Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I need help, "DMW.exe - Firefox"


  • This topic is locked This topic is locked
12 replies to this topic

#1 lala121

lala121

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 08 February 2014 - 11:08 AM

Basically I installed K-Lite today and after this I started getting this process. I thought it was firefox when if was not even running so i decided to uninstall as I didnt use it. But after I uninstalled it Kaspersky is keeping blocking malicious URLs which is done by this dmw.exe firefox. I dont know what to do! Please help, I am soo stressed I have no time for a virus, literally i had several panic attacks :( I am running now malwarebytes and finished and it says 900 infections :(



BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:56 PM

Posted 08 February 2014 - 12:04 PM

Please download TDSSKiller exe version to your desktop. Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.
  •     Click on Change Parameters and click Detect TDLFS File System.
  •     Click the Start Scan button.
  •     Do not use the computer during the scan
  •     If the scan completes with nothing found, click Close to exit.
  •     If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  •     Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  •     Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  •     A TDSSKiller text file would be saved in Local Disk C.
  •     Copy and paste the contents of that file in your next reply.
ADW Cleaner


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#3 lala121

lala121
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 08 February 2014 - 12:25 PM

Please download TDSSKiller exe version to your desktop. Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.

  •     Click on Change Parameters and click Detect TDLFS File System.
  •     Click the Start Scan button.
  •     Do not use the computer during the scan
  •     If the scan completes with nothing found, click Close to exit.
  •     If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  •     Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  •     Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  •     A TDSSKiller text file would be saved in Local Disk C.
  •     Copy and paste the contents of that file in your next reply.
ADW CleanerPlease download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

Thank you for your reply :) I will get onto this. Hopefully it will work.

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:56 PM

Posted 08 February 2014 - 12:28 PM

also DWM is the Display Windows Manager it allows for Aero to run on Windows Vista and 7.

#5 lala121

lala121
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 08 February 2014 - 12:30 PM

also DWM is the Display Windows Manager it allows for Aero to run on Windows Vista and 7.


Its not DWM.exe but DMW.exe with a firefox dezcription. There has been a thread about it where someone has helped but am not sure how to follow it.

#6 lala121

lala121
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 08 February 2014 - 12:40 PM

Please download TDSSKiller exe version to your desktop. Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.

  •     Click on Change Parameters and click Detect TDLFS File System.
  •     Click the Start Scan button.
  •     Do not use the computer during the scan
  •     If the scan completes with nothing found, click Close to exit.
  •     If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  •     Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  •     Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  •     A TDSSKiller text file would be saved in Local Disk C.
  •     Copy and paste the contents of that file in your next reply.
ADW Cleaner


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

 

 

TDSSKiller Log

 

