Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast found win32:rootkit-gen[rtk] now I have win32:webcake-a [adw]


  • Please log in to reply
12 replies to this topic

#1 BoneFish

BoneFish

  • Members
  • 130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:09:25 PM

Posted 18 August 2013 - 08:43 PM

Started having popups on my wife's laptop so I ran a scan with Avast and it detected win32:rootkit-gen[rtk].

I used Avast to try and get rid of win32:rootkit-gen[rtk] and it said it was successful.

I ran another scan and now there are about a dozen files with win32:webcake-a[adw].

I am currently running a boot scan with Avast.

The operating system is windows 8.

Any help would be appreciated.



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

    Almost Retired


  • Members
  • 9,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:12:25 PM

Posted 18 August 2013 - 11:02 PM

Hi BoneFish -

win32:rootkit-gen[rtk] seems to be a favorite of avast! Antivirus (I assume you have avast! installed) -

 

 

While this program runs see How To Temporarily Disable Your Anti-virus

Scan your machine with ESET OnlineScan
This is best done with Internet Explorer as it uses Active X to download -
Directions for alternate browsers are included if you do not use Internet Explorer
1. Hold down Control and click HERE to open ESET OnlineScan in a new window.
2. Click the ESET Online Scanner button.
3. NOTE :.For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

 

- 1. Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
- 2. Double click on the ESET Online Scanner icon on your desktop.

 

 4. Check "YES, I accept the Terms of Use."
 5. Click the Start button.
 6. Accept any security warnings from your browser.
 7. Under scan settings, check "Scan Archives" and "Remove found threats"
8. Click "Advanced settings" and select the following:
Scan potentially unwanted applications (PUPs)
Scan for potentially unsafe applications
Enable Anti-Stealth technology

 9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this will take some time to download the program for a first time, and then download updated data base (1 to 2  hours is not unusual)

10. When the scan completes, click List Threats
11. Click Export, and save the file to your desktop using a unique name, such as ESETScan.
- Include the contents of this report in your next reply.
12. Click the Back button.
13. Click the Finish button
Or you can find a report at  C:\Program Files\esetonlinescanner\log.txt.

 

 

Please download AdwCleaner by Xplode onto your desktop.

* Close all open programs and internet browsers.
* Double click on adwcleaner.exe to run the tool.
* Click on Delete.
* Confirm each time with Ok.
* NOTE : Your computer will be rebooted automatically, and a log file will open after the restart.

* Please post the contents of that logfile with your next reply.
* You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 

Please download Malwarebytes Anti-Malware Free (aka MBAM)
* Double-click MBAM -setup.exe and follow the prompts to install the program.
* At the end, be sure to Check for Updates so it is current.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Scan, then click Quick Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
NOTE - If you are not sure of any items, post the log and ask if it should be removed.

Be sure to reboot the computer after you post the log.

 

 

Download SUPERAntiSpyware Free (aka SAS)
* Double-click SAS -setup.exe and follow the prompts to install the program.
* At the end, be sure to Check for Updates to be so it is current
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to reboot the computer after you post the log.

 

 

Download Security Check by Screen317
* Save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: If any security program requests permission to access the Internet, allow it to do so.

 

 

Once you post these back, we can look deeper for any remainders -

 

Thank You -



#3 BoneFish

BoneFish
  • Topic Starter

  • Members
  • 130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:09:25 PM

Posted 19 August 2013 - 07:32 PM

Hello Aussie Addict,

Thanks for the quick reply.

I hope I posted all this properly.

 

 

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=379eab4e7f912e43ab32b9eb807c6b5d
# engine=14833
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-08-19 11:30:34
# local_time=2013-08-19 07:30:34 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=774 16777213 85 91 0 152743306 0 0
# compatibility_mode=3591 16777213 100 91 1434163 139461619 0 0
# compatibility_mode=5893 16776574 100 94 0 36374745 0 0
# scanned=50
# found=0
# cleaned=0
# scan_time=15
 

# AdwCleaner v2.306 - Logfile created 08/19/2013 at 19:37:36
# Updated 19/07/2013 by Xplode
# Operating system : Windows 8  (64 bits)
# User : Sharon - SHAYSHAY
# Boot Mode : Normal
# Running from : C:\Users\Sharon\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\Users\Sharon\Uninstall.exe
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Sharon\AppData\Local\APN
Folder Deleted : C:\Users\Sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Folder Deleted : C:\Users\Sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Folder Deleted : C:\Users\Sharon\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Key Deleted : HKLM\SOFTWARE\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16660

[OK] Registry is clean.

-\\ Google Chrome v28.0.1500.95

File : C:\Users\Sharon\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [7894 octets] - [19/08/2013 19:37:36]

########## EOF - C:\AdwCleaner[S1].txt - [7954 octets] ##########

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.19.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Sharon :: SHAYSHAY [administrator]

8/19/2013 7:50:27 PM
mbam-log-2013-08-19 (19-50-27).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217969
Time elapsed: 5 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Program Files (x86)\Web Cake (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.

Files Detected: 3
C:\Program Files (x86)\Web Cake\WebCakeDesktop.Updater.InstallState (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Cake\OptChrome.exe (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Web Cake\sqlite3.exe (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully.

(end)

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 08/19/2013 at 08:16 PM

Application Version : 5.6.1032

Core Rules Database Version : 10701
Trace Rules Database Version: 8513

Scan type       : Quick Scan
Total Scan Time : 00:05:42

Operating System Information
 65 Edition 64-bit (Build 6.02.9200)
UAC On - Limited User

Memory items scanned      : 609
Memory threats detected   : 0
Registry items scanned    : 58646
Registry threats detected : 0
File items scanned        : 12149
File threats detected     : 272

