Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help with Hijack Startmenu Trojan - have tried stuff that is not working


  • Please log in to reply
11 replies to this topic

#1 NathanBrazil

NathanBrazil

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 28 May 2012 - 12:21 PM

I seem to have contracted malware/trojan...
1)an error message pop ups - System Error. Hard disk failure detected - scan & repair / cancel & restart
2) then another error message pop ups - System Write Fault Error - A Write command during test failed to complete. - cancel - try again - continue. This error message pops up about 20 times as separate boxes on top of each other
3) It had hidden all icons on desktop and start button.
I am running Windows 7

I have tried to fix this following other threads on the site, but have been unsuccessful.
- I rebooted in safe mode with networking
- When I run Rkill, it does not seem to find anything to fix.
- When I run tdsskiller, it also does not show any issues.
- Malwarebytes finds 2 objects (PUM.Hijack.Startmenu) which I removed.
- I was able to run Unhide and got much (maybe all?) of my desktop and start menu back.

I was hoping that this would have cleaned it. I rebooted and the same problems came back with the same pop-ups. Able to reboot again in safe mode with netowrking, rkill and tdsskill dont do anything, and malwarebytes finds the same 2 problems. The only thing that has changed is most of my icons are still on the screen, although the start menu is gone.

Any help on what to try would be appreciated

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 PM

Posted 28 May 2012 - 12:52 PM

Boot into safemode with networking

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner


Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

After running online scanner,reboot into normal mode and run malwarebytes until you get a clean log

Post the clean log here

IMPORTANT:Do not turn off system restore.We need restore points to recover your startmenu

#3 NathanBrazil

NathanBrazil
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 28 May 2012 - 03:43 PM

Thank you for your assistance - I have completed all the steps you have suggested to this point and it is looking promising. The information and logs for those steps are below:

Here is the log from aswMBR:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-05-28 15:10:39
-----------------------------
15:10:39.894 OS Version: Windows x64 6.1.7601 Service Pack 1
15:10:39.894 Number of processors: 4 586 0x402
15:10:39.894 ComputerName: JD-PC UserName: JD
15:10:44.278 Initialize success
15:11:37.926 AVAST engine defs: 12052800
15:11:48.737 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
15:11:48.737 Disk 0 Vendor: ST3750528AS CC45 Size: 715404MB BusType: 3
15:11:48.753 Disk 0 MBR read successfully
15:11:48.753 Disk 0 MBR scan
15:11:48.753 Disk 0 Windows VISTA default MBR code
15:11:48.753 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
15:11:48.768 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 81920
15:11:48.784 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 700363 MB offset 30801920
15:11:48.784 Disk 0 scanning C:\Windows\system32\drivers
15:11:58.440 Service scanning
15:12:13.292 Modules scanning
15:12:13.292 Disk 0 trace - called modules:
15:12:13.307 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
15:12:13.338 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005f67060]
15:12:13.338 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa8004e77d10]
15:12:13.338 5 ACPI.sys[fffff88000e627a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8005c9d060]
15:12:16.505 AVAST engine scan C:\Windows
15:12:19.235 AVAST engine scan C:\Windows\system32
15:15:03.832 AVAST engine scan C:\Windows\system32\drivers
15:15:14.408 AVAST engine scan C:\Users\JD
15:17:28.943 File: C:\Users\JD\AppData\Local\Temp\5ZQA44NiLthiR7.exe.tmp **INFECTED** Win32:FakeSysdef-MJ [Trj]
15:21:51.352 Disk 0 MBR has been saved successfully to "I:\MBR.dat"
15:21:51.368 The log file has been saved successfully to "I:\aswMBR.txt"



Here is the list of found threats from the ESET online scanner

C:\ProgramData\tofbYLVqOj.exe a variant of Win32/Kryptik.AGCK trojan cleaned by deleting - quarantined
C:\Users\JD\AppData\Local\Temp\5ZQA44NiLthiR7.exe.tmp a variant of Win32/Kryptik.AGCK trojan cleaned by deleting - quarantined


Here is the Malwarebytes log after rebooting (which thankfully rebooted without all the popups):

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.23.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
JD :: JD-PC [administrator]

5/28/2012 4:33:49 PM
mbam-log-2012-05-28 (16-33-49).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 207883
Time elapsed: 5 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)


Feels like we are making great progress. Hopefully this means I am clean and a system restore will have me back fully operational (as I still have the black screen background and a virtually empty start menu)

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 PM

Posted 29 May 2012 - 01:49 AM

Step 1:

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive

Step 2:
- Malwarebytes finds 2 objects (PUM.Hijack.Startmenu) which I removed.

Run malwarebytes in normal mode until you get a clean log

Step 3:

Right click on your startmenu-properties

Check mark

store and display recently opened programs
store and display recently items


Click on customize

Click on Use default settings at the bottom

Now go to

c:\ProgramData\Microsoft\Windows

right click on startmenu folder,click on restore previous versions

Now select a snapshot before you were infected by the rogue,click on restore

You should get back the startmenu programs

Step 4:

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Edited by narenxp, 29 May 2012 - 01:49 AM.


#5 NathanBrazil

NathanBrazil
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 29 May 2012 - 05:19 PM

Continuing to follow your recommended steps. Please let me know if the logs suggest all is clean or if further steps are required.

- Below is the log from the TDSSkiller:

17:46:59.0866 4300 TDSS rootkit removing tool 2.7.38.0 May 25 2012 17:35:31
17:47:00.0256 4300 ============================================================
17:47:00.0256 4300 Current date / time: 2012/05/29 17:47:00.0256
17:47:00.0256 4300 SystemInfo:
17:47:00.0256 4300
17:47:00.0256 4300 OS Version: 6.1.7601 ServicePack: 1.0
17:47:00.0256 4300 Product type: Workstation
17:47:00.0256 4300 ComputerName: JD-PC
17:47:00.0256 4300 UserName: JD
17:47:00.0256 4300 Windows directory: C:\Windows
17:47:00.0256 4300 System windows directory: C:\Windows
17:47:00.0256 4300 Running under WOW64
17:47:00.0256 4300 Processor architecture: Intel x64
17:47:00.0256 4300 Number of processors: 4
17:47:00.0256 4300 Page size: 0x1000
17:47:00.0256 4300 Boot type: Normal boot
17:47:00.0256 4300 ============================================================
17:47:02.0065 4300 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:47:02.0081 4300 Drive \Device\Harddisk6\DR6 - Size: 0x776F8000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:47:02.0081 4300 ============================================================
17:47:02.0081 4300 \Device\Harddisk0\DR0:
17:47:02.0268 4300 MBR partitions:
17:47:02.0268 4300 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
17:47:02.0268 4300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x557E5EF0
17:47:02.0268 4300 \Device\Harddisk6\DR6:
17:47:02.0268 4300 MBR partitions:
17:47:02.0268 4300 \Device\Harddisk6\DR6\Partition0: MBR, Type 0x6, StartLBA 0x3F, BlocksNum 0x3BB521
17:47:02.0268 4300 ============================================================
17:47:02.0284 4300 C: <-> \Device\Harddisk0\DR0\Partition1
17:47:02.0284 4300 ============================================================
17:47:02.0284 4300 Initialize success
17:47:02.0284 4300 ============================================================
17:47:47.0087 6532 ============================================================
17:47:47.0087 6532 Scan started
17:47:47.0087 6532 Mode: Manual; TDLFS;
17:47:47.0087 6532 ============================================================
17:47:47.0945 6532 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
17:47:48.0023 6532 1394ohci - ok
17:47:48.0039 6532 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
17:47:48.0054 6532 ACPI - ok
17:47:48.0070 6532 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
17:47:48.0117 6532 AcpiPmi - ok
17:47:48.0210 6532 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:47:48.0226 6532 AdobeFlashPlayerUpdateSvc - ok
17:47:48.0257 6532 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
17:47:48.0257 6532 adp94xx - ok
17:47:48.0288 6532 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
17:47:48.0288 6532 adpahci - ok
17:47:48.0304 6532 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
17:47:48.0319 6532 adpu320 - ok
17:47:48.0335 6532 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
17:47:48.0335 6532 AeLookupSvc - ok
17:47:48.0382 6532 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
17:47:48.0397 6532 AFD - ok
17:47:48.0413 6532 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
17:47:48.0413 6532 agp440 - ok
17:47:48.0429 6532 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
17:47:48.0429 6532 ALG - ok
17:47:48.0444 6532 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
17:47:48.0460 6532 aliide - ok
17:47:48.0475 6532 AMD External Events Utility (fc07ceaf07e33344628c4415faae3469) C:\Windows\system32\atiesrxx.exe
17:47:48.0475 6532 AMD External Events Utility - ok
17:47:48.0491 6532 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
17:47:48.0491 6532 amdide - ok
17:47:48.0507 6532 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
17:47:48.0507 6532 AmdK8 - ok
17:47:48.0522 6532 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
17:47:48.0538 6532 AmdPPM - ok
17:47:48.0553 6532 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
17:47:48.0616 6532 amdsata - ok
17:47:48.0631 6532 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
17:47:48.0631 6532 amdsbs - ok
17:47:48.0647 6532 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
17:47:48.0709 6532 amdxata - ok
17:47:48.0772 6532 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
17:47:48.0834 6532 AppID - ok
17:47:48.0850 6532 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
17:47:48.0850 6532 AppIDSvc - ok
17:47:48.0881 6532 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
17:47:48.0881 6532 Appinfo - ok
17:47:48.0990 6532 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:47:48.0990 6532 Apple Mobile Device - ok
17:47:49.0006 6532 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
17:47:49.0021 6532 arc - ok
17:47:49.0037 6532 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
17:47:49.0053 6532 arcsas - ok
17:47:49.0068 6532 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
17:47:49.0068 6532 AsyncMac - ok
17:47:49.0099 6532 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
17:47:49.0099 6532 atapi - ok
17:47:49.0131 6532 AtiHdmiService (38467ff83c2b4265d51f418812a91e3c) C:\Windows\system32\drivers\AtiHdmi.sys
17:47:49.0193 6532 AtiHdmiService - ok
17:47:49.0349 6532 atikmdag (80793852021864a9ed344843eeba5fdb) C:\Windows\system32\DRIVERS\atikmdag.sys
17:47:49.0536 6532 atikmdag - ok
17:47:49.0661 6532 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:47:49.0677 6532 AudioEndpointBuilder - ok
17:47:49.0692 6532 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
17:47:49.0692 6532 AudioSrv - ok
17:47:49.0708 6532 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
17:47:49.0786 6532 AxInstSV - ok
17:47:49.0817 6532 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
17:47:49.0833 6532 b06bdrv - ok
17:47:49.0911 6532 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
17:47:49.0926 6532 b57nd60a - ok
17:47:49.0973 6532 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
17:47:49.0989 6532 BDESVC - ok
17:47:50.0020 6532 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
17:47:50.0020 6532 Beep - ok
17:47:50.0067 6532 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
17:47:50.0067 6532 BFE - ok
17:47:50.0098 6532 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
17:47:50.0098 6532 BITS - ok
17:47:50.0113 6532 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
17:47:50.0129 6532 blbdrive - ok
17:47:50.0207 6532 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
17:47:50.0223 6532 Bonjour Service - ok
17:47:50.0254 6532 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
17:47:50.0332 6532 bowser - ok
17:47:50.0347 6532 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:47:50.0347 6532 BrFiltLo - ok
17:47:50.0347 6532 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:47:50.0363 6532 BrFiltUp - ok
17:47:50.0394 6532 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
17:47:50.0394 6532 Browser - ok
17:47:50.0410 6532 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
17:47:50.0425 6532 Brserid - ok
17:47:50.0441 6532 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
17:47:50.0441 6532 BrSerWdm - ok
17:47:50.0457 6532 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
17:47:50.0457 6532 BrUsbMdm - ok
17:47:50.0457 6532 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
17:47:50.0472 6532 BrUsbSer - ok
17:47:50.0488 6532 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
17:47:50.0488 6532 BTHMODEM - ok
17:47:50.0488 6532 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
17:47:50.0488 6532 bthserv - ok
17:47:50.0503 6532 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
17:47:50.0519 6532 cdfs - ok
17:47:50.0550 6532 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
17:47:50.0628 6532 cdrom - ok
17:47:50.0659 6532 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:47:50.0722 6532 CertPropSvc - ok
17:47:50.0737 6532 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys
17:47:50.0784 6532 cfwids - ok
17:47:50.0800 6532 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
17:47:50.0800 6532 circlass - ok
17:47:50.0831 6532 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
17:47:50.0831 6532 CLFS - ok
17:47:50.0893 6532 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:47:50.0909 6532 clr_optimization_v2.0.50727_32 - ok
17:47:50.0940 6532 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:47:50.0940 6532 clr_optimization_v2.0.50727_64 - ok
17:47:51.0018 6532 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:47:51.0018 6532 clr_optimization_v4.0.30319_32 - ok
17:47:51.0065 6532 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:47:51.0081 6532 clr_optimization_v4.0.30319_64 - ok
17:47:51.0096 6532 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
17:47:51.0096 6532 CmBatt - ok
17:47:51.0112 6532 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
17:47:51.0112 6532 cmdide - ok
17:47:51.0159 6532 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
17:47:51.0237 6532 CNG - ok
17:47:51.0237 6532 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
17:47:51.0252 6532 Compbatt - ok
17:47:51.0268 6532 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
17:47:51.0330 6532 CompositeBus - ok
17:47:51.0346 6532 COMSysApp - ok
17:47:51.0361 6532 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
17:47:51.0361 6532 crcdisk - ok
17:47:51.0393 6532 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
17:47:51.0393 6532 CryptSvc - ok
17:47:51.0439 6532 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:47:51.0455 6532 DcomLaunch - ok
17:47:51.0471 6532 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
17:47:51.0486 6532 defragsvc - ok
17:47:51.0502 6532 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
17:47:51.0564 6532 DfsC - ok