17:17:37.0469 0x0f28  TDSS rootkit removing tool 3.0.0.22 Feb  3 2014 16:45:35

17:17:45.0222 0x0f28  ============================================================
17:17:45.0222 0x0f28  Current date / time: 2014/02/08 17:17:45.0222
17:17:45.0222 0x0f28  SystemInfo:
17:17:45.0222 0x0f28  
17:17:45.0222 0x0f28  OS Version: 6.0.6002 ServicePack: 2.0
17:17:45.0222 0x0f28  Product type: Workstation
17:17:45.0222 0x0f28  ComputerName: SHAHEERKHAN-PC
17:17:45.0222 0x0f28  UserName: Shaheer Khan
17:17:45.0222 0x0f28  Windows directory: C:\Windows
17:17:45.0222 0x0f28  System windows directory: C:\Windows
17:17:45.0222 0x0f28  Processor architecture: Intel x86
17:17:45.0222 0x0f28  Number of processors: 2
17:17:45.0222 0x0f28  Page size: 0x1000
17:17:45.0222 0x0f28  Boot type: Normal boot
17:17:45.0222 0x0f28  ============================================================
17:17:48.0826 0x0f28  KLMD registered as C:\Windows\system32\drivers\81669263.sys
17:17:49.0091 0x0f28  System UUID: {CEAA98F7-4D92-D0CD-49AB-8A9C5B515727}
17:17:49.0840 0x0f28  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:17:49.0886 0x0f28  ============================================================
17:17:49.0886 0x0f28  \Device\Harddisk0\DR0:
17:17:49.0902 0x0f28  MBR partitions:
17:17:49.0902 0x0f28  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1400000
17:17:49.0902 0x0f28  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141F800, BlocksNum 0x38F66000
17:17:49.0902 0x0f28  ============================================================
17:17:50.0152 0x0f28  C: <-> \Device\Harddisk0\DR0\Partition2
17:17:50.0276 0x0f28  D: <-> \Device\Harddisk0\DR0\Partition1
17:17:50.0276 0x0f28  ============================================================
17:17:50.0276 0x0f28  Initialize success
17:17:50.0276 0x0f28  ============================================================
17:18:08.0513 0x1778  ============================================================
17:18:08.0513 0x1778  Scan started
17:18:08.0513 0x1778  Mode: Manual; TDLFS; 
17:18:08.0513 0x1778  ============================================================
17:18:08.0513 0x1778  KSN ping started
17:18:22.0958 0x1778  KSN ping finished: true
17:18:26.0125 0x1778  ================ Scan system memory ========================
17:18:26.0125 0x1778  System memory - ok
17:18:26.0125 0x1778  ================ Scan services =============================
17:18:27.0342 0x1778  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
17:18:27.0420 0x1778  ACPI - ok
17:18:27.0748 0x1778  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:18:27.0748 0x1778  AdobeARMservice - ok
17:18:27.0966 0x1778  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:18:27.0997 0x1778  AdobeFlashPlayerUpdateSvc - ok
17:18:28.0153 0x1778  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:18:28.0309 0x1778  adp94xx - ok
17:18:28.0465 0x1778  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:18:28.0543 0x1778  adpahci - ok
17:18:28.0637 0x1778  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
17:18:28.0715 0x1778  adpu160m - ok
17:18:28.0762 0x1778  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:18:28.0777 0x1778  adpu320 - ok
17:18:28.0840 0x1778  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:18:28.0840 0x1778  AeLookupSvc - ok
17:18:28.0949 0x1778  [ A6CE73469591554279DA63BE715DBC93, E0F2441A3814173DD93A28727DF7ECB9B58613B8E5D0C3A3FC082AF816C68CA8 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
17:18:28.0949 0x1778  AERTFilters - ok
17:18:29.0027 0x1778  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
17:18:29.0152 0x1778  AFD - ok
17:18:29.0214 0x1778  [ EF23439CDD587F64C2C1B8825CEAD7D8, 762665CFC202B3E16CA2338887896FDF996331A363DC709F1EC088BF927133A3 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:18:29.0245 0x1778  agp440 - ok
17:18:29.0323 0x1778  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
17:18:29.0401 0x1778  aic78xx - ok
17:18:29.0432 0x1778  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
17:18:29.0479 0x1778  ALG - ok
17:18:29.0557 0x1778  [ 3A99CB23A2D326FD532618705D6E3048, AF0FBE8C89F1B231B7BD00155E1555DBCB37B6B7B58E94DA254EC7A40A473236 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:18:29.0573 0x1778  aliide - ok
17:18:29.0620 0x1778  [ F9491B157A8CD70557745FA0312C1EEE, CA91E1E136ED6AE3E16883E465D4AEB47260416ABCF14D58ADB395AE2368B418 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:18:29.0620 0x1778  AMD External Events Utility - ok
17:18:29.0682 0x1778  [ 2B13E304C9DFDFA5EB582F6A149FA2C7, 196CCE13E0376526B79D9C43D4071990576C4DD210A48E9E922B438AA11C95E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:18:29.0713 0x1778  amdagp - ok
17:18:29.0776 0x1778  [ 4333C133DBD71C7D7FE4FB1B83F9EE3E, 3E08961741FACF0D35D1B49EE6E2A0AFF7DB3D8CCDBF823554EC83786AB925FE ] amdide          C:\Windows\system32\drivers\amdide.sys
17:18:29.0776 0x1778  amdide - ok
17:18:29.0838 0x1778  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
17:18:29.0869 0x1778  AmdK7 - ok
17:18:29.0932 0x1778  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:18:29.0947 0x1778  AmdK8 - ok
17:18:31.0882 0x1778  [ F53B89A4B976B534DAA8AEDAFEAF8EA3, 1973FC771B69ADEE17A3405B7961958B8DF135506D60554BD233325EC1C46AA6 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:18:33.0847 0x1778  amdkmdag - ok
17:18:33.0941 0x1778  [ 3DEA9B1D1B274C739C9367FB1E56185F, ACE1520FE4754DB61F6C1726C2B6859ABA322115DF8FB43660A0D964019039CA ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:18:33.0956 0x1778  amdkmdap - ok
17:18:34.0019 0x1778  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
17:18:34.0019 0x1778  Appinfo - ok
17:18:34.0081 0x1778  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
17:18:34.0159 0x1778  arc - ok
17:18:34.0206 0x1778  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:18:34.0222 0x1778  arcsas - ok
17:18:34.0534 0x1778  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
17:18:34.0627 0x1778  aspnet_state - ok
17:18:34.0690 0x1778  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:18:34.0752 0x1778  AsyncMac - ok
17:18:34.0830 0x1778  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
17:18:34.0830 0x1778  atapi - ok
17:18:36.0827 0x1778  [ F53B89A4B976B534DAA8AEDAFEAF8EA3, 1973FC771B69ADEE17A3405B7961958B8DF135506D60554BD233325EC1C46AA6 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:18:37.0045 0x1778  atikmdag - ok
17:18:37.0139 0x1778  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:18:37.0170 0x1778  AudioEndpointBuilder - ok
17:18:37.0186 0x1778  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:18:37.0201 0x1778  Audiosrv - ok
17:18:37.0482 0x1778  [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] avp             C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
17:18:37.0498 0x1778  avp - ok
17:18:37.0607 0x1778  [ CF6A67C90951E3E763D2135DEDE44B85, DD31F105665C6980D4CEF5C5C0F29590CF1DC0B4AEB3809C8659915E5E95931B ] BCM43XV         C:\Windows\system32\DRIVERS\bcmwl6.sys
17:18:37.0669 0x1778  BCM43XV - ok
17:18:37.0700 0x1778  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:18:37.0700 0x1778  Beep - ok
17:18:37.0732 0x1778  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
17:18:37.0747 0x1778  BFE - ok
17:18:37.0810 0x1778  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
17:18:37.0856 0x1778  BITS - ok
17:18:37.0856 0x1778  blbdrive - ok
17:18:37.0903 0x1778  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:18:37.0903 0x1778  bowser - ok
17:18:38.0028 0x1778  [ ADE5F4021FF3844FA0082244D284FC50, FBAE1ABEF59872D3273523EDC2F7E6E8B30BB7FAED38EA20DCDDE195EBEEFA1E ] BoxSyncUpdateService C:\Program Files\Box\Box Sync\SyncUpdaterService.exe
17:18:38.0044 0x1778  BoxSyncUpdateService - ok
17:18:38.0075 0x1778  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
17:18:38.0075 0x1778  BrFiltLo - ok
17:18:38.0106 0x1778  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
17:18:38.0106 0x1778  BrFiltUp - ok
17:18:38.0246 0x1778  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
17:18:38.0246 0x1778  Browser - ok
17:18:38.0278 0x1778  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
17:18:38.0324 0x1778  Brserid - ok
17:18:38.0340 0x1778  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
17:18:38.0340 0x1778  BrSerWdm - ok
17:18:38.0356 0x1778  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
17:18:38.0356 0x1778  BrUsbMdm - ok
17:18:38.0387 0x1778  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
17:18:38.0402 0x1778  BrUsbSer - ok
17:18:38.0418 0x1778  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:18:38.0465 0x1778  BTHMODEM - ok
17:18:38.0480 0x1778  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:18:38.0496 0x1778  cdfs - ok
