 4540 ============================================================

13:00:49.0366 4540 Scan finished

13:00:49.0366 4540 ============================================================

13:00:49.0381 6432 Detected object count: 6

13:00:49.0381 6432 Actual detected object count: 6

13:04:23.0402 6432 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user

13:04:23.0402 6432 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:04:23.0402 6432 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user

13:04:23.0402 6432 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:04:23.0402 6432 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user

13:04:23.0402 6432 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:04:23.0402 6432 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user

13:04:23.0402 6432 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:04:23.0402 6432 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user

13:04:23.0402 6432 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:04:23.0448 6432 C:\Windows\system32\DCamUSBGrandTek.dll - copied to quarantine

13:04:23.0448 6432 HKLM\SYSTEM\ControlSet001\services\zpaction - will be deleted on reboot

13:04:23.0480 6432 HKLM\SYSTEM\ControlSet002\services\zpaction - will be deleted on reboot

13:04:23.0589 6432 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\svchost:netsvcs - cured

13:04:23.0620 6432 C:\Windows\system32\DCamUSBGrandTek.dll - will be deleted on reboot

13:04:23.0620 6432 zpaction ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete

13:05:42.0841 3624 Deinitialize success

[MrCharlie]

You ran it correctly.

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Please include the C:\ComboFix.txt in your next reply for further review.

MrC

[itsvern]

Hello MrC;

I disabled my antirus programs (had to unistall Mcafee antirus software first ) and ran combofix

afterwards my system rebooted - the current state is that I am unable to run most all of my applications (included explorer), as I get the message 'Illegal operation attempted on registry key that has been marked for deletion.'

Here is the log file from the Combofix run

--------------------------------------

ComboFix 12-04-04.02 - vern 04/04/2012 15:08:51.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7991.6165 [GMT -4:00]

Running from: c:\users\vern\Desktop\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\0665c25e931c1ac0151b062449e91028\XSAccessor.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\17d0b152e63e6bfe81b4b19588538896\mro.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\19febd96672ffdb7ea244cef36aaa062\Zlib.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\2b1fc61b36a6711ea149b18bf3b41500\Parser.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\38a10ee333cf1a9afec3f0acdf1bbebc\Scan.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\3a8764e0d7c5d453e01d9ad08cf7fb58\IO.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\3b7106dd14676048b10bbb09a990f74c\XS.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\4461f48e31bde5c56b31b973b773de09\List.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\44727051c604ef6b79894b64d4c63832\Expat.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\4f2c03383aab0133b8dc0a3fa2dd92fa\Storable.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\7f177c338672436e01c4f0bdbcf94491\EV.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\7f2598c08178217a0e2c754f3d568f28\Byte.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\8fedeb86a4a984edfc1fb255d4ea965c\XS.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\961b0d62fa52b1dd29c795a822fbf1cf\DBI.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\aff7ee779ea184f884ed432c30a58f5d\Scale.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\b6bd87c968599725b8ab2e5c25d3046a\API.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\b979ace6da01e63d651cce9ee2474fdc\Name.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\bc147d83c7c868eeee67082dcf55430c\File.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\bd5179a413bc0c4b82eedc22c6cab101\re.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\c199d3c1960e7aeeecb599487952bed2\HiRes.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\c19d5e3dc664d9f4ce700001e2621cee\MD5.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\c344fd5536724b2af2e6453833b60203\SHA1.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\c5cce8d16a1bd48692b421dcf46d3396\Util.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\c668a322917d32a5ea22894518aa9897\Base64.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\cf5fe81e2f5dcbfecfd0495e1648c991\Unicode.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\d0bf009923f29116535c26d228271d6d\Scan.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\d1c77e404b5c4b954fa537ed63c8fb7b\File.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\dacfd0ab9b5fd029ed8d29e4482b0775\XS.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\e2e81dd6b3e5a36f0bdae076393cc11d\icudt46.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\e2e81dd6b3e5a36f0bdae076393cc11d\icuin46.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\e2e81dd6b3e5a36f0bdae076393cc11d\icuuc46.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\e2e81dd6b3e5a36f0bdae076393cc11d\SQLite.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\e56c61f7248672819579325af3387035\POSIX.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\eb138ef0e4282611dbf485a302784646\LibYAML.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\f233f63b6654362865c7577442edb9e3\Win32.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\fa9e3c814aa32db2ad5f17bdfbc22746\attributes.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-1092\perl514.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\4461f48e31bde5c56b31b973b773de09\List.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\93e7e3d6030f426844228042348210cf\Service.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\bd5179a413bc0c4b82eedc22c6cab101\re.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\c5cce8d16a1bd48692b421dcf46d3396\Util.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\e56c61f7248672819579325af3387035\POSIX.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\eb138ef0e4282611dbf485a302784646\LibYAML.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\f233f63b6654362865c7577442edb9e3\Win32.dll

c:\users\vern\AppData\Local\Temp\pdk-vern-3764\perl514.dll

c:\users\vern\AppData\Roaming\Adobe\plugs

c:\users\vern\AppData\Roaming\Adobe\plugs\mmc191

c:\users\vern\AppData\Roaming\Adobe\shed

c:\users\vern\rkill.com

c:\users\vern\WINDOWS

c:\windows\assembly\GAC_32\Desktop.ini

c:\windows\assembly\GAC_64\Desktop.ini

c:\windows\assembly\temp\@

c:\windows\assembly\temp\cfg.ini

c:\windows\system32\consrv.dll

c:\windows\system32\dds_trash_log.cmd

c:\windows\System64

.

.

((((((((((((((((((((((((( Files Created from 2012-03-04 to 2012-04-04 )))))))))))))))))))))))))))))))

.

.

2012-04-04 19:14 . 2012-04-04 19:14 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-04-04 18:20 . 2012-04-04 18:20 -------- d-----w- c:\users\vern\AppData\Local\ElevatedDiagnostics

2012-03-30 06:45 . 2012-03-30 06:45 8738464 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-03-30 06:06 . 2012-03-30 06:45 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-03-25 14:11 . 2012-03-25 14:11 -------- d-----w- c:\program files (x86)\Trend Micro

2012-03-25 14:04 . 2012-04-04 17:04 -------- d-----w- C:\TDSSKiller_Quarantine

2012-03-17 13:28 . 2012-03-17 13:28 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll

2012-03-17 13:28 . 2012-03-17 13:28 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll

2012-03-14 07:02 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-03-14 07:02 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-03-14 07:02 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-03-13 22:45 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-03-13 22:45 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll

2012-03-13 22:45 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-03-13 22:45 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-03-13 22:45 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-03-13 22:45 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-03-13 22:44 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-03-13 22:44 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-03-13 22:44 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-03-13 22:44 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-03-13 09:52 . 2012-03-13 09:52 -------- d-----w- c:\windows\system32\Macromed

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-30 06:45 . 2011-05-15 13:49 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"F.lux"="c:\users\vern\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"CAHeadless"="c:\program files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ElementsAutoAnalyzer.exe" [2009-09-18 615808]

"ihanotify"="c:\program files (x86)\Verizon\FiOS\ihs\IHANotify.exe" [2011-05-23 237568]