17:47:51.0611 6532 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
17:47:51.0611 6532 Dhcp - ok
17:47:51.0627 6532 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
17:47:51.0627 6532 discache - ok
17:47:51.0642 6532 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
17:47:51.0642 6532 Disk - ok
17:47:51.0673 6532 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
17:47:51.0673 6532 Dnscache - ok
17:47:51.0736 6532 DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
17:47:51.0736 6532 DockLoginService - ok
17:47:51.0783 6532 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
17:47:51.0861 6532 dot3svc - ok
17:47:51.0892 6532 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
17:47:51.0907 6532 Dot4 - ok
17:47:51.0939 6532 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:47:52.0017 6532 Dot4Print - ok
17:47:52.0032 6532 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
17:47:52.0032 6532 dot4usb - ok
17:47:52.0063 6532 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
17:47:52.0079 6532 DPS - ok
17:47:52.0095 6532 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
17:47:52.0110 6532 drmkaud - ok
17:47:52.0173 6532 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
17:47:52.0251 6532 DXGKrnl - ok
17:47:52.0266 6532 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
17:47:52.0266 6532 EapHost - ok
17:47:52.0360 6532 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
17:47:52.0407 6532 ebdrv - ok
17:47:52.0485 6532 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
17:47:52.0485 6532 EFS - ok
17:47:52.0547 6532 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
17:47:52.0547 6532 ehRecvr - ok
17:47:52.0563 6532 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
17:47:52.0563 6532 ehSched - ok
17:47:52.0609 6532 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
17:47:52.0625 6532 elxstor - ok
17:47:52.0656 6532 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
17:47:52.0656 6532 ErrDev - ok
17:47:52.0687 6532 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
17:47:52.0687 6532 EventSystem - ok
17:47:52.0703 6532 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
17:47:52.0703 6532 exfat - ok
17:47:52.0719 6532 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
17:47:52.0734 6532 fastfat - ok
17:47:52.0781 6532 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
17:47:52.0797 6532 Fax - ok
17:47:52.0797 6532 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
17:47:52.0812 6532 fdc - ok
17:47:52.0828 6532 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
17:47:52.0828 6532 fdPHost - ok
17:47:52.0843 6532 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
17:47:52.0843 6532 FDResPub - ok
17:47:52.0859 6532 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
17:47:52.0859 6532 FileInfo - ok
17:47:52.0859 6532 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
17:47:52.0859 6532 Filetrace - ok
17:47:52.0875 6532 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
17:47:52.0875 6532 flpydisk - ok
17:47:52.0890 6532 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
17:47:52.0968 6532 FltMgr - ok
17:47:53.0031 6532 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
17:47:53.0046 6532 FontCache - ok
17:47:53.0109 6532 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:47:53.0109 6532 FontCache3.0.0.0 - ok
17:47:53.0155 6532 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
17:47:53.0171 6532 FsDepends - ok
17:47:53.0202 6532 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
17:47:53.0280 6532 Fs_Rec - ok
17:47:53.0296 6532 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
17:47:53.0296 6532 fvevol - ok
17:47:53.0296 6532 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
17:47:53.0311 6532 gagp30kx - ok
17:47:53.0343 6532 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:47:53.0421 6532 GEARAspiWDM - ok
17:47:53.0499 6532 GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
17:47:53.0514 6532 GoToAssist - ok
17:47:53.0561 6532 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
17:47:53.0577 6532 gpsvc - ok
17:47:53.0655 6532 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:47:53.0655 6532 gupdate - ok
17:47:53.0655 6532 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:47:53.0670 6532 gupdatem - ok
17:47:53.0701 6532 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:47:53.0701 6532 gusvc - ok
17:47:53.0717 6532 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
17:47:53.0717 6532 hcw85cir - ok
17:47:53.0748 6532 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
17:47:53.0748 6532 HDAudBus - ok
17:47:53.0779 6532 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
17:47:53.0779 6532 HidBatt - ok
17:47:53.0811 6532 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
17:47:53.0811 6532 HidBth - ok
17:47:53.0811 6532 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
17:47:53.0826 6532 HidIr - ok
17:47:53.0826 6532 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
17:47:53.0826 6532 hidserv - ok
17:47:53.0842 6532 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
17:47:53.0889 6532 HidUsb - ok
17:47:53.0920 6532 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
17:47:53.0951 6532 hkmsvc - ok
17:47:53.0998 6532 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
17:47:53.0998 6532 HomeGroupListener - ok
17:47:54.0029 6532 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
17:47:54.0029 6532 HomeGroupProvider - ok
17:47:54.0123 6532 hpqcxs08 (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:47:54.0123 6532 hpqcxs08 - ok
17:47:54.0138 6532 hpqddsvc (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:47:54.0138 6532 hpqddsvc - ok
17:47:54.0154 6532 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
17:47:54.0232 6532 HpSAMD - ok
17:47:54.0294 6532 HPSLPSVC (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
17:47:54.0294 6532 HPSLPSVC - ok
17:47:54.0357 6532 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
17:47:54.0372 6532 HTTP - ok
17:47:54.0388 6532 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
17:47:54.0388 6532 hwpolicy - ok
17:47:54.0419 6532 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
17:47:54.0419 6532 i8042prt - ok
17:47:54.0466 6532 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
17:47:54.0544 6532 iaStorV - ok
17:47:54.0731 6532 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:47:54.0747 6532 idsvc - ok
17:47:54.0793 6532 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
17:47:54.0809 6532 iirsp - ok
17:47:54.0856 6532 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
17:47:54.0856 6532 IKEEXT - ok
17:47:54.0871 6532 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
17:47:54.0871 6532 intelide - ok
17:47:54.0887 6532 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
17:47:54.0903 6532 intelppm - ok
17:47:54.0996 6532 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
17:47:54.0996 6532 IntuitUpdateService - ok
17:47:55.0012 6532 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
17:47:55.0012 6532 IntuitUpdateServiceV4 - ok
17:47:55.0043 6532 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
17:47:55.0059 6532 IPBusEnum - ok
17:47:55.0074 6532 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:47:55.0137 6532 IpFilterDriver - ok
17:47:55.0168 6532 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
17:47:55.0168 6532 iphlpsvc - ok
17:47:55.0199 6532 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
17:47:55.0246 6532 IPMIDRV - ok
17:47:55.0261 6532 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
17:47:55.0261 6532 IPNAT - ok
17:47:55.0355 6532 iPod Service (46d249f9db7844cc01050a9345f0f61b) C:\Program Files\iPod\bin\iPodService.exe
17:47:55.0371 6532 iPod Service - ok
17:47:55.0386 6532 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
17:47:55.0386 6532 IRENUM - ok
17:47:55.0402 6532 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
17:47:55.0402 6532 isapnp - ok
17:47:55.0417 6532 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
17:47:55.0495 6532 iScsiPrt - ok
17:47:55.0511 6532 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
17:47:55.0527 6532 kbdclass - ok
17:47:55.0542 6532 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
17:47:55.0589 6532 kbdhid - ok
17:47:55.0620 6532 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:47:55.0620 6532 KeyIso - ok
17:47:55.0651 6532 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
17:47:55.0714 6532 KSecDD - ok
17:47:55.0761 6532 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
17:47:55.0823 6532 KSecPkg - ok
17:47:55.0839 6532 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
17:47:55.0839 6532 ksthunk - ok
17:47:55.0870 6532 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
17:47:55.0870 6532 KtmRm - ok
17:47:55.0901 6532 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
17:47:55.0901 6532 LanmanServer - ok
17:47:55.0932 6532 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
17:47:55.0948 6532 LanmanWorkstation - ok
17:47:55.0979 6532 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
17:47:55.0995 6532 lltdio - ok
17:47:56.0026 6532 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
17:47:56.0041 6532 lltdsvc - ok
17:47:56.0057 6532 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
17:47:56.0057 6532 lmhosts - ok
17:47:56.0088 6532 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
17:47:56.0104 6532 LSI_FC - ok
17:47:56.0119 6532 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
17:47:56.0119 6532 LSI_SAS - ok
17:47:56.0135 6532 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:47:56.0135 6532 LSI_SAS2 - ok
17:47:56.0151 6532 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:47:56.0151 6532 LSI_SCSI - ok
