# Avast found win32:rootkit-gen[rtk] now I have win32:webcake-a [adw]

Posted 18 August 2013 - 08:43 PM

Started having popups on my wife's laptop so I ran a scan with Avast and it detected win32:rootkit-gen[rtk].

I used Avast to try and get rid of win32:rootkit-gen[rtk] and it said it was successful.

I ran another scan and now there are about a dozen files with win32:webcake-a[adw].

I am currently running a boot scan with Avast.

The operating system is windows 8.

Any help would be appreciated.

Please download AdwCleaner by Xplode onto your desktop. * Close all open programs and internet browsers. * Double click on adwcleaner.exe to run the tool. * Click on Delete. * Confirm each time with Ok. * NOTE : Your computer will be rebooted automatically, and a log file will open after the restart. * Please post the contents of that logfile with your next reply. * You can find the logfile at C:\AdwCleaner[S1].txt as well. Please download Malwarebytes Anti-Malware Free (aka MBAM) * Double-click MBAM -setup.exe and follow the prompts to install the program. * At the end, be sure to Check for Updates so it is current. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Scan, then click Quick Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here. NOTE - If you are not sure of any items, post the log and ask if it should be removed. Be sure to reboot the computer after you post the log. Download SUPERAntiSpyware Free (aka SAS) * Double-click SAS -setup.exe and follow the prompts to install the program. * At the end, be sure to Check for Updates to be so it is current * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform Quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here. Be sure to reboot the computer after you post the log. Download Security Check by Screen317 * Save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document. Note: If any security program requests permission to access the Internet, allow it to do so. ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=379eab4e7f912e43ab32b9eb807c6b5d # engine=14833 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2013-08-19 11:30:34 # local_time=2013-08-19 07:30:34 (-0500, Eastern Daylight Time) # country="United States" # lang=1033 # osver=6.2.9200 NT # compatibility_mode=774 16777213 85 91 0 152743306 0 0 # compatibility_mode=3591 16777213 100 91 1434163 139461619 0 0 # compatibility_mode=5893 16776574 100 94 0 36374745 0 0 # scanned=50 # found=0 # cleaned=0 # scan_time=15 # AdwCleaner v2.306 - Logfile created 08/19/2013 at 19:37:36 # Updated 19/07/2013 by Xplode # Operating system : Windows 8 (64 bits) # User : Sharon - SHAYSHAY # Boot Mode : Normal # Running from : C:\Users\Sharon\Desktop\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** File Deleted : C:\Users\Public\Desktop\eBay.lnk File Deleted : C:\Users\Sharon\Uninstall.exe Folder Deleted : C:\Program Files (x86)\Ask.com Folder Deleted : C:\ProgramData\APN Folder Deleted : C:\ProgramData\Ask Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\Users\Sharon\AppData\Local\APN Folder Deleted : C:\Users\Sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo Folder Deleted : C:\Users\Sharon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh Folder Deleted : C:\Users\Sharon\AppData\LocalLow\AskToolbar Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [Registry] ***** Key Deleted : HKCU\Software\APN Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar Key Deleted : HKCU\Software\Ask.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLM\Software\APN Key Deleted : HKLM\Software\AskToolbar Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8} Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1 Key Deleted : HKLM\Software\InstallIQ Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} Key Deleted : HKLM\SOFTWARE\Tarma Installer Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}] ***** [Internet Browsers] ***** -\\ Internet Explorer v10.0.9200.16660 [OK] Registry is clean. -\\ Google Chrome v28.0.1500.95 File : C:\Users\Sharon\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] File is clean. ************************* AdwCleaner[S1].txt - [7894 octets] - [19/08/2013 19:37:36] ########## EOF - C:\AdwCleaner[S1].txt - [7954 octets] ########## Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.08.19.06 Windows 8 x64 NTFS Internet Explorer 10.0.9200.16660 Sharon :: SHAYSHAY [administrator] 8/19/2013 7:50:27 PM mbam-log-2013-08-19 (19-50-27).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 217969 Time elapsed: 5 minute(s), 8 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKCR\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3} (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully. Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 1 C:\Program Files (x86)\Web Cake (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully. Files Detected: 3 C:\Program Files (x86)\Web Cake\WebCakeDesktop.Updater.InstallState (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\Web Cake\OptChrome.exe (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully. C:\Program Files (x86)\Web Cake\sqlite3.exe (PUP.Optional.WebCake.A) -> Quarantined and deleted successfully. (end) SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 08/19/2013 at 08:16 PM Application Version : 5.6.1032 Core Rules Database Version : 10701 Trace Rules Database Version: 8513 Scan type : Quick Scan Total Scan Time : 00:05:42 Operating System Information 65 Edition 64-bit (Build 6.02.9200) UAC On - Limited User Memory items scanned : 609 Memory threats detected : 0 Registry items scanned : 58646 Registry threats detected : 0 File items scanned : 12149 File threats detected : 272 Adware.Tracking Cookie C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\S93R1Z09.txt [ /imrworldwide.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\NWMC49NQ.txt [ /doubleclick.net ] .invitemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .optimost.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .doubleclick.net [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediaarmor.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediaarmor.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ads.pointroll.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\SHARON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\G1P90M0H.txt [ /walmartcom.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\N4D1518B.txt [ /imp.bid.ace.advertising.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\NB8IAI7A.txt [ /e-2dj6aemyomd5kap.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\DK21MMDP.txt [ /lm.logicalmedia.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QPFP0UMK.txt [ /nextag.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\WAAV1Q3A.txt [ /mtcdebitcard.higheroneaccount.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\WKLM0YC8.txt [ /activenetwork.122.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\VNSQ0DMQ.txt [ /c.atdmt.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\UDU92HCA.txt [ /www.gotquestions.org ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8Z9SPVWO.txt [ /invitemedia.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0DTGK67Y.txt [ /ads.al.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\PONN1LU2.txt [ /yellowpages.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YEHQVHJR.txt [ /adform.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YZWKEUW4.txt [ /insightexpressai.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\RFD0TC1O.txt [ /stats.paypal.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SPCRQUSW.txt [ /travidia.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\237H209T.txt [ /fastclick.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q6B314X6.txt [ /higheroneaccount.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0PHPUW15.txt [ /media.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XN2T21GY.txt [ /ad.360yield.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6HBRF6R1.txt [ /media.adfrontiers.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\4NWAVZA9.txt [ /ads.eurogamer.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\EVFDDN88.txt [ /yieldmanager.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\NH3MHXQ4.txt [ /histats.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SRH8M3JJ.txt [ /statcounter.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\38VUAXUW.txt [ /amazonlocal.122.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\VF0NIQZR.txt [ /tribalfusion.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CVL5PBHZ.txt [ /e-2dj6wakyegajwcp.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\HXR50V32.txt [ /ads.livenation.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AWQXN1MA.txt [ /www.supermediastore.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3ZE3BCG0.txt [ /gntbcstglobal.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\K877OWX1.txt [ /ad.where.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AIV45MGP.txt [ /msnportal.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8ITW41GD.txt [ /adbrite.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8FG9P19K.txt [ /hearstmagazines.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\E0CYR607.txt [ /ads.group.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XSQ1ECFG.txt [ /e-2dj6wjmygmajmdq.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\110AE64H.txt [ /liveperson.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\14PZOOCY.txt [ /interclick.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QHI917E8.txt [ /ads.nola.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QTT7W93L.txt [ /leeenterprises.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\S40HTMA1.txt [ /atwola.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\S2X0Q8RT.txt [ /ad.yieldmanager.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\45WO0GDY.txt [ /ncp.imrworldwide.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\EGD56616.txt [ /paypal.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\P2MBQKT2.txt [ /specificclick.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6IOVXC3V.txt [ /track.dugomedia.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\X6TAK466.txt [ /e-2dj6wjlisjdzckp.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\PN604JST.txt [ /ru4.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\LPXT02W8.txt [ /cnzz.mmstat.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\F2MLOWTP.txt [ /ads.glispa.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\U6ZJUK1Q.txt [ /accounts.google.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\L1LUWQLY.txt [ /amazon-adsystem.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YIWI6KH8.txt [ /lfstmedia.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0M9421PJ.txt [ /liveperson.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8DQ8SVT2.txt [ /networksolutions.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3FA5N0RN.txt [ /googleads.g.doubleclick.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q48PQUAN.txt [ /serving-sys.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\13840N4G.txt [ /network.realmedia.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\OZLU5DAH.txt [ /liveperson.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\1JERNSVG.txt [ /linksynergy.walmart.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\VOOYB3HO.txt [ /demandmedia.trc.taboola.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\W2Q6YXPV.txt [ /steelhousemedia.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\EUTFLM2C.txt [ /supermediastore.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\ILGEGPBL.txt [ /pointroll.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0ZEGKZ68.txt [ /mediaforge.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XWF8ZBGB.txt [ /h.atdmt.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FQ5UG8XC.txt [ /ads.cartoonnetwork.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GWDVZ722.txt [ /adserver.adtechus.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\5S1J4RST.txt [ /autozone.122.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CWN6A0ID.txt [ /www.ticketsnow.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3JXHUA43.txt [ /clickfuse.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\9AY98IZ4.txt [ /stat.dealtime.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\UVINE1I3.txt [ /geconsumerfinance.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\TU3V7COL.txt [ /e-2dj6wgkoqmcjmfo.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\NJN3YDDS.txt [ /tacoda.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8CS4MIL0.txt [ /ww251.smartadserver.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XLWP6BK2.txt [ /xiti.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BI5PT524.txt [ /e-2dj6wblogjdjgfo.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\4138UB1M.txt [ /imrworldwide.