"SacReminderHDDV2N"="c:\programdata\OfficeGuardianV2N\reminder\SacReminder.exe" [2010-11-18 862032]

"googletalk"="c:\users\vern\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-03-10 4785536]

"VueMinder"="c:\program files (x86)\VueSoft\VueMinder\VueMinder.exe" [2012-02-21 6860800]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2010-01-27 237568]

"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2010-02-09 1807680]

"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-12-16 498160]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2011-10-09 559616]

.

c:\users\vern\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]

OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Logitech Media Server Tray Tool.lnk - c:\program files (x86)\Squeezebox\SqueezeTray.exe [2012-2-6 3051619]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 253600]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560]

R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-08-09 14928]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-17 140672]

S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-09-18 169312]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 CFUACProxy_officeguardianv2n;CFUACProxy_officeguardianv2n;c:\programdata\OfficeGuardianV2N\UACProxy.exe [2010-11-18 83792]

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2011-12-12 290832]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]

S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2010-03-17 517632]

S2 SacNetAgentService_C57C4F854F53;SacNetAgentService_C57C4F854F53;c:\programdata\OfficeGuardianV2N\Reminder\SacNetAgent.exe [2010-11-18 163664]

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]

S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2010-10-21 592120]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-04-04 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 06:45]

.

2012-04-03 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32]

.

2012-04-04 c:\windows\Tasks\SystemToolsDailyTest.job

- c:\program files\Dell Support Center\uaclauncher.exe [2012-02-07 23:32]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-09 10060832]

"Verizon_McciTrayApp"="c:\program files\Verizon\McciTrayApp.exe" [2010-03-17 3432448]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-26 161304]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-26 386584]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-26 415256]

"combofix"="c:\combofix\CF32290.3XE" [2010-11-20 345088]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

MQAC

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MIF5BA~1\Office14\ONBttnIE.dll/105

LSP: mswsock.dll

Trusted Zone: internet

Trusted Zone: mcafee.com

TCP: DhcpNameServer = 192.168.1.1

FF - ProfilePath - c:\users\vern\AppData\Roaming\Mozilla\Firefox\Profiles\ur0278cf.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.startup.homepage - hxxp://www.washingtonpost.com/

FF - user.js: yahoo.ytff.general.dontshowhpoffer - true

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

SafeBoot-07020826.sys

SafeBoot-53685811.sys

Toolbar-Locked - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Motive\McciCMService.exe

c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE

c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE

c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

.

**************************************************************************

.

Completion time: 2012-04-04 15:20:11 - machine was rebooted

ComboFix-quarantined-files.txt 2012-04-04 19:20

.

Pre-Run: 838,294,339,584 bytes free

Post-Run: 838,375,034,880 bytes free

.

- - End Of File - - DC5434E61BD7B300DD4A6F7E3159E730

[MrCharlie]

Reboot the computer a couple of times and that should correct the problem.

-----------------------

Please do this:

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com (<---renamed version)

Save it to your desktop.

Run OTL

Under the Custom Scans/Fixes

Copy and paste this in: netsvcs

Click the None button on top

Now click on the blue Run Scan button

Post the log it creates.

MrC

[itsvern]

I tried rebooting the system several times, with no luck. I get the screen with two options: 1) Launch stratup repair and 2) start windows normally ......... neither works The blue background window appears, and then the startup repair window, and then the message 'Startup repair cannot repair this computer automatically' appears.

any suggestions?

[MrCharlie]

Do a hard shut down, turn the computer off, then back on > see if that helps.

If not use system restore.

MrC

[itsvern]

System is restored, to the most recent version

I downloaded and ran OTL, here is the resulting log file

---------------------------------

OTL logfile created on: 4/5/2012 1:43:20 AM - Run 1

OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\vern\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.80 Gb Total Physical Memory | 5.47 Gb Available Physical Memory | 70.15% Memory free

15.61 Gb Paging File | 12.98 Gb Available in Paging File | 83.20% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 915.03 Gb Total Space | 780.77 Gb Free Space | 85.33% Space Free | Partition Type: NTFS

Computer Name: VERN-PC | User Name: vern | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

NetSvcs:64bit: zpaction - C:\Windows\SysNative\DCamUSBGrandTek.dll (Oak Technology Inc.)

< End of report >

[MrCharlie]

Please do this:

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following

  
  :Files
  C:\Windows\SysNative\DCamUSBGrandTek.dll
  
  

  
  

• Then click the Run Fix button at the top
  
• Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  
• Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.
  

MrC

[itsvern]

I ran OTL again, with the input you provided .... the resulting (and very short) log file is shown here

----------------------

========== FILES ==========

C:\Windows\SysNative\DCamUSBGrandTek.dll moved successfully.

OTL by OldTimer - Version 3.2.39.2 log created on 04052012_015426

[MrCharlie]

Please delete your copy of TDSSKiller and download and run a fresh copy as before, post the log, MrC

[itsvern]

A new version of TDSSKiller is installed, and run. The log file is as follows .....

--------------------------------------

02:37:13.0344 2960 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32

02:37:13.0844 2960 ============================================================

02:37:13.0844 2960 Current date / time: 2012/04/05 02:37:13.0844

02:37:13.0844 2960 SystemInfo:

02:37:13.0844 2960

02:37:13.0844 2960 OS Version: 6.1.7601 ServicePack: 1.0

02:37:13.0844 2960 Product type: Workstation

02:37:13.0844 2960 ComputerName: VERN-PC

02:37:13.0844 2960 UserName: vern

02:37:13.0844 2960 Windows directory: C:\Windows

02:37:13.0844 2960 System windows directory: C:\Windows

02:37:13.0844 2960 Running under WOW64

02:37:13.0844 2960 Processor architecture: Intel x64

02:37:13.0844 2960 Number of processors: 4

02:37:13.0844 2960 Page size: 0x1000

02:37:13.0844 2960 Boot type: Normal boot

02:37:13.0844 2960 ============================================================

02:37:14.0967 2960 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

02:37:14.0982 2960 \Device\Harddisk0\DR0:

02:37:14.0982 2960 MBR used

02:37:14.0982 2960 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x20E3000

02:37:14.0982 2960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x20F7000, BlocksNum 0x7260F000

02:37:14.0998 2960 Initialize success

02:37:14.0998 2960 ============================================================

02:38:12.0546 6932 ============================================================

02:38:12.0546 6932 Scan started

02:38:12.0546 6932 Mode: Manual; SigCheck; TDLFS;

02:38:12.0546 6932 ============================================================

02:38:14.0543 6932 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

02:38:14.0637 6932 !SASCORE - ok

02:38:14.0746 6932 0028801333607552mcinstcleanup - ok

02:38:14.0808 6932 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

02:38:14.0918 6932 1394ohci - ok

02:38:14.0964 6932 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

02:38:14.0980 6932 ACPI - ok

02:38:14.0996 6932 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

02:38:15.0074 6932 AcpiPmi - ok

02:38:15.0167 6932 AdobeActiveFileMonitor8.0 (765fe0463e711e5a68ac7b69538ed922) c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