17:18:38.0527 0x1778  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:18:38.0527 0x1778  cdrom - ok
17:18:38.0558 0x1778  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
17:18:38.0558 0x1778  CertPropSvc - ok
17:18:38.0605 0x1778  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:18:38.0621 0x1778  circlass - ok
17:18:38.0668 0x1778  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
17:18:38.0683 0x1778  CLFS - ok
17:18:39.0011 0x1778  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:18:39.0089 0x1778  clr_optimization_v2.0.50727_32 - ok
17:18:39.0151 0x1778  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:18:39.0245 0x1778  clr_optimization_v4.0.30319_32 - ok
17:18:39.0276 0x1778  [ DFB94A6FC3A26972B0461AB5F1D8272B, E55F8A8661EFBD8AAC202C02E9CA970BB0297786C6FF5E4D4E3CC67706E82FAE ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:18:39.0276 0x1778  cmdide - ok
17:18:39.0323 0x1778  [ 82B8C91D327CFECF76CB58716F7D4997, 6F06A4BC44B170BB28BF464E9BB5216D39D11CB8D442570B575A741B032EAEE6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:18:39.0385 0x1778  Compbatt - ok
17:18:39.0385 0x1778  COMSysApp - ok
17:18:39.0479 0x1778  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:18:39.0479 0x1778  crcdisk - ok
17:18:39.0635 0x1778  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
17:18:40.0430 0x1778  Crusoe - ok
17:18:40.0524 0x1778  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:18:40.0540 0x1778  CryptSvc - ok
17:18:40.0680 0x1778  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:18:40.0727 0x1778  DcomLaunch - ok
17:18:40.0789 0x1778  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:18:40.0820 0x1778  DfsC - ok
17:18:41.0554 0x1778  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
17:18:42.0755 0x1778  DFSR - ok
17:18:42.0880 0x1778  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
17:18:42.0911 0x1778  Dhcp - ok
17:18:42.0973 0x1778  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
17:18:42.0973 0x1778  disk - ok
17:18:43.0004 0x1778  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:18:43.0004 0x1778  Dnscache - ok
17:18:43.0051 0x1778  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
17:18:43.0067 0x1778  dot3svc - ok
17:18:43.0082 0x1778  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
17:18:43.0098 0x1778  DPS - ok
17:18:43.0114 0x1778  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:18:43.0114 0x1778  drmkaud - ok
17:18:43.0176 0x1778  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:18:43.0192 0x1778  DXGKrnl - ok
17:18:43.0426 0x1778  [ 4195EA16F756645069642A4B464BB221, 06BE2262D0C5BB8CFF741E83605DD86812F99A2BFE84AFA5A938399457FF0CBD ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
17:18:43.0441 0x1778  e1express - ok
17:18:43.0488 0x1778  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
17:18:43.0519 0x1778  E1G60 - ok
17:18:43.0550 0x1778  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
17:18:43.0550 0x1778  EapHost - ok
17:18:43.0582 0x1778  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
17:18:43.0597 0x1778  Ecache - ok
17:18:43.0644 0x1778  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:18:43.0660 0x1778  ehRecvr - ok
17:18:43.0691 0x1778  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
17:18:43.0706 0x1778  ehSched - ok
17:18:43.0738 0x1778  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
17:18:43.0738 0x1778  ehstart - ok
17:18:43.0784 0x1778  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:18:43.0862 0x1778  elxstor - ok
17:18:43.0909 0x1778  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
17:18:44.0018 0x1778  EMDMgmt - ok
17:18:44.0050 0x1778  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
17:18:44.0065 0x1778  EventSystem - ok
17:18:44.0081 0x1778  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:18:44.0081 0x1778  exfat - ok
17:18:44.0112 0x1778  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:18:44.0112 0x1778  fastfat - ok
17:18:44.0143 0x1778  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:18:44.0143 0x1778  fdc - ok
17:18:44.0159 0x1778  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
17:18:44.0159 0x1778  fdPHost - ok
17:18:44.0174 0x1778  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:18:44.0174 0x1778  FDResPub - ok
17:18:44.0190 0x1778  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:18:44.0190 0x1778  FileInfo - ok
17:18:44.0221 0x1778  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:18:44.0221 0x1778  Filetrace - ok
17:18:44.0268 0x1778  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:18:44.0268 0x1778  flpydisk - ok
17:18:44.0268 0x1778  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:18:44.0299 0x1778  FltMgr - ok
17:18:44.0346 0x1778  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
17:18:44.0377 0x1778  FontCache - ok
17:18:44.0440 0x1778  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:18:44.0455 0x1778  FontCache3.0.0.0 - ok
17:18:44.0471 0x1778  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:18:44.0471 0x1778  Fs_Rec - ok
17:18:44.0486 0x1778  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:18:44.0502 0x1778  gagp30kx - ok
17:18:44.0549 0x1778  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
17:18:44.0580 0x1778  gpsvc - ok
17:18:44.0611 0x1778  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
17:18:44.0627 0x1778  gupdate - ok
17:18:44.0627 0x1778  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
17:18:44.0627 0x1778  gupdatem - ok
17:18:44.0674 0x1778  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:18:44.0674 0x1778  HdAudAddService - ok
17:18:44.0736 0x1778  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:18:44.0861 0x1778  HDAudBus - ok
17:18:44.0876 0x1778  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:18:44.0892 0x1778  HidBth - ok
17:18:44.0892 0x1778  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:18:44.0908 0x1778  HidIr - ok
17:18:44.0939 0x1778  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
17:18:44.0939 0x1778  hidserv - ok
17:18:44.0954 0x1778  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:18:44.0954 0x1778  HidUsb - ok
17:18:44.0970 0x1778  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:18:44.0986 0x1778  hkmsvc - ok
17:18:45.0001 0x1778  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
17:18:45.0001 0x1778  HpCISSs - ok
17:18:45.0204 0x1778  [ 911961244D2CE9F1A16737862AE7BF73, 3F12FEF50AF7CF0F47CE2184402654782A8BB5E31BADC788F6E3BB49C37E2A29 ] hshld           C:\Program Files\Hotspot Shield\bin\cmw_srv.exe
17:18:45.0266 0x1778  hshld - ok
17:18:45.0313 0x1778  [ 70ECACBEAAF6D3AFE3D681F26857A638, 648539C8778D40D1BE636628FB6D7E612B038FC7D443F914F5CA578BA3BA9834 ] HssDRV6         C:\Windows\system32\DRIVERS\hssdrv6.sys
17:18:45.0329 0x1778  HssDRV6 - ok
17:18:45.0360 0x1778  [ 5510086FE07E4BBFB3FF9769D9C75150, 0F4B87014F33A588375CF88C51517C7929F22246A67FD16C8223B17D179A4D47 ] HssTrayService  C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
17:18:45.0360 0x1778  HssTrayService - ok
17:18:45.0422 0x1778  [ 704EE8EA4A9993E3FD57EC20268CF537, 2A65EDAFC261865D8E12FA765E81AB4CD1094419BDCFCB12D08C324BF25D6730 ] HssWd           C:\Program Files\Hotspot Shield\bin\hsswd.exe
17:18:45.0422 0x1778  HssWd - ok
17:18:45.0563 0x1778  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:18:45.0688 0x1778  HTTP - ok
17:18:45.0719 0x1778  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
17:18:45.0766 0x1778  i2omp - ok
17:18:45.0812 0x1778  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:18:45.0812 0x1778  i8042prt - ok
17:18:45.0844 0x1778  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
17:18:45.0859 0x1778  iaStorV - ok
17:18:45.0922 0x1778  [ 203BB2691E7D0088A2C1F9C39C15A9B7, 4669374AA7CCEDD162DC010147DE388FE17AB7920F7599AB1C82F381725301F2 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
17:18:45.0922 0x1778  IDMWFP - ok
17:18:46.0031 0x1778  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
17:18:46.0046 0x1778  IDriverT - ok
17:18:46.0109 0x1778  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:18:46.0171 0x1778  idsvc - ok
17:18:46.0202 0x1778  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:18:46.0202 0x1778  iirsp - ok
17:18:46.0296 0x1778  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:18:46.0327 0x1778  IKEEXT - ok
17:18:46.0717 0x1778  [ C6A9194FC152893DB5D9ACEA8D7CFA38, D5C5DE46D2D0C076BA63C42CEF8BEED00E990B60D13A469692A2C3465A3023BD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
17:18:46.0764 0x1778  IntcAzAudAddService - ok
17:18:46.0795 0x1778  [ 1C60617D54BC9F035671A44B75D9F7CC, 8E8E3B8FC0BD88042BA9641E5E7A4D045A41DD8378A41910A58203C044251D11 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:18:46.0811 0x1778  intelide - ok