17:47:56.0166 6532 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
17:47:56.0182 6532 luafv - ok
17:47:56.0291 6532 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:47:56.0291 6532 McMPFSvc - ok
17:47:56.0307 6532 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:47:56.0307 6532 mcmscsvc - ok
17:47:56.0322 6532 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:47:56.0322 6532 McNaiAnn - ok
17:47:56.0322 6532 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:47:56.0322 6532 McNASvc - ok
17:47:56.0369 6532 McODS (dd01bf24dd6bf70a90549f9a7bb2d1eb) C:\Program Files\McAfee\VirusScan\mcods.exe
17:47:56.0385 6532 McODS - ok
17:47:56.0385 6532 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:47:56.0400 6532 McProxy - ok
17:47:56.0416 6532 McShield (e998e3b12101288d716558466cbf6ae1) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
17:47:56.0416 6532 McShield - ok
17:47:56.0463 6532 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
17:47:56.0509 6532 Mcx2Svc - ok
17:47:56.0603 6532 MDM (7cf1b716372b89568ae4c0fe769f5869) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
17:47:56.0603 6532 MDM - ok
17:47:56.0634 6532 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
17:47:56.0634 6532 megasas - ok
17:47:56.0650 6532 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
17:47:56.0681 6532 MegaSR - ok
17:47:56.0712 6532 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys
17:47:56.0775 6532 mfeapfk - ok
17:47:56.0806 6532 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys
17:47:56.0868 6532 mfeavfk - ok
17:47:56.0884 6532 mfeavfk01 - ok
17:47:56.0915 6532 mfefire (b26782c3d6045b4464017d7926877560) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:47:56.0915 6532 mfefire - ok
17:47:56.0962 6532 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys
17:47:57.0040 6532 mfefirek - ok
17:47:57.0055 6532 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys
17:47:57.0118 6532 mfehidk - ok
17:47:57.0133 6532 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys
17:47:57.0196 6532 mfenlfk - ok
17:47:57.0211 6532 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys
17:47:57.0258 6532 mferkdet - ok
17:47:57.0289 6532 mfevtp (723a5eb6cef7f408c3d0f15a82a6bff8) C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
17:47:57.0305 6532 mfevtp - ok
17:47:57.0321 6532 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys
17:47:57.0399 6532 mfewfpk - ok
17:47:57.0414 6532 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:47:57.0414 6532 MMCSS - ok
17:47:57.0414 6532 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
17:47:57.0414 6532 Modem - ok
17:47:57.0477 6532 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
17:47:57.0477 6532 monitor - ok
17:47:57.0508 6532 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
17:47:57.0523 6532 mouclass - ok
17:47:57.0539 6532 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
17:47:57.0539 6532 mouhid - ok
17:47:57.0586 6532 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
17:47:57.0586 6532 mountmgr - ok
17:47:57.0633 6532 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
17:47:57.0711 6532 mpio - ok
17:47:57.0711 6532 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
17:47:57.0726 6532 mpsdrv - ok
17:47:57.0757 6532 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
17:47:57.0820 6532 MpsSvc - ok
17:47:57.0835 6532 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
17:47:57.0898 6532 MRxDAV - ok
17:47:57.0913 6532 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
17:47:57.0960 6532 mrxsmb - ok
17:47:57.0991 6532 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:47:58.0069 6532 mrxsmb10 - ok
17:47:58.0069 6532 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:47:58.0132 6532 mrxsmb20 - ok
17:47:58.0147 6532 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
17:47:58.0210 6532 msahci - ok
17:47:58.0225 6532 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
17:47:58.0288 6532 msdsm - ok
17:47:58.0288 6532 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
17:47:58.0303 6532 MSDTC - ok
17:47:58.0319 6532 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
17:47:58.0319 6532 Msfs - ok
17:47:58.0335 6532 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
17:47:58.0335 6532 mshidkmdf - ok
17:47:58.0350 6532 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
17:47:58.0350 6532 msisadrv - ok
17:47:58.0381 6532 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
17:47:58.0397 6532 MSiSCSI - ok
17:47:58.0397 6532 msiserver - ok
17:47:58.0506 6532 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:47:58.0506 6532 MSK80Service - ok
17:47:58.0522 6532 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
17:47:58.0537 6532 MSKSSRV - ok
17:47:58.0553 6532 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
17:47:58.0569 6532 MSPCLOCK - ok
17:47:58.0584 6532 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
17:47:58.0600 6532 MSPQM - ok
17:47:58.0647 6532 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
17:47:58.0693 6532 MsRPC - ok
17:47:58.0709 6532 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
17:47:58.0709 6532 mssmbios - ok
17:47:58.0709 6532 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
17:47:58.0725 6532 MSTEE - ok
17:47:58.0740 6532 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
17:47:58.0740 6532 MTConfig - ok
17:47:58.0756 6532 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
17:47:58.0756 6532 Mup - ok
17:47:58.0803 6532 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
17:47:58.0818 6532 napagent - ok
17:47:58.0834 6532 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
17:47:58.0865 6532 NativeWifiP - ok
17:47:58.0927 6532 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
17:47:58.0943 6532 NDIS - ok
17:47:58.0943 6532 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
17:47:58.0959 6532 NdisCap - ok
17:47:58.0974 6532 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
17:47:58.0974 6532 NdisTapi - ok
17:47:58.0990 6532 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
17:47:59.0068 6532 Ndisuio - ok
17:47:59.0099 6532 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
17:47:59.0146 6532 NdisWan - ok
17:47:59.0161 6532 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
17:47:59.0161 6532 NDProxy - ok
17:47:59.0177 6532 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
17:47:59.0224 6532 Net Driver HPZ12 - ok
17:47:59.0239 6532 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
17:47:59.0239 6532 NetBIOS - ok
17:47:59.0271 6532 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
17:47:59.0271 6532 NetBT - ok
17:47:59.0302 6532 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:47:59.0302 6532 Netlogon - ok
17:47:59.0349 6532 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
17:47:59.0364 6532 Netman - ok
17:47:59.0395 6532 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
17:47:59.0395 6532 netprofm - ok
17:47:59.0458 6532 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:47:59.0458 6532 NetTcpPortSharing - ok
17:47:59.0489 6532 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
17:47:59.0489 6532 nfrd960 - ok
17:47:59.0520 6532 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
17:47:59.0520 6532 NlaSvc - ok
17:47:59.0520 6532 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
17:47:59.0536 6532 Npfs - ok
17:47:59.0536 6532 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
17:47:59.0536 6532 nsi - ok
17:47:59.0551 6532 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
17:47:59.0551 6532 nsiproxy - ok
17:47:59.0629 6532 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
17:47:59.0707 6532 Ntfs - ok
17:47:59.0879 6532 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
17:47:59.0895 6532 Null - ok
17:47:59.0941 6532 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
17:48:00.0019 6532 nvraid - ok
17:48:00.0035 6532 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
17:48:00.0097 6532 nvstor - ok
17:48:00.0097 6532 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
17:48:00.0113 6532 nv_agp - ok
17:48:00.0191 6532 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:48:00.0207 6532 odserv - ok
17:48:00.0222 6532 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
17:48:00.0222 6532 ohci1394 - ok
17:48:00.0253 6532 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:48:00.0253 6532 ose - ok
17:48:00.0300 6532 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:48:00.0300 6532 p2pimsvc - ok
17:48:00.0331 6532 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
17:48:00.0331 6532 p2psvc - ok
17:48:00.0347 6532 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
17:48:00.0363 6532 Parport - ok
17:48:00.0378 6532 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
17:48:00.0425 6532 partmgr - ok
17:48:00.0441 6532 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
17:48:00.0456 6532 PcaSvc - ok
17:48:00.0472 6532 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
17:48:00.0472 6532 pci - ok
17:48:00.0487 6532 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
17:48:00.0503 6532 pciide - ok
17:48:00.0519 6532 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
17:48:00.0534 6532 pcmcia - ok
17:48:00.0565 6532 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
17:48:00.0565 6532 pcw - ok
17:48:00.0612 6532 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
17:48:00.0612 6532 PEAUTH - ok
17:48:00.0675 6532 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
17:48:00.0675 6532 PerfHost - ok
17:48:00.0768 6532 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
17:48:00.0862 6532 pla - ok
17:48:00.0893 6532 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