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\A1ZZAXNS.txt [ /discountmags.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\R43KJUG3.txt [ /apmebf.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\RKEROF1N.txt [ /oracle.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6D727U5J.txt [ /www.nextag.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AVP42ZQN.txt [ /evite.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BMH5EG14.txt [ /ads.pubmatic.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3ICKVCUY.txt [ /s.clickability.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0W8HSVPA.txt [ /forms.newmediahospitality.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\80THEJ6W.txt [ /overture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\4WI0JT6I.txt [ /link.mercent.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\WZJ3TFRY.txt [ /cmp.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\X8XZ4F71.txt [ /newsday.122.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z7F4GC37.txt [ /adxpose.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GQ3RUA23.txt [ /kontera.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\NA1YAB5U.txt [ /bizrate.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GOAMMHXP.txt [ /mediaplex.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\TY686B1B.txt [ /mletracker.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8416RKL0.txt [ /in.getclicky.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GXHVTDQL.txt [ /e-2dj6wjkyanajkgp.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\WGYW71W8.txt [ /bridge.ame.admarketplace.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\I07MDHJQ.txt [ /clickcallmail.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3JLC2GS9.txt [ /smartadserver.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QD8305DW.txt [ /legolas-media.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\P0OI4TJO.txt [ /advertising.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SPYDWJ96.txt [ /2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GG1M20DB.txt [ /zedo.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\IK2YPZ21.txt [ /ticketsnow.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0UKKJYTK.txt [ /yadro.ru ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\R2BFB1EH.txt [ /crackerbarrelcheese.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\A2MXKUV5.txt [ /microsoftwindows.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6DLY7LJ5.txt [ /sexoffenderin.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\A01P6IBW.txt [ /liveperson.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YAKOBWVS.txt [ /sun.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\RY4YMUZL.txt [ /www.dealtime.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SVZJ9TRE.txt [ /at.atwola.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CMBI4DJI.txt [ /adtech.de ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\1NNHEQ8Z.txt [ /adserver.adreactor.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\DLZZSJ3R.txt [ /mmstat.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\MJDDVLML.txt [ /liveperson.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8RYPX0S4.txt [ /burstnet.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FODDQ47C.txt [ /ad.propellerads.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\9WRPNQTM.txt [ /ads.pointroll.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\IWK5UMWC.txt [ /msnbc.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\IZSPO3K2.txt [ /247realmedia.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\L593CWI4.txt [ /track.adform.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\S6J8V4YH.txt [ /sftrack.searchforce.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BA45MJ5Q.txt [ /media-d.optimalfusion.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AGMI1BBS.txt [ /ads.p161.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\5RV1PEFK.txt [ /adinterax.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\RVG6ETCO.txt [ /ticketsnow.db.advertising.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\M7JOG9PF.txt [ /brownshoe.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\EXNHK074.txt [ /amazonservices.122.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\2IS5MT41.txt [ /intermundomedia.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\24ZR4EUG.txt [ /ads.creative-serving.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CGOXG9QW.txt [ /demandwarecrocs.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3AINOHWX.txt [ /www.discountmags.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FC2H3IA9.txt [ /e-2dj6wcliqod5elo.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GA7DAEFG.txt [ /e-2dj6wfloemdzoep.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\W9P3UISC.txt [ /realmedia.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\HVTT49KT.txt [ /collective-media.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QDONMK49.txt [ /fidelity.rotator.hadj7.adjuggler.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\VF9T6OMF.txt [ /webservices.evolvemediacorp.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\O11TRHYU.txt [ /ar.atwola.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6591CXFR.txt [ /findnsave.thestate.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SHZRNNK1.txt [ /fuelinteractive.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\N8ZW9WI9.txt [ /biglots.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\LGERR4PG.txt [ /findnsave.star-telegram.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\PECCW024.txt [ /liveperson.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\G0472OK8.txt [ /kanoodle.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YFPAMZMI.txt [ /dmtracker.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\HNNP2CCX.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\F851OIPH.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AWHWUWKN.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\MTJ6UNT8.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\R1SL7S3N.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\38W15LX1.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BA4AHHCR.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\AMW4EBBH.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XF0TDMQB.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FN76WWS0.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\B0R20T36.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\PFPETH8O.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\TI23C740.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YH5SJAM7.txt [ /www.googleadservices.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SN1OBT6D.txt [ /stats.popscreen.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FE6DONNV.txt [ /a.intentmedia.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\T5BJF3QC.txt [ /liveperson.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\1CSGGVQR.txt [ /lucidmedia.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\OO0FF5EM.txt [ /eyewonder.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\2FMI14XY.txt [ /casalemedia.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\342X8HS0.txt [ /accountonline.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\MRDNQFLN.txt [ /stats-newyork1.bloxcms.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\7DY6T4J6.txt [ /e-2dj6afk4gjajslp.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\7PPDGEJ3.txt [ /dealtime.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\9WQWL6AF.txt [ /amazonmerchants.122.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0TXNZHQ5.txt [ /nestleusa.122.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\JZCUSJ78.txt [ /ticketsnow.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\S7P8YROA.txt [ /atdmt.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\WWJACMW1.txt [ /timeinc.122.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YBXUKXY8.txt [ /media.gsimedia.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\T9CXUXCJ.txt [ /linksynergy.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\MVUU7PG9.txt [ /e-2dj6wblogldjwgp.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZY2E5JZF.txt [ /tags.mediaforge.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\KBHZXUVS.txt [ /server.cpmstar.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0OQBOCM0.txt [ /amazonwebstore.122.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\EQ4BHPV1.txt [ /media6degrees.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\2U9HHN73.txt [ /tacoda.at.atwola.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\8JXH9S00.txt [ /media.wayfair.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\X3C2VFM3.txt [ /bookit.advertserve.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\XY342K9M.txt [ /e-2dj6aekokgajkko.stats.esomniture.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BLP12FXQ.txt [ /demandmedia.trc.taboola.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GBV1JA1X.txt [ /liveperson.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\KZCV3HX5.txt [ /doubleclick.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SX560O6P.txt [ /gotquestions.org ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0KLJ1DKB.txt [ /bs.serving-sys.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0S3K9BDR.txt [ /testdata.coremetrics.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\YKASBUWC.txt [ /statse.webtrendslive.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3215FJ2I.txt [ /gsimedia.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\66Z8TWCC.txt [ /www1.addfreestats.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\QYTW570D.txt [ /ads.undertone.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\3LDKMEBV.txt [ /ads.bridgetrack.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\B4CTJZHZ.txt [ /ads.webkinz.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\0F7M0FXO.txt [ /ad.mlnadvertising.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\SRO5BNOC.txt [ /va.marketer.lpsnmedia.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CGW6QI0Z.txt [ /valassis.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\CG050SB3.txt [ /pro-market.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\MU4XCMAP.txt [ /liveclicker.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FG8H98I1.txt [ /ads.us.e-planning.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\A75HI65E.txt [ /revsci.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\A41R3427.txt [ /synacor.112.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\N59PYT36.txt [ /traveladvertising.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\44Y44GC4.txt [ /ads.lcxdigital.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\VRRAODKY.txt [ /admarketplace.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\V8CTTQSW.txt [ /ads.videohub.tv ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\97QM8SUH.txt [ /myaccount.stubhub.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\E5VUMTNB.txt [ /registercom.122.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZKFR56PW.txt [ /marketlive.122.2o7.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\JOZWSO03.txt [ /adtechus.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\D5CINODC.txt [ /media2.legacy.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\FLWVPQBN.txt [ /questionmarket.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\U6K2GPVU.txt [ /ads.as4x.tmcs.ticketmaster.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\UJU6MBN6.txt [ /ads.ihigh.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\BQ7MXKOJ.txt [ /liveperson.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\1DNY1CTF.txt [ /ads.bleepingcomputer.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\6BTW3PCC.txt [ /liveperson.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\IH26YAXA.txt [ /www.bizrate.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZUR6C4GC.txt [ /ads.healthline.com ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\GOQ48JS2.txt [ /ad.e-kolay.net ] C:\Users\Sharon\AppData\Roaming\Microsoft\Windows\Cookies\Low\PYB3IQ9W.txt [ /px.steelhousemedia.com ] Results of screen317's Security Check version 0.99.72 x64 (UAC is enabled) Internet Explorer 10 Antivirus/Firewall Check: Windows Firewall Enabled! avast! Results of screen317's Security Check version 0.99.72 x64 (UAC is enabled) Internet Explorer 10 Antivirus/Firewall Check: Windows Firewall Enabled! avast! Antivirus Windows Defender Norton Internet Security Antivirus up to date! Anti-malware/Other Utilities Check: Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 25 Google Chrome 28.0.1500.72 Google Chrome 28.0.1500.95 Google Chrome plugins... Process Check: objlist.exe by Laurent Norton ccSvcHst.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe System Health check Total Fragmentation on Drive C: % End of Log