Adware.Tracking Cookie
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\S93R1Z09.txt [ /imrworldwide.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\NWMC49NQ.txt [ /doubleclick.net ]
 .invitemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .invitemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .invitemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .optimost.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .doubleclick.net [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ru4.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ru4.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .media6degrees.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .media6degrees.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .media6degrees.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .media6degrees.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .media6degrees.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .mediaarmor.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .mediaarmor.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .invitemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .atdmt.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .atdmt.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .imrworldwide.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 .imrworldwide.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\G1P90M0H.txt [ /walmartcom.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\N4D1518B.txt [ /imp.bid.ace.advertising.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\NB8IAI7A.txt [ /e-2dj6aemyomd5kap.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\DK21MMDP.txt [ /lm.logicalmedia.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QPFP0UMK.txt [ /nextag.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\WAAV1Q3A.txt [ /mtcdebitcard.higheroneaccount.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\WKLM0YC8.txt [ /activenetwork.122.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\VNSQ0DMQ.txt [ /c.atdmt.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\UDU92HCA.txt [ /www.gotquestions.org ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8Z9SPVWO.txt [ /invitemedia.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0DTGK67Y.txt [ /ads.al.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\PONN1LU2.txt [ /yellowpages.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YEHQVHJR.txt [ /adform.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YZWKEUW4.txt [ /insightexpressai.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\RFD0TC1O.txt [ /stats.paypal.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SPCRQUSW.txt [ /travidia.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\237H209T.txt [ /fastclick.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q6B314X6.txt [ /higheroneaccount.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0PHPUW15.txt [ /media.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XN2T21GY.txt [ /ad.360yield.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6HBRF6R1.txt [ /media.adfrontiers.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\4NWAVZA9.txt [ /ads.eurogamer.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\EVFDDN88.txt [ /yieldmanager.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\NH3MHXQ4.txt [ /histats.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SRH8M3JJ.txt [ /statcounter.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\38VUAXUW.txt [ /amazonlocal.122.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\VF0NIQZR.txt [ /tribalfusion.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CVL5PBHZ.txt [ /e-2dj6wakyegajwcp.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\HXR50V32.txt [ /ads.livenation.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AWQXN1MA.txt [ /www.supermediastore.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3ZE3BCG0.txt [ /gntbcstglobal.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\K877OWX1.txt [ /ad.where.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AIV45MGP.txt [ /msnportal.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8ITW41GD.txt [ /adbrite.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8FG9P19K.txt [ /hearstmagazines.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\E0CYR607.txt [ /ads.group.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XSQ1ECFG.txt [ /e-2dj6wjmygmajmdq.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\110AE64H.txt [ /liveperson.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\14PZOOCY.txt [ /interclick.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QHI917E8.txt [ /ads.nola.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QTT7W93L.txt [ /leeenterprises.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\S40HTMA1.txt [ /atwola.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\S2X0Q8RT.txt [ /ad.yieldmanager.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\45WO0GDY.txt [ /ncp.imrworldwide.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\EGD56616.txt [ /paypal.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\P2MBQKT2.txt [ /specificclick.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6IOVXC3V.txt [ /track.dugomedia.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\X6TAK466.txt [ /e-2dj6wjlisjdzckp.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\PN604JST.txt [ /ru4.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\LPXT02W8.txt [ /cnzz.mmstat.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\F2MLOWTP.txt [ /ads.glispa.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\U6ZJUK1Q.txt [ /accounts.google.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\L1LUWQLY.txt [ /amazon-adsystem.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YIWI6KH8.txt [ /lfstmedia.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0M9421PJ.txt [ /liveperson.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8DQ8SVT2.txt [ /networksolutions.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3FA5N0RN.txt [ /googleads.g.doubleclick.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q48PQUAN.txt [ /serving-sys.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\13840N4G.txt [ /network.realmedia.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\OZLU5DAH.txt [ /liveperson.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\1JERNSVG.txt [ /linksynergy.walmart.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\VOOYB3HO.txt [ /demandmedia.trc.taboola.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\W2Q6YXPV.txt [ /steelhousemedia.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\EUTFLM2C.txt [ /supermediastore.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\ILGEGPBL.txt [ /pointroll.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ZEGKZ68.txt [ /mediaforge.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XWF8ZBGB.txt [ /h.atdmt.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FQ5UG8XC.txt [ /ads.cartoonnetwork.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GWDVZ722.txt [ /adserver.adtechus.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\5S1J4RST.txt [ /autozone.122.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CWN6A0ID.txt [ /www.ticketsnow.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3JXHUA43.txt [ /clickfuse.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\9AY98IZ4.txt [ /stat.dealtime.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\UVINE1I3.txt [ /geconsumerfinance.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\TU3V7COL.txt [ /e-2dj6wgkoqmcjmfo.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\NJN3YDDS.txt [ /tacoda.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8CS4MIL0.txt [ /ww251.smartadserver.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XLWP6BK2.txt [ /xiti.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BI5PT524.txt [ /e-2dj6wblogjdjgfo.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\4138UB1M.txt [ /imrworldwide.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\A1ZZAXNS.txt [ /discountmags.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\R43KJUG3.txt [ /apmebf.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\RKEROF1N.txt [ /oracle.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6D727U5J.txt [ /www.nextag.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AVP42ZQN.txt [ /evite.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BMH5EG14.txt [ /ads.pubmatic.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3ICKVCUY.txt [ /s.clickability.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0W8HSVPA.txt [ /forms.newmediahospitality.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\80THEJ6W.txt [ /overture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\4WI0JT6I.txt [ /link.mercent.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\WZJ3TFRY.txt [ /cmp.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\X8XZ4F71.txt [ /newsday.122.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z7F4GC37.txt [ /adxpose.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GQ3RUA23.txt [ /kontera.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\NA1YAB5U.txt [ /bizrate.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GOAMMHXP.txt [ /mediaplex.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\TY686B1B.txt [ /mletracker.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8416RKL0.txt [ /in.getclicky.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GXHVTDQL.txt [ /e-2dj6wjkyanajkgp.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\WGYW71W8.txt [ /bridge.ame.admarketplace.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\I07MDHJQ.txt [ /clickcallmail.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3JLC2GS9.txt [ /smartadserver.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QD8305DW.txt [ /legolas-media.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\P0OI4TJO.txt [ /advertising.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SPYDWJ96.txt [ /2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GG1M20DB.txt [ /zedo.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\IK2YPZ21.txt [ /ticketsnow.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0UKKJYTK.txt [ /yadro.ru ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\R2BFB1EH.txt [ /crackerbarrelcheese.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\A2MXKUV5.txt [ /microsoftwindows.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6DLY7LJ5.txt [ /sexoffenderin.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\A01P6IBW.txt [ /liveperson.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YAKOBWVS.txt [ /sun.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\RY4YMUZL.txt [ /www.dealtime.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SVZJ9TRE.txt [ /at.atwola.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CMBI4DJI.txt [ /adtech.de ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\1NNHEQ8Z.txt [ /adserver.adreactor.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\DLZZSJ3R.txt [ /mmstat.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\MJDDVLML.txt [ /liveperson.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8RYPX0S4.txt [ /burstnet.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FODDQ47C.txt [ /ad.propellerads.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\9WRPNQTM.txt [ /ads.pointroll.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\IWK5UMWC.txt [ /msnbc.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\IZSPO3K2.txt [ /247realmedia.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\L593CWI4.txt [ /track.adform.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\S6J8V4YH.txt [ /sftrack.searchforce.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BA45MJ5Q.txt [ /media-d.optimalfusion.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AGMI1BBS.txt [ /ads.p161.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\5RV1PEFK.txt [ /adinterax.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\RVG6ETCO.txt [ /ticketsnow.db.advertising.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\M7JOG9PF.txt [ /brownshoe.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\EXNHK074.txt [ /amazonservices.122.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\2IS5MT41.txt [ /intermundomedia.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\24ZR4EUG.txt [ /ads.creative-serving.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CGOXG9QW.txt [ /demandwarecrocs.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3AINOHWX.txt [ /www.discountmags.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FC2H3IA9.txt [ /e-2dj6wcliqod5elo.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GA7DAEFG.txt [ /e-2dj6wfloemdzoep.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\W9P3UISC.txt [ /realmedia.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\HVTT49KT.txt [ /collective-media.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QDONMK49.txt [ /fidelity.rotator.hadj7.adjuggler.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\VF9T6OMF.txt [ /webservices.evolvemediacorp.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\O11TRHYU.txt [ /ar.atwola.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6591CXFR.txt [ /findnsave.thestate.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SHZRNNK1.txt [ /fuelinteractive.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\N8ZW9WI9.txt [ /biglots.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\LGERR4PG.txt [ /findnsave.star-telegram.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\PECCW024.txt [ /liveperson.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\G0472OK8.txt [ /kanoodle.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YFPAMZMI.txt [ /dmtracker.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\HNNP2CCX.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\F851OIPH.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AWHWUWKN.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\MTJ6UNT8.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\R1SL7S3N.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\38W15LX1.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BA4AHHCR.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AMW4EBBH.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XF0TDMQB.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FN76WWS0.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\B0R20T36.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\PFPETH8O.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\TI23C740.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YH5SJAM7.txt [ /www.googleadservices.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SN1OBT6D.txt [ /stats.popscreen.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FE6DONNV.txt [ /a.intentmedia.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\T5BJF3QC.txt [ /liveperson.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\1CSGGVQR.txt [ /lucidmedia.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\OO0FF5EM.txt [ /eyewonder.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\2FMI14XY.txt [ /casalemedia.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\342X8HS0.txt [ /accountonline.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\MRDNQFLN.txt [ /stats-newyork1.bloxcms.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\7DY6T4J6.txt [ /e-2dj6afk4gjajslp.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\7PPDGEJ3.txt [ /dealtime.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\9WQWL6AF.txt [ /amazonmerchants.122.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0TXNZHQ5.txt [ /nestleusa.122.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\JZCUSJ78.txt [ /ticketsnow.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\S7P8YROA.txt [ /atdmt.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\WWJACMW1.txt [ /timeinc.122.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YBXUKXY8.txt [ /media.gsimedia.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\T9CXUXCJ.txt [ /linksynergy.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\MVUU7PG9.txt [ /e-2dj6wblogldjwgp.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZY2E5JZF.txt [ /tags.mediaforge.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\KBHZXUVS.txt [ /server.cpmstar.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0OQBOCM0.txt [ /amazonwebstore.122.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\EQ4BHPV1.txt [ /media6degrees.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\2U9HHN73.txt [ /tacoda.at.atwola.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8JXH9S00.txt [ /media.wayfair.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\X3C2VFM3.txt [ /bookit.advertserve.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XY342K9M.txt [ /e-2dj6aekokgajkko.stats.esomniture.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BLP12FXQ.txt [ /demandmedia.trc.taboola.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GBV1JA1X.txt [ /liveperson.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\KZCV3HX5.txt [ /doubleclick.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SX560O6P.txt [ /gotquestions.org ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0KLJ1DKB.txt [ /bs.serving-sys.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0S3K9BDR.txt [ /testdata.coremetrics.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YKASBUWC.txt [ /statse.webtrendslive.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3215FJ2I.txt [ /gsimedia.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\66Z8TWCC.txt [ /www1.addfreestats.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QYTW570D.txt [ /ads.undertone.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3LDKMEBV.txt [ /ads.bridgetrack.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\B4CTJZHZ.txt [ /ads.webkinz.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0F7M0FXO.txt [ /ad.mlnadvertising.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SRO5BNOC.txt [ /va.marketer.lpsnmedia.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CGW6QI0Z.txt [ /valassis.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CG050SB3.txt [ /pro-market.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\MU4XCMAP.txt [ /liveclicker.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FG8H98I1.txt [ /ads.us.e-planning.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\A75HI65E.txt [ /revsci.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\A41R3427.txt [ /synacor.112.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\N59PYT36.txt [ /traveladvertising.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\44Y44GC4.txt [ /ads.lcxdigital.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\VRRAODKY.txt [ /admarketplace.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\V8CTTQSW.txt [ /ads.videohub.tv ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\97QM8SUH.txt [ /myaccount.stubhub.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\E5VUMTNB.txt [ /registercom.122.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZKFR56PW.txt [ /marketlive.122.2o7.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\JOZWSO03.txt [ /adtechus.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\D5CINODC.txt [ /media2.legacy.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FLWVPQBN.txt [ /questionmarket.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\U6K2GPVU.txt [ /ads.as4x.tmcs.ticketmaster.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\UJU6MBN6.txt [ /ads.ihigh.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BQ7MXKOJ.txt [ /liveperson.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\1DNY1CTF.txt [ /ads.bleepingcomputer.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6BTW3PCC.txt [ /liveperson.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\IH26YAXA.txt [ /www.bizrate.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZUR6C4GC.txt [ /ads.healthline.com ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GOQ48JS2.txt [ /ad.e-kolay.net ]
 C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\PYB3IQ9W.txt [ /px.steelhousemedia.com ]

 Results of screen317's Security Check version 0.99.72 
   x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
avast! Antivirus          
Windows Defender          
Norton Internet Security  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Java 7 Update 25 
 Google Chrome 28.0.1500.72 
 Google Chrome 28.0.1500.95 
 Google Chrome plugins... 
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#4 noknojon

noknojon

    Almost Retired


  • Members
  • 9,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:12:25 PM

Posted 19 August 2013 - 11:48 PM

Hi -

ESET Scan was "generally" clean -

 

AdwCleaner removed many minor infections, including >>
Tarma Installer / AskToolbar / WebCakeIEClient.Layers / WebCakeDesktop_RASMANCS

 

Malwarebytes Anti-Malware removed - Folders Detected: 1 - Files Detected: 3 - Registry Keys Detected: 1
Web Cake (PUP.Optional.WebCake.A)

 

SUPERAntiSpyware removed heaps of Adware.Tracking Cookies (Good)

 

Please Re-run Security Check as just this line is incomplete ........ {x64 (UAC is enabled) }
Or if you still have it, please post it -

 

Well Done so far -

 

 

You have 2 current active Antivirus programs and need to remove one -

Please tell me which one, and I will post the correct removal method.
Norton Internet Security
avast! Antivirus
  

This can cause the readings that you normally get from avast! to be False Positives ! !

 

Norton Internet Security  may be an old Preinstalled version that was never fully removed -

 

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

 

Thank You -


Edited by noknojon, 20 August 2013 - 12:04 AM.


#5 noknojon

noknojon

    Almost Retired


  • Members
  • 9,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:12:25 PM

Posted 20 August 2013 - 01:18 AM

Here is a link to the Norton removal procedures, if you wish to remove avast! please tell me -

 

The Norton Removal Tool uninstalls Norton AntiVirus, Norton Internet Security, Norton 360, and Norton SystemWorks from your computer.
1. Download the Norton Removal Tool. - Save the file to the Windows desktop.
2. On the Windows desktop, double-click the Norton Removal Tool icon.
3. Follow the on-screen instructions.
4. Restart your computer.
NOTE : Your computer may be restarted more than once, and you may be asked to repeat some steps after the computer restarts.

 

I have jumped in early, as most people want Norton removed ..........
 