17:18:46.0842 0x1778  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:18:46.0842 0x1778  intelppm - ok
17:18:46.0873 0x1778  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:18:46.0873 0x1778  IPBusEnum - ok
17:18:46.0904 0x1778  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:18:46.0904 0x1778  IpFilterDriver - ok
17:18:46.0936 0x1778  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:18:46.0936 0x1778  iphlpsvc - ok
17:18:46.0951 0x1778  IpInIp - ok
17:18:46.0998 0x1778  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
17:18:47.0029 0x1778  IPMIDRV - ok
17:18:47.0029 0x1778  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
17:18:47.0029 0x1778  IPNAT - ok
17:18:47.0076 0x1778  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:18:47.0076 0x1778  IRENUM - ok
17:18:47.0092 0x1778  [ 350FCA7E73CF65BCEF43FAE1E4E91293, 68403FE3F4DC40919CD26A2CC42BE4386AE6874F47DD382348FFD79080721A13 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:18:47.0092 0x1778  isapnp - ok
17:18:47.0123 0x1778  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
17:18:47.0123 0x1778  iScsiPrt - ok
17:18:47.0170 0x1778  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
17:18:47.0185 0x1778  iteatapi - ok
17:18:47.0201 0x1778  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
17:18:47.0201 0x1778  iteraid - ok
17:18:47.0232 0x1778  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:18:47.0232 0x1778  kbdclass - ok
17:18:47.0248 0x1778  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:18:47.0248 0x1778  kbdhid - ok
17:18:47.0263 0x1778  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
17:18:47.0279 0x1778  KeyIso - ok
17:18:47.0310 0x1778  [ 871C226234A48C24DFE7478F36C0050C, 657CAB49387E0E40311D4DEC93D9860B2DAC2C05F223698CFA2F9BB50B5F3022 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
17:18:47.0326 0x1778  kl1 - ok
17:18:47.0372 0x1778  [ 0D5A00385AB68723325D607B646DCDFE, B00441431B54239F8340BD50E9F9E21EEB4556F9C69EEAE8450A06970C77DC58 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
17:18:47.0388 0x1778  KLIF - ok
17:18:47.0435 0x1778  [ 039FB019C92A16A54FE527D93B0CFB96, 080897B377511FD2439EB651086390CD72B822E8222C79AB0569FAFAA14BA0AE ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
17:18:47.0450 0x1778  KLIM6 - ok
17:18:47.0497 0x1778  [ 249A266AF74ADE44AE8424E78D145E09, 2D83543DFD9E3C1060E231D776E1755E2041CFD0245139C2041D560956165C0E ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
17:18:47.0497 0x1778  klkbdflt - ok
17:18:47.0560 0x1778  [ 035724BA6D5676B76FD3AFB66AB4F1E3, 81B30112B96DD3E7250420EEFF2ACECD424A2BE155E83C44434321CEA7DBE117 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
17:18:47.0560 0x1778  klmouflt - ok
17:18:47.0653 0x1778  [ EB0D72D2844C57F5F146D7A15B04FBF9, 3DFEDA024AD5D54EEAF7D4411153CFA8AD95FCF217E09F2B7AFD2D91EE623BF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
17:18:47.0653 0x1778  klpd - ok
17:18:47.0700 0x1778  [ 040A3BC4AF5A0430A1D9A758F076465E, D371BC29283AA645CF31D6EDB7D4562B7CF8D664D681B9033B948D71F4CC3EE6 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
17:18:47.0700 0x1778  kltdi - ok
17:18:47.0809 0x1778  [ 4D19D96447E160A7E4B479037761BBC1, AD34C9C678030744ADD00B09A96C368167AA303DDC39BE74B1538E7AF8A82CB8 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
17:18:47.0825 0x1778  kneps - ok
17:18:47.0934 0x1778  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:18:47.0965 0x1778  KSecDD - ok
17:18:48.0121 0x1778  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:18:48.0137 0x1778  KtmRm - ok
17:18:48.0199 0x1778  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:18:48.0215 0x1778  LanmanServer - ok
17:18:48.0230 0x1778  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:18:48.0246 0x1778  LanmanWorkstation - ok
17:18:48.0433 0x1778  [ 2892647EE6493131370BBDE8C2AD3B63, DA036CC642FC6B1A1C6E689679D3D9560DB02B84039208CFDF110BA98E1E113A ] LiveUpdateSvc   C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
17:18:48.0480 0x1778  LiveUpdateSvc - ok
17:18:48.0511 0x1778  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:18:48.0527 0x1778  lltdio - ok
17:18:48.0558 0x1778  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:18:48.0558 0x1778  lltdsvc - ok
17:18:48.0605 0x1778  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:18:48.0605 0x1778  lmhosts - ok
17:18:48.0636 0x1778  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:18:48.0652 0x1778  LSI_FC - ok
17:18:48.0652 0x1778  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:18:48.0652 0x1778  LSI_SAS - ok
17:18:48.0667 0x1778  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:18:48.0667 0x1778  LSI_SCSI - ok
17:18:48.0683 0x1778  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
17:18:48.0683 0x1778  luafv - ok
17:18:48.0745 0x1778  [ D8C0B2EB928D57C928522EFF500C4BA8, B7261AB2DD262140489087C1A8F1A1DA5EE6373D453E5BC8A3F7B93A5540CE6C ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv.sys
17:18:48.0761 0x1778  ManyCam - ok
17:18:48.0823 0x1778  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:18:48.0823 0x1778  MBAMProtector - ok
17:18:48.0901 0x1778  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:18:48.0932 0x1778  MBAMScheduler - ok
17:18:49.0010 0x1778  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:18:49.0026 0x1778  MBAMService - ok
17:18:49.0057 0x1778  [ DFAA87E30868FE4CB7D335837A4BF39C, 7BB65D4DC5CA2A4B4FE531F23E217CFA8BCFFE20E78BF18B04486345FC1E0B6E ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv.sys
17:18:49.0073 0x1778  mcaudrv_simple - ok
17:18:49.0135 0x1778  [ 8FD868E32459ECE2A1BB0169F513D31E, F28E47FBEC8EC8424FFFB359668E0FEEA66A69E9D737D75472934FAC39770390 ] mcdbus          C:\Windows\system32\DRIVERS\mcdbus.sys
17:18:49.0135 0x1778  mcdbus - ok
17:18:49.0166 0x1778  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:18:49.0166 0x1778  Mcx2Svc - ok
17:18:49.0198 0x1778  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:18:49.0198 0x1778  megasas - ok
17:18:49.0229 0x1778  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
17:18:49.0229 0x1778  MMCSS - ok
17:18:49.0260 0x1778  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
17:18:49.0276 0x1778  Modem - ok
17:18:49.0307 0x1778  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:18:49.0307 0x1778  monitor - ok
17:18:49.0322 0x1778  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:18:49.0322 0x1778  mouclass - ok
17:18:49.0354 0x1778  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:18:49.0369 0x1778  mouhid - ok
17:18:49.0385 0x1778  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
17:18:49.0385 0x1778  MountMgr - ok
17:18:49.0400 0x1778  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:18:49.0416 0x1778  mpio - ok
17:18:49.0432 0x1778  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:18:49.0432 0x1778  mpsdrv - ok
17:18:49.0478 0x1778  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:18:49.0494 0x1778  MpsSvc - ok
17:18:49.0525 0x1778  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
17:18:49.0525 0x1778  Mraid35x - ok
17:18:49.0556 0x1778  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:18:49.0556 0x1778  MRxDAV - ok
17:18:49.0603 0x1778  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:18:49.0603 0x1778  mrxsmb - ok
17:18:49.0650 0x1778  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:18:49.0666 0x1778  mrxsmb10 - ok
17:18:49.0712 0x1778  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:18:49.0728 0x1778  mrxsmb20 - ok
17:18:49.0744 0x1778  [ F0EC3A4E0693A34B148723B4DA31668C, 96D8730D94F15FB2C54DAD8298C8CA1075373CFC04FE62FA9123D28575E987FC ] msahci          C:\Windows\system32\drivers\msahci.sys
17:18:49.0759 0x1778  msahci - ok
17:18:49.0775 0x1778  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:18:49.0775 0x1778  msdsm - ok
17:18:49.0806 0x1778  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
17:18:49.0806 0x1778  MSDTC - ok
17:18:49.0868 0x1778  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:18:49.0884 0x1778  Msfs - ok
17:18:49.0915 0x1778  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:18:49.0915 0x1778  msisadrv - ok
17:18:49.0962 0x1778  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:18:49.0978 0x1778  MSiSCSI - ok
17:18:49.0978 0x1778  msiserver - ok
17:18:49.0993 0x1778  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:18:50.0009 0x1778  MSKSSRV - ok
17:18:50.0056 0x1778  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:18:50.0071 0x1778  MSPCLOCK - ok
17:18:50.0071 0x1778  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:18:50.0071 0x1778  MSPQM - ok
17:18:50.0149 0x1778  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:18:50.0149 0x1778  MsRPC - ok