Posted 19 August 2013 - 11:48 PM

Hi -

ESET Scan was "generally" clean -

AdwCleaner removed many minor infections, including >>
Tarma Installer / AskToolbar / WebCakeIEClient.Layers / WebCakeDesktop_RASMANCS

Malwarebytes Anti-Malware removed - Folders Detected: 1 - Files Detected: 3 - Registry Keys Detected: 1
Web Cake (PUP.Optional.WebCake.A)

Please Re-run Security Check as just this line is incomplete ........ {x64 (UAC is enabled) }
Or if you still have it, please post it -

Well Done so far -

You have 2 current active Antivirus programs and need to remove one -

Please tell me which one, and I will post the correct removal method.
Norton Internet Security
avast! Antivirus

This can cause the readings that you normally get from avast! to be False Positives ! !

Norton Internet Security  may be an old Preinstalled version that was never fully removed -

Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results.

Thank You -

Process Check: objlist.exe by Laurent Norton ccSvcHst.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe System Health check Total Fragmentation on Drive C: % End of Log ### #7 BoneFish BoneFish • Topic Starter • Members • 130 posts • OFFLINE • • Gender:Male • Location:South Carolina • Local time:02:36 AM Posted 20 August 2013 - 07:08 PM 20:03:56.0696 0x0638 TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29 20:03:56.0696 0x0638 UEFI system 20:03:57.0071 0x0638 ============================================================ 20:03:57.0071 0x0638 Current date / time: 2013/08/20 20:03:57.0071 20:03:57.0071 0x0638 SystemInfo: 20:03:57.0071 0x0638 20:03:57.0071 0x0638 OS Version: 6.2.9200 ServicePack: 0.0 20:03:57.0071 0x0638 Product type: Workstation 20:03:57.0071 0x0638 ComputerName: SHAYSHAY 20:03:57.0071 0x0638 UserName: Sharon 20:03:57.0071 0x0638 Windows directory: C:\Windows 20:03:57.0071 0x0638 System windows directory: C:\Windows 20:03:57.0071 0x0638 Running under WOW64 20:03:57.0071 0x0638 Processor architecture: Intel x64 20:03:57.0071 0x0638 Number of processors: 2 20:03:57.0071 0x0638 Page size: 0x1000 20:03:57.0071 0x0638 Boot type: Normal boot 20:03:57.0071 0x0638 ============================================================ 20:03:59.0602 0x0638 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 20:03:59.0618 0x0638 ============================================================ 20:03:59.0618 0x0638 \Device\Harddisk0\DR0: 20:03:59.0618 0x0638 GPT partitions: 20:03:59.0618 0x0638 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9E580EFC-570B-498A-91D4-6A663FE54383}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000 20:03:59.0618 0x0638 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {1BD4E1DF-DDDF-433B-A394-50332845F14D}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000 20:03:59.0618 0x0638 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2136DE1C-FF58-40C3-8235-E974298CBAF1}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000 20:03:59.0618 0x0638 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A426DC6C-35BD-49F2-867E-171977125119}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x37062800 20:03:59.0618 0x0638 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9F1B8EF2-156B-4859-931C-CF4928D42E26}, Name: Basic data partition, StartLBA 0x371ED000, BlocksNum 0x3199000 20:03:59.0618 0x0638 MBR partitions: 20:03:59.0618 0x0638 ============================================================ 20:03:59.0634 0x0638 C: <-> \Device\Harddisk0\DR0\Partition4 20:03:59.0696 0x0638 D: <-> \Device\Harddisk0\DR0\Partition5 20:03:59.0696 0x0638 ============================================================ 20:03:59.0696 0x0638 Initialize success 20:03:59.0696 0x0638 ============================================================ 20:04:54.0306 0x0a5c ============================================================ 20:04:54.0306 0x0a5c Scan started 20:04:54.0306 0x0a5c Mode: Manual; TDLFS; 20:04:54.0306 0x0a5c ============================================================ 20:04:55.0287 0x0a5c ================ Scan system memory ======================== 20:04:55.0287 0x0a5c System memory - ok 20:04:55.0287 0x0a5c ================ Scan services ============================= 20:04:55.0443 0x0a5c [ ABDCD326E1DD1C62509ED94C278A7453 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 20:04:55.0459 0x0a5c !SASCORE - ok 20:04:55.0646 0x0a5c [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys 20:04:55.0646 0x0a5c 1394ohci - ok 20:04:55.0677 0x0a5c [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\Windows\system32\drivers\3ware.sys 20:04:55.0677 0x0a5c 3ware - ok 20:04:55.0709 0x0a5c [ C4C5D1AB35D1F931928056D61A1C4616 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys 20:04:55.0724 0x0a5c Accelerometer - ok 20:04:55.0755 0x0a5c [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\Windows\system32\drivers\ACPI.sys 20:04:55.0771 0x0a5c ACPI - ok 20:04:55.0818 0x0a5c [ DC968C37822117E576B933F34A2D130C ] acpiex C:\Windows\system32\Drivers\acpiex.sys 20:04:55.0818 0x0a5c acpiex - ok 20:04:55.0834 0x0a5c [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys 20:04:55.0849 0x0a5c acpipagr - ok 20:04:55.0865 0x0a5c [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys 20:04:55.0865 0x0a5c AcpiPmi - ok 20:04:55.0880 0x0a5c [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\Windows\System32\drivers\acpitime.sys 20:04:55.0880 0x0a5c acpitime - ok 20:04:55.0927 0x0a5c [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 20:04:55.0990 0x0a5c adp94xx - ok 20:04:56.0037 0x0a5c [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\Windows\system32\drivers\adpahci.sys 20:04:56.0037 0x0a5c adpahci - ok 20:04:56.0068 0x0a5c [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 20:04:56.0068 0x0a5c adpu320 - ok 20:04:56.0115 0x0a5c [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 20:04:56.0130 0x0a5c AeLookupSvc - ok 20:04:56.0209 0x0a5c [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\Windows\system32\drivers\afd.sys 20:04:56.0224 0x0a5c AFD - ok 20:04:56.0255 0x0a5c [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\Windows\system32\drivers\agp440.sys 20:04:56.0255 0x0a5c agp440 - ok 20:04:56.0287 0x0a5c [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\Windows\System32\alg.exe 20:04:56.0287 0x0a5c ALG - ok 20:04:56.0302 0x0a5c [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll 20:04:56.0365 0x0a5c AllUserInstallAgent - ok 20:04:56.0412 0x0a5c [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys 20:04:56.0412 0x0a5c AmdK8 - ok 20:04:56.0677 0x0a5c [ 8DC532B5BF820E48194C6AFC8862FCBC ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 20:04:57.0037 0x0a5c amdkmdag - ok 20:04:57.0068 0x0a5c [ AA48FEABA50C2DED9C485DFDBA044E40 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 20:04:57.0084 0x0a5c amdkmdap - ok 20:04:57.0162 0x0a5c [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys 20:04:57.0162 0x0a5c AmdPPM - ok 20:04:57.0193 0x0a5c [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\Windows\system32\drivers\amdsata.sys 20:04:57.0209 0x0a5c amdsata - ok 20:04:57.0248 0x0a5c [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 20:04:57.0248 0x0a5c amdsbs - ok 20:04:57.0264 0x0a5c [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\Windows\system32\drivers\amdxata.sys 