Thanks -



#6 BoneFish

BoneFish
  • Topic Starter

  • Members
  • 130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:09:25 PM

Posted 20 August 2013 - 07:01 PM

 Results of screen317's Security Check version 0.99.72 
   x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
avast! Antivirus          
Windows Defender          
Norton Internet Security  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Java 7 Update 25 
 Google Chrome 28.0.1500.72 
 Google Chrome 28.0.1500.95 
 Google Chrome plugins... 
````````Process Check: objlist.exe by Laurent```````` 
 Norton ccSvcHst.exe
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#7 BoneFish

BoneFish
  • Topic Starter

  • Members
  • 130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:09:25 PM

Posted 20 August 2013 - 07:08 PM

20:03:56.0696 0x0638  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
20:03:56.0696 0x0638  UEFI system
20:03:57.0071 0x0638  ============================================================
20:03:57.0071 0x0638  Current date / time: 2013/08/20 20:03:57.0071
20:03:57.0071 0x0638  SystemInfo:
20:03:57.0071 0x0638 
20:03:57.0071 0x0638  OS Version: 6.2.9200 ServicePack: 0.0
20:03:57.0071 0x0638  Product type: Workstation
20:03:57.0071 0x0638  ComputerName: SHAYSHAY
20:03:57.0071 0x0638  UserName: Sharon
20:03:57.0071 0x0638  Windows directory: C:\Windows
20:03:57.0071 0x0638  System windows directory: C:\Windows
20:03:57.0071 0x0638  Running under WOW64
20:03:57.0071 0x0638  Processor architecture: Intel x64
20:03:57.0071 0x0638  Number of processors: 2
20:03:57.0071 0x0638  Page size: 0x1000
20:03:57.0071 0x0638  Boot type: Normal boot
20:03:57.0071 0x0638  ============================================================
20:03:59.0602 0x0638  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:03:59.0618 0x0638  ============================================================
20:03:59.0618 0x0638  \Device\Harddisk0\DR0:
20:03:59.0618 0x0638  GPT partitions:
20:03:59.0618 0x0638  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9E580EFC-570B-498A-91D4-6A663FE54383}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
20:03:59.0618 0x0638  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {1BD4E1DF-DDDF-433B-A394-50332845F14D}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
20:03:59.0618 0x0638  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2136DE1C-FF58-40C3-8235-E974298CBAF1}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
20:03:59.0618 0x0638  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A426DC6C-35BD-49F2-867E-171977125119}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x37062800
20:03:59.0618 0x0638  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9F1B8EF2-156B-4859-931C-CF4928D42E26}, Name: Basic data partition, StartLBA 0x371ED000, BlocksNum 0x3199000
20:03:59.0618 0x0638  MBR partitions:
20:03:59.0618 0x0638  ============================================================
20:03:59.0634 0x0638  C: <-> \Device\Harddisk0\DR0\Partition4
20:03:59.0696 0x0638  D: <-> \Device\Harddisk0\DR0\Partition5
20:03:59.0696 0x0638  ============================================================
20:03:59.0696 0x0638  Initialize success
20:03:59.0696 0x0638  ============================================================
20:04:54.0306 0x0a5c  ============================================================
20:04:54.0306 0x0a5c  Scan started
20:04:54.0306 0x0a5c  Mode: Manual; TDLFS;
20:04:54.0306 0x0a5c  ============================================================
20:04:55.0287 0x0a5c  ================ Scan system memory ========================
20:04:55.0287 0x0a5c  System memory - ok
20:04:55.0287 0x0a5c  ================ Scan services =============================
20:04:55.0443 0x0a5c  [ ABDCD326E1DD1C62509ED94C278A7453 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
20:04:55.0459 0x0a5c  !SASCORE - ok
20:04:55.0646 0x0a5c  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
20:04:55.0646 0x0a5c  1394ohci - ok
20:04:55.0677 0x0a5c  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\Windows\system32\drivers\3ware.sys
20:04:55.0677 0x0a5c  3ware - ok
20:04:55.0709 0x0a5c  [ C4C5D1AB35D1F931928056D61A1C4616 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
20:04:55.0724 0x0a5c  Accelerometer - ok
20:04:55.0755 0x0a5c  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:04:55.0771 0x0a5c  ACPI - ok
20:04:55.0818 0x0a5c  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
20:04:55.0818 0x0a5c  acpiex - ok
20:04:55.0834 0x0a5c  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
20:04:55.0849 0x0a5c  acpipagr - ok
20:04:55.0865 0x0a5c  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
20:04:55.0865 0x0a5c  AcpiPmi - ok
20:04:55.0880 0x0a5c  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
20:04:55.0880 0x0a5c  acpitime - ok
20:04:55.0927 0x0a5c  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:04:55.0990 0x0a5c  adp94xx - ok
20:04:56.0037 0x0a5c  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:04:56.0037 0x0a5c  adpahci - ok
20:04:56.0068 0x0a5c  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:04:56.0068 0x0a5c  adpu320 - ok
20:04:56.0115 0x0a5c  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:04:56.0130 0x0a5c  AeLookupSvc - ok
20:04:56.0209 0x0a5c  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\Windows\system32\drivers\afd.sys
20:04:56.0224 0x0a5c  AFD - ok
20:04:56.0255 0x0a5c  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:04:56.0255 0x0a5c  agp440 - ok
20:04:56.0287 0x0a5c  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\Windows\System32\alg.exe
20:04:56.0287 0x0a5c  ALG - ok
20:04:56.0302 0x0a5c  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
20:04:56.0365 0x0a5c  AllUserInstallAgent - ok
20:04:56.0412 0x0a5c  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
20:04:56.0412 0x0a5c  AmdK8 - ok
20:04:56.0677 0x0a5c  [ 8DC532B5BF820E48194C6AFC8862FCBC ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:04:57.0037 0x0a5c  amdkmdag - ok
20:04:57.0068 0x0a5c  [ AA48FEABA50C2DED9C485DFDBA044E40 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:04:57.0084 0x0a5c  amdkmdap - ok
20:04:57.0162 0x0a5c  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
20:04:57.0162 0x0a5c  AmdPPM - ok
20:04:57.0193 0x0a5c  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:04:57.0209 0x0a5c  amdsata - ok
20:04:57.0248 0x0a5c  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:04:57.0248 0x0a5c  amdsbs - ok
20:04:57.0264 0x0a5c  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:04:57.0264 0x0a5c  amdxata - ok
20:04:57.0295 0x0a5c  [ 823F34D1DEF120A657BB7529ABF4461F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
20:04:57.0310 0x0a5c  AppHostSvc - ok
20:04:57.0326 0x0a5c  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\Windows\system32\drivers\appid.sys
20:04:57.0326 0x0a5c  AppID - ok
20:04:57.0373 0x0a5c  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:04:57.0373 0x0a5c  AppIDSvc - ok
20:04:57.0451 0x0a5c  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\Windows\System32\appinfo.dll
20:04:57.0451 0x0a5c  Appinfo - ok
20:04:57.0467 0x0a5c  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\Windows\system32\drivers\arc.sys
20:04:57.0467 0x0a5c  arc - ok
20:04:57.0482 0x0a5c  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:04:57.0482 0x0a5c  arcsas - ok
20:04:57.0654 0x0a5c  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:04:57.0654 0x0a5c  aspnet_state - ok
20:04:57.0701 0x0a5c  [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
20:04:57.0701 0x0a5c  aswFsBlk - ok
20:04:57.0732 0x0a5c  [ 7BA96B748762759E5AC844DE672A49AD ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
20:04:57.0732 0x0a5c  aswKbd - ok
20:04:57.0764 0x0a5c  [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
20:04:57.0764 0x0a5c  aswMonFlt - ok
20:04:57.0826 0x0a5c  [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
20:04:57.0826 0x0a5c  aswRdr - ok
20:04:57.0857 0x0a5c  [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
20:04:57.0857 0x0a5c  aswRvrt - ok
20:04:57.0904 0x0a5c  [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
20:04:57.0935 0x0a5c  aswSnx - ok
20:04:57.0967 0x0a5c  [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
20:04:57.0967 0x0a5c  aswSP - ok
20:04:57.0998 0x0a5c  [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
20:04:57.0998 0x0a5c  aswTdi - ok
20:04:58.0029 0x0a5c  [ 22F521108881DC59837F6FC614E0568F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
20:04:58.0045 0x0a5c  aswVmm - ok
20:04:58.0107 0x0a5c  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:04:58.0107 0x0a5c  AsyncMac - ok
20:04:58.0123 0x0a5c  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:04:58.0123 0x0a5c  atapi - ok
20:04:58.0170 0x0a5c  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:04:58.0170 0x0a5c  AudioEndpointBuilder - ok
20:04:58.0232 0x0a5c  [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:04:58.0232 0x0a5c  Audiosrv - ok
20:04:58.0311 0x0a5c  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:04:58.0311 0x0a5c  avast! Antivirus - ok
20:04:58.0342 0x0a5c  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:04:58.0342 0x0a5c  AxInstSV - ok
20:04:58.0389 0x0a5c  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:04:58.0529 0x0a5c  b06bdrv - ok
20:04:58.0592 0x0a5c  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
20:04:58.0592 0x0a5c  BasicDisplay - ok
20:04:58.0607 0x0a5c  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
20:04:58.0623 0x0a5c  BasicRender - ok
20:04:58.0670 0x0a5c  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:04:58.0764 0x0a5c  BDESVC - ok
20:04:58.0795 0x0a5c  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:04:58.0811 0x0a5c  Beep - ok
20:04:58.0889 0x0a5c  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\Windows\System32\bfe.dll
20:04:58.0889 0x0a5c  BFE - ok
20:04:59.0123 0x0a5c  [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20121106.001\BHDrvx64.sys
20:04:59.0139 0x0a5c  BHDrvx64 - ok
20:04:59.0412 0x0a5c  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\Windows\System32\qmgr.dll
20:04:59.0569 0x0a5c  BITS - ok
20:04:59.0600 0x0a5c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:04:59.0615 0x0a5c  Bonjour Service - ok
20:04:59.0647 0x0a5c  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:04:59.0662 0x0a5c  bowser - ok
20:04:59.0694 0x0a5c  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:04:59.0694 0x0a5c  BrokerInfrastructure - ok
20:04:59.0725 0x0a5c  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\Windows\System32\browser.dll
20:04:59.0725 0x0a5c  Browser - ok
20:04:59.0756 0x0a5c  [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
20:04:59.0756 0x0a5c  BthAvrcpTg - ok
20:04:59.0772 0x0a5c  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
20:04:59.0772 0x0a5c  BthHFEnum - ok
20:04:59.0819 0x0a5c  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
20:04:59.0819 0x0a5c  bthhfhid - ok