02:38:15.0230 6932 AdobeActiveFileMonitor8.0 - ok

02:38:15.0323 6932 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

02:38:15.0386 6932 AdobeARMservice - ok

02:38:15.0510 6932 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

02:38:15.0573 6932 AdobeFlashPlayerUpdateSvc - ok

02:38:15.0744 6932 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

02:38:15.0776 6932 adp94xx - ok

02:38:15.0791 6932 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

02:38:15.0807 6932 adpahci - ok

02:38:15.0869 6932 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

02:38:15.0900 6932 adpu320 - ok

02:38:15.0947 6932 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

02:38:16.0010 6932 AeLookupSvc - ok

02:38:16.0056 6932 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

02:38:16.0103 6932 AFD - ok

02:38:16.0134 6932 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

02:38:16.0166 6932 agp440 - ok

02:38:16.0181 6932 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

02:38:16.0197 6932 ALG - ok

02:38:16.0228 6932 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

02:38:16.0259 6932 aliide - ok

02:38:16.0275 6932 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

02:38:16.0275 6932 amdide - ok

02:38:16.0306 6932 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

02:38:16.0353 6932 AmdK8 - ok

02:38:16.0368 6932 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

02:38:16.0400 6932 AmdPPM - ok

02:38:16.0431 6932 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

02:38:16.0478 6932 amdsata - ok

02:38:16.0493 6932 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

02:38:16.0509 6932 amdsbs - ok

02:38:16.0524 6932 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

02:38:16.0556 6932 amdxata - ok

02:38:16.0634 6932 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

02:38:16.0743 6932 AppID - ok

02:38:16.0758 6932 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

02:38:16.0821 6932 AppIDSvc - ok

02:38:16.0852 6932 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

02:38:16.0946 6932 Appinfo - ok

02:38:16.0961 6932 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

02:38:16.0977 6932 arc - ok

02:38:16.0992 6932 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

02:38:17.0008 6932 arcsas - ok

02:38:17.0070 6932 ASUSVRC (5f22132c9153639762708909f156b33d) C:\Windows\system32\dladresn.dll

02:38:17.0102 6932 ASUSVRC ( Backdoor.Multi.ZAccess.gen ) - infected

02:38:17.0102 6932 ASUSVRC - detected Backdoor.Multi.ZAccess.gen (0)

02:38:17.0148 6932 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

02:38:17.0258 6932 AsyncMac - ok

02:38:17.0320 6932 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

02:38:17.0336 6932 atapi - ok

02:38:17.0382 6932 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

02:38:17.0476 6932 AudioEndpointBuilder - ok

02:38:17.0507 6932 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

02:38:17.0538 6932 AudioSrv - ok

02:38:17.0585 6932 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

02:38:17.0648 6932 AxInstSV - ok

02:38:17.0663 6932 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

02:38:17.0726 6932 b06bdrv - ok

02:38:17.0804 6932 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

02:38:17.0835 6932 b57nd60a - ok

02:38:17.0897 6932 BBSvc (825f81a6f7dd073509db101f0ba6dc59) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE

02:38:17.0975 6932 BBSvc - ok

02:38:17.0991 6932 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

02:38:18.0038 6932 BDESVC - ok

02:38:18.0053 6932 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

02:38:18.0084 6932 Beep - ok

02:38:18.0147 6932 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

02:38:18.0240 6932 BITS - ok

02:38:18.0256 6932 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

02:38:18.0303 6932 blbdrive - ok

02:38:18.0334 6932 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

02:38:18.0412 6932 bowser - ok

02:38:18.0443 6932 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

02:38:18.0521 6932 BrFiltLo - ok

02:38:18.0537 6932 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

02:38:18.0552 6932 BrFiltUp - ok

02:38:18.0584 6932 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

02:38:18.0693 6932 Browser - ok

02:38:18.0740 6932 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

02:38:18.0786 6932 Brserid - ok

02:38:18.0818 6932 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

02:38:18.0880 6932 BrSerWdm - ok

02:38:18.0911 6932 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

02:38:18.0958 6932 BrUsbMdm - ok

02:38:18.0974 6932 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

02:38:19.0005 6932 BrUsbSer - ok

02:38:19.0052 6932 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

02:38:19.0098 6932 BTHMODEM - ok

02:38:19.0145 6932 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

02:38:19.0192 6932 bthserv - ok

02:38:19.0208 6932 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

02:38:19.0239 6932 cdfs - ok

02:38:19.0270 6932 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

02:38:19.0364 6932 cdrom - ok

02:38:19.0395 6932 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

02:38:19.0473 6932 CertPropSvc - ok

02:38:19.0551 6932 CFUACProxy_officeguardianv2n (23f5d8aee57f208e18e4edff16ee0df9) C:\ProgramData\OfficeGuardianV2N\UACProxy.exe

02:38:19.0613 6932 CFUACProxy_officeguardianv2n - ok

02:38:19.0676 6932 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys

02:38:19.0785 6932 cfwids - ok

02:38:19.0832 6932 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

02:38:19.0863 6932 circlass - ok

02:38:19.0894 6932 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

02:38:19.0925 6932 CLFS - ok

02:38:20.0081 6932 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

02:38:20.0128 6932 clr_optimization_v2.0.50727_32 - ok

02:38:20.0159 6932 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

02:38:20.0175 6932 clr_optimization_v2.0.50727_64 - ok

02:38:20.0237 6932 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

02:38:20.0331 6932 clr_optimization_v4.0.30319_32 - ok

02:38:20.0362 6932 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

02:38:20.0393 6932 clr_optimization_v4.0.30319_64 - ok

02:38:20.0456 6932 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

02:38:20.0487 6932 CmBatt - ok

02:38:20.0534 6932 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

02:38:20.0565 6932 cmdide - ok

02:38:20.0612 6932 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

02:38:20.0658 6932 CNG - ok

02:38:20.0690 6932 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

02:38:20.0690 6932 Compbatt - ok

02:38:20.0736 6932 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

02:38:20.0799 6932 CompositeBus - ok

02:38:20.0814 6932 COMSysApp - ok

02:38:20.0846 6932 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

02:38:20.0846 6932 crcdisk - ok

02:38:20.0892 6932 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

02:38:20.0970 6932 CryptSvc - ok

02:38:21.0048 6932 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

02:38:21.0080 6932 DcomLaunch - ok

02:38:21.0158 6932 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

02:38:21.0251 6932 defragsvc - ok

02:38:21.0345 6932 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

02:38:21.0454 6932 DfsC - ok

02:38:21.0485 6932 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

02:38:21.0548 6932 Dhcp - ok

02:38:21.0579 6932 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

02:38:21.0610 6932 discache - ok

02:38:21.0657 6932 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

02:38:21.0672 6932 Disk - ok

02:38:21.0704 6932 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

02:38:21.0797 6932 Dnscache - ok

02:38:21.0860 6932 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe

02:38:21.0938 6932 DockLoginService ( UnsignedFile.Multi.Generic ) - warning

02:38:21.0938 6932 DockLoginService - detected UnsignedFile.Multi.Generic (1)