17:48:00.0940 6532 PlugPlay - ok
17:48:00.0971 6532 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
17:48:00.0971 6532 Pml Driver HPZ12 - ok
17:48:01.0002 6532 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
17:48:01.0018 6532 PNRPAutoReg - ok
17:48:01.0033 6532 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
17:48:01.0033 6532 PNRPsvc - ok
17:48:01.0080 6532 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
17:48:01.0096 6532 PolicyAgent - ok
17:48:01.0127 6532 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
17:48:01.0127 6532 Power - ok
17:48:01.0174 6532 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
17:48:01.0252 6532 PptpMiniport - ok
17:48:01.0267 6532 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
17:48:01.0283 6532 Processor - ok
17:48:01.0299 6532 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
17:48:01.0299 6532 ProfSvc - ok
17:48:01.0330 6532 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:48:01.0330 6532 ProtectedStorage - ok
17:48:01.0361 6532 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
17:48:01.0377 6532 Psched - ok
17:48:01.0423 6532 PSI (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
17:48:01.0423 6532 PSI - ok
17:48:01.0455 6532 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
17:48:01.0533 6532 PxHlpa64 - ok
17:48:01.0579 6532 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
17:48:01.0611 6532 ql2300 - ok
17:48:01.0657 6532 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
17:48:01.0657 6532 ql40xx - ok
17:48:01.0689 6532 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
17:48:01.0689 6532 QWAVE - ok
17:48:01.0704 6532 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
17:48:01.0704 6532 QWAVEdrv - ok
17:48:01.0720 6532 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
17:48:01.0735 6532 RasAcd - ok
17:48:01.0751 6532 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
17:48:01.0767 6532 RasAgileVpn - ok
17:48:01.0767 6532 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
17:48:01.0782 6532 RasAuto - ok
17:48:01.0782 6532 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
17:48:01.0845 6532 Rasl2tp - ok
17:48:01.0860 6532 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
17:48:01.0907 6532 RasMan - ok
17:48:01.0923 6532 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
17:48:01.0923 6532 RasPppoe - ok
17:48:01.0938 6532 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
17:48:01.0938 6532 RasSstp - ok
17:48:01.0969 6532 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
17:48:01.0969 6532 rdbss - ok
17:48:01.0985 6532 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
17:48:02.0001 6532 rdpbus - ok
17:48:02.0016 6532 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
17:48:02.0016 6532 RDPCDD - ok
17:48:02.0032 6532 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
17:48:02.0032 6532 RDPENCDD - ok
17:48:02.0032 6532 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
17:48:02.0032 6532 RDPREFMP - ok
17:48:02.0063 6532 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
17:48:02.0125 6532 RDPWD - ok
17:48:02.0157 6532 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
17:48:02.0219 6532 rdyboost - ok
17:48:02.0250 6532 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
17:48:02.0250 6532 RemoteAccess - ok
17:48:02.0266 6532 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
17:48:02.0281 6532 RemoteRegistry - ok
17:48:02.0328 6532 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
17:48:02.0391 6532 RimUsb - ok
17:48:02.0422 6532 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
17:48:02.0422 6532 RpcEptMapper - ok
17:48:02.0422 6532 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
17:48:02.0422 6532 RpcLocator - ok
17:48:02.0469 6532 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
17:48:02.0469 6532 RpcSs - ok
17:48:02.0484 6532 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
17:48:02.0484 6532 rspndr - ok
17:48:02.0515 6532 RTL8167 (b49dc435ae3695bac5623dd94b05732d) C:\Windows\system32\DRIVERS\Rt64win7.sys
17:48:02.0593 6532 RTL8167 - ok
17:48:02.0609 6532 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:48:02.0609 6532 SamSs - ok
17:48:02.0640 6532 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
17:48:02.0703 6532 sbp2port - ok
17:48:02.0718 6532 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
17:48:02.0718 6532 SCardSvr - ok
17:48:02.0749 6532 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
17:48:02.0796 6532 scfilter - ok
17:48:02.0890 6532 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
17:48:03.0124 6532 Schedule - ok
17:48:03.0233 6532 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
17:48:03.0311 6532 SCPolicySvc - ok
17:48:03.0327 6532 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
17:48:03.0327 6532 SDRSVC - ok
17:48:03.0389 6532 SeaPort (16a252022535b680046f6e34e136d378) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:48:03.0389 6532 SeaPort - ok
17:48:03.0405 6532 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
17:48:03.0420 6532 secdrv - ok
17:48:03.0436 6532 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
17:48:03.0483 6532 seclogon - ok
17:48:03.0561 6532 Secunia PSI Agent (5b66db4877bbac9f7493aa8d84421e49) C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:48:03.0561 6532 Secunia PSI Agent - ok
17:48:03.0592 6532 Secunia Update Agent (0e88fdf474f2cdd370a4a6ce77d018f0) C:\Program Files (x86)\Secunia\PSI\sua.exe
17:48:03.0592 6532 Secunia Update Agent - ok
17:48:03.0654 6532 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
17:48:03.0670 6532 SENS - ok
17:48:03.0685 6532 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
17:48:03.0685 6532 SensrSvc - ok
17:48:03.0701 6532 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
17:48:03.0701 6532 Serenum - ok
17:48:03.0717 6532 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
17:48:03.0732 6532 Serial - ok
17:48:03.0763 6532 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
17:48:03.0763 6532 sermouse - ok
17:48:03.0826 6532 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
17:48:03.0888 6532 SessionEnv - ok
17:48:03.0919 6532 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
17:48:03.0935 6532 sffdisk - ok
17:48:03.0935 6532 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
17:48:03.0951 6532 sffp_mmc - ok
17:48:03.0966 6532 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
17:48:04.0013 6532 sffp_sd - ok
17:48:04.0029 6532 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
17:48:04.0029 6532 sfloppy - ok
17:48:04.0091 6532 SftService (16a5cc62f79a32a974b55110a898945c) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:48:04.0107 6532 SftService - ok
17:48:04.0138 6532 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
17:48:04.0138 6532 SharedAccess - ok
17:48:04.0169 6532 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
17:48:04.0169 6532 ShellHWDetection - ok
17:48:04.0185 6532 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:48:04.0200 6532 SiSRaid2 - ok
17:48:04.0216 6532 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
17:48:04.0216 6532 SiSRaid4 - ok
17:48:04.0247 6532 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
17:48:04.0247 6532 Smb - ok
17:48:04.0278 6532 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
17:48:04.0278 6532 SNMPTRAP - ok
17:48:04.0294 6532 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
17:48:04.0294 6532 spldr - ok
17:48:04.0341 6532 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
17:48:04.0341 6532 Spooler - ok
17:48:04.0450 6532 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
17:48:04.0543 6532 sppsvc - ok
17:48:04.0590 6532 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
17:48:04.0606 6532 sppuinotify - ok
17:48:04.0668 6532 sprtsvc_DellSupportCenter (d630b6f2e8379b6f10dc16e82a426552) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
17:48:04.0684 6532 sprtsvc_DellSupportCenter - ok
17:48:04.0731 6532 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
17:48:04.0746 6532 srv - ok
17:48:04.0762 6532 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
17:48:04.0824 6532 srv2 - ok
17:48:04.0840 6532 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
17:48:04.0887 6532 srvnet - ok
17:48:05.0058 6532 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
17:48:05.0058 6532 SSDPSRV - ok
17:48:05.0105 6532 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
17:48:05.0121 6532 SstpSvc - ok
17:48:05.0136 6532 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
17:48:05.0152 6532 stexstor - ok
17:48:05.0199 6532 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
17:48:05.0199 6532 StillCam - ok
17:48:05.0245 6532 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
17:48:05.0308 6532 stisvc - ok
17:48:05.0339 6532 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
17:48:05.0339 6532 swenum - ok
17:48:05.0370 6532 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
17:48:05.0386 6532 swprv - ok
17:48:05.0448 6532 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
17:48:05.0479 6532 SysMain - ok
17:48:05.0542 6532 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
17:48:05.0604 6532 TabletInputService - ok
17:48:05.0620 6532 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
17:48:05.0667 6532 TapiSrv - ok
17:48:05.0682 6532 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
17:48:05.0682 6532 TBS - ok
17:48:05.0776 6532 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
17:48:05.0854 6532 Tcpip - ok
17:48:05.0979 6532 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
17:48:06.0025 6532 TCPIP6 - ok
17:48:06.0088 6532 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
17:48:06.0166 6532 tcpipreg - ok