20:04:59.0834 0x0a5c  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
20:04:59.0834 0x0a5c  BTHMODEM - ok
20:04:59.0866 0x0a5c  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\Windows\system32\bthserv.dll
20:04:59.0881 0x0a5c  bthserv - ok
20:05:00.0022 0x0a5c  [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys
20:05:00.0037 0x0a5c  ccSet_NIS - ok
20:05:00.0069 0x0a5c  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:05:00.0069 0x0a5c  cdfs - ok
20:05:00.0412 0x0a5c  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\Windows\System32\drivers\cdrom.sys
20:05:00.0428 0x0a5c  cdrom - ok
20:05:00.0491 0x0a5c  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:05:00.0506 0x0a5c  CertPropSvc - ok
20:05:00.0522 0x0a5c  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\Windows\System32\drivers\circlass.sys
20:05:00.0522 0x0a5c  circlass - ok
20:05:00.0569 0x0a5c  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
20:05:00.0569 0x0a5c  CLFS - ok
20:05:00.0616 0x0a5c  [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
20:05:00.0616 0x0a5c  CLVirtualDrive - ok
20:05:00.0631 0x0a5c  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
20:05:00.0631 0x0a5c  CmBatt - ok
20:05:00.0678 0x0a5c  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:05:00.0678 0x0a5c  CNG - ok
20:05:00.0709 0x0a5c  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
20:05:00.0709 0x0a5c  CompositeBus - ok
20:05:00.0709 0x0a5c  COMSysApp - ok
20:05:00.0725 0x0a5c  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\Windows\system32\drivers\condrv.sys
20:05:00.0741 0x0a5c  condrv - ok
20:05:00.0819 0x0a5c  [ DA8066CFED07DEBECB8DC08A55946ACE ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:05:00.0819 0x0a5c  cphs - ok
20:05:00.0850 0x0a5c  [ 5CE2742F063731EC10C1B2EE386A2C08 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:05:00.0850 0x0a5c  CryptSvc - ok
20:05:00.0881 0x0a5c  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\Windows\system32\drivers\dam.sys
20:05:00.0881 0x0a5c  dam - ok
20:05:00.0912 0x0a5c  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:05:00.0928 0x0a5c  DcomLaunch - ok
20:05:00.0959 0x0a5c  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:05:00.0959 0x0a5c  defragsvc - ok
20:05:00.0975 0x0a5c  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
20:05:00.0991 0x0a5c  DeviceAssociationService - ok
20:05:01.0037 0x0a5c  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
20:05:01.0037 0x0a5c  DeviceInstall - ok
20:05:01.0069 0x0a5c  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
20:05:01.0084 0x0a5c  Dfsc - ok
20:05:01.0116 0x0a5c  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:05:01.0116 0x0a5c  Dhcp - ok
20:05:01.0131 0x0a5c  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\Windows\system32\drivers\discache.sys
20:05:01.0131 0x0a5c  discache - ok
20:05:01.0147 0x0a5c  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\Windows\system32\drivers\disk.sys
20:05:01.0147 0x0a5c  disk - ok
20:05:01.0178 0x0a5c  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
20:05:01.0178 0x0a5c  dmvsc - ok
20:05:01.0206 0x0a5c  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:05:01.0206 0x0a5c  Dnscache - ok
20:05:01.0253 0x0a5c  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\Windows\System32\dot3svc.dll
20:05:01.0253 0x0a5c  dot3svc - ok
20:05:01.0284 0x0a5c  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\Windows\system32\dps.dll
20:05:01.0284 0x0a5c  DPS - ok
20:05:01.0315 0x0a5c  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:05:01.0315 0x0a5c  drmkaud - ok
20:05:01.0346 0x0a5c  [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
20:05:01.0362 0x0a5c  DsmSvc - ok
20:05:01.0643 0x0a5c  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:05:01.0721 0x0a5c  DXGKrnl - ok
20:05:01.0753 0x0a5c  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\Windows\System32\eapsvc.dll
20:05:01.0768 0x0a5c  Eaphost - ok
20:05:02.0034 0x0a5c  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:05:02.0065 0x0a5c  ebdrv - ok
20:05:02.0159 0x0a5c  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:05:02.0159 0x0a5c  eeCtrl - ok
20:05:02.0221 0x0a5c  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\Windows\System32\lsass.exe
20:05:02.0237 0x0a5c  EFS - ok
20:05:02.0268 0x0a5c  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
20:05:02.0268 0x0a5c  EhStorClass - ok
20:05:02.0284 0x0a5c  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:05:02.0300 0x0a5c  EhStorTcgDrv - ok
20:05:02.0331 0x0a5c  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:05:02.0331 0x0a5c  EraserUtilRebootDrv - ok
20:05:02.0346 0x0a5c  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\Windows\System32\drivers\errdev.sys
20:05:02.0346 0x0a5c  ErrDev - ok
20:05:02.0425 0x0a5c  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\Windows\system32\es.dll
20:05:02.0440 0x0a5c  EventSystem - ok
20:05:02.0471 0x0a5c  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:05:02.0471 0x0a5c  exfat - ok
20:05:02.0487 0x0a5c  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:05:02.0503 0x0a5c  fastfat - ok
20:05:02.0534 0x0a5c  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\Windows\system32\fxssvc.exe
20:05:02.0550 0x0a5c  Fax - ok
20:05:02.0565 0x0a5c  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\Windows\System32\drivers\fdc.sys
20:05:02.0565 0x0a5c  fdc - ok
20:05:02.0581 0x0a5c  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\Windows\system32\fdPHost.dll
20:05:02.0581 0x0a5c  fdPHost - ok
20:05:02.0596 0x0a5c  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\Windows\system32\fdrespub.dll
20:05:02.0596 0x0a5c  FDResPub - ok
20:05:02.0675 0x0a5c  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\Windows\system32\fhsvc.dll
20:05:02.0675 0x0a5c  fhsvc - ok
20:05:02.0721 0x0a5c  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:05:02.0721 0x0a5c  FileInfo - ok
20:05:02.0753 0x0a5c  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:05:02.0753 0x0a5c  Filetrace - ok
20:05:02.0768 0x0a5c  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
20:05:02.0768 0x0a5c  flpydisk - ok
20:05:02.0815 0x0a5c  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:05:02.0815 0x0a5c  FltMgr - ok
20:05:02.0909 0x0a5c  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\Windows\system32\FntCache.dll
20:05:02.0925 0x0a5c  FontCache - ok
20:05:03.0018 0x0a5c  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:05:03.0018 0x0a5c  FontCache3.0.0.0 - ok
20:05:03.0034 0x0a5c  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:05:03.0034 0x0a5c  FsDepends - ok
20:05:03.0065 0x0a5c  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:05:03.0065 0x0a5c  Fs_Rec - ok
20:05:03.0097 0x0a5c  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:05:03.0097 0x0a5c  fvevol - ok
20:05:03.0128 0x0a5c  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
20:05:03.0128 0x0a5c  FxPPM - ok
20:05:03.0143 0x0a5c  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:05:03.0143 0x0a5c  gagp30kx - ok
20:05:03.0202 0x0a5c  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:05:03.0202 0x0a5c  GamesAppService - ok
20:05:03.0234 0x0a5c  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
20:05:03.0234 0x0a5c  gencounter - ok
20:05:03.0249 0x0a5c  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
20:05:03.0249 0x0a5c  GPIOClx0101 - ok
20:05:03.0312 0x0a5c  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:05:03.0327 0x0a5c  gpsvc - ok
20:05:03.0405 0x0a5c  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:05:03.0405 0x0a5c  gupdate - ok
20:05:03.0421 0x0a5c  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:05:03.0421 0x0a5c  gupdatem - ok
20:05:03.0452 0x0a5c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:05:03.0452 0x0a5c  gusvc - ok
20:05:03.0499 0x0a5c  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:05:03.0499 0x0a5c  HdAudAddService - ok
20:05:03.0515 0x0a5c  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
20:05:03.0515 0x0a5c  HDAudBus - ok
20:05:03.0562 0x0a5c  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
20:05:03.0562 0x0a5c  HidBatt - ok
20:05:03.0655 0x0a5c  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
20:05:03.0655 0x0a5c  HidBth - ok
20:05:03.0749 0x0a5c  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
20:05:03.0749 0x0a5c  hidi2c - ok
20:05:03.0780 0x0a5c  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\Windows\System32\drivers\hidir.sys
20:05:03.0780 0x0a5c  HidIr - ok
20:05:03.0812 0x0a5c  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\Windows\system32\hidserv.dll
20:05:03.0827 0x0a5c  hidserv - ok
20:05:03.0859 0x0a5c  [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
20:05:03.0859 0x0a5c  HidUsb - ok
20:05:03.0890 0x0a5c  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:05:03.0905 0x0a5c  hkmsvc - ok
20:05:03.0952 0x0a5c  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:05:03.0968 0x0a5c  HomeGroupListener - ok
20:05:04.0030 0x0a5c  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:05:04.0046 0x0a5c  HomeGroupProvider - ok
20:05:04.0124 0x0a5c  [ 6515296E8F9D81BB6C4588C4878A9AC1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:05:04.0140 0x0a5c  HP Support Assistant Service - ok
20:05:04.0234 0x0a5c  [ EF4BE0BB23BB14879050884E688F5178 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
20:05:04.0234 0x0a5c  hpdskflt - ok
20:05:04.0280 0x0a5c  [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:05:04.0312 0x0a5c  hpqwmiex - ok
20:05:04.0343 0x0a5c  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:05:04.0343 0x0a5c  HpSAMD - ok
20:05:04.0406 0x0a5c  [ 13B51E53073E4555E226871C7FCEF0E8 ] hpsrv           C:\Windows\system32\Hpservice.exe
20:05:04.0406 0x0a5c  hpsrv - ok
20:05:04.0452 0x0a5c  [ F50912B0A861ED396F6062E79C37A4A7 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:05:04.0452 0x0a5c  HPWMISVC - ok
20:05:04.0484 0x0a5c  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:05:04.0499 0x0a5c  HTTP - ok
20:05:04.0515 0x0a5c  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:05:04.0515 0x0a5c  hwpolicy - ok
20:05:04.0546 0x0a5c  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
20:05:04.0546 0x0a5c  hyperkbd - ok
20:05:04.0562 0x0a5c  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
20:05:04.0562 0x0a5c  HyperVideo - ok
20:05:04.0609 0x0a5c  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
20:05:04.0609 0x0a5c  i8042prt - ok
20:05:04.0687 0x0a5c  [ 050F2539E14F9D5E90A4B61738EC29BD ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
20:05:04.0702 0x0a5c  iaStorA - ok
20:05:04.0718 0x0a5c  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:05:04.0718 0x0a5c  iaStorV - ok
20:05:04.0781 0x0a5c  [ ABEFA4BD23329FD9BD47496BF2E58774 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:05:04.0796 0x0a5c  IconMan_R - ok
20:05:04.0984 0x0a5c  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20121128.001\IDSvia64.sys
20:05:04.0984 0x0a5c  IDSVia64 - ok