02:38:21.0969 6932 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

02:38:22.0031 6932 dot3svc - ok

02:38:22.0062 6932 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

02:38:22.0109 6932 DPS - ok

02:38:22.0172 6932 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

02:38:22.0203 6932 drmkaud - ok

02:38:22.0250 6932 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

02:38:22.0328 6932 DXGKrnl - ok

02:38:22.0374 6932 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

02:38:22.0421 6932 EapHost - ok

02:38:22.0577 6932 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

02:38:22.0702 6932 ebdrv - ok

02:38:22.0827 6932 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

02:38:22.0889 6932 EFS - ok

02:38:22.0983 6932 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

02:38:23.0092 6932 ehRecvr - ok

02:38:23.0139 6932 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

02:38:23.0170 6932 ehSched - ok

02:38:23.0264 6932 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

02:38:23.0279 6932 elxstor - ok

02:38:23.0310 6932 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

02:38:23.0326 6932 ErrDev - ok

02:38:23.0373 6932 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

02:38:23.0435 6932 EventSystem - ok

02:38:23.0482 6932 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

02:38:23.0529 6932 exfat - ok

02:38:23.0560 6932 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

02:38:23.0622 6932 fastfat - ok

02:38:23.0669 6932 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

02:38:23.0732 6932 Fax - ok

02:38:23.0763 6932 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

02:38:23.0810 6932 fdc - ok

02:38:23.0841 6932 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

02:38:23.0872 6932 fdPHost - ok

02:38:23.0888 6932 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

02:38:23.0934 6932 FDResPub - ok

02:38:23.0966 6932 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

02:38:23.0981 6932 FileInfo - ok

02:38:23.0997 6932 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

02:38:24.0059 6932 Filetrace - ok

02:38:24.0200 6932 FLEXnet Licensing Service (abedfd48ac042c6aaad32452e77217a1) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

02:38:24.0293 6932 FLEXnet Licensing Service - ok

02:38:24.0324 6932 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

02:38:24.0340 6932 flpydisk - ok

02:38:24.0356 6932 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

02:38:24.0387 6932 FltMgr - ok

02:38:24.0434 6932 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

02:38:24.0512 6932 FontCache - ok

02:38:24.0605 6932 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

02:38:24.0652 6932 FontCache3.0.0.0 - ok

02:38:24.0730 6932 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

02:38:24.0746 6932 FsDepends - ok

02:38:24.0777 6932 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

02:38:24.0777 6932 Fs_Rec - ok

02:38:24.0824 6932 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

02:38:24.0870 6932 fvevol - ok

02:38:24.0902 6932 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

02:38:24.0917 6932 gagp30kx - ok

02:38:25.0011 6932 GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe

02:38:25.0104 6932 GameConsoleService - ok

02:38:25.0151 6932 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe

02:38:25.0198 6932 GoToAssist - ok

02:38:25.0245 6932 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

02:38:25.0338 6932 gpsvc - ok

02:38:25.0370 6932 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

02:38:25.0432 6932 hcw85cir - ok

02:38:25.0479 6932 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

02:38:25.0510 6932 HDAudBus - ok

02:38:25.0541 6932 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

02:38:25.0604 6932 HECIx64 - ok

02:38:25.0650 6932 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

02:38:25.0666 6932 HidBatt - ok

02:38:25.0697 6932 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

02:38:25.0728 6932 HidBth - ok

02:38:25.0760 6932 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

02:38:25.0806 6932 HidIr - ok

02:38:25.0838 6932 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

02:38:25.0900 6932 hidserv - ok

02:38:25.0947 6932 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

02:38:26.0009 6932 HidUsb - ok

02:38:26.0056 6932 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

02:38:26.0134 6932 hkmsvc - ok

02:38:26.0181 6932 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

02:38:26.0243 6932 HomeGroupListener - ok

02:38:26.0259 6932 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

02:38:26.0290 6932 HomeGroupProvider - ok

02:38:26.0321 6932 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

02:38:26.0399 6932 HpSAMD - ok

02:38:26.0462 6932 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

02:38:26.0555 6932 HTTP - ok

02:38:26.0602 6932 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

02:38:26.0633 6932 hwpolicy - ok

02:38:26.0696 6932 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

02:38:26.0711 6932 i8042prt - ok

02:38:26.0758 6932 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

02:38:26.0820 6932 iaStorV - ok

02:38:27.0023 6932 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

02:38:27.0101 6932 idsvc - ok

02:38:27.0616 6932 igfx (677aa5991026a65ada128c4b59cf2bad) C:\Windows\system32\DRIVERS\igdkmd64.sys

02:38:27.0944 6932 igfx - ok

02:38:28.0131 6932 IHA_MessageCenter (c135bff15563592b8ea070ea109967f7) C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe

02:38:28.0193 6932 IHA_MessageCenter - ok

02:38:28.0240 6932 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

02:38:28.0256 6932 iirsp - ok

02:38:28.0302 6932 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

02:38:28.0380 6932 IKEEXT - ok

02:38:28.0412 6932 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys

02:38:28.0552 6932 Impcd - ok

02:38:28.0630 6932 IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\Windows\system32\drivers\RTKVHD64.sys

02:38:28.0692 6932 IntcAzAudAddService - ok

02:38:28.0724 6932 IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys

02:38:28.0833 6932 IntcDAud - ok

02:38:28.0911 6932 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

02:38:28.0926 6932 intelide - ok

02:38:28.0958 6932 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

02:38:28.0973 6932 intelppm - ok

02:38:29.0020 6932 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

02:38:29.0067 6932 IPBusEnum - ok

02:38:29.0114 6932 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

02:38:29.0192 6932 IpFilterDriver - ok

02:38:29.0238 6932 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

02:38:29.0332 6932 IPMIDRV - ok

02:38:29.0363 6932 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

02:38:29.0410 6932 IPNAT - ok

02:38:29.0441 6932 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

02:38:29.0519 6932 IRENUM - ok

02:38:29.0551 6932 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

02:38:29.0566 6932 isapnp - ok

02:38:29.0582 6932 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

02:38:29.0644 6932 iScsiPrt - ok

02:38:29.0707 6932 k57nd60a (9d7ea8c7215d8d4ae7be110eee61085d) C:\Windows\system32\DRIVERS\k57nd60a.sys

02:38:29.0769 6932 k57nd60a - ok

02:38:29.0800 6932 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

02:38:29.0816 6932 kbdclass - ok

02:38:29.0831 6932 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

02:38:29.0894 6932 kbdhid - ok

02:38:29.0941 6932 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

02:38:29.0972 6932 KeyIso - ok

02:38:29.0987 6932 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

02:38:30.0019 6932 KSecDD - ok

02:38:30.0065 6932 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

02:38:30.0112 6932 KSecPkg - ok

02:38:30.0143 6932 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

02:38:30.0190 6932 ksthunk - ok

02:38:30.0221 6932 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

02:38:30.0299 6932 KtmRm - ok

02:38:30.0346 6932 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

02:38:30.0424 6932 LanmanServer - ok

02:38:30.0440 6932 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

02:38:30.0518 6932 LanmanWorkstation - ok

02:38:30.0580 6932 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

02:38:30.0611 6932 lltdio - ok

02:38:30.0658 6932 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

02:38:30.0721 6932 lltdsvc - ok

02:38:30.0736 6932 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

02:38:30.0783 6932 lmhosts - ok

02:38:30.0830 6932 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

02:38:30.0861 6932 LSI_FC - ok

02:38:30.0892 6932 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

02:38:30.0892 6932 LSI_SAS - ok

02:38:30.0908 6932 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

02:38:30.0923 6932 LSI_SAS2 - ok

02:38:30.0939 6932 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

02:38:30.0955 6932 LSI_SCSI - ok

02:38:30.0970 6932 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

02:38:31.0017 6932 luafv - ok

02:38:31.0189 6932 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

02:38:31.0220 6932 McAfee SiteAdvisor Service - ok

02:38:31.0360 6932 McciCMService (f8b823414a22dbf3bec10dcaa5f93cd8) C:\Program Files (x86)\Common Files\Motive\McciCMService.exe