17:48:06.0197 6532 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
17:48:06.0197 6532 TDPIPE - ok
17:48:06.0228 6532 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
17:48:06.0228 6532 TDTCP - ok
17:48:06.0244 6532 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
17:48:06.0306 6532 tdx - ok
17:48:06.0322 6532 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
17:48:06.0353 6532 TermDD - ok
17:48:06.0384 6532 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
17:48:06.0400 6532 TermService - ok
17:48:06.0400 6532 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
17:48:06.0415 6532 Themes - ok
17:48:06.0431 6532 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
17:48:06.0431 6532 THREADORDER - ok
17:48:06.0447 6532 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
17:48:06.0447 6532 TrkWks - ok
17:48:06.0478 6532 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
17:48:06.0478 6532 TrustedInstaller - ok
17:48:06.0509 6532 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
17:48:06.0587 6532 tssecsrv - ok
17:48:06.0603 6532 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
17:48:06.0665 6532 TsUsbFlt - ok
17:48:06.0712 6532 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
17:48:06.0774 6532 tunnel - ok
17:48:06.0790 6532 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
17:48:06.0805 6532 uagp35 - ok
17:48:06.0837 6532 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
17:48:06.0899 6532 udfs - ok
17:48:06.0915 6532 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
17:48:06.0915 6532 UI0Detect - ok
17:48:06.0930 6532 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
17:48:06.0930 6532 uliagpkx - ok
17:48:06.0961 6532 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
17:48:07.0008 6532 umbus - ok
17:48:07.0024 6532 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
17:48:07.0024 6532 UmPass - ok
17:48:07.0039 6532 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
17:48:07.0039 6532 upnphost - ok
17:48:07.0071 6532 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
17:48:07.0133 6532 USBAAPL64 - ok
17:48:07.0149 6532 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
17:48:07.0195 6532 usbccgp - ok
17:48:07.0227 6532 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
17:48:07.0242 6532 usbcir - ok
17:48:07.0258 6532 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
17:48:07.0305 6532 usbehci - ok
17:48:07.0336 6532 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
17:48:07.0383 6532 usbhub - ok
17:48:07.0398 6532 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
17:48:07.0445 6532 usbohci - ok
17:48:07.0461 6532 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
17:48:07.0476 6532 usbprint - ok
17:48:07.0492 6532 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
17:48:07.0507 6532 usbscan - ok
17:48:07.0523 6532 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:48:07.0570 6532 USBSTOR - ok
17:48:07.0585 6532 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
17:48:07.0632 6532 usbuhci - ok
17:48:07.0648 6532 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
17:48:07.0648 6532 UxSms - ok
17:48:07.0679 6532 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
17:48:07.0679 6532 VaultSvc - ok
17:48:07.0695 6532 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
17:48:07.0710 6532 vdrvroot - ok
17:48:07.0757 6532 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
17:48:07.0773 6532 vds - ok
17:48:07.0788 6532 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
17:48:07.0788 6532 vga - ok
17:48:07.0804 6532 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
17:48:07.0804 6532 VgaSave - ok
17:48:07.0819 6532 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
17:48:07.0882 6532 vhdmp - ok
17:48:07.0960 6532 VIAHdAudAddService (a6cf4aaaa85ec6f655c9922593e407ab) C:\Windows\system32\drivers\viahduaa.sys
17:48:08.0022 6532 VIAHdAudAddService - ok
17:48:08.0038 6532 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
17:48:08.0038 6532 viaide - ok
17:48:08.0053 6532 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
17:48:08.0116 6532 volmgr - ok
17:48:08.0147 6532 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
17:48:08.0163 6532 volmgrx - ok
17:48:08.0163 6532 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
17:48:08.0225 6532 volsnap - ok
17:48:08.0241 6532 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
17:48:08.0241 6532 vsmraid - ok
17:48:08.0303 6532 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
17:48:08.0365 6532 VSS - ok
17:48:08.0428 6532 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
17:48:08.0443 6532 vwifibus - ok
17:48:08.0506 6532 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
17:48:08.0521 6532 W32Time - ok
17:48:08.0537 6532 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
17:48:08.0553 6532 WacomPen - ok
17:48:08.0568 6532 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:48:08.0631 6532 WANARP - ok
17:48:08.0631 6532 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
17:48:08.0677 6532 Wanarpv6 - ok
17:48:08.0755 6532 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
17:48:08.0818 6532 WatAdminSvc - ok
17:48:08.0880 6532 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
17:48:08.0911 6532 wbengine - ok
17:48:08.0943 6532 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
17:48:08.0958 6532 WbioSrvc - ok
17:48:08.0989 6532 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
17:48:09.0052 6532 wcncsvc - ok
17:48:09.0083 6532 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
17:48:09.0083 6532 WcsPlugInService - ok
17:48:09.0099 6532 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
17:48:09.0099 6532 Wd - ok
17:48:09.0130 6532 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
17:48:09.0130 6532 Wdf01000 - ok
17:48:09.0145 6532 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:48:09.0145 6532 WdiServiceHost - ok
17:48:09.0161 6532 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
17:48:09.0161 6532 WdiSystemHost - ok
17:48:09.0192 6532 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
17:48:09.0192 6532 WebClient - ok
17:48:09.0208 6532 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
17:48:09.0223 6532 Wecsvc - ok
17:48:09.0239 6532 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
17:48:09.0239 6532 wercplsupport - ok
17:48:09.0270 6532 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
17:48:09.0270 6532 WerSvc - ok
17:48:09.0286 6532 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
17:48:09.0286 6532 WfpLwf - ok
17:48:09.0317 6532 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
17:48:09.0395 6532 WimFltr - ok
17:48:09.0426 6532 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
17:48:09.0426 6532 WIMMount - ok
17:48:09.0457 6532 WinDefend - ok
17:48:09.0473 6532 WinHttpAutoProxySvc - ok
17:48:09.0520 6532 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
17:48:09.0520 6532 Winmgmt - ok
17:48:09.0613 6532 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
17:48:09.0676 6532 WinRM - ok
17:48:09.0769 6532 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
17:48:09.0832 6532 WinUsb - ok
17:48:09.0879 6532 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
17:48:09.0879 6532 Wlansvc - ok
17:48:10.0003 6532 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:48:10.0050 6532 wlidsvc - ok
17:48:10.0237 6532 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
17:48:10.0253 6532 WmiAcpi - ok
17:48:10.0284 6532 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
17:48:10.0300 6532 wmiApSrv - ok
17:48:10.0315 6532 WMPNetworkSvc - ok
17:48:10.0347 6532 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
17:48:10.0362 6532 WPCSvc - ok
17:48:10.0393 6532 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
17:48:10.0409 6532 WPDBusEnum - ok
17:48:10.0440 6532 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
17:48:10.0440 6532 ws2ifsl - ok
17:48:10.0456 6532 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
17:48:10.0456 6532 wscsvc - ok
17:48:10.0503 6532 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
17:48:10.0518 6532 WSDPrintDevice - ok
17:48:10.0518 6532 WSearch - ok
17:48:10.0596 6532 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
17:48:10.0674 6532 wuauserv - ok
17:48:10.0737 6532 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
17:48:10.0799 6532 WudfPf - ok
17:48:10.0830 6532 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
17:48:10.0877 6532 WUDFRd - ok
17:48:10.0893 6532 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
17:48:10.0939 6532 wudfsvc - ok
17:48:10.0955 6532 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
17:48:10.0955 6532 WwanSvc - ok
17:48:10.0986 6532 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
17:48:11.0236 6532 \Device\Harddisk0\DR0 - ok
17:48:11.0251 6532 MBR (0x1B8) (ddae9d649db12f6aff24483f2c298989) \Device\Harddisk6\DR6
17:48:11.0407 6532 \Device\Harddisk6\DR6 - ok
17:48:11.0407 6532 Boot (0x1200) (bd6a05eb50d6ebaf0c2bfc9af18816bd) \Device\Harddisk0\DR0\Partition0
17:48:11.0407 6532 \Device\Harddisk0\DR0\Partition0 - ok
17:48:11.0423 6532 Boot (0x1200) (57a2221155fd36c4ec3022f881db07a7) \Device\Harddisk0\DR0\Partition1
17:48:11.0423 6532 \Device\Harddisk0\DR0\Partition1 - ok
17:48:11.0423 6532 Boot (0x1200) (9b348456191a55acc6316f1414bfa13d) \Device\Harddisk6\DR6\Partition0
17:48:11.0423 6532 \Device\Harddisk6\DR6\Partition0 - ok
17:48:11.0423 6532 ============================================================
17:48:11.0423 6532 Scan finished
17:48:11.0423 6532 ============================================================
17:48:11.0439 5476 Detected object count: 0
17:48:11.0439 5476 Actual detected object count: 0