20:05:05.0214 0x0a5c  [ 11A31FC2481BFE69B0507ED8C80215F4 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:05:05.0371 0x0a5c  igfx - ok
20:05:05.0402 0x0a5c  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:05:05.0402 0x0a5c  iirsp - ok
20:05:05.0449 0x0a5c  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:05:05.0449 0x0a5c  IKEEXT - ok
20:05:05.0527 0x0a5c  [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:05:05.0543 0x0a5c  IntcDAud - ok
20:05:05.0621 0x0a5c  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:05:05.0636 0x0a5c  Intel® Capability Licensing Service Interface - ok
20:05:05.0715 0x0a5c  [ 30E9FAC23E2537D82F2836CB81AEE186 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
20:05:05.0730 0x0a5c  Intel® ME Service - ok
20:05:05.0761 0x0a5c  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:05:05.0761 0x0a5c  intelide - ok
20:05:05.0793 0x0a5c  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
20:05:05.0793 0x0a5c  intelppm - ok
20:05:05.0855 0x0a5c  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:05:05.0871 0x0a5c  IpFilterDriver - ok
20:05:05.0918 0x0a5c  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:05:05.0933 0x0a5c  iphlpsvc - ok
20:05:05.0949 0x0a5c  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
20:05:05.0964 0x0a5c  IPMIDRV - ok
20:05:05.0980 0x0a5c  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:05:05.0980 0x0a5c  IPNAT - ok
20:05:06.0011 0x0a5c  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:05:06.0011 0x0a5c  IRENUM - ok
20:05:06.0027 0x0a5c  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:05:06.0043 0x0a5c  isapnp - ok
20:05:06.0074 0x0a5c  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
20:05:06.0074 0x0a5c  iScsiPrt - ok
20:05:06.0168 0x0a5c  [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
20:05:06.0168 0x0a5c  jhi_service - ok
20:05:06.0199 0x0a5c  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
20:05:06.0199 0x0a5c  kbdclass - ok
20:05:06.0230 0x0a5c  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
20:05:06.0230 0x0a5c  kbdhid - ok
20:05:06.0261 0x0a5c  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
20:05:06.0261 0x0a5c  kdnic - ok
20:05:06.0324 0x0a5c  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\Windows\system32\lsass.exe
20:05:06.0324 0x0a5c  KeyIso - ok
20:05:06.0340 0x0a5c  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:05:06.0355 0x0a5c  KSecDD - ok
20:05:06.0386 0x0a5c  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:05:06.0386 0x0a5c  KSecPkg - ok
20:05:06.0402 0x0a5c  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:05:06.0402 0x0a5c  ksthunk - ok
20:05:06.0449 0x0a5c  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:05:06.0465 0x0a5c  KtmRm - ok
20:05:06.0527 0x0a5c  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:05:06.0558 0x0a5c  LanmanServer - ok
20:05:06.0574 0x0a5c  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:05:06.0590 0x0a5c  LanmanWorkstation - ok
20:05:06.0621 0x0a5c  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:05:06.0621 0x0a5c  lltdio - ok
20:05:06.0730 0x0a5c  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:05:06.0730 0x0a5c  lltdsvc - ok
20:05:06.0746 0x0a5c  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:05:06.0761 0x0a5c  lmhosts - ok
20:05:06.0777 0x0a5c  [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
20:05:06.0777 0x0a5c  LMS - ok
20:05:06.0808 0x0a5c  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:05:06.0824 0x0a5c  LSI_SAS - ok
20:05:06.0949 0x0a5c  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:05:06.0949 0x0a5c  LSI_SAS2 - ok
20:05:06.0965 0x0a5c  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:05:06.0965 0x0a5c  LSI_SCSI - ok
20:05:06.0980 0x0a5c  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
20:05:06.0980 0x0a5c  LSI_SSS - ok
20:05:07.0027 0x0a5c  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\Windows\System32\lsm.dll
20:05:07.0027 0x0a5c  LSM - ok
20:05:07.0058 0x0a5c  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:05:07.0058 0x0a5c  luafv - ok
20:05:07.0136 0x0a5c  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\Windows\system32\drivers\megasas.sys
20:05:07.0136 0x0a5c  megasas - ok
20:05:07.0180 0x0a5c  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:05:07.0180 0x0a5c  MegaSR - ok
20:05:07.0211 0x0a5c  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\Windows\System32\drivers\HECIx64.sys
20:05:07.0227 0x0a5c  MEIx64 - ok
20:05:07.0258 0x0a5c  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\Windows\system32\mmcss.dll
20:05:07.0258 0x0a5c  MMCSS - ok
20:05:07.0274 0x0a5c  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\Windows\system32\drivers\modem.sys
20:05:07.0274 0x0a5c  Modem - ok
20:05:07.0320 0x0a5c  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\Windows\System32\drivers\monitor.sys
20:05:07.0320 0x0a5c  monitor - ok
20:05:07.0352 0x0a5c  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\Windows\System32\drivers\mouclass.sys
20:05:07.0352 0x0a5c  mouclass - ok
20:05:07.0383 0x0a5c  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\Windows\System32\drivers\mouhid.sys
20:05:07.0383 0x0a5c  mouhid - ok
20:05:07.0383 0x0a5c  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:05:07.0399 0x0a5c  mountmgr - ok
20:05:07.0414 0x0a5c  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:05:07.0430 0x0a5c  mpsdrv - ok
20:05:07.0477 0x0a5c  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:05:07.0492 0x0a5c  MpsSvc - ok
20:05:07.0508 0x0a5c  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:05:07.0508 0x0a5c  MRxDAV - ok
20:05:07.0555 0x0a5c  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:05:07.0555 0x0a5c  mrxsmb - ok
20:05:07.0602 0x0a5c  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:05:07.0617 0x0a5c  mrxsmb10 - ok
20:05:07.0649 0x0a5c  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:05:07.0649 0x0a5c  mrxsmb20 - ok
20:05:07.0695 0x0a5c  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
20:05:07.0695 0x0a5c  MsBridge - ok
20:05:07.0711 0x0a5c  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\Windows\System32\msdtc.exe
20:05:07.0727 0x0a5c  MSDTC - ok
20:05:07.0789 0x0a5c  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:05:07.0789 0x0a5c  Msfs - ok
20:05:07.0820 0x0a5c  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
20:05:07.0820 0x0a5c  msgpiowin32 - ok
20:05:07.0852 0x0a5c  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:05:07.0852 0x0a5c  mshidkmdf - ok
20:05:07.0867 0x0a5c  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
20:05:07.0867 0x0a5c  mshidumdf - ok
20:05:07.0899 0x0a5c  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:05:07.0899 0x0a5c  msisadrv - ok
20:05:07.0992 0x0a5c  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:05:07.0992 0x0a5c  MSiSCSI - ok
20:05:08.0008 0x0a5c  msiserver - ok
20:05:08.0024 0x0a5c  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:05:08.0024 0x0a5c  MSKSSRV - ok
20:05:08.0039 0x0a5c  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
20:05:08.0039 0x0a5c  MsLldp - ok
20:05:08.0055 0x0a5c  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:05:08.0070 0x0a5c  MSPCLOCK - ok
20:05:08.0133 0x0a5c  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:05:08.0133 0x0a5c  MSPQM - ok
20:05:08.0149 0x0a5c  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:05:08.0164 0x0a5c  MsRPC - ok
20:05:08.0180 0x0a5c  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
20:05:08.0195 0x0a5c  mssmbios - ok
20:05:08.0211 0x0a5c  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:05:08.0211 0x0a5c  MSTEE - ok
20:05:08.0227 0x0a5c  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
20:05:08.0242 0x0a5c  MTConfig - ok
20:05:08.0274 0x0a5c  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:05:08.0274 0x0a5c  Mup - ok
20:05:08.0289 0x0a5c  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
20:05:08.0289 0x0a5c  mvumis - ok
20:05:08.0336 0x0a5c  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\Windows\system32\qagentRT.dll
20:05:08.0336 0x0a5c  napagent - ok
20:05:08.0383 0x0a5c  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:05:08.0399 0x0a5c  NativeWifiP - ok
20:05:08.0477 0x0a5c  [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20121129.003\ENG64.SYS
20:05:08.0477 0x0a5c  NAVENG - ok
20:05:08.0586 0x0a5c  [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20121129.003\EX64.SYS
20:05:08.0617 0x0a5c  NAVEX15 - ok
20:05:08.0649 0x0a5c  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\Windows\System32\ncasvc.dll
20:05:08.0649 0x0a5c  NcaSvc - ok
20:05:08.0696 0x0a5c  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
20:05:08.0696 0x0a5c  NcdAutoSetup - ok
20:05:08.0742 0x0a5c  [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:05:08.0758 0x0a5c  NDIS - ok
20:05:08.0774 0x0a5c  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:05:08.0774 0x0a5c  NdisCap - ok
20:05:08.0789 0x0a5c  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:05:08.0789 0x0a5c  NdisImPlatform - ok
20:05:08.0821 0x0a5c  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:05:08.0821 0x0a5c  NdisTapi - ok
20:05:08.0836 0x0a5c  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:05:08.0836 0x0a5c  Ndisuio - ok
20:05:08.0852 0x0a5c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:05:08.0852 0x0a5c  NdisWan - ok
20:05:08.0852 0x0a5c  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
20:05:08.0852 0x0a5c  NDISWANLEGACY - ok
20:05:08.0883 0x0a5c  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:05:08.0883 0x0a5c  NDProxy - ok
20:05:08.0899 0x0a5c  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
20:05:08.0899 0x0a5c  Ndu - ok
20:05:08.0914 0x0a5c  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:05:08.0914 0x0a5c  NetBIOS - ok
20:05:08.0930 0x0a5c  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:05:08.0930 0x0a5c  NetBT - ok
20:05:08.0946 0x0a5c  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\Windows\system32\lsass.exe
20:05:08.0946 0x0a5c  Netlogon - ok
20:05:08.0992 0x0a5c  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\Windows\System32\netman.dll
20:05:08.0992 0x0a5c  Netman - ok
20:05:09.0039 0x0a5c  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\Windows\System32\netprofmsvc.dll
20:05:09.0055 0x0a5c  netprofm - ok
20:05:09.0117 0x0a5c  [ 080417AC9E51B2B29656EC26B62E87F1 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
20:05:09.0149 0x0a5c  netr28x - ok
20:05:09.0208 0x0a5c  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:05:09.0208 0x0a5c  NetTcpPortSharing - ok
20:05:09.0254 0x0a5c  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:05:09.0254 0x0a5c  nfrd960 - ok
20:05:09.0317 0x0a5c  [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
20:05:09.0317 0x0a5c  NIS - ok
20:05:09.0364 0x0a5c  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:05:09.0379 0x0a5c  NlaSvc - ok
20:05:09.0411 0x0a5c  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:05:09.0411 0x0a5c  Npfs - ok