02:38:31.0454 6932 McciCMService ( UnsignedFile.Multi.Generic ) - warning

02:38:31.0454 6932 McciCMService - detected UnsignedFile.Multi.Generic (1)

02:38:31.0516 6932 McciCMService64 (859e5a32485178daeca06b52e2bb44b2) C:\Program Files\Common Files\Motive\McciCMService.exe

02:38:31.0563 6932 McciCMService64 ( UnsignedFile.Multi.Generic ) - warning

02:38:31.0563 6932 McciCMService64 - detected UnsignedFile.Multi.Generic (1)

02:38:31.0579 6932 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

02:38:31.0579 6932 McMPFSvc - ok

02:38:31.0641 6932 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

02:38:31.0672 6932 mcmscsvc - ok

02:38:31.0672 6932 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

02:38:31.0688 6932 McNaiAnn - ok

02:38:31.0719 6932 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

02:38:31.0735 6932 McNASvc - ok

02:38:31.0937 6932 McODS (b3914a7c97a81acb1e9befe07e4c387f) C:\Program Files\McAfee\VirusScan\mcods.exe

02:38:32.0015 6932 McODS - ok

02:38:32.0234 6932 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

02:38:32.0249 6932 McProxy - ok

02:38:32.0327 6932 McShield (4a463d645b48bb487ca7df12ba5d1602) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

02:38:32.0359 6932 McShield - ok

02:38:32.0421 6932 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

02:38:32.0483 6932 Mcx2Svc - ok

02:38:32.0546 6932 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

02:38:32.0561 6932 megasas - ok

02:38:32.0624 6932 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

02:38:32.0671 6932 MegaSR - ok

02:38:32.0717 6932 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys

02:38:32.0749 6932 mfeapfk - ok

02:38:32.0827 6932 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys

02:38:32.0873 6932 mfeavfk - ok

02:38:32.0936 6932 mfeavfk01 - ok

02:38:33.0107 6932 mfefire (c53b7aba204d9f7e9568ec147a1485c5) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

02:38:33.0139 6932 mfefire - ok

02:38:33.0217 6932 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys

02:38:33.0279 6932 mfefirek - ok

02:38:33.0326 6932 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys

02:38:33.0388 6932 mfehidk - ok

02:38:33.0419 6932 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys

02:38:33.0466 6932 mfenlfk - ok

02:38:33.0497 6932 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys

02:38:33.0560 6932 mferkdet - ok

02:38:33.0622 6932 mfevtp (3ed58a36f7f7d60f0ef44d29810b0b80) C:\Windows\system32\mfevtps.exe

02:38:33.0669 6932 mfevtp - ok

02:38:33.0731 6932 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys

02:38:33.0778 6932 mfewfpk - ok

02:38:33.0809 6932 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

02:38:33.0872 6932 MMCSS - ok

02:38:33.0903 6932 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

02:38:33.0965 6932 Modem - ok

02:38:34.0012 6932 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

02:38:34.0012 6932 monitor - ok

02:38:34.0059 6932 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

02:38:34.0090 6932 mouclass - ok

02:38:34.0137 6932 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

02:38:34.0168 6932 mouhid - ok

02:38:34.0199 6932 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

02:38:34.0246 6932 mountmgr - ok

02:38:34.0355 6932 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

02:38:34.0418 6932 mpio - ok

02:38:34.0449 6932 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

02:38:34.0496 6932 mpsdrv - ok

02:38:34.0543 6932 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~2\COMMON~1\Motive\MREMP50.SYS

02:38:34.0636 6932 MREMP50 ( UnsignedFile.Multi.Generic ) - warning

02:38:34.0636 6932 MREMP50 - detected UnsignedFile.Multi.Generic (1)

02:38:34.0667 6932 MREMP50a64 - ok

02:38:34.0667 6932 MREMPR5 - ok

02:38:34.0683 6932 MRENDIS5 - ok

02:38:34.0683 6932 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~2\COMMON~1\Motive\MRESP50.SYS

02:38:34.0745 6932 MRESP50 ( UnsignedFile.Multi.Generic ) - warning

02:38:34.0745 6932 MRESP50 - detected UnsignedFile.Multi.Generic (1)