17:18:50.0196 0x1778  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:18:50.0212 0x1778  mssmbios - ok
17:18:50.0227 0x1778  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:18:50.0243 0x1778  MSTEE - ok
17:18:50.0274 0x1778  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:18:50.0274 0x1778  Mup - ok
17:18:50.0336 0x1778  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
17:18:50.0352 0x1778  napagent - ok
17:18:50.0414 0x1778  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:18:50.0414 0x1778  NativeWifiP - ok
17:18:50.0461 0x1778  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:18:50.0477 0x1778  NDIS - ok
17:18:50.0508 0x1778  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:18:50.0508 0x1778  NdisTapi - ok
17:18:50.0539 0x1778  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:18:50.0539 0x1778  Ndisuio - ok
17:18:50.0555 0x1778  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:18:50.0555 0x1778  NdisWan - ok
17:18:50.0570 0x1778  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:18:50.0570 0x1778  NDProxy - ok
17:18:50.0602 0x1778  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:18:50.0602 0x1778  NetBIOS - ok
17:18:50.0617 0x1778  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
17:18:50.0633 0x1778  netbt - ok
17:18:50.0664 0x1778  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
17:18:50.0664 0x1778  Netlogon - ok
17:18:50.0695 0x1778  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
17:18:50.0695 0x1778  Netman - ok
17:18:50.0742 0x1778  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:18:50.0773 0x1778  NetMsmqActivator - ok
17:18:50.0773 0x1778  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:18:50.0789 0x1778  NetPipeActivator - ok
17:18:50.0820 0x1778  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
17:18:50.0898 0x1778  netprofm - ok
17:18:50.0914 0x1778  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:18:50.0914 0x1778  NetTcpActivator - ok
17:18:50.0914 0x1778  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
17:18:50.0929 0x1778  NetTcpPortSharing - ok
17:18:50.0945 0x1778  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:18:50.0945 0x1778  nfrd960 - ok
17:18:51.0054 0x1778  [ 4313A9C8FB224FBB17A348BA7E6E4431, DCCB4FDFEC221AC14E0BF22C9B2C11F81B08F4CE4670B66308A541E3C3FB56B7 ] NitroDriverReadSpool9 C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9.exe
17:18:51.0054 0x1778  NitroDriverReadSpool9 - ok
17:18:51.0101 0x1778  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:18:51.0116 0x1778  NlaSvc - ok
17:18:51.0132 0x1778  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:18:51.0132 0x1778  Npfs - ok
17:18:51.0148 0x1778  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
17:18:51.0148 0x1778  nsi - ok
17:18:51.0163 0x1778  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:18:51.0163 0x1778  nsiproxy - ok
17:18:51.0257 0x1778  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:18:51.0319 0x1778  Ntfs - ok
17:18:51.0350 0x1778  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
17:18:51.0350 0x1778  ntrigdigi - ok
17:18:51.0413 0x1778  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
17:18:51.0413 0x1778  Null - ok
17:18:51.0444 0x1778  [ 6F785DB62A6D8F3FAFD3E5695277E849, DC04FC2931FEA3BB6246749E0D748EF9FF5938EE93BD342D5B776BF96016F915 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:18:51.0475 0x1778  nvraid - ok
17:18:51.0491 0x1778  [ 4A5FCAB82D9BF6AF8A023A66802FE9E9, 1901DC75B1763F49AFD4E3FE67B52FE1BF99EC083F4F878557128EADCAF58C5C ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:18:51.0506 0x1778  nvstor - ok
17:18:51.0522 0x1778  [ 07C186427EB8FCC3D8D7927187F260F7, 9AFDE1CB7B7232BD019804BFC691580B9CC2E51A5BC0E5584B23907D532600D8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:18:51.0538 0x1778  nv_agp - ok
17:18:51.0538 0x1778  NwlnkFlt - ok
17:18:51.0538 0x1778  NwlnkFwd - ok
17:18:51.0553 0x1778  [ BE32DA025A0BE1878F0EE8D6D9386CD5, B9D6CB4626FC67D108D713467C9ED8D0E2A071D98621B5531AD9D0C172FE7B89 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:18:51.0569 0x1778  ohci1394 - ok
17:18:51.0616 0x1778  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:18:51.0631 0x1778  ose - ok
17:18:52.0536 0x1778  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:18:52.0739 0x1778  osppsvc - ok
17:18:52.0801 0x1778  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
17:18:52.0864 0x1778  p2pimsvc - ok
17:18:52.0926 0x1778  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:18:52.0942 0x1778  p2psvc - ok
17:18:53.0020 0x1778  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
17:18:53.0035 0x1778  Parport - ok
17:18:53.0051 0x1778  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:18:53.0051 0x1778  partmgr - ok
17:18:53.0082 0x1778  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
17:18:53.0082 0x1778  Parvdm - ok
17:18:53.0129 0x1778  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:18:53.0129 0x1778  PcaSvc - ok
17:18:53.0160 0x1778  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
17:18:53.0160 0x1778  pci - ok
17:18:53.0207 0x1778  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
17:18:53.0207 0x1778  pciide - ok
17:18:53.0238 0x1778  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:18:53.0254 0x1778  pcmcia - ok
17:18:53.0316 0x1778  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:18:53.0394 0x1778  PEAUTH - ok
17:18:53.0503 0x1778  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
17:18:53.0566 0x1778  pla - ok
17:18:53.0659 0x1778  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:18:53.0675 0x1778  PlugPlay - ok
17:18:53.0706 0x1778  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
17:18:53.0722 0x1778  PNRPAutoReg - ok
17:18:53.0878 0x1778  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
17:18:53.0893 0x1778  PNRPsvc - ok
17:18:53.0987 0x1778  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:18:54.0002 0x1778  PolicyAgent - ok
17:18:54.0034 0x1778  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:18:54.0049 0x1778  PptpMiniport - ok
17:18:54.0065 0x1778  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
17:18:54.0065 0x1778  Processor - ok
17:18:54.0096 0x1778  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
17:18:54.0096 0x1778  ProfSvc - ok
17:18:54.0143 0x1778  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
17:18:54.0143 0x1778  ProtectedStorage - ok
17:18:54.0190 0x1778  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
17:18:54.0205 0x1778  PSched - ok
17:18:54.0455 0x1778  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:18:54.0502 0x1778  ql2300 - ok
17:18:54.0517 0x1778  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:18:54.0533 0x1778  ql40xx - ok
17:18:54.0564 0x1778  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
17:18:54.0580 0x1778  QWAVE - ok
17:18:54.0626 0x1778  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:18:54.0626 0x1778  QWAVEdrv - ok
17:18:54.0642 0x1778  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:18:54.0642 0x1778  RasAcd - ok
17:18:54.0642 0x1778  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
17:18:54.0658 0x1778  RasAuto - ok
17:18:54.0673 0x1778  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:18:54.0673 0x1778  Rasl2tp - ok
17:18:54.0704 0x1778  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
17:18:54.0720 0x1778  RasMan - ok
17:18:54.0751 0x1778  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:18:54.0751 0x1778  RasPppoe - ok
17:18:54.0767 0x1778  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:18:54.0767 0x1778  RasSstp - ok
17:18:54.0782 0x1778  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:18:54.0798 0x1778  rdbss - ok
17:18:54.0798 0x1778  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:18:54.0814 0x1778  RDPCDD - ok
17:18:54.0845 0x1778  [ E8BD98D46F2ED77132BA927FCCB47D8B, 5187CF8F00AD67EDDF27DF675F3210C0D72E552578A89C58DF6953B1D5BEBCB8 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
17:18:54.0845 0x1778  rdpdr - ok
17:18:54.0860 0x1778  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:18:54.0860 0x1778  RDPENCDD - ok
17:18:54.0892 0x1778  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:18:54.0907 0x1778  RDPWD - ok
17:18:54.0938 0x1778  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:18:54.0938 0x1778  RemoteAccess - ok
17:18:54.0954 0x1778  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:18:54.0954 0x1778  RemoteRegistry - ok
17:18:54.0985 0x1778  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
17:18:54.0985 0x1778  RpcLocator - ok
17:18:55.0016 0x1778  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
17:18:55.0032 0x1778  RpcSs - ok