20:05:09.0426 0x0a5c  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
20:05:09.0426 0x0a5c  npsvctrig - ok
20:05:09.0458 0x0a5c  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\Windows\system32\nsisvc.dll
20:05:09.0473 0x0a5c  nsi - ok
20:05:09.0489 0x0a5c  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:05:09.0489 0x0a5c  nsiproxy - ok
20:05:09.0567 0x0a5c  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:05:09.0598 0x0a5c  Ntfs - ok
20:05:09.0614 0x0a5c  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\Windows\system32\drivers\Null.sys
20:05:09.0629 0x0a5c  Null - ok
20:05:09.0645 0x0a5c  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:05:09.0645 0x0a5c  nvraid - ok
20:05:09.0661 0x0a5c  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:05:09.0661 0x0a5c  nvstor - ok
20:05:09.0676 0x0a5c  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:05:09.0676 0x0a5c  nv_agp - ok
20:05:09.0801 0x0a5c  [ 5239571EC40C990C6FC4B03685D56777 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
20:05:09.0817 0x0a5c  OfficeSvc - ok
20:05:09.0911 0x0a5c  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:05:09.0911 0x0a5c  ose - ok
20:05:10.0364 0x0a5c  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:05:10.0411 0x0a5c  osppsvc - ok
20:05:10.0442 0x0a5c  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:05:10.0458 0x0a5c  p2pimsvc - ok
20:05:10.0473 0x0a5c  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:05:10.0473 0x0a5c  p2psvc - ok
20:05:10.0505 0x0a5c  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\Windows\System32\drivers\parport.sys
20:05:10.0520 0x0a5c  Parport - ok
20:05:10.0551 0x0a5c  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:05:10.0551 0x0a5c  partmgr - ok
20:05:10.0598 0x0a5c  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:05:10.0614 0x0a5c  PcaSvc - ok
20:05:10.0645 0x0a5c  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\Windows\system32\drivers\pci.sys
20:05:10.0645 0x0a5c  pci - ok
20:05:10.0676 0x0a5c  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:05:10.0676 0x0a5c  pciide - ok
20:05:10.0692 0x0a5c  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:05:10.0692 0x0a5c  pcmcia - ok
20:05:10.0723 0x0a5c  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:05:10.0723 0x0a5c  pcw - ok
20:05:10.0755 0x0a5c  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\Windows\system32\drivers\pdc.sys
20:05:10.0755 0x0a5c  pdc - ok
20:05:10.0801 0x0a5c  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:05:10.0801 0x0a5c  PEAUTH - ok
20:05:10.0895 0x0a5c  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:05:10.0895 0x0a5c  PerfHost - ok
20:05:10.0958 0x0a5c  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\Windows\system32\pla.dll
20:05:10.0973 0x0a5c  pla - ok
20:05:11.0020 0x0a5c  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:05:11.0020 0x0a5c  PlugPlay - ok
20:05:11.0036 0x0a5c  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:05:11.0051 0x0a5c  PNRPAutoReg - ok
20:05:11.0083 0x0a5c  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:05:11.0083 0x0a5c  PNRPsvc - ok
20:05:11.0130 0x0a5c  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:05:11.0145 0x0a5c  PolicyAgent - ok
20:05:11.0173 0x0a5c  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\Windows\system32\umpo.dll
20:05:11.0173 0x0a5c  Power - ok
20:05:11.0204 0x0a5c  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:05:11.0204 0x0a5c  PptpMiniport - ok
20:05:11.0345 0x0a5c  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
20:05:11.0376 0x0a5c  PrintNotify - ok
20:05:11.0407 0x0a5c  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\Windows\System32\drivers\processr.sys
20:05:11.0407 0x0a5c  Processor - ok
20:05:11.0454 0x0a5c  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\Windows\system32\profsvc.dll
20:05:11.0454 0x0a5c  ProfSvc - ok
20:05:11.0501 0x0a5c  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:05:11.0501 0x0a5c  Psched - ok
20:05:11.0517 0x0a5c  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\Windows\system32\qwave.dll
20:05:11.0532 0x0a5c  QWAVE - ok
20:05:11.0548 0x0a5c  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:05:11.0548 0x0a5c  QWAVEdrv - ok
20:05:11.0564 0x0a5c  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:05:11.0564 0x0a5c  RasAcd - ok
20:05:11.0595 0x0a5c  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:05:11.0595 0x0a5c  RasAgileVpn - ok
20:05:11.0610 0x0a5c  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\Windows\System32\rasauto.dll
20:05:11.0610 0x0a5c  RasAuto - ok
20:05:11.0642 0x0a5c  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:05:11.0642 0x0a5c  Rasl2tp - ok
20:05:11.0673 0x0a5c  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\Windows\System32\rasmans.dll
20:05:11.0673 0x0a5c  RasMan - ok
20:05:11.0689 0x0a5c  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:05:11.0689 0x0a5c  RasPppoe - ok
20:05:11.0720 0x0a5c  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:05:11.0720 0x0a5c  RasSstp - ok
20:05:11.0751 0x0a5c  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:05:11.0751 0x0a5c  rdbss - ok
20:05:11.0798 0x0a5c  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
20:05:11.0798 0x0a5c  rdpbus - ok
20:05:11.0814 0x0a5c  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:05:11.0814 0x0a5c  RDPDR - ok
20:05:11.0845 0x0a5c  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:05:11.0845 0x0a5c  RdpVideoMiniport - ok
20:05:11.0860 0x0a5c  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:05:11.0860 0x0a5c  RDPWD - ok
20:05:11.0876 0x0a5c  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:05:11.0876 0x0a5c  rdyboost - ok
20:05:11.0923 0x0a5c  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:05:11.0923 0x0a5c  RemoteAccess - ok
20:05:11.0954 0x0a5c  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:05:11.0970 0x0a5c  RemoteRegistry - ok
20:05:12.0001 0x0a5c  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:05:12.0017 0x0a5c  RpcEptMapper - ok
20:05:12.0032 0x0a5c  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\Windows\system32\locator.exe
20:05:12.0048 0x0a5c  RpcLocator - ok
20:05:12.0095 0x0a5c  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\Windows\system32\rpcss.dll
20:05:12.0095 0x0a5c  RpcSs - ok
20:05:12.0142 0x0a5c  [ D38250F459BF60D6F4B69B79DCD948CC ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
20:05:12.0142 0x0a5c  RSP2STOR - ok
20:05:12.0173 0x0a5c  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:05:12.0173 0x0a5c  rspndr - ok
20:05:12.0220 0x0a5c  [ 34DA0D14F5C3F1883A331AFB975AB434 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
20:05:12.0220 0x0a5c  RTL8168 - ok
20:05:12.0251 0x0a5c  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
20:05:12.0251 0x0a5c  s3cap - ok
20:05:12.0282 0x0a5c  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\Windows\system32\lsass.exe
20:05:12.0282 0x0a5c  SamSs - ok
20:05:12.0392 0x0a5c  [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
20:05:12.0392 0x0a5c  SASDIFSV - ok
20:05:12.0439 0x0a5c  [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
20:05:12.0439 0x0a5c  SASKUTIL - ok
20:05:12.0470 0x0a5c  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:05:12.0470 0x0a5c  sbp2port - ok
20:05:12.0501 0x0a5c  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:05:12.0501 0x0a5c  SCardSvr - ok
20:05:12.0517 0x0a5c  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:05:12.0517 0x0a5c  scfilter - ok
20:05:12.0579 0x0a5c  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\Windows\system32\schedsvc.dll
20:05:12.0595 0x0a5c  Schedule - ok
20:05:12.0642 0x0a5c  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:05:12.0642 0x0a5c  SCPolicySvc - ok
20:05:12.0751 0x0a5c  [ 98636FB2973B8876A7F0BECD076CF109 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
20:05:12.0751 0x0a5c  sdbus - ok
20:05:12.0767 0x0a5c  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:05:12.0782 0x0a5c  SDRSVC - ok
20:05:12.0829 0x0a5c  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
20:05:12.0829 0x0a5c  sdstor - ok
20:05:12.0860 0x0a5c  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:05:12.0860 0x0a5c  secdrv - ok
20:05:12.0892 0x0a5c  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\Windows\system32\seclogon.dll
20:05:12.0892 0x0a5c  seclogon - ok
20:05:12.0939 0x0a5c  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\Windows\System32\sens.dll
20:05:12.0939 0x0a5c  SENS - ok
20:05:12.0970 0x0a5c  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:05:12.0970 0x0a5c  SensrSvc - ok
20:05:12.0985 0x0a5c  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\Windows\system32\drivers\SerCx.sys
20:05:13.0001 0x0a5c  SerCx - ok
20:05:13.0001 0x0a5c  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\Windows\System32\drivers\serenum.sys
20:05:13.0001 0x0a5c  Serenum - ok
20:05:13.0017 0x0a5c  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\Windows\System32\drivers\serial.sys
20:05:13.0032 0x0a5c  Serial - ok
20:05:13.0032 0x0a5c  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\Windows\System32\drivers\sermouse.sys
20:05:13.0048 0x0a5c  sermouse - ok
20:05:13.0064 0x0a5c  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\Windows\system32\sessenv.dll
20:05:13.0079 0x0a5c  SessionEnv - ok
20:05:13.0079 0x0a5c  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
20:05:13.0079 0x0a5c  sfloppy - ok
20:05:13.0126 0x0a5c  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:05:13.0142 0x0a5c  SharedAccess - ok
20:05:13.0232 0x0a5c  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:05:13.0248 0x0a5c  ShellHWDetection - ok
20:05:13.0263 0x0a5c  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:05:13.0263 0x0a5c  SiSRaid2 - ok
20:05:13.0279 0x0a5c  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:05:13.0294 0x0a5c  SiSRaid4 - ok
20:05:13.0310 0x0a5c  [ AF5CC3F9B88F140D78FC967ABF0F4EC7 ] SmbDrv          C:\Windows\System32\drivers\Smb_driver_AMDASF.sys
20:05:13.0326 0x0a5c  SmbDrv - ok
20:05:13.0357 0x0a5c  [ 19555D03CB179BED8B8AAA239A36BDA4 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
20:05:13.0357 0x0a5c  SmbDrvI - ok
20:05:13.0388 0x0a5c  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:05:13.0388 0x0a5c  SNMPTRAP - ok
20:05:13.0419 0x0a5c  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
20:05:13.0419 0x0a5c  spaceport - ok
20:05:13.0435 0x0a5c  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
20:05:13.0435 0x0a5c  SpbCx - ok
20:05:13.0466 0x0a5c  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\Windows\System32\spoolsv.exe
20:05:13.0482 0x0a5c  Spooler - ok
20:05:13.0591 0x0a5c  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:05:13.0685 0x0a5c  sppsvc - ok
20:05:13.0779 0x0a5c  [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS
20:05:13.0794 0x0a5c  SRTSP - ok
20:05:13.0810 0x0a5c  [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX          C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS
20:05:13.0810 0x0a5c  SRTSPX - ok
20:05:13.0841 0x0a5c  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:05:13.0841 0x0a5c  srv - ok
20:05:13.0888 0x0a5c  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:05:13.0904 0x0a5c  srv2 - ok
20:05:13.0919 0x0a5c  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:05:13.0919 0x0a5c  srvnet - ok
20:05:13.0951 0x0a5c  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:05:13.0966 0x0a5c  SSDPSRV - ok
20:05:13.0966 0x0a5c  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:05:13.0982 0x0a5c  SstpSvc - ok
20:05:14.0044 0x0a5c  [ F452B51D895D894BF5487057E11D44CF ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
20:05:14.0044 0x0a5c  STacSV - ok
20:05:14.0091 0x0a5c  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:05:14.0091 0x0a5c  stexstor - ok
20:05:14.0138 0x0a5c  [ B05AEC4014FFDC1793B5CCB6D9BD28D1 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
20:05:14.0154 0x0a5c  STHDA - ok
20:05:14.0201 0x0a5c  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\Windows\System32\wiaservc.dll
20:05:14.0232 0x0a5c  stisvc - ok
20:05:14.0263 0x0a5c  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\Windows\system32\drivers\storahci.sys
20:05:14.0263 0x0a5c  storahci - ok
20:05:14.0294 0x0a5c  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
20:05:14.0294 0x0a5c  storflt - ok
20:05:14.0341 0x0a5c  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\Windows\system32\storsvc.dll
20:05:14.0341 0x0a5c  StorSvc - ok
20:05:14.0388 0x0a5c  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:05:14.0388 0x0a5c  storvsc - ok
20:05:14.0404 0x0a5c  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\Windows\system32\svsvc.dll
20:05:14.0419 0x0a5c  svsvc - ok
20:05:14.0435 0x0a5c  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\Windows\System32\drivers\swenum.sys
20:05:14.0435 0x0a5c  swenum - ok
20:05:14.0591 0x0a5c  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\Windows\System32\swprv.dll
20:05:14.0607 0x0a5c  swprv - ok
20:05:14.0669 0x0a5c  [ 52DC0048D667757A8A2E4C87182890AC ] SymDS           C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS
20:05:14.0669 0x0a5c  SymDS - ok
20:05:14.0779 0x0a5c  [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA          C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS
20:05:14.0794 0x0a5c  SymEFA - ok
20:05:14.0826 0x0a5c  [ 42947647F71E9EF2167B42B372F1DDB7 ] SymELAM         C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys
20:05:14.0826 0x0a5c  SymELAM - ok
20:05:14.0857 0x0a5c  [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:05:14.0857 0x0a5c  SymEvent - ok
20:05:14.0904 0x0a5c  [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON         C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS
20:05:14.0904 0x0a5c  SymIRON - ok
20:05:14.0982 0x0a5c  [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS
20:05:14.0998 0x0a5c  SymNetS - ok
20:05:15.0029 0x0a5c  [ 3F45C3FE208CA5E68832B65C597A35A6 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:05:15.0044 0x0a5c  SynTP - ok
20:05:15.0123 0x0a5c  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\Windows\system32\sysmain.dll
20:05:15.0154 0x0a5c  SysMain - ok
20:05:15.0193 0x0a5c  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:05:15.0193 0x0a5c  SystemEventsBroker - ok
20:05:15.0224 0x0a5c  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
20:05:15.0240 0x0a5c  TabletInputService - ok
20:05:15.0271 0x0a5c  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:05:15.0287 0x0a5c  TapiSrv - ok
20:05:15.0381 0x0a5c  [ 1794C43A000A47D92B3304FC1E3E512A ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:05:15.0412 0x0a5c  Tcpip - ok
20:05:15.0443 0x0a5c  [ 1794C43A000A47D92B3304FC1E3E512A ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:05:15.0443 0x0a5c  TCPIP6 - ok
20:05:15.0490 0x0a5c  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:05:15.0490 0x0a5c  tcpipreg - ok
20:05:15.0506 0x0a5c  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:05:15.0506 0x0a5c  tdx - ok
20:05:15.0521 0x0a5c  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
20:05:15.0521 0x0a5c  terminpt - ok
20:05:15.0584 0x0a5c  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\Windows\System32\termsrv.dll
20:05:15.0599 0x0a5c  TermService - ok
20:05:15.0615 0x0a5c  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\Windows\system32\themeservice.dll
20:05:15.0615 0x0a5c  Themes - ok
20:05:15.0646 0x0a5c  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:05:15.0646 0x0a5c  THREADORDER - ok
20:05:15.0693 0x0a5c  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
20:05:15.0693 0x0a5c  TimeBroker - ok
20:05:15.0724 0x0a5c  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\Windows\system32\drivers\tpm.sys
20:05:15.0724 0x0a5c  TPM - ok
20:05:15.0756 0x0a5c  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\Windows\System32\trkwks.dll
20:05:15.0756 0x0a5c  TrkWks - ok
20:05:15.0818 0x0a5c  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:05:15.0818 0x0a5c  TrustedInstaller - ok
20:05:15.0865 0x0a5c  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:05:15.0865 0x0a5c  TsUsbFlt - ok
20:05:15.0896 0x0a5c  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
20:05:15.0896 0x0a5c  TsUsbGD - ok
20:05:15.0912 0x0a5c  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:05:15.0928 0x0a5c  tunnel - ok
20:05:15.0943 0x0a5c  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:05:15.0959 0x0a5c  uagp35 - ok
20:05:15.0974 0x0a5c  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
20:05:15.0974 0x0a5c  UASPStor - ok
20:05:16.0006 0x0a5c  [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
20:05:16.0006 0x0a5c  UCX01000 - ok
20:05:16.0037 0x0a5c  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:05:16.0037 0x0a5c  udfs - ok
20:05:16.0068 0x0a5c  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:05:16.0068 0x0a5c  UI0Detect - ok
20:05:16.0068 0x0a5c  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:05:16.0084 0x0a5c  uliagpkx - ok
20:05:16.0099 0x0a5c  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\Windows\System32\drivers\umbus.sys
20:05:16.0099 0x0a5c  umbus - ok
20:05:16.0099 0x0a5c  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\Windows\System32\drivers\umpass.sys
20:05:16.0115 0x0a5c  UmPass - ok
20:05:16.0131 0x0a5c  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\Windows\System32\umrdp.dll
20:05:16.0131 0x0a5c  UmRdpService - ok
20:05:16.0256 0x0a5c  [ DBE2E6388379D5CC78099650541E9566 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
20:05:16.0256 0x0a5c  UNS - ok
20:05:16.0287 0x0a5c  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\Windows\System32\upnphost.dll
20:05:16.0303 0x0a5c  upnphost - ok
20:05:16.0318 0x0a5c  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
20:05:16.0334 0x0a5c  usbccgp - ok
20:05:16.0349 0x0a5c  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
20:05:16.0349 0x0a5c  usbcir - ok
20:05:16.0381 0x0a5c  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
20:05:16.0381 0x0a5c  usbehci - ok
20:05:16.0443 0x0a5c  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\Windows\System32\drivers\usbhub.sys
20:05:16.0443 0x0a5c  usbhub - ok
20:05:16.0490 0x0a5c  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
20:05:16.0490 0x0a5c  USBHUB3 - ok
20:05:16.0521 0x0a5c  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
20:05:16.0521 0x0a5c  usbohci - ok
20:05:16.0553 0x0a5c  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\Windows\System32\drivers\usbprint.sys
20:05:16.0553 0x0a5c  usbprint - ok
20:05:16.0553 0x0a5c  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
20:05:16.0553 0x0a5c  USBSTOR - ok
20:05:16.0584 0x0a5c  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
20:05:16.0584 0x0a5c  usbuhci - ok
20:05:16.0615 0x0a5c  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:05:16.0615 0x0a5c  usbvideo - ok
20:05:16.0662 0x0a5c  [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
20:05:16.0662 0x0a5c  USBXHCI - ok
20:05:16.0678 0x0a5c  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\Windows\system32\lsass.exe
20:05:16.0678 0x0a5c  VaultSvc - ok
20:05:16.0709 0x0a5c  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:05:16.0709 0x0a5c  vdrvroot - ok
20:05:16.0756 0x0a5c  [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds             C:\Windows\System32\vds.exe
20:05:16.0771 0x0a5c  vds - ok
20:05:16.0787 0x0a5c  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
20:05:16.0803 0x0a5c  VerifierExt - ok
20:05:16.0849 0x0a5c  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
20:05:16.0865 0x0a5c  vhdmp - ok
20:05:16.0881 0x0a5c  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\Windows\system32\drivers\viaide.sys
20:05:16.0881 0x0a5c  viaide - ok
20:05:16.0912 0x0a5c  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:05:16.0912 0x0a5c  vmbus - ok
20:05:16.0928 0x0a5c  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
20:05:16.0928 0x0a5c  VMBusHID - ok
20:05:16.0959 0x0a5c  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
20:05:16.0974 0x0a5c  vmicheartbeat - ok
20:05:16.0974 0x0a5c  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:05:16.0990 0x0a5c  vmickvpexchange - ok
20:05:16.0990 0x0a5c  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\Windows\System32\ICSvc.dll
20:05:17.0006 0x0a5c  vmicrdv - ok
20:05:17.0006 0x0a5c  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
20:05:17.0006 0x0a5c  vmicshutdown - ok
20:05:17.0021 0x0a5c  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\Windows\System32\ICSvc.dll
20:05:17.0021 0x0a5c  vmictimesync - ok
20:05:17.0021 0x0a5c  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\Windows\System32\ICSvc.dll
20:05:17.0037 0x0a5c  vmicvss - ok
20:05:17.0068 0x0a5c  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:05:17.0068 0x0a5c  volmgr - ok
20:05:17.0099 0x0a5c  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:05:17.0099 0x0a5c  volmgrx - ok
20:05:17.0131 0x0a5c  [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:05:17.0146 0x0a5c  volsnap - ok
20:05:17.0154 0x0a5c  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\Windows\System32\drivers\vpci.sys
20:05:17.0154 0x0a5c  vpci - ok
20:05:17.0158 0x0a5c  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:05:17.0158 0x0a5c  vsmraid - ok
20:05:17.0205 0x0a5c  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\Windows\system32\vssvc.exe
20:05:17.0221 0x0a5c  VSS - ok
20:05:17.0237 0x0a5c  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
20:05:17.0237 0x0a5c  VSTXRAID - ok
20:05:17.0252 0x0a5c  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:05:17.0252 0x0a5c  vwifibus - ok
20:05:17.0268 0x0a5c  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:05:17.0283 0x0a5c  vwififlt - ok
20:05:17.0283 0x0a5c  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:05:17.0283 0x0a5c  vwifimp - ok