02:38:34.0745 6932 MRESP50a64 - ok

02:38:34.0792 6932 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

02:38:34.0886 6932 MRxDAV - ok

02:38:34.0933 6932 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

02:38:35.0042 6932 mrxsmb - ok

02:38:35.0073 6932 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

02:38:35.0151 6932 mrxsmb10 - ok

02:38:35.0167 6932 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

02:38:35.0213 6932 mrxsmb20 - ok

02:38:35.0245 6932 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

02:38:35.0307 6932 msahci - ok

02:38:35.0401 6932 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

02:38:35.0463 6932 msdsm - ok

02:38:35.0510 6932 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

02:38:35.0525 6932 MSDTC - ok

02:38:35.0557 6932 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

02:38:35.0588 6932 Msfs - ok

02:38:35.0619 6932 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

02:38:35.0681 6932 mshidkmdf - ok

02:38:35.0697 6932 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

02:38:35.0697 6932 msisadrv - ok

02:38:35.0759 6932 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

02:38:35.0853 6932 MSiSCSI - ok

02:38:35.0869 6932 msiserver - ok

02:38:35.0978 6932 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

02:38:35.0993 6932 MSK80Service - ok

02:38:36.0025 6932 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

02:38:36.0087 6932 MSKSSRV - ok

02:38:36.0118 6932 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

02:38:36.0165 6932 MSPCLOCK - ok

02:38:36.0181 6932 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

02:38:36.0243 6932 MSPQM - ok

02:38:36.0274 6932 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

02:38:36.0305 6932 MsRPC - ok

02:38:36.0352 6932 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

02:38:36.0352 6932 mssmbios - ok

02:38:36.0383 6932 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

02:38:36.0446 6932 MSTEE - ok

02:38:36.0461 6932 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

02:38:36.0493 6932 MTConfig - ok

02:38:36.0508 6932 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

02:38:36.0524 6932 Mup - ok

02:38:36.0555 6932 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

02:38:36.0680 6932 napagent - ok

02:38:36.0742 6932 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

02:38:36.0789 6932 NativeWifiP - ok

02:38:36.0883 6932 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

02:38:36.0914 6932 NDIS - ok

02:38:36.0929 6932 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

02:38:36.0976 6932 NdisCap - ok

02:38:37.0007 6932 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

02:38:37.0039 6932 NdisTapi - ok

02:38:37.0085 6932 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

02:38:37.0148 6932 Ndisuio - ok

02:38:37.0179 6932 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

02:38:37.0257 6932 NdisWan - ok

02:38:37.0288 6932 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

02:38:37.0351 6932 NDProxy - ok

02:38:37.0366 6932 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

02:38:37.0413 6932 NetBIOS - ok

02:38:37.0444 6932 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

02:38:37.0491 6932 NetBT - ok

02:38:37.0553 6932 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

02:38:37.0585 6932 Netlogon - ok

02:38:37.0631 6932 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

02:38:37.0678 6932 Netman - ok

02:38:37.0756 6932 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

02:38:37.0803 6932 netprofm - ok

02:38:37.0881 6932 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

02:38:37.0897 6932 NetTcpPortSharing - ok

02:38:37.0959 6932 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

02:38:37.0975 6932 nfrd960 - ok

02:38:38.0006 6932 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

02:38:38.0084 6932 NlaSvc - ok

02:38:38.0131 6932 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

02:38:38.0177 6932 Npfs - ok

02:38:38.0255 6932 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

02:38:38.0365 6932 nsi - ok

02:38:38.0380 6932 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

02:38:38.0411 6932 nsiproxy - ok

02:38:38.0614 6932 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

02:38:38.0739 6932 Ntfs - ok

02:38:38.0786 6932 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

02:38:38.0833 6932 Null - ok

02:38:38.0957 6932 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

02:38:39.0020 6932 nvraid - ok

02:38:39.0129 6932 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

02:38:39.0207 6932 nvstor - ok

02:38:39.0394 6932 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

02:38:39.0441 6932 nv_agp - ok

02:38:39.0472 6932 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

02:38:39.0535 6932 ohci1394 - ok

02:38:39.0613 6932 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

02:38:39.0659 6932 ose - ok

02:38:39.0800 6932 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

02:38:40.0034 6932 osppsvc - ok

02:38:40.0065 6932 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

02:38:40.0096 6932 p2pimsvc - ok

02:38:40.0127 6932 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

02:38:40.0143 6932 p2psvc - ok

02:38:40.0205 6932 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

02:38:40.0252 6932 Parport - ok

02:38:40.0283 6932 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

02:38:40.0330 6932 partmgr - ok

02:38:40.0346 6932 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

02:38:40.0361 6932 PcaSvc - ok

02:38:40.0393 6932 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

02:38:40.0439 6932 pci - ok

02:38:40.0455 6932 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

02:38:40.0471 6932 pciide - ok

02:38:40.0502 6932 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

02:38:40.0533 6932 pcmcia - ok

02:38:40.0549 6932 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

02:38:40.0549 6932 pcw - ok

02:38:40.0627 6932 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

02:38:40.0673 6932 PEAUTH - ok

02:38:40.0720 6932 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

02:38:40.0767 6932 PerfHost - ok

02:38:40.0876 6932 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

02:38:40.0970 6932 pla - ok

02:38:41.0017 6932 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

02:38:41.0141 6932 PlugPlay - ok

02:38:41.0173 6932 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

02:38:41.0188 6932 PNRPAutoReg - ok

02:38:41.0204 6932 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

02:38:41.0204 6932 PNRPsvc - ok

02:38:41.0266 6932 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

02:38:41.0360 6932 PolicyAgent - ok

02:38:41.0422 6932 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

02:38:41.0516 6932 Power - ok

02:38:41.0578 6932 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

02:38:41.0672 6932 PptpMiniport - ok

02:38:41.0703 6932 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

02:38:41.0734 6932 Processor - ok

02:38:41.0765 6932 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

02:38:41.0859 6932 ProfSvc - ok

02:38:41.0906 6932 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

02:38:41.0921 6932 ProtectedStorage - ok

02:38:41.0968 6932 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

02:38:42.0015 6932 Psched - ok

02:38:42.0062 6932 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

02:38:42.0109 6932 PxHlpa64 - ok

02:38:42.0389 6932 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

02:38:42.0483 6932 ql2300 - ok

02:38:42.0499 6932 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

02:38:42.0530 6932 ql40xx - ok

02:38:42.0561 6932 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

02:38:42.0577 6932 QWAVE - ok

02:38:42.0592 6932 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

02:38:42.0639 6932 QWAVEdrv - ok

02:38:42.0670 6932 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

02:38:42.0748 6932 RasAcd - ok

02:38:42.0795 6932 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

02:38:42.0826 6932 RasAgileVpn - ok

02:38:42.0842 6932 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

02:38:42.0889 6932 RasAuto - ok

02:38:42.0920 6932 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

02:38:43.0029 6932 Rasl2tp - ok

02:38:43.0076 6932 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

02:38:43.0154 6932 RasMan - ok

02:38:43.0169 6932 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

02:38:43.0232 6932 RasPppoe - ok

02:38:43.0294 6932 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

02:38:43.0357 6932 RasSstp - ok

02:38:43.0450 6932 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

02:38:43.0513 6932 rdbss - ok

02:38:43.0528 6932 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

02:38:43.0575 6932 rdpbus - ok

02:38:43.0591 6932 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

02:38:43.0622 6932 RDPCDD - ok

02:38:43.0762 6932 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

02:38:43.0840 6932 RDPENCDD - ok

02:38:43.0871 6932 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

02:38:43.0934 6932 RDPREFMP - ok

02:38:43.0965 6932 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

02:38:44.0059 6932 RDPWD - ok

02:38:44.0121 6932 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

02:38:44.0168 6932 rdyboost - ok

02:38:44.0183 6932 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

02:38:44.0261 6932 RemoteAccess - ok

02:38:44.0293 6932 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

02:38:44.0371 6932 RemoteRegistry - ok

02:38:44.0402 6932 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

02:38:44.0480 6932 RpcEptMapper - ok

02:38:44.0495 6932 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

02:38:44.0511 6932 RpcLocator - ok

02:38:44.0558 6932 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

02:38:44.0589 6932 RpcSs - ok

02:38:44.0620 6932 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

02:38:44.0651 6932 rspndr - ok

02:38:44.0745 6932 SacNetAgentService_C57C4F854F53 (4e548fc2c427455836b37a7c7d9923db) C:\ProgramData\OfficeGuardianV2N\Reminder\SacNetAgent.exe

02:38:44.0807 6932 SacNetAgentService_C57C4F854F53 - ok

02:38:44.0854 6932 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

02:38:44.0870 6932 SamSs - ok

02:38:44.0917 6932 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

02:38:44.0963 6932 SASDIFSV - ok

02:38:44.0979 6932 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

02:38:45.0010 6932 SASKUTIL - ok

02:38:45.0041 6932 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

02:38:45.0088 6932 sbp2port - ok

02:38:45.0088 6932 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

02:38:45.0151 6932 SCardSvr - ok

02:38:45.0182 6932 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

02:38:45.0275 6932 scfilter - ok

02:38:45.0338 6932 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

02:38:45.0447 6932 Schedule - ok

02:38:45.0509 6932 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

02:38:45.0556 6932 SCPolicySvc - ok

02:38:45.0587 6932 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

02:38:45.0634 6932 SDRSVC - ok

02:38:45.0728 6932 SeaPort (cc781378e7eda615d2cdca3b17829fa4) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