- Malwarebytes shows no malicous items detected

- I have my start menu back and system restored to a previous version before the problems started

- Minitool box results:

MiniToolBox by Farbar Version: 14-01-2012
Ran by JD (administrator) on 29-05-2012 at 18:03:39
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: http=127.0.0.1:49475

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : JD-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : cinci.rr.com

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : cinci.rr.com
Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
Physical Address. . . . . . . . . : 00-25-64-F6-E6-65
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::24a1:5be6:7bb9:bb69%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.104(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, May 28, 2012 9:38:29 PM
Lease Expires . . . . . . . . . . : Wednesday, May 30, 2012 5:45:53 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 234890596
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-32-9F-55-00-25-64-F6-E6-65
DNS Servers . . . . . . . . . . . : 209.18.47.61
209.18.47.62
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.cinci.rr.com:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : cinci.rr.com
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3880:8f7:9de3:679e(Preferred)
Link-local IPv6 Address . . . . . : fe80::3880:8f7:9de3:679e%13(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 74.125.225.100
74.125.225.101
74.125.225.102
74.125.225.103
74.125.225.104
74.125.225.105
74.125.225.110
74.125.225.96
74.125.225.97
74.125.225.98
74.125.225.99


Pinging google.com [74.125.225.3] with 32 bytes of data:
Reply from 74.125.225.3: bytes=32 time=78ms TTL=55
Reply from 74.125.225.3: bytes=32 time=33ms TTL=55

Ping statistics for 74.125.225.3:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 33ms, Maximum = 78ms, Average = 55ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24
209.191.122.70
72.30.38.140


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=134ms TTL=52
Reply from 72.30.38.140: bytes=32 time=73ms TTL=52

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 73ms, Maximum = 134ms, Average = 103ms
Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 25 64 f6 e6 65 ......Realtek PCIe FE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.104 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.104 276
192.168.1.104 255.255.255.255 On-link 192.168.1.104 276
192.168.1.255 255.255.255.255 On-link 192.168.1.104 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.104 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.104 276
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
13 58 ::/0 On-link
1 306 ::1/128 On-link
13 58 2001::/32 On-link
13 306 2001:0:4137:9e76:3880:8f7:9de3:679e/128
On-link
10 276 fe80::/64 On-link
13 306 fe80::/64 On-link
10 276 fe80::24a1:5be6:7bb9:bb69/128
On-link
13 306 fe80::3880:8f7:9de3:679e/128
On-link
1 306 ff00::/8 On-link
13 306 ff00::/8 On-link
10 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 08 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 08 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/29/2012 05:45:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/29/2012 05:45:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/29/2012 08:18:51 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/29/2012 07:51:08 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/29/2012 07:18:51 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/29/2012 06:18:57 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/29/2012 06:18:50 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/29/2012 00:22:18 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/29/2012 00:02:18 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (05/28/2012 11:22:17 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (05/28/2012 09:39:12 PM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (05/28/2012 09:25:47 PM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (05/28/2012 09:20:33 PM) (Source: Service Control Manager) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (05/28/2012 09:20:08 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

Error: (05/28/2012 09:19:45 PM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (05/28/2012 09:18:27 PM) (Source: Service Control Manager) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5.