20:05:17.0330 0x0a5c  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\Windows\system32\w32time.dll
20:05:17.0330 0x0a5c  W32Time - ok
20:05:17.0346 0x0a5c  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
20:05:17.0346 0x0a5c  WacomPen - ok
20:05:17.0377 0x0a5c  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:05:17.0377 0x0a5c  Wanarp - ok
20:05:17.0377 0x0a5c  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:05:17.0377 0x0a5c  Wanarpv6 - ok
20:05:17.0440 0x0a5c  [ 901CC968412F8155B08D7ABE0171166A ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
20:05:17.0455 0x0a5c  WAS - ok
20:05:17.0690 0x0a5c  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\Windows\system32\wbengine.exe
20:05:17.0705 0x0a5c  wbengine - ok
20:05:17.0752 0x0a5c  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:05:17.0768 0x0a5c  WbioSrvc - ok
20:05:17.0862 0x0a5c  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
20:05:17.0877 0x0a5c  Wcmsvc - ok
20:05:17.0940 0x0a5c  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:05:17.0955 0x0a5c  wcncsvc - ok
20:05:17.0987 0x0a5c  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:05:17.0987 0x0a5c  WcsPlugInService - ok
20:05:18.0018 0x0a5c  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\Windows\system32\drivers\wd.sys
20:05:18.0018 0x0a5c  Wd - ok
20:05:18.0049 0x0a5c  [ FD47DF026B32969B8A68721A0243E8EE ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
20:05:18.0065 0x0a5c  WdBoot - ok
20:05:18.0096 0x0a5c  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:05:18.0112 0x0a5c  Wdf01000 - ok
20:05:18.0143 0x0a5c  [ 5F425D842DD6ADE9F95A51A0616AFAD7 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
20:05:18.0143 0x0a5c  WdFilter - ok
20:05:18.0174 0x0a5c  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:05:18.0190 0x0a5c  WdiServiceHost - ok
20:05:18.0190 0x0a5c  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:05:18.0205 0x0a5c  WdiSystemHost - ok
20:05:18.0221 0x0a5c  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\Windows\System32\webclnt.dll
20:05:18.0221 0x0a5c  WebClient - ok
20:05:18.0252 0x0a5c  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:05:18.0252 0x0a5c  Wecsvc - ok
20:05:18.0283 0x0a5c  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:05:18.0283 0x0a5c  wercplsupport - ok
20:05:18.0315 0x0a5c  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:05:18.0315 0x0a5c  WerSvc - ok
20:05:18.0346 0x0a5c  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
20:05:18.0346 0x0a5c  WFPLWFS - ok
20:05:18.0377 0x0a5c  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\Windows\System32\wiarpc.dll
20:05:18.0393 0x0a5c  WiaRpc - ok
20:05:18.0408 0x0a5c  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:05:18.0408 0x0a5c  WIMMount - ok
20:05:18.0440 0x0a5c  WinDefend - ok
20:05:18.0487 0x0a5c  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:05:18.0487 0x0a5c  WinHttpAutoProxySvc - ok
20:05:18.0549 0x0a5c  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:05:18.0549 0x0a5c  Winmgmt - ok
20:05:18.0643 0x0a5c  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\Windows\system32\WsmSvc.dll
20:05:18.0674 0x0a5c  WinRM - ok
20:05:18.0721 0x0a5c  [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:05:18.0721 0x0a5c  WinUsb - ok
20:05:18.0752 0x0a5c  [ DAF801153E8F33E13AB278332250D78A ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
20:05:18.0752 0x0a5c  WirelessButtonDriver - ok
20:05:18.0799 0x0a5c  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\Windows\System32\wlansvc.dll
20:05:18.0815 0x0a5c  WlanSvc - ok
20:05:18.0877 0x0a5c  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\Windows\system32\wlidsvc.dll
20:05:18.0908 0x0a5c  wlidsvc - ok
20:05:18.0940 0x0a5c  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
20:05:18.0940 0x0a5c  WmiAcpi - ok
20:05:18.0971 0x0a5c  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:05:18.0971 0x0a5c  wmiApSrv - ok
20:05:19.0002 0x0a5c  WMPNetworkSvc - ok
20:05:19.0018 0x0a5c  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
20:05:19.0018 0x0a5c  wpcfltr - ok
20:05:19.0049 0x0a5c  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:05:19.0049 0x0a5c  WPCSvc - ok
20:05:19.0080 0x0a5c  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:05:19.0080 0x0a5c  WPDBusEnum - ok
20:05:19.0096 0x0a5c  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
20:05:19.0096 0x0a5c  WpdUpFltr - ok
20:05:19.0127 0x0a5c  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:05:19.0127 0x0a5c  ws2ifsl - ok
20:05:19.0170 0x0a5c  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\Windows\System32\wscsvc.dll
20:05:19.0170 0x0a5c  wscsvc - ok
20:05:19.0202 0x0a5c  [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
20:05:19.0202 0x0a5c  WSDPrintDevice - ok
20:05:19.0217 0x0a5c  [ FA07DF46070F0826139709EF4D31FB71 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
20:05:19.0217 0x0a5c  WSDScan - ok
20:05:19.0233 0x0a5c  WSearch - ok
20:05:19.0295 0x0a5c  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\Windows\System32\WSService.dll
20:05:19.0327 0x0a5c  WSService - ok
20:05:19.0389 0x0a5c  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        C:\Windows\system32\wuaueng.dll
20:05:19.0436 0x0a5c  wuauserv - ok
20:05:19.0467 0x0a5c  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:05:19.0467 0x0a5c  WudfPf - ok
20:05:19.0483 0x0a5c  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
20:05:19.0483 0x0a5c  WUDFRd - ok
20:05:19.0499 0x0a5c  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
20:05:19.0499 0x0a5c  WUDFSensorLP - ok
20:05:19.0530 0x0a5c  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:05:19.0546 0x0a5c  wudfsvc - ok
20:05:19.0546 0x0a5c  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
20:05:19.0546 0x0a5c  WUDFWpdFs - ok
20:05:19.0561 0x0a5c  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
20:05:19.0561 0x0a5c  WUDFWpdMtp - ok
20:05:19.0592 0x0a5c  [ FBB9B00D7A5756B0AA8E10BF7619E604 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:05:19.0608 0x0a5c  WwanSvc - ok
20:05:19.0686 0x0a5c  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
20:05:19.0686 0x0a5c  YahooAUService - ok
20:05:19.0702 0x0a5c  ================ Scan global ===============================
20:05:19.0764 0x0a5c  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
20:05:19.0811 0x0a5c  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
20:05:19.0842 0x0a5c  [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
20:05:19.0874 0x0a5c  [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
20:05:19.0889 0x0a5c  [Global] - ok
20:05:19.0889 0x0a5c  ================ Scan MBR ==================================
20:05:19.0905 0x0a5c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:05:19.0983 0x0a5c  \Device\Harddisk0\DR0 - ok
20:05:19.0983 0x0a5c  ================ Scan VBR ==================================
20:05:20.0014 0x0a5c  [ 7B76E006773A58A684777A4A1FCA0472 ] \Device\Harddisk0\DR0\Partition1
20:05:20.0014 0x0a5c  \Device\Harddisk0\DR0\Partition1 - ok
20:05:20.0030 0x0a5c  [ 0306E8073D24BCCB68A4F621768876F2 ] \Device\Harddisk0\DR0\Partition2
20:05:20.0030 0x0a5c  \Device\Harddisk0\DR0\Partition2 - ok
20:05:20.0046 0x0a5c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
20:05:20.0046 0x0a5c  \Device\Harddisk0\DR0\Partition3 - ok
20:05:20.0077 0x0a5c  [ B57686008DDCEB0E44880A439AE1EF34 ] \Device\Harddisk0\DR0\Partition4
20:05:20.0077 0x0a5c  \Device\Harddisk0\DR0\Partition4 - ok
20:05:20.0108 0x0a5c  [ 783C77D13213E58AB757A3835FA56601 ] \Device\Harddisk0\DR0\Partition5
20:05:20.0108 0x0a5c  \Device\Harddisk0\DR0\Partition5 - ok
20:05:20.0108 0x0a5c  ============================================================
20:05:20.0108 0x0a5c  Scan finished
20:05:20.0108 0x0a5c  ============================================================
20:05:20.0124 0x0b30  Detected object count: 0
20:05:20.0124 0x0b30  Actual detected object count: 0
20:06:07.0971 0x0a18  Deinitialize success
 



#8 BoneFish

BoneFish
  • Topic Starter

  • Members
  • 130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:09:25 PM

Posted 20 August 2013 - 07:23 PM

Ok Noknojon, I think I got it all posted this time.

Thanks for the Norton removal link also.



#9 noknojon

noknojon

    Almost Retired


  • Members
  • 9,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:12:25 PM

Posted 20 August 2013 - 09:44 PM

Hi -

You seem to have no remains of the infection showing any more, and it looks healthy.

Do you think there are any problems left on your computer now ? I can see none in the scans.

 

Please just Update and Re-run a Quick scan with MBAM and see if it finds any problems like it did -

Also a Full scan with your avast!, but Only after Norton is removed.

Post a scan (or link) if your avast! still finds anything, even though it may be a "False Positive".

Their forum is full of this type of problem that is only found by avast! and was to be fixed -

 

After you run Norton Removal, just run Security Check by Screen317 to make sure Norton is not showing.

There is no need to post the log unless you still see Norton showing (as above) and we will use another remover.

 

Thank You -



#10 BoneFish

BoneFish
  • Topic Starter

  • Members
  • 130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:09:25 PM

Posted 22 August 2013 - 05:14 AM

I ran a full system scan with Avast and everything was ok.

Here is the Security Check scan I ran.

I think it's ok too but not sure how to read it so I posted it.

 

 

 Results of screen317's Security Check version 0.99.72 
   x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
avast! Antivirus  
Windows Defender  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Java 7 Update 25 
 Google Chrome 28.0.1500.95 
 Google Chrome 29.0.1547.57 
 Google Chrome plugins... 
````````Process Check: objlist.exe by Laurent```````` 
 AVAST Software Avast AvastUI.exe 
 AVAST Software Avast AvastSvc.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
 



#11 noknojon

noknojon

    Almost Retired


  • Members
  • 9,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:12:25 PM

Posted 22 August 2013 - 06:15 AM

I ran a full system scan with Avast and everything was ok.

Hi -

All looks good from this side now -

avast! claim to have fixed the False Positive that was Your major concern.

 

Do you have any other remaining problems at this stage ?

 

Thank You -



#12 BoneFish

BoneFish
  • Topic Starter

  • Members
  • 130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:09:25 PM

Posted 22 August 2013 - 06:59 PM

Hey Noknojon,

I think everything is good now.

Thank you very much for your help.



#13 noknojon

noknojon

    Almost Retired


  • Members
  • 9,876 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Victoria Australia
  • Local time:12:25 PM

Posted 22 August 2013 - 07:20 PM

OK BoneFish -

I will take this off watch now -

 

Please start a new topic if you have other problems -

 

Regards -






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users