17:18:55.0157 0x1778  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:18:55.0172 0x1778  rspndr - ok
17:18:55.0282 0x1778  [ 67D7BE21042E057AD8AD18801854446D, 8E2B82595C2CFCAC5F7A3478789ED39571C5E47F1058C7E0E8B75FDF52C98328 ] Sage AutoUpdate Manager Service C:\Program Files\Common Files\Sage\Central\AutoUpdateClient\Sage.Central.AutoUpdateManager.Service.exe
17:18:55.0282 0x1778  Sage AutoUpdate Manager Service - ok
17:18:55.0406 0x1778  [ ADCCD87A7864590924D94778781460D4, 7C33054D3263965E870A038F6C1A96CCB40422E10C4684C2E946ED853630D95C ] Sage SData Service C:\Program Files\Common Files\Sage SData\Sage.SData.Service.exe
17:18:55.0422 0x1778  Sage SData Service - ok
17:18:55.0438 0x1778  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
17:18:55.0438 0x1778  SamSs - ok
17:18:55.0484 0x1778  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:18:55.0484 0x1778  sbp2port - ok
17:18:55.0516 0x1778  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:18:55.0516 0x1778  SCardSvr - ok
17:18:55.0562 0x1778  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
17:18:55.0594 0x1778  Schedule - ok
17:18:55.0625 0x1778  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:18:55.0625 0x1778  SCPolicySvc - ok
17:18:55.0640 0x1778  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:18:55.0656 0x1778  SDRSVC - ok
17:18:55.0703 0x1778  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:18:55.0703 0x1778  secdrv - ok
17:18:55.0718 0x1778  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
17:18:55.0718 0x1778  seclogon - ok
17:18:55.0750 0x1778  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
17:18:55.0750 0x1778  SENS - ok
17:18:55.0765 0x1778  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
17:18:55.0765 0x1778  Serenum - ok
17:18:55.0781 0x1778  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
17:18:55.0781 0x1778  Serial - ok
17:18:55.0828 0x1778  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:18:55.0828 0x1778  sermouse - ok
17:18:55.0890 0x1778  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:18:55.0890 0x1778  SessionEnv - ok
17:18:55.0921 0x1778  [ 103B79418DA647736EE95645F305F68A, E4D356FD8C62B616D3584FE84905995A1CEE452288E3A456CC358FF41FEAB1B7 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:18:55.0921 0x1778  sffdisk - ok
17:18:55.0937 0x1778  [ 8FD08A310645FE872EEEC6E08C6BF3EE, 702A148C9DE172E7B5E331F057487255E0729FD42F949BB0FF2D5A01775933CF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:18:55.0937 0x1778  sffp_mmc - ok
17:18:55.0968 0x1778  [ 9CFA05FCFCB7124E69CFC812B72F9614, E9CFCE695E4D1AF146781CFAA295878536E573F06AEA65438878DE29EC9959AD ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:18:55.0968 0x1778  sffp_sd - ok
17:18:55.0984 0x1778  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:18:55.0984 0x1778  sfloppy - ok
17:18:56.0015 0x1778  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:18:56.0015 0x1778  SharedAccess - ok
17:18:56.0108 0x1778  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:18:56.0108 0x1778  ShellHWDetection - ok
17:18:56.0140 0x1778  [ D2A595D6EEBEEAF4334F8E50EFBC9931, 851B8205C657BF806C4D815DC75356E99B4246016B6E1C1F51BAF8AD1E6D5299 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:18:56.0140 0x1778  sisagp - ok
17:18:56.0155 0x1778  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
17:18:56.0155 0x1778  SiSRaid2 - ok
17:18:56.0171 0x1778  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:18:56.0186 0x1778  SiSRaid4 - ok
17:18:56.0249 0x1778  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
17:18:56.0249 0x1778  SkypeUpdate - ok
17:18:56.0545 0x1778  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
17:18:56.0670 0x1778  slsvc - ok
17:18:56.0686 0x1778  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
17:18:56.0686 0x1778  SLUINotify - ok
17:18:56.0701 0x1778  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:18:56.0701 0x1778  Smb - ok
17:18:56.0732 0x1778  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:18:56.0732 0x1778  SNMPTRAP - ok
17:18:56.0748 0x1778  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:18:56.0748 0x1778  spldr - ok
17:18:56.0779 0x1778  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
17:18:56.0779 0x1778  Spooler - ok
17:18:56.0810 0x1778  [ CBEAEA2729985BFB260641AB424E0166, 2FCED2951D5A1ACF93150BB0CA2293CCBE4227EBAAEA8438A78B5AFC6591F375 ] sptd            C:\Windows\System32\Drivers\sptd.sys
17:18:56.0826 0x1778  sptd - ok
17:18:56.0873 0x1778  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:18:56.0888 0x1778  srv - ok
17:18:56.0904 0x1778  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:18:56.0904 0x1778  srv2 - ok
17:18:56.0920 0x1778  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:18:56.0920 0x1778  srvnet - ok
17:18:56.0951 0x1778  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:18:56.0951 0x1778  SSDPSRV - ok
17:18:56.0966 0x1778  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:18:56.0982 0x1778  SstpSvc - ok
17:18:57.0029 0x1778  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
17:18:57.0044 0x1778  stisvc - ok
17:18:57.0060 0x1778  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:18:57.0060 0x1778  swenum - ok
17:18:57.0091 0x1778  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
17:18:57.0107 0x1778  swprv - ok
17:18:57.0138 0x1778  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
17:18:57.0154 0x1778  Symc8xx - ok
17:18:57.0169 0x1778  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
17:18:57.0169 0x1778  Sym_hi - ok
17:18:57.0185 0x1778  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
17:18:57.0185 0x1778  Sym_u3 - ok
17:18:57.0216 0x1778  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
17:18:57.0263 0x1778  SysMain - ok
17:18:57.0310 0x1778  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:18:57.0325 0x1778  TabletInputService - ok
17:18:57.0325 0x1778  taphss - ok
17:18:57.0356 0x1778  [ 5856EC8E362F2658FE45E459D684E29F, BA18E056D72F3433C93764F4689736CE57CB20B19C0646418F4B074C8000B83A ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
17:18:57.0356 0x1778  taphss6 - ok
17:18:57.0388 0x1778  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:18:57.0403 0x1778  TapiSrv - ok
17:18:57.0450 0x1778  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
17:18:57.0450 0x1778  TBS - ok
17:18:57.0528 0x1778  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:18:57.0590 0x1778  Tcpip - ok
17:18:57.0778 0x1778  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
17:18:57.0793 0x1778  Tcpip6 - ok
17:18:57.0824 0x1778  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:18:57.0824 0x1778  tcpipreg - ok
17:18:57.0840 0x1778  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:18:57.0856 0x1778  TDPIPE - ok
17:18:57.0871 0x1778  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:18:57.0871 0x1778  TDTCP - ok
17:18:57.0902 0x1778  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:18:57.0902 0x1778  tdx - ok
17:18:57.0934 0x1778  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:18:57.0934 0x1778  TermDD - ok
17:18:57.0949 0x1778  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
17:18:57.0965 0x1778  TermService - ok
17:18:58.0027 0x1778  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
17:18:58.0043 0x1778  Themes - ok
17:18:58.0058 0x1778  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
17:18:58.0058 0x1778  THREADORDER - ok
17:18:58.0074 0x1778  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
17:18:58.0090 0x1778  TrkWks - ok
17:18:58.0152 0x1778  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:18:58.0152 0x1778  TrustedInstaller - ok
17:18:58.0199 0x1778  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:18:58.0199 0x1778  tssecsrv - ok
17:18:58.0230 0x1778  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
17:18:58.0230 0x1778  tunmp - ok
17:18:58.0261 0x1778  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:18:58.0261 0x1778  tunnel - ok
17:18:58.0324 0x1778  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:18:58.0339 0x1778  uagp35 - ok
17:18:58.0370 0x1778  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:18:58.0386 0x1778  udfs - ok
17:18:58.0417 0x1778  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:18:58.0448 0x1778  UI0Detect - ok
17:18:58.0448 0x1778  [ 75E6890EBFCE0841D3291B02E7A8BDB0, FDF9CDCCCCC0AA2A52623C5A67AC5F5224557EE4C8F6487CB13CAEB012575E2A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:18:58.0448 0x1778  uliagpkx - ok
17:18:58.0480 0x1778  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
17:18:58.0480 0x1778  uliahci - ok
17:18:58.0511 0x1778  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
17:18:58.0511 0x1778  UlSata - ok