Error: (05/28/2012 04:32:35 PM) (Source: DCOM) (User: SYSTEM)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (05/28/2012 04:31:41 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (05/28/2012 04:31:40 PM) (Source: VDS Basic Provider) (User: )
Description: Unexpected failure. Error code: D@01010004

Error: (05/28/2012 04:30:47 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (03/27/2011 10:48:25 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2375 seconds with 1980 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Reader 9.5.0 (Version: 9.5.0)
AIM 7
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
Apple Application Support (Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (Version: 2.1.3.127)
ATI Catalyst Control Center (Version: 2.009.0614.2130)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
C6300 (Version: 130.0.365.000)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Full Existing (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Full New (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Light (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Previews Common (Version: 2009.0614.2131.36800)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0614.2131.36800)
Catalyst Control Center InstallProxy (Version: 2009.0614.2131.36800)
Catalyst Control Center Localization All (Version: 2009.0614.2131.36800)
ccc-core-static (Version: 2009.0614.2131.36800)
ccc-utility64 (Version: 2009.0614.2131.36800)
CCC Help Chinese Standard (Version: 2009.0614.2130.36800)
CCC Help Chinese Traditional (Version: 2009.0614.2130.36800)
CCC Help Czech (Version: 2009.0614.2130.36800)
CCC Help Danish (Version: 2009.0614.2130.36800)
CCC Help Dutch (Version: 2009.0614.2130.36800)
CCC Help English (Version: 2009.0614.2130.36800)
CCC Help Finnish (Version: 2009.0614.2130.36800)
CCC Help French (Version: 2009.0614.2130.36800)
CCC Help German (Version: 2009.0614.2130.36800)
CCC Help Greek (Version: 2009.0614.2130.36800)
CCC Help Hungarian (Version: 2009.0614.2130.36800)
CCC Help Italian (Version: 2009.0614.2130.36800)
CCC Help Japanese (Version: 2009.0614.2130.36800)
CCC Help Korean (Version: 2009.0614.2130.36800)
CCC Help Norwegian (Version: 2009.0614.2130.36800)
CCC Help Polish (Version: 2009.0614.2130.36800)
CCC Help Portuguese (Version: 2009.0614.2130.36800)
CCC Help Russian (Version: 2009.0614.2130.36800)
CCC Help Spanish (Version: 2009.0614.2130.36800)
CCC Help Swedish (Version: 2009.0614.2130.36800)
CCC Help Thai (Version: 2009.0614.2130.36800)
CCC Help Turkish (Version: 2009.0614.2130.36800)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Consumer In-Home Service Agreement (Version: 2.0.0)
Coupon Printer for Windows (Version: 5.0.0.1)
CouponBar (Version: 5.0.0.5)
D3DX10 (Version: 15.4.2368.0902)
Dell DataSafe Local Backup - Support Software (Version: 2.34)
Dell DataSafe Local Backup (Version: 9.3.74)
Dell DataSafe Online (Version: 1.2.0009)
Dell Dock (Version: 2.0.0)
Dell Edoc Viewer (Version: 1.0.0)
Dell Getting Started Guide (Version: 1.00.0000)
Dell Support Center (Support Software) (Version: 2.5.09100)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.465.000)
DocProc (Version: 13.0.0.0)
Download Updater (AOL LLC)
Google Chrome (Version: 19.0.1084.52)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.111)
GoToAssist 8.0.0.514
GPBaseService2 (Version: 130.0.371.000)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
Hoyle Card Games 2011 (remove only)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart C6300 All-In-One Driver Software 13.0 Rel. 4 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Product Detection (Version: 11.14.0001)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.002.006.003)
HPPhotoGadget (Version: 130.0.282.000)
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
iSEEK AnswerWorks English Runtime (Version: 009.000.0002)
iTunes (Version: 10.5.2.11)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 29 (64-bit) (Version: 6.0.290)
Java™ 6 Update 29 (Version: 6.0.290)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.61.0.1400 (Version: 1.61.0.1400)
MarketResearch (Version: 130.0.374.000)
McAfee SecurityCenter (Version: 11.0.669)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 1.2.1)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.133.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Network64 (Version: 130.0.572.000)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
PowerDVD DX (Version: 8.3.5424)
PS_AIO_04_C6300_Software_Min (Version: 130.0.365.000)
Quicken 2009 (Version: 18.1.1.29)
QuickTime (Version: 7.71.80.42)
RAIDXpert (Version: 2.4.1546.4)
Roxio Burn (Version: 1.01)
Scan (Version: 13.0.0.0)
Secunia PSI (2.0.0.4003) (Version: 2.0.0.4003)
Shop for HP Supplies (Version: 13.0)
Skins (Version: 2009.0614.2131.36800)
SmartWebPrinting (Version: 130.0.457.000)
SolutionCenter (Version: 130.0.373.000)
Status (Version: 130.0.469.000)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.422.000)
TurboTax 2009
TurboTax 2009 WinPerFedFormset (Version: 009.000.2163)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0238)
TurboTax 2009 wohiper (Version: 009.000.0853)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.4012)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0457)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0213)
TurboTax 2010 wohiper (Version: 010.000.1265)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2999)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0474)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0214)
TurboTax 2011 wohiper (Version: 011.000.1629)
TurboTax 2011 wrapper (Version: 011.000.0121)
UnloadSupport (Version: 11.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WebReg (Version: 130.0.132.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 5887.12 MB
Available physical RAM: 4403.28 MB
Total Pagefile: 11772.43 MB
Available Pagefile: 9333.59 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.61 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:683.95 GB) (Free:596.8 GB) NTFS
7 Drive i: (HP v125w) (Removable) (Total:1.87 GB) (Free:1.25 GB) FAT

========================= Users: ========================================

User accounts for \\JD-PC

Administrator Guest JD


**** End of log ****

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 PM

Posted 29 May 2012 - 06:02 PM

- I have my start menu back and system restored to a previous version before the problems started

Do you have your startmenu programs back?

What are your current issues?

#7 NathanBrazil

NathanBrazil
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 29 May 2012 - 07:55 PM

Yes - I have my start menu programs back and operational. As far as I can tell, the computer seems to be back to normal without issues, except the one strange thing I note below. The help you have given seems to have resolved all issues that I am aware of - as the menus are back, I am not getting any of the previous multiple popups and warnings, and the various malware protection programs are showing no issues.

The only thing I do get, which may not be related - although it just started happening is the following message upon startup: "catlyst control centre host application has stopped working". It goes away quickly without appearing to do anything and does not seem to be affecting anything I am doing. If this does not connect with the trojan we have removed, then thank you very much for your help. If this is a sign of anything that may require additional checks or fixes, please let me know

Either way - thank you again for all your help in getting my computer back

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 PM

Posted 29 May 2012 - 07:57 PM

although it just started happening is the following message upon startup: "catlyst control centre host application has stopped working".

Please run UNHIDE tool once again in normal mode.Do not interrupt it.

Restart the PC and let me know if you still have error pop up

#9 NathanBrazil

NathanBrazil
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 29 May 2012 - 09:20 PM

Ran unhide in normal mode and rebooted. The pop up for the catlyst centre did not happen - so it appears to be fixed.

Everything appears to be in working order and normal now - thank you

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 PM

Posted 29 May 2012 - 11:07 PM

Download

TFC


Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#11 NathanBrazil

NathanBrazil
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:01 PM

Posted 30 May 2012 - 09:24 PM

Everything is working great. Thanks again for all your help. Very much appreciated.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:01 PM

Posted 30 May 2012 - 09:41 PM

You're welcome.Appreciate your feedback :thumbsup:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users