02:38:45.0790 6932 SeaPort - ok

02:38:45.0868 6932 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

02:38:45.0931 6932 secdrv - ok

02:38:45.0946 6932 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

02:38:46.0009 6932 seclogon - ok

02:38:46.0040 6932 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

02:38:46.0118 6932 SENS - ok

02:38:46.0133 6932 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

02:38:46.0196 6932 SensrSvc - ok

02:38:46.0211 6932 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

02:38:46.0227 6932 Serenum - ok

02:38:46.0258 6932 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

02:38:46.0274 6932 Serial - ok

02:38:46.0305 6932 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

02:38:46.0352 6932 sermouse - ok

02:38:46.0383 6932 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

02:38:46.0477 6932 SessionEnv - ok

02:38:46.0539 6932 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

02:38:46.0633 6932 sffdisk - ok

02:38:46.0664 6932 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

02:38:46.0711 6932 sffp_mmc - ok

02:38:46.0726 6932 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

02:38:46.0820 6932 sffp_sd - ok

02:38:46.0835 6932 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

02:38:46.0851 6932 sfloppy - ok

02:38:47.0054 6932 SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

02:38:47.0132 6932 SftService - ok

02:38:47.0163 6932 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

02:38:47.0210 6932 SharedAccess - ok

02:38:47.0257 6932 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

02:38:47.0335 6932 ShellHWDetection - ok

02:38:47.0366 6932 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

02:38:47.0397 6932 SiSRaid2 - ok

02:38:47.0413 6932 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

02:38:47.0428 6932 SiSRaid4 - ok

02:38:47.0459 6932 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

02:38:47.0553 6932 Smb - ok

02:38:47.0584 6932 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

02:38:47.0615 6932 SNMPTRAP - ok

02:38:47.0662 6932 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

02:38:47.0678 6932 spldr - ok

02:38:47.0834 6932 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

02:38:47.0927 6932 Spooler - ok

02:38:48.0255 6932 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

02:38:48.0349 6932 sppsvc - ok

02:38:48.0427 6932 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

02:38:48.0505 6932 sppuinotify - ok

02:38:48.0551 6932 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

02:38:48.0645 6932 srv - ok

02:38:48.0707 6932 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

02:38:48.0801 6932 srv2 - ok

02:38:48.0832 6932 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

02:38:48.0910 6932 srvnet - ok

02:38:48.0941 6932 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

02:38:49.0004 6932 SSDPSRV - ok

02:38:49.0035 6932 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

02:38:49.0097 6932 SstpSvc - ok

02:38:49.0175 6932 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

02:38:49.0191 6932 stexstor - ok

02:38:49.0222 6932 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

02:38:49.0331 6932 stisvc - ok

02:38:49.0378 6932 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

02:38:49.0394 6932 swenum - ok

02:38:49.0472 6932 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

02:38:49.0550 6932 swprv - ok

02:38:49.0612 6932 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

02:38:49.0737 6932 SysMain - ok

02:38:49.0784 6932 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

02:38:49.0846 6932 TabletInputService - ok

02:38:49.0909 6932 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

02:38:50.0002 6932 TapiSrv - ok

02:38:50.0111 6932 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

02:38:50.0174 6932 TBS - ok

02:38:50.0408 6932 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

02:38:50.0501 6932 Tcpip - ok

02:38:50.0564 6932 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

02:38:50.0595 6932 TCPIP6 - ok

02:38:50.0657 6932 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

02:38:50.0751 6932 tcpipreg - ok

02:38:50.0876 6932 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

02:38:50.0923 6932 TDPIPE - ok

02:38:51.0032 6932 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

02:38:51.0110 6932 TDTCP - ok

02:38:51.0172 6932 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

02:38:51.0266 6932 tdx - ok

02:38:51.0281 6932 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

02:38:51.0344 6932 TermDD - ok

02:38:51.0500 6932 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

02:38:51.0625 6932 TermService - ok

02:38:51.0687 6932 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

02:38:51.0718 6932 Themes - ok

02:38:51.0734 6932 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

02:38:51.0765 6932 THREADORDER - ok

02:38:51.0781 6932 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

02:38:51.0827 6932 TrkWks - ok

02:38:51.0890 6932 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

02:38:51.0968 6932 TrustedInstaller - ok

02:38:52.0077 6932 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

02:38:52.0202 6932 tssecsrv - ok

02:38:52.0264 6932 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

02:38:52.0358 6932 TsUsbFlt - ok

02:38:52.0405 6932 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

02:38:52.0498 6932 tunnel - ok

02:38:52.0529 6932 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

02:38:52.0592 6932 uagp35 - ok

02:38:52.0639 6932 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

02:38:52.0732 6932 udfs - ok

02:38:52.0841 6932 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

02:38:52.0888 6932 UI0Detect - ok

02:38:52.0935 6932 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

02:38:52.0982 6932 uliagpkx - ok

02:38:53.0029 6932 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

02:38:53.0107 6932 umbus - ok

02:38:53.0153 6932 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

02:38:53.0185 6932 UmPass - ok

02:38:53.0247 6932 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

02:38:53.0294 6932 upnphost - ok

02:38:53.0403 6932 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

02:38:53.0497 6932 usbccgp - ok

02:38:53.0528 6932 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

02:38:53.0543 6932 usbcir - ok

02:38:53.0575 6932 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

02:38:53.0637 6932 usbehci - ok

02:38:53.0668 6932 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

02:38:53.0731 6932 usbhub - ok

02:38:53.0762 6932 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

02:38:53.0809 6932 usbohci - ok

02:38:53.0855 6932 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

02:38:53.0902 6932 usbprint - ok

02:38:53.0933 6932 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

02:38:53.0965 6932 usbscan - ok

02:38:54.0011 6932 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

02:38:54.0058 6932 USBSTOR - ok

02:38:54.0074 6932 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

02:38:54.0121 6932 usbuhci - ok

02:38:54.0167 6932 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

02:38:54.0230 6932 UxSms - ok

02:38:54.0261 6932 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

02:38:54.0277 6932 VaultSvc - ok

02:38:54.0323 6932 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

02:38:54.0323 6932 vdrvroot - ok

02:38:54.0448 6932 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

02:38:54.0526 6932 vds - ok

02:38:54.0542 6932 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

02:38:54.0557 6932 vga - ok

02:38:54.0573 6932 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

02:38:54.0651 6932 VgaSave - ok

02:38:54.0682 6932 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

02:38:54.0760 6932 vhdmp - ok

02:38:54.0869 6932 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

02:38:54.0885 6932 viaide - ok

02:38:54.0916 6932 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

02:38:54.0963 6932 volmgr - ok

02:38:54.0994 6932 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

02:38:55.0057 6932 volmgrx - ok

02:38:55.0088 6932 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

02:38:55.0150 6932 volsnap - ok

02:38:55.0228 6932 vpnagent (1ca935adf4353a6e27c4affa2e2708c5) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe

02:38:55.0306 6932 vpnagent - ok

02:38:55.0353 6932 vpnva (e526a69d932538ae8bc96b3f4a5a90b1) C:\Windows\system32\DRIVERS\vpnva64.sys

02:38:55.0400 6932 vpnva - ok

02:38:55.0447 6932 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

02:38:55.0478 6932 vsmraid - ok

02:38:55.0540 6932 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

02:38:55.0681 6932 VSS - ok

02:38:55.0696 6932 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

02:38:55.0712 6932 vwifibus - ok

02:38:55.0743 6932 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

02:38:55.0774 6932 W32Time - ok

02:38:55.0790 6932 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

02:38:55.0805 6932 WacomPen - ok

02:38:55.0868 6932 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

02:38:55.0961 6932 WANARP - ok

02:38:55.0961 6932 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

02:38:55.0993 6932 Wanarpv6 - ok

02:38:56.0071 6932 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

02:38:56.0149 6932 WatAdminSvc - ok

02:38:56.0227 6932 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

02:38:56.0336 6932 wbengine - ok

02:38:56.0351 6932 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

02:38:56.0383 6932 WbioSrvc - ok

02:38:56.0414 6932 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

02:38:56.0461 6932 wcncsvc - ok

02:38:56.0476 6932 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

02:38:56.0539 6932 WcsPlugInService - ok

02:38:56.0570 6932 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

02:38:56.0570 6932 Wd - ok

02:38:56.0601 6932 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

02:38:56.0648 6932 Wdf01000 - ok

02:38:56.0663 6932 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

02:38:56.0726 6932 WdiServiceHost - ok

02:38:56.0726 6932 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

02:38:56.0741 6932 WdiSystemHost - ok

02:38:56.0773 6932 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

02:38:56.0819 6932 WebClient - ok

02:38:56.0851 6932 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

02:38:56.0897 6932 Wecsvc - ok

02:38:56.0929 6932 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

02:38:57.0007 6932 wercplsupport - ok

02:38:57.0053 6932 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

02:38:57.0085 6932 WerSvc - ok

02:38:57.0100 6932 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

02:38:57.0163 6932 WfpLwf - ok

02:38:57.0225 6932 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

02:38:57.0287 6932 WimFltr - ok

02:38:57.0303 6932 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

02:38:57.0319 6932 WIMMount - ok

02:38:57.0319 6932 WinHttpAutoProxySvc - ok

02:38:57.0350 6932 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

02:38:57.0397 6932 Winmgmt - ok

02:38:57.0584 6932 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

02:38:57.0693 6932 WinRM - ok

02:38:57.0740 6932 winusb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\drivers\WinUSB.SYS

02:38:57.0802 6932 winusb - ok

02:38:57.0849 6932 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

02:38:57.0896 6932 Wlansvc - ok

02:38:57.0974 6932 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

02:38:58.0083 6932 wlidsvc - ok

02:38:58.0114 6932 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

02:38:58.0145 6932 WmiAcpi - ok

02:38:58.0208 6932 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

02:38:58.0270 6932 wmiApSrv - ok

02:38:58.0301 6932 WMPNetworkSvc - ok

02:38:58.0317 6932 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

02:38:58.0364 6932 WPCSvc - ok

02:38:58.0395 6932 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

02:38:58.0457 6932 WPDBusEnum - ok

02:38:58.0551 6932 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

02:38:58.0613 6932 ws2ifsl - ok

02:38:58.0660 6932 WSearch - ok

02:38:58.0910 6932 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

02:38:59.0003 6932 wuauserv - ok

02:38:59.0144 6932 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

02:38:59.0253 6932 WudfPf - ok

02:38:59.0284 6932 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

02:38:59.0362 6932 WUDFRd - ok

02:38:59.0518 6932 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

02:38:59.0581 6932 wudfsvc - ok

02:38:59.0627 6932 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

02:38:59.0690 6932 WwanSvc - ok

02:38:59.0737 6932 zpaction - ok

02:38:59.0768 6932 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0

02:39:00.0501 6932 \Device\Harddisk0\DR0 - ok

02:39:00.0532 6932 Boot (0x1200) (d951ec5947ce172850dcbcf2a9fcb55c) \Device\Harddisk0\DR0\Partition0

02:39:00.0532 6932 \Device\Harddisk0\DR0\Partition0 - ok

02:39:00.0563 6932 Boot (0x1200) (c63431ce897ee9fe62df7d4aed00374d) \Device\Harddisk0\DR0\Partition1

02:39:00.0563 6932 \Device\Harddisk0\DR0\Partition1 - ok

02:39:00.0563 6932 ============================================================

02:39:00.0563 6932 Scan finished

02:39:00.0563 6932 ============================================================

02:39:00.0579 4216 Detected object count: 6

02:39:00.0579 4216 Actual detected object count: 6

02:39:20.0095 4216 C:\Windows\system32\dladresn.dll - copied to quarantine

02:39:20.0126 4216 HKLM\SYSTEM\ControlSet001\services\ASUSVRC - will be deleted on reboot

02:39:20.0204 4216 HKLM\SYSTEM\ControlSet002\services\ASUSVRC - will be deleted on reboot

02:39:20.0297 4216 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\svchost:netsvcs - cured

02:39:20.0344 4216 C:\Windows\system32\dladresn.dll - will be deleted on reboot

02:39:20.0344 4216 ASUSVRC ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete

02:39:20.0344 4216 DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user

02:39:20.0344 4216 DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip

02:39:20.0344 4216 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user

02:39:20.0344 4216 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip

02:39:20.0344 4216 McciCMService64 ( UnsignedFile.Multi.Generic ) - skipped by user

02:39:20.0344 4216 McciCMService64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

02:39:20.0344 4216 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user

02:39:20.0344 4216 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

02:39:20.0344 4216 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user

02:39:20.0344 4216 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

02:39:37.0551 2968 Deinitialize success

[MrCharlie]

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how it is, MrC

[itsvern]

Latest version of Malarebytes Pro is loaded, a quick scan was run, with the resulting log

My browser google search results now link properly to the correct website ..... things appear to be working correctly

----------------------------

Malwarebytes Anti-Malware (PRO) 1.60.1.1000

www.malwarebytes.org

Database version: v2012.04.04.10

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

vern :: VERN-PC [administrator]

Protection: Disabled

4/4/2012 9:05:56 PM

mbam-log-2012-04-04 (21-05-56).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 218209

Time elapsed: 1 minute(s), 37 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

------------------------------------------------------------

[MrCharlie]

How is it?? MrC

[itsvern]

MrC;

Everything appears to be running very smoothly - no browser misdirections at all.

I'm ready to call this a success,

Thanks so much for your help

[MrCharlie]

Good

Please Uninstall ComboFix:

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

---------------------------------

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

-----------------------------

You have out date Java on the system, older versions are vulnerable to malware.

Please go to your control panels add/remove programs and uninstall these:

Java™ 6 Update 26

Then download and install the latest version Java™ 6 Update 31.

http://www.java.com/...load/manual.jsp <---latest version

http://www.java.com/...d/installed.jsp <---verify your Java

-----------------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!