17:18:58.0558 0x1778  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
17:18:58.0558 0x1778  ulsata2 - ok
17:18:58.0589 0x1778  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:18:58.0589 0x1778  umbus - ok
17:18:58.0620 0x1778  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
17:18:58.0636 0x1778  upnphost - ok
17:18:58.0682 0x1778  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:18:58.0698 0x1778  usbccgp - ok
17:18:58.0745 0x1778  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:18:58.0745 0x1778  usbcir - ok
17:18:58.0776 0x1778  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:18:58.0776 0x1778  usbehci - ok
17:18:58.0792 0x1778  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:18:58.0807 0x1778  usbhub - ok
17:18:58.0838 0x1778  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:18:58.0838 0x1778  usbohci - ok
17:18:58.0870 0x1778  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:18:58.0870 0x1778  usbprint - ok
17:18:58.0901 0x1778  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:18:58.0901 0x1778  usbscan - ok
17:18:58.0932 0x1778  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:18:58.0932 0x1778  USBSTOR - ok
17:18:58.0963 0x1778  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:18:58.0963 0x1778  usbuhci - ok
17:18:58.0979 0x1778  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
17:18:58.0979 0x1778  UxSms - ok
17:18:59.0010 0x1778  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
17:18:59.0026 0x1778  vds - ok
17:18:59.0041 0x1778  [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:18:59.0041 0x1778  vga - ok
17:18:59.0072 0x1778  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:18:59.0072 0x1778  VgaSave - ok
17:18:59.0104 0x1778  [ 045D9961E591CF0674A920B6BA3BA5CB, EBF498A0424CEA0F7ECBAAE144A8669CE6B5DD67115DE22CEC5A46AED26CD90B ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:18:59.0104 0x1778  viaagp - ok
17:18:59.0119 0x1778  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
17:18:59.0135 0x1778  ViaC7 - ok
17:18:59.0150 0x1778  [ 58C8D5AC5C3EEF40E7E704A5CED7987D, 247188A1579C02656696AB46A3762E64E642CEBA1F549BB144881877F895D11D ] viaide          C:\Windows\system32\drivers\viaide.sys
17:18:59.0150 0x1778  viaide - ok
17:18:59.0166 0x1778  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:18:59.0166 0x1778  volmgr - ok
17:18:59.0197 0x1778  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:18:59.0197 0x1778  volmgrx - ok
17:18:59.0228 0x1778  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:18:59.0244 0x1778  volsnap - ok
17:18:59.0275 0x1778  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:18:59.0291 0x1778  vsmraid - ok
17:18:59.0369 0x1778  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
17:18:59.0431 0x1778  VSS - ok
17:18:59.0447 0x1778  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
17:18:59.0447 0x1778  W32Time - ok
17:18:59.0494 0x1778  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:18:59.0494 0x1778  WacomPen - ok
17:18:59.0540 0x1778  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
17:18:59.0540 0x1778  Wanarp - ok
17:18:59.0540 0x1778  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:18:59.0540 0x1778  Wanarpv6 - ok
17:18:59.0572 0x1778  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:18:59.0634 0x1778  wcncsvc - ok
17:18:59.0681 0x1778  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:18:59.0681 0x1778  WcsPlugInService - ok
17:18:59.0759 0x1778  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
17:18:59.0774 0x1778  Wd - ok
17:18:59.0821 0x1778  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:18:59.0837 0x1778  Wdf01000 - ok
17:18:59.0868 0x1778  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:18:59.0884 0x1778  WdiServiceHost - ok
17:18:59.0884 0x1778  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:18:59.0884 0x1778  WdiSystemHost - ok
17:18:59.0962 0x1778  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
17:18:59.0977 0x1778  WebClient - ok
17:18:59.0993 0x1778  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:19:00.0008 0x1778  Wecsvc - ok
17:19:00.0008 0x1778  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:19:00.0024 0x1778  wercplsupport - ok
17:19:00.0024 0x1778  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:19:00.0040 0x1778  WerSvc - ok
17:19:00.0071 0x1778  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:19:00.0086 0x1778  WinDefend - ok
17:19:00.0086 0x1778  WinHttpAutoProxySvc - ok
17:19:00.0133 0x1778  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:19:00.0149 0x1778  Winmgmt - ok
17:19:00.0211 0x1778  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:19:00.0274 0x1778  WinRM - ok
17:19:00.0336 0x1778  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
17:19:00.0336 0x1778  WinUSB - ok
17:19:00.0398 0x1778  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:19:00.0430 0x1778  Wlansvc - ok
17:19:00.0461 0x1778  [ 701A9F884A294327E9141D73746EE279, C8A46B8C32F9EAC7848D385473F6B5C4B6DA719A941A75AD5F081757FC07A09D ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:19:00.0476 0x1778  WmiAcpi - ok
17:19:00.0492 0x1778  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:19:00.0492 0x1778  wmiApSrv - ok
17:19:00.0570 0x1778  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:19:00.0617 0x1778  WMPNetworkSvc - ok
17:19:00.0664 0x1778  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:19:00.0695 0x1778  WPCSvc - ok
17:19:00.0710 0x1778  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:19:00.0726 0x1778  WPDBusEnum - ok
17:19:00.0742 0x1778  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
17:19:00.0742 0x1778  WpdUsb - ok
17:19:00.0835 0x1778  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:19:00.0882 0x1778  WPFFontCache_v0400 - ok
17:19:00.0944 0x1778  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:19:00.0976 0x1778  ws2ifsl - ok
17:19:01.0022 0x1778  [ F67C4950E3B07684AC483CB718C2A3C1, DF0B2358E46DE4B795994A21483BA702BE1A958F3DE60E419595F2CD37D01F7C ] WsAudio_Device  C:\Windows\system32\drivers\VirtualAudio.sys
17:19:01.0022 0x1778  WsAudio_Device - ok
17:19:01.0054 0x1778  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
17:19:01.0054 0x1778  wscsvc - ok
17:19:01.0054 0x1778  WSearch - ok
17:19:01.0475 0x1778  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:19:01.0553 0x1778  wuauserv - ok
17:19:01.0600 0x1778  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:19:01.0615 0x1778  WudfPf - ok
17:19:01.0631 0x1778  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:19:01.0631 0x1778  WUDFRd - ok
17:19:01.0678 0x1778  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:19:01.0693 0x1778  wudfsvc - ok
17:19:01.0724 0x1778  ================ Scan global ===============================
17:19:01.0756 0x1778  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
17:19:01.0787 0x1778  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
17:19:01.0818 0x1778  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
17:19:01.0849 0x1778  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
17:19:01.0865 0x1778  [ Global ] - ok
17:19:01.0865 0x1778  ================ Scan MBR ==================================
17:19:01.0880 0x1778  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:19:03.0284 0x1778  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
17:19:03.0284 0x1778  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:19:05.0749 0x1778  ================ Scan VBR ==================================
17:19:05.0765 0x1778  [ 9C2005E947C9BECF10A9F638E35E6B4A ] \Device\Harddisk0\DR0\Partition1
17:19:05.0780 0x1778  \Device\Harddisk0\DR0\Partition1 - ok
17:19:05.0796 0x1778  [ ED4372EEFA5E04B6156869816FB9511B ] \Device\Harddisk0\DR0\Partition2
17:19:05.0827 0x1778  \Device\Harddisk0\DR0\Partition2 - ok
17:19:05.0827 0x1778  Waiting for KSN requests completion. In queue: 48
17:19:06.0841 0x1778  Waiting for KSN requests completion. In queue: 48
17:19:07.0855 0x1778  Waiting for KSN requests completion. In queue: 48
17:19:08.0994 0x1778  AV detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
17:19:09.0041 0x1778  FW detected via SS2: Kaspersky Internet Security, C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
17:19:11.0506 0x1778  ============================================================
17:19:11.0506 0x1778  Scan finished
17:19:11.0506 0x1778  ============================================================
17:19:11.0506 0x161c  Detected object count: 1
17:19:11.0506 0x161c  Actual detected object count: 1
17:19:31.0396 0x161c  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:19:31.0396 0x161c  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 
17:19:38.0416 0x0e94  Deinitialize success
 
ADW Cleaner Log
 
# AdwCleaner v3.018 - Report created 08/02/2014 at 17:23:29
# Updated 28/01/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Shaheer Khan - SHAHEERKHAN-PC
# Running from : C:\Users\Shaheer Khan\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\simplitec
Folder Deleted : C:\ProgramData\Tarma Installer
File Deleted : C:\END
File Deleted : C:\Users\Saqib Khan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Deleted : C:\Users\GhettoGurl\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Deleted : C:\Users\Saqib Khan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16526
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\Saqib Khan\AppData\Roaming\Mozilla\Firefox\Profiles\qa7dhtft.default\prefs.js ]
 
 
[ File : C:\Users\GhettoGurl\AppData\Roaming\Mozilla\Firefox\Profiles\ezqudp9o.default\prefs.js ]
 
 
[ File : C:\Users\Shaheer Khan\AppData\Roaming\Mozilla\Firefox\Profiles\ez7wb68s.default\prefs.js ]
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\Saqib Khan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\GhettoGurl\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Shaheer Khan\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [2364 octets] - [08/02/2014 17:21:56]
AdwCleaner[S0].txt - [2319 octets] - [08/02/2014 17:23:29]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2379 octets] ##########
 
Junkware log
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows Vista ™ Home Premium x86
Ran by Shaheer Khan on 08/02/2014 at 17:32:12.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Failed to stop: [Service] hshld 
Successfully stopped: [Service] hsstrayservice 
Successfully deleted: [Service] hsstrayservice 
Failed to stop: [Service] hsswd 
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\hotspotshield
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\hotspot shield"
Successfully deleted: [Folder] "C:\Program Files\hotspot shield"
 
 
 
~~~ Chrome
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\chgdeabpmphfhkoemjjglmilajldekbp
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/02/2014 at 17:35:24.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
FSS log
 
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Security Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
 
 
**** End of log ****
 
 


#7 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:56 PM

Posted 08 February 2014 - 01:05 PM

17:19:01.0865 0x1778  ================ Scan MBR ==================================
17:19:01.0880 0x1778  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:19:03.0284 0x1778  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
17:19:03.0284 0x1778  \Device\Harddisk0\DR0 ( TDSS File System ) - warning


Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

#8 lala121

lala121
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 08 February 2014 - 01:17 PM

 

17:19:01.0865 0x1778  ================ Scan MBR ==================================
17:19:01.0880 0x1778  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:19:03.0284 0x1778  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
17:19:03.0284 0x1778  \Device\Harddisk0\DR0 ( TDSS File System ) - warning


Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

 

 

 

Thank you very much :) 



#9 lala121

lala121
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 08 February 2014 - 01:28 PM

 

17:19:01.0865 0x1778  ================ Scan MBR ==================================
17:19:01.0880 0x1778  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:19:03.0284 0x1778  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
17:19:03.0284 0x1778  \Device\Harddisk0\DR0 ( TDSS File System ) - warning


Please follow the instructions in ==>This Guide<==.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include the link to this topic in your new topic and a description of your computer issues and what you have done to resolve them.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

Once you have created the new topic, please reply back here with a link to the new topic.

 

 

Hi, I have created the logs and posted here -> http://www.bleepingcomputer.com/forums/t/523664/dmwexe-firefox-automatically-running-malicious-urls/

 

Thank you for your help! I'm so greatful :)



#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:03:56 PM

Posted 08 February 2014 - 01:32 PM

You are welcome.

#11 lala121

lala121
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 08 February 2014 - 01:45 PM

You are welcome.

 

I was going through my common files folder and found that "Survey Monkey folder" containing DMW.exe was installed at same time I installed K-lite codec pack today. :(



#12 lala121

lala121
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:03:56 PM

Posted 08 February 2014 - 01:55 PM

You are welcome.

 

Hi again, I just uploaded the whole folder by zipping it to virus total and this has come up (https://www.virustotal.com/en/file/4c1a814c0fe74d44ad4370e8bb8f7ab5590f84afffe8f2a29f190064e4c0dee5/analysis/1391885490/) it seems that it has malware in it. 



#13 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 35,317 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:08:56 AM

Posted 08 February 2014 - 02:15 PM

Hello,

Now that you have posted a log here: http://www.bleepingcomputer.com/forums/t/523664/dmwexe-firefox-automatically-running-malicious-urls/ you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a MRT Team member, nor should you ask for help elsewhere. Doing so can result in system changes which may not show in the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.

From this point on the MRT Team should be the only members that you take advice from, until they have verified your log as clean.

Please be patient. It may take a while to get a response because the MRT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the MRT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRT Team member is already assisting you and not open the thread to respond.

Please be patient. It may take several days to get a response but your log will be reviewed and answered as soon as possible. I advise checking your topic once a day for responses as the e-mail notification system is unreliable.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

To avoid confusion, I am closing this topic. Good luck with your log.

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users