20:04:57.0264 0x0a5c amdxata - ok 20:04:57.0295 0x0a5c [ 823F34D1DEF120A657BB7529ABF4461F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll 20:04:57.0310 0x0a5c AppHostSvc - ok 20:04:57.0326 0x0a5c [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\Windows\system32\drivers\appid.sys 20:04:57.0326 0x0a5c AppID - ok 20:04:57.0373 0x0a5c [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\Windows\System32\appidsvc.dll 20:04:57.0373 0x0a5c AppIDSvc - ok 20:04:57.0451 0x0a5c [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo C:\Windows\System32\appinfo.dll 20:04:57.0451 0x0a5c Appinfo - ok 20:04:57.0467 0x0a5c [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\Windows\system32\drivers\arc.sys 20:04:57.0467 0x0a5c arc - ok 20:04:57.0482 0x0a5c [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\Windows\system32\drivers\arcsas.sys 20:04:57.0482 0x0a5c arcsas - ok 20:04:57.0654 0x0a5c [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 20:04:57.0654 0x0a5c aspnet_state - ok 20:04:57.0701 0x0a5c [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys 20:04:57.0701 0x0a5c aswFsBlk - ok 20:04:57.0732 0x0a5c [ 7BA96B748762759E5AC844DE672A49AD ] aswKbd C:\Windows\system32\drivers\aswKbd.sys 20:04:57.0732 0x0a5c aswKbd - ok 20:04:57.0764 0x0a5c [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 20:04:57.0764 0x0a5c aswMonFlt - ok 20:04:57.0826 0x0a5c [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys 20:04:57.0826 0x0a5c aswRdr - ok 20:04:57.0857 0x0a5c [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 20:04:57.0857 0x0a5c aswRvrt - ok 20:04:57.0904 0x0a5c [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 20:04:57.0935 0x0a5c aswSnx - ok 20:04:57.0967 0x0a5c [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys 20:04:57.0967 0x0a5c aswSP - ok 20:04:57.0998 0x0a5c [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys 20:04:57.0998 0x0a5c aswTdi - ok 20:04:58.0029 0x0a5c [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 20:04:58.0045 0x0a5c aswVmm - ok 20:04:58.0107 0x0a5c [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 20:04:58.0107 0x0a5c AsyncMac - ok 20:04:58.0123 0x0a5c [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\Windows\system32\drivers\atapi.sys 20:04:58.0123 0x0a5c atapi - ok 20:04:58.0170 0x0a5c [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll 20:04:58.0170 0x0a5c AudioEndpointBuilder - ok 20:04:58.0232 0x0a5c [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv C:\Windows\System32\Audiosrv.dll 20:04:58.0232 0x0a5c Audiosrv - ok 20:04:58.0311 0x0a5c [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 20:04:58.0311 0x0a5c avast! Antivirus - ok 20:04:58.0342 0x0a5c [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\Windows\System32\AxInstSV.dll 20:04:58.0342 0x0a5c AxInstSV - ok 20:04:58.0389 0x0a5c [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 20:04:58.0529 0x0a5c b06bdrv - ok 20:04:58.0592 0x0a5c [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys 20:04:58.0592 0x0a5c BasicDisplay - ok 20:04:58.0607 0x0a5c [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys 20:04:58.0623 0x0a5c BasicRender - ok 20:04:58.0670 0x0a5c [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\Windows\System32\bdesvc.dll 20:04:58.0764 0x0a5c BDESVC - ok 20:04:58.0795 0x0a5c [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\Windows\system32\drivers\Beep.sys 20:04:58.0811 0x0a5c Beep - ok 20:04:58.0889 0x0a5c [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\Windows\System32\bfe.dll 20:04:58.0889 0x0a5c BFE - ok 20:04:59.0123 0x0a5c [ ED97ADAF00A61F57A2CCBBB1CE58C600 ] BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20121106.001\BHDrvx64.sys 20:04:59.0139 0x0a5c BHDrvx64 - ok 20:04:59.0412 0x0a5c [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\Windows\System32\qmgr.dll 20:04:59.0569 0x0a5c BITS - ok 20:04:59.0600 0x0a5c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 20:04:59.0615 0x0a5c Bonjour Service - ok 20:04:59.0647 0x0a5c [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\Windows\system32\DRIVERS\bowser.sys 20:04:59.0662 0x0a5c bowser - ok 20:04:59.0694 0x0a5c [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll 20:04:59.0694 0x0a5c BrokerInfrastructure - ok 20:04:59.0725 0x0a5c [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\Windows\System32\browser.dll 20:04:59.0725 0x0a5c Browser - ok 20:04:59.0756 0x0a5c [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys 20:04:59.0756 0x0a5c BthAvrcpTg - ok 20:04:59.0772 0x0a5c [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys 20:04:59.0772 0x0a5c BthHFEnum - ok 20:04:59.0819 0x0a5c [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys 20:04:59.0819 0x0a5c bthhfhid - ok 20:04:59.0834 0x0a5c [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys 20:04:59.0834 0x0a5c BTHMODEM - ok 20:04:59.0866 0x0a5c [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\Windows\system32\bthserv.dll 20:04:59.0881 0x0a5c bthserv - ok 20:05:00.0022 0x0a5c [ 56685951208AC81CF923B9B08BEDF3B7 ] ccSet_NIS C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys 20:05:00.0037 0x0a5c ccSet_NIS - ok 20:05:00.0069 0x0a5c [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 20:05:00.0069 0x0a5c cdfs - ok 20:05:00.0412 0x0a5c [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\Windows\System32\drivers\cdrom.sys 20:05:00.0428 0x0a5c cdrom - ok 20:05:00.0491 0x0a5c [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\Windows\System32\certprop.dll 20:05:00.0506 0x0a5c CertPropSvc - ok 20:05:00.0522 0x0a5c [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\Windows\System32\drivers\circlass.sys 20:05:00.0522 0x0a5c circlass - ok 20:05:00.0569 0x0a5c [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\Windows\system32\drivers\CLFS.sys 20:05:00.0569 0x0a5c CLFS - ok 20:05:00.0616 0x0a5c [ 075CCE75090786F124573A788C8656E6 ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys 20:05:00.0616 0x0a5c CLVirtualDrive - ok 20:05:00.0631 0x0a5c [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\Windows\System32\drivers\CmBatt.sys 20:05:00.0631 0x0a5c CmBatt - ok 20:05:00.0678 0x0a5c [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\Windows\system32\Drivers\cng.sys 20:05:00.0678 0x0a5c CNG - ok 20:05:00.0709 0x0a5c [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys 20:05:00.0709 0x0a5c CompositeBus - ok 20:05:00.0709 0x0a5c COMSysApp - ok 20:05:00.0725 0x0a5c [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\Windows\system32\drivers\condrv.sys 20:05:00.0741 0x0a5c condrv - ok 20:05:00.0819 0x0a5c [ DA8066CFED07DEBECB8DC08A55946ACE ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 20:05:00.0819 0x0a5c cphs - ok 20:05:00.0850 0x0a5c [ 5CE2742F063731EC10C1B2EE386A2C08 ] CryptSvc C:\Windows\system32\cryptsvc.dll 20:05:00.0850 0x0a5c CryptSvc - ok 20:05:00.0881 0x0a5c [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\Windows\system32\drivers\dam.sys 20:05:00.0881 0x0a5c dam - ok 20:05:00.0912 0x0a5c [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\Windows\system32\rpcss.dll 20:05:00.0928 0x0a5c DcomLaunch - ok 20:05:00.0959 0x0a5c [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\Windows\System32\defragsvc.dll 20:05:00.0959 0x0a5c defragsvc - ok 20:05:00.0975 0x0a5c [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll 20:05:00.0991 0x0a5c DeviceAssociationService - ok 20:05:01.0037 0x0a5c [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll 20:05:01.0037 0x0a5c DeviceInstall - ok 20:05:01.0069 0x0a5c [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys 20:05:01.0084 0x0a5c Dfsc - ok 20:05:01.0116 0x0a5c [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\Windows\system32\dhcpcore.dll 20:05:01.0116 0x0a5c Dhcp - ok 20:05:01.0131 0x0a5c [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\Windows\system32\drivers\discache.sys 20:05:01.0131 0x0a5c discache - ok 20:05:01.0147 0x0a5c [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\Windows\system32\drivers\disk.sys 20:05:01.0147 0x0a5c disk - ok 20:05:01.0178 0x0a5c [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\Windows\System32\drivers\dmvsc.sys 20:05:01.0178 0x0a5c dmvsc - ok 20:05:01.0206 0x0a5c [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\Windows\System32\dnsrslvr.dll 20:05:01.0206 0x0a5c Dnscache - ok 20:05:01.0253 0x0a5c [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\Windows\System32\dot3svc.dll 20:05:01.0253 0x0a5c dot3svc - ok 20:05:01.0284 0x0a5c [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\Windows\system32\dps.dll 20:05:01.0284 0x0a5c DPS - ok 20:05:01.0315 0x0a5c [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 20:05:01.0315 0x0a5c drmkaud - ok 20:05:01.0346 0x0a5c [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll 20:05:01.0362 0x0a5c DsmSvc - ok 20:05:01.0643 0x0a5c [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 20:05:01.0721 0x0a5c DXGKrnl - ok 20:05:01.0753 0x0a5c [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\Windows\System32\eapsvc.dll 20:05:01.0768 0x0a5c Eaphost - ok 20:05:02.0034 0x0a5c [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\Windows\system32\drivers\evbda.sys 20:05:02.0065 0x0a5c ebdrv - ok 20:05:02.0159 0x0a5c [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys 20:05:02.0159 0x0a5c eeCtrl - ok 20:05:02.0221 0x0a5c [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\Windows\System32\lsass.exe 20:05:02.0237 0x0a5c EFS - ok 20:05:02.0268 0x0a5c [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys 20:05:02.0268 0x0a5c EhStorClass - ok 20:05:02.0284 0x0a5c [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys 20:05:02.0300 0x0a5c EhStorTcgDrv - ok 20:05:02.0331 0x0a5c [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 20:05:02.0331 0x0a5c EraserUtilRebootDrv - ok 20:05:02.0346 0x0a5c [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\Windows\System32\drivers\errdev.sys 20:05:02.0346 0x0a5c ErrDev - ok 20:05:02.0425 0x0a5c [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\Windows\system32\es.dll 20:05:02.0440 0x0a5c EventSystem - ok 20:05:02.0471 0x0a5c [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\Windows\system32\drivers\exfat.sys 20:05:02.0471 0x0a5c exfat - ok 20:05:02.0487 0x0a5c [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\Windows\system32\drivers\fastfat.sys 20:05:02.0503 0x0a5c fastfat - ok 20:05:02.0534 0x0a5c [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\Windows\system32\fxssvc.exe 20:05:02.0550 0x0a5c Fax - ok 20:05:02.0565 0x0a5c [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\Windows\System32\drivers\fdc.sys 20:05:02.0565 0x0a5c fdc - ok 20:05:02.0581 0x0a5c [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\Windows\system32\fdPHost.dll 20:05:02.0581 0x0a5c fdPHost - ok 20:05:02.0596 0x0a5c [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\Windows\system32\fdrespub.dll 20:05:02.0596 0x0a5c FDResPub - ok 20:05:02.0675 0x0a5c [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\Windows\system32\fhsvc.dll 20:05:02.0675 0x0a5c fhsvc - ok 20:05:02.0721 0x0a5c [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 20:05:02.0721 0x0a5c FileInfo - ok 20:05:02.0753 0x0a5c [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 20:05:02.0753 0x0a5c Filetrace - ok 20:05:02.0768 0x0a5c [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\Windows\System32\drivers\flpydisk.sys 20:05:02.0768 0x0a5c flpydisk - ok 20:05:02.0815 0x0a5c [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 20:05:02.0815 0x0a5c FltMgr - ok 20:05:02.0909 0x0a5c [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\Windows\system32\FntCache.dll 20:05:02.0925 0x0a5c FontCache - ok 20:05:03.0018 0x0a5c [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 20:05:03.0018 0x0a5c FontCache3.0.0.0 - ok 20:05:03.0034 0x0a5c [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 20:05:03.0034 0x0a5c FsDepends - ok 20:05:03.0065 0x0a5c [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 20:05:03.0065 0x0a5c Fs_Rec - ok 20:05:03.0097 0x0a5c [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 20:05:03.0097 0x0a5c fvevol - ok 20:05:03.0128 0x0a5c [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\Windows\System32\drivers\fxppm.sys 20:05:03.0128 0x0a5c FxPPM - ok 20:05:03.0143 0x0a5c [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 20:05:03.0143 0x0a5c gagp30kx - ok 20:05:03.0202 0x0a5c [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe 20:05:03.0202 0x0a5c GamesAppService - ok 20:05:03.0234 0x0a5c [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys 20:05:03.0234 0x0a5c gencounter - ok 20:05:03.0249 0x0a5c [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys 20:05:03.0249 0x0a5c GPIOClx0101 - ok 20:05:03.0312 0x0a5c [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\Windows\System32\gpsvc.dll 20:05:03.0327 0x0a5c gpsvc - ok 20:05:03.0405 0x0a5c [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:05:03.0405 0x0a5c gupdate - ok 20:05:03.0421 0x0a5c [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 20:05:03.0421 0x0a5c gupdatem - ok 20:05:03.0452 0x0a5c [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 20:05:03.0452 0x0a5c gusvc - ok 20:05:03.0499 0x0a5c [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 20:05:03.0499 0x0a5c HdAudAddService - ok 20:05:03.0515 0x0a5c [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys 20:05:03.0515 0x0a5c HDAudBus - ok 20:05:03.0562 0x0a5c [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\Windows\System32\drivers\HidBatt.sys 20:05:03.0562 0x0a5c HidBatt - ok 20:05:03.0655 0x0a5c [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth C:\Windows\System32\drivers\hidbth.sys 20:05:03.0655 0x0a5c HidBth - ok 20:05:03.0749 0x0a5c [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys 20:05:03.0749 0x0a5c hidi2c - ok 20:05:03.0780 0x0a5c [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\Windows\System32\drivers\hidir.sys 20:05:03.0780 0x0a5c HidIr - ok 20:05:03.0812 0x0a5c [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\Windows\system32\hidserv.dll 20:05:03.0827 0x0a5c hidserv - ok 20:05:03.0859 0x0a5c [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb C:\Windows\System32\drivers\hidusb.sys 20:05:03.0859 0x0a5c HidUsb - ok 20:05:03.0890 0x0a5c [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\Windows\system32\kmsvc.dll 20:05:03.0905 0x0a5c hkmsvc - ok 20:05:03.0952 0x0a5c [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll 20:05:03.0968 0x0a5c HomeGroupListener - ok 20:05:04.0030 0x0a5c [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll 20:05:04.0046 0x0a5c HomeGroupProvider - ok 20:05:04.0124 0x0a5c [ 6515296E8F9D81BB6C4588C4878A9AC1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 20:05:04.0140 0x0a5c HP Support Assistant Service - ok 20:05:04.0234 0x0a5c [ EF4BE0BB23BB14879050884E688F5178 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys 20:05:04.0234 0x0a5c hpdskflt - ok 20:05:04.0280 0x0a5c [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe 20:05:04.0312 0x0a5c hpqwmiex - ok 20:05:04.0343 0x0a5c [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 20:05:04.0343 0x0a5c HpSAMD - ok 20:05:04.0406 0x0a5c [ 13B51E53073E4555E226871C7FCEF0E8 ] hpsrv C:\Windows\system32\Hpservice.exe 20:05:04.0406 0x0a5c hpsrv - ok 20:05:04.0452 0x0a5c [ F50912B0A861ED396F6062E79C37A4A7 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe 20:05:04.0452 0x0a5c HPWMISVC - ok 20:05:04.0484 0x0a5c [ F4A91D985EB9D1D2717D538F3424603C ] HTTP C:\Windows\system32\drivers\HTTP.sys 20:05:04.0499 0x0a5c HTTP - ok 20:05:04.0515 0x0a5c [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 20:05:04.0515 0x0a5c hwpolicy - ok 20:05:04.0546 0x0a5c [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys 20:05:04.0546 0x0a5c hyperkbd - ok 20:05:04.0562 0x0a5c [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys 20:05:04.0562 0x0a5c HyperVideo - ok 20:05:04.0609 0x0a5c [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys 20:05:04.0609 0x0a5c i8042prt - ok 20:05:04.0687 0x0a5c [ 050F2539E14F9D5E90A4B61738EC29BD ] iaStorA C:\Windows\system32\drivers\iaStorA.sys 20:05:04.0702 0x0a5c iaStorA - ok 20:05:04.0718 0x0a5c [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 20:05:04.0718 0x0a5c iaStorV - ok 20:05:04.0781 0x0a5c [ ABEFA4BD23329FD9BD47496BF2E58774 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 20:05:04.0796 0x0a5c IconMan_R - ok 20:05:04.0984 0x0a5c [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20121128.001\IDSvia64.sys 20:05:04.0984 0x0a5c IDSVia64 - ok 20:05:05.0214 0x0a5c [ 11A31FC2481BFE69B0507ED8C80215F4 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 20:05:05.0371 0x0a5c igfx - ok 20:05:05.0402 0x0a5c [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\Windows\system32\drivers\iirsp.sys 20:05:05.0402 0x0a5c iirsp - ok 20:05:05.0449 0x0a5c [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\Windows\System32\ikeext.dll 20:05:05.0449 0x0a5c IKEEXT - ok 20:05:05.0527 0x0a5c [ F5495B38BFB9149925F54F65AB40EFBF ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 20:05:05.0543 0x0a5c IntcDAud - ok 20:05:05.0621 0x0a5c [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 20:05:05.0636 0x0a5c Intel® Capability Licensing Service Interface - ok 20:05:05.0715 0x0a5c [ 30E9FAC23E2537D82F2836CB81AEE186 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe 20:05:05.0730 0x0a5c Intel® ME Service - ok 20:05:05.0761 0x0a5c [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\Windows\system32\drivers\intelide.sys 20:05:05.0761 0x0a5c intelide - ok 20:05:05.0793 0x0a5c [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\Windows\System32\drivers\intelppm.sys 20:05:05.0793 0x0a5c intelppm - ok 20:05:05.0855 0x0a5c [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:05:05.0871 0x0a5c IpFilterDriver - ok 20:05:05.0918 0x0a5c [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 20:05:05.0933 0x0a5c iphlpsvc - ok 20:05:05.0949 0x0a5c [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys 20:05:05.0964 0x0a5c IPMIDRV - ok 20:05:05.0980 0x0a5c [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 20:05:05.0980 0x0a5c IPNAT - ok 20:05:06.0011 0x0a5c [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\Windows\system32\drivers\irenum.sys 20:05:06.0011 0x0a5c IRENUM - ok 20:05:06.0027 0x0a5c [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\Windows\system32\drivers\isapnp.sys 20:05:06.0043 0x0a5c isapnp - ok 20:05:06.0074 0x0a5c [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys 20:05:06.0074 0x0a5c iScsiPrt - ok 20:05:06.0168 0x0a5c [ 3C4002D339491AF73D663FFC7F6E5ECB ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe 20:05:06.0168 0x0a5c jhi_service - ok 20:05:06.0199 0x0a5c [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys 20:05:06.0199 0x0a5c kbdclass - ok 20:05:06.0230 0x0a5c [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys 20:05:06.0230 0x0a5c kbdhid - ok 20:05:06.0261 0x0a5c [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys 20:05:06.0261 0x0a5c kdnic - ok 20:05:06.0324 0x0a5c [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\Windows\system32\lsass.exe 20:05:06.0324 0x0a5c KeyIso - ok 20:05:06.0340 0x0a5c [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 20:05:06.0355 0x0a5c KSecDD - ok 20:05:06.0386 0x0a5c [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 20:05:06.0386 0x0a5c KSecPkg - ok 20:05:06.0402 0x0a5c [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 20:05:06.0402 0x0a5c ksthunk - ok 20:05:06.0449 0x0a5c [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\Windows\system32\msdtckrm.dll 20:05:06.0465 0x0a5c KtmRm - ok 20:05:06.0527 0x0a5c [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\Windows\system32\srvsvc.dll 20:05:06.0558 0x0a5c LanmanServer - ok 20:05:06.0574 0x0a5c [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 20:05:06.0590 0x0a5c LanmanWorkstation - ok 20:05:06.0621 0x0a5c [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 20:05:06.0621 0x0a5c lltdio - ok 20:05:06.0730 0x0a5c [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\Windows\System32\lltdsvc.dll 20:05:06.0730 0x0a5c lltdsvc - ok 20:05:06.0746 0x0a5c [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\Windows\System32\lmhsvc.dll 20:05:06.0761 0x0a5c lmhosts - ok 20:05:06.0777 0x0a5c [ 4269D44BB47A6DA5D80B11F4C8536458 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 20:05:06.0777 0x0a5c LMS - ok 20:05:06.0808 0x0a5c [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 20:05:06.0824 0x0a5c LSI_SAS - ok 20:05:06.0949 0x0a5c [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 20:05:06.0949 0x0a5c LSI_SAS2 - ok 20:05:06.0965 0x0a5c [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 20:05:06.0965 0x0a5c LSI_SCSI - ok 20:05:06.0980 0x0a5c [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys 20:05:06.0980 0x0a5c LSI_SSS - ok 20:05:07.0027 0x0a5c [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\Windows\System32\lsm.dll 20:05:07.0027 0x0a5c LSM - ok 20:05:07.0058 0x0a5c [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\Windows\system32\drivers\luafv.sys 20:05:07.0058 0x0a5c luafv - ok 20:05:07.0136 0x0a5c [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\Windows\system32\drivers\megasas.sys 20:05:07.0136 0x0a5c megasas - ok 20:05:07.0180 0x0a5c [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 20:05:07.0180 0x0a5c MegaSR - ok 20:05:07.0211 0x0a5c [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys 20:05:07.0227 0x0a5c MEIx64 - ok 20:05:07.0258 0x0a5c [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\Windows\system32\mmcss.dll 20:05:07.0258 0x0a5c MMCSS - ok 20:05:07.0274 0x0a5c [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\Windows\system32\drivers\modem.sys 20:05:07.0274 0x0a5c Modem - ok 20:05:07.0320 0x0a5c [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\Windows\System32\drivers\monitor.sys 20:05:07.0320 0x0a5c monitor - ok 20:05:07.0352 0x0a5c [ 618446B98C79776654340CE27C73485E ] mouclass C:\Windows\System32\drivers\mouclass.sys 20:05:07.0352 0x0a5c mouclass - ok 20:05:07.0383 0x0a5c [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\Windows\System32\drivers\mouhid.sys 20:05:07.0383 0x0a5c mouhid - ok 20:05:07.0383 0x0a5c [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 20:05:07.0399 0x0a5c mountmgr - ok 20:05:07.0414 0x0a5c [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 20:05:07.0430 0x0a5c mpsdrv - ok 20:05:07.0477 0x0a5c [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\Windows\system32\mpssvc.dll 20:05:07.0492 0x0a5c MpsSvc - ok 20:05:07.0508 0x0a5c [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 20:05:07.0508 0x0a5c MRxDAV - ok 20:05:07.0555 0x0a5c [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 20:05:07.0555 0x0a5c mrxsmb - ok 20:05:07.0602 0x0a5c [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:05:07.0617 0x0a5c mrxsmb10 - ok 20:05:07.0649 0x0a5c [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:05:07.0649 0x0a5c mrxsmb20 - ok 20:05:07.0695 0x0a5c [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys 20:05:07.0695 0x0a5c MsBridge - ok 20:05:07.0711 0x0a5c [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\Windows\System32\msdtc.exe 20:05:07.0727 0x0a5c MSDTC - ok 20:05:07.0789 0x0a5c [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\Windows\system32\drivers\Msfs.sys 20:05:07.0789 0x0a5c Msfs - ok 20:05:07.0820 0x0a5c [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys 20:05:07.0820 0x0a5c msgpiowin32 - ok 20:05:07.0852 0x0a5c [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 20:05:07.0852 0x0a5c mshidkmdf - ok 20:05:07.0867 0x0a5c [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys 20:05:07.0867 0x0a5c mshidumdf - ok 20:05:07.0899 0x0a5c [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 20:05:07.0899 0x0a5c msisadrv - ok 20:05:07.0992 0x0a5c [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\Windows\system32\iscsiexe.dll 20:05:07.0992 0x0a5c MSiSCSI - ok 20:05:08.0008 0x0a5c msiserver - ok 20:05:08.0024 0x0a5c [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 20:05:08.0024 0x0a5c MSKSSRV - ok 20:05:08.0039 0x0a5c [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys 20:05:08.0039 0x0a5c MsLldp - ok 20:05:08.0055 0x0a5c [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 20:05:08.0070 0x0a5c MSPCLOCK - ok 20:05:08.0133 0x0a5c [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 20:05:08.0133 0x0a5c MSPQM - ok 20:05:08.0149 0x0a5c [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 20:05:08.0164 0x0a5c MsRPC - ok 20:05:08.0180 0x0a5c [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\Windows\System32\drivers\mssmbios.sys 20:05:08.0195 0x0a5c mssmbios - ok 20:05:08.0211 0x0a5c [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 20:05:08.0211 0x0a5c MSTEE - ok 20:05:08.0227 0x0a5c [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys 20:05:08.0242 0x0a5c MTConfig - ok 20:05:08.0274 0x0a5c [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\Windows\system32\Drivers\mup.sys 20:05:08.0274 0x0a5c Mup - ok 20:05:08.0289 0x0a5c [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\Windows\system32\drivers\mvumis.sys 20:05:08.0289 0x0a5c mvumis - ok 20:05:08.0336 0x0a5c [ 4B18840511D720BA118D3017E8165875 ] napagent C:\Windows\system32\qagentRT.dll 20:05:08.0336 0x0a5c napagent - ok 20:05:08.0383 0x0a5c [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 20:05:08.0399 0x0a5c NativeWifiP - ok 20:05:08.0477 0x0a5c [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20121129.003\ENG64.SYS 20:05:08.0477 0x0a5c NAVENG - ok 20:05:08.0586 0x0a5c [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20121129.003\EX64.SYS 20:05:08.0617 0x0a5c NAVEX15 - ok 20:05:08.0649 0x0a5c [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\Windows\System32\ncasvc.dll 20:05:08.0649 0x0a5c NcaSvc - ok 20:05:08.0696 0x0a5c [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll 20:05:08.0696 0x0a5c NcdAutoSetup - ok 20:05:08.0742 0x0a5c [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS C:\Windows\system32\drivers\ndis.sys 20:05:08.0758 0x0a5c NDIS - ok 20:05:08.0774 0x0a5c [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 20:05:08.0774 0x0a5c NdisCap - ok 20:05:08.0789 0x0a5c [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys 20:05:08.0789 0x0a5c NdisImPlatform - ok 20:05:08.0821 0x0a5c [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 20:05:08.0821 0x0a5c NdisTapi - ok 20:05:08.0836 0x0a5c [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 20:05:08.0836 0x0a5c Ndisuio - ok 20:05:08.0852 0x0a5c [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 20:05:08.0852 0x0a5c NdisWan - ok 20:05:08.0852 0x0a5c [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys 20:05:08.0852 0x0a5c NDISWANLEGACY - ok 20:05:08.0883 0x0a5c [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 20:05:08.0883 0x0a5c NDProxy - ok 20:05:08.0899 0x0a5c [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\Windows\system32\drivers\Ndu.sys 20:05:08.0899 0x0a5c Ndu - ok 20:05:08.0914 0x0a5c [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 20:05:08.0914 0x0a5c NetBIOS - ok 20:05:08.0930 0x0a5c [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 20:05:08.0930 0x0a5c NetBT - ok 20:05:08.0946 0x0a5c [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\Windows\system32\lsass.exe 20:05:08.0946 0x0a5c Netlogon - ok 20:05:08.0992 0x0a5c [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\Windows\System32\netman.dll 20:05:08.0992 0x0a5c Netman - ok 20:05:09.0039 0x0a5c [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm C:\Windows\System32\netprofmsvc.dll 20:05:09.0055 0x0a5c netprofm - ok 20:05:09.0117 0x0a5c [ 080417AC9E51B2B29656EC26B62E87F1 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys 20:05:09.0149 0x0a5c netr28x - ok 20:05:09.0208 0x0a5c [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 20:05:09.0208 0x0a5c NetTcpPortSharing - ok 20:05:09.0254 0x0a5c [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 20:05:09.0254 0x0a5c nfrd960 - ok 20:05:09.0317 0x0a5c [ 1BF9D6476061B31CD7FC2BF848529A56 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe 20:05:09.0317 0x0a5c NIS - ok 20:05:09.0364 0x0a5c [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\Windows\System32\nlasvc.dll 20:05:09.0379 0x0a5c NlaSvc - ok 20:05:09.0411 0x0a5c [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\Windows\system32\drivers\Npfs.sys 20:05:09.0411 0x0a5c Npfs - ok 20:05:09.0426 0x0a5c [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys 20:05:09.0426 0x0a5c npsvctrig - ok 20:05:09.0458 0x0a5c [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\Windows\system32\nsisvc.dll 20:05:09.0473 0x0a5c nsi - ok 20:05:09.0489 0x0a5c [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 20:05:09.0489 0x0a5c nsiproxy - ok 20:05:09.0567 0x0a5c [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 20:05:09.0598 0x0a5c Ntfs - ok 20:05:09.0614 0x0a5c [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\Windows\system32\drivers\Null.sys 20:05:09.0629 0x0a5c Null - ok 20:05:09.0645 0x0a5c [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\Windows\system32\drivers\nvraid.sys 20:05:09.0645 0x0a5c nvraid - ok 20:05:09.0661 0x0a5c [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\Windows\system32\drivers\nvstor.sys 20:05:09.0661 0x0a5c nvstor - ok 20:05:09.0676 0x0a5c [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 20:05:09.0676 0x0a5c nv_agp - ok 20:05:09.0801 0x0a5c [ 5239571EC40C990C6FC4B03685D56777 ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe 20:05:09.0817 0x0a5c OfficeSvc - ok 20:05:09.0911 0x0a5c [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 20:05:09.0911 0x0a5c ose - ok 20:05:10.0364 0x0a5c [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 20:05:10.0411 0x0a5c osppsvc - ok 20:05:10.0442 0x0a5c [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 20:05:10.0458 0x0a5c p2pimsvc - ok 20:05:10.0473 0x0a5c [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\Windows\system32\p2psvc.dll 20:05:10.0473 0x0a5c p2psvc - ok 20:05:10.0505 0x0a5c [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\Windows\System32\drivers\parport.sys 20:05:10.0520 0x0a5c Parport - ok 20:05:10.0551 0x0a5c [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys 20:05:10.0551 0x0a5c partmgr - ok 20:05:10.0598 0x0a5c [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\Windows\System32\pcasvc.dll 20:05:10.0614 0x0a5c PcaSvc - ok 20:05:10.0645 0x0a5c [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\Windows\system32\drivers\pci.sys 20:05:10.0645 0x0a5c pci - ok 20:05:10.0676 0x0a5c [ F9908D274D458220F91E89B54D78D837 ] pciide C:\Windows\system32\drivers\pciide.sys 20:05:10.0676 0x0a5c pciide - ok 20:05:10.0692 0x0a5c [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 20:05:10.0692 0x0a5c pcmcia - ok 20:05:10.0723 0x0a5c [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\Windows\system32\drivers\pcw.sys 20:05:10.0723 0x0a5c pcw - ok 20:05:10.0755 0x0a5c [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc C:\Windows\system32\drivers\pdc.sys 20:05:10.0755 0x0a5c pdc - ok 20:05:10.0801 0x0a5c [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 20:05:10.0801 0x0a5c PEAUTH - ok 20:05:10.0895 0x0a5c [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\Windows\SysWow64\perfhost.exe 20:05:10.0895 0x0a5c PerfHost - ok 20:05:10.0958 0x0a5c [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\Windows\system32\pla.dll 20:05:10.0973 0x0a5c pla - ok 20:05:11.0020 0x0a5c [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 20:05:11.0020 0x0a5c PlugPlay - ok 20:05:11.0036 0x0a5c [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 20:05:11.0051 0x0a5c PNRPAutoReg - ok 20:05:11.0083 0x0a5c [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 20:05:11.0083 0x0a5c PNRPsvc - ok 20:05:11.0130 0x0a5c [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 20:05:11.0145 0x0a5c PolicyAgent - ok 20:05:11.0173 0x0a5c [ F1E067F56373F11EA4B785CAE823740A ] Power C:\Windows\system32\umpo.dll 20:05:11.0173 0x0a5c Power - ok 20:05:11.0204 0x0a5c [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 20:05:11.0204 0x0a5c PptpMiniport - ok 20:05:11.0345 0x0a5c [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll 20:05:11.0376 0x0a5c PrintNotify - ok 20:05:11.0407 0x0a5c [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\Windows\System32\drivers\processr.sys 20:05:11.0407 0x0a5c Processor - ok 20:05:11.0454 0x0a5c [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\Windows\system32\profsvc.dll 20:05:11.0454 0x0a5c ProfSvc - ok 20:05:11.0501 0x0a5c [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\Windows\system32\DRIVERS\pacer.sys 20:05:11.0501 0x0a5c Psched - ok 20:05:11.0517 0x0a5c [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\Windows\system32\qwave.dll 20:05:11.0532 0x0a5c QWAVE - ok 20:05:11.0548 0x0a5c [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 20:05:11.0548 0x0a5c QWAVEdrv - ok 20:05:11.0564 0x0a5c [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 20:05:11.0564 0x0a5c RasAcd - ok 20:05:11.0595 0x0a5c [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 20:05:11.0595 0x0a5c RasAgileVpn - ok 20:05:11.0610 0x0a5c [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\Windows\System32\rasauto.dll 20:05:11.0610 0x0a5c RasAuto - ok 20:05:11.0642 0x0a5c [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 20:05:11.0642 0x0a5c Rasl2tp - ok 20:05:11.0673 0x0a5c [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\Windows\System32\rasmans.dll 20:05:11.0673 0x0a5c RasMan - ok 20:05:11.0689 0x0a5c [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 20:05:11.0689 0x0a5c RasPppoe - ok 20:05:11.0720 0x0a5c [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 20:05:11.0720 0x0a5c RasSstp - ok 20:05:11.0751 0x0a5c [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 20:05:11.0751 0x0a5c rdbss - ok 20:05:11.0798 0x0a5c [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys 20:05:11.0798 0x0a5c rdpbus - ok 20:05:11.0814 0x0a5c [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 20:05:11.0814 0x0a5c RDPDR - ok 20:05:11.0845 0x0a5c [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 20:05:11.0845 0x0a5c RdpVideoMiniport - ok 20:05:11.0860 0x0a5c [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 20:05:11.0860 0x0a5c RDPWD - ok 20:05:11.0876 0x0a5c [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 20:05:11.0876 0x0a5c rdyboost - ok 20:05:11.0923 0x0a5c [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\Windows\System32\mprdim.dll 20:05:11.0923 0x0a5c RemoteAccess - ok 20:05:11.0954 0x0a5c [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\Windows\system32\regsvc.dll 20:05:11.0970 0x0a5c RemoteRegistry - ok 20:05:12.0001 0x0a5c [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 20:05:12.0017 0x0a5c RpcEptMapper - ok 20:05:12.0032 0x0a5c [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\Windows\system32\locator.exe 20:05:12.0048 0x0a5c RpcLocator - ok 20:05:12.0095 0x0a5c [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\Windows\system32\rpcss.dll 20:05:12.0095 0x0a5c RpcSs - ok 20:05:12.0142 0x0a5c [ D38250F459BF60D6F4B69B79DCD948CC ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys 20:05:12.0142 0x0a5c RSP2STOR - ok 20:05:12.0173 0x0a5c [ E04E770DD198B9399640717145E79EBF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 20:05:12.0173 0x0a5c rspndr - ok 20:05:12.0220 0x0a5c [ 34DA0D14F5C3F1883A331AFB975AB434 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys 20:05:12.0220 0x0a5c RTL8168 - ok 20:05:12.0251 0x0a5c [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\Windows\System32\drivers\vms3cap.sys 20:05:12.0251 0x0a5c s3cap - ok 20:05:12.0282 0x0a5c [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\Windows\system32\lsass.exe 20:05:12.0282 0x0a5c SamSs - ok 20:05:12.0392 0x0a5c [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 20:05:12.0392 0x0a5c SASDIFSV - ok 20:05:12.0439 0x0a5c [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 20:05:12.0439 0x0a5c SASKUTIL - ok 20:05:12.0470 0x0a5c [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 20:05:12.0470 0x0a5c sbp2port - ok 20:05:12.0501 0x0a5c [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\Windows\System32\SCardSvr.dll 20:05:12.0501 0x0a5c SCardSvr - ok 20:05:12.0517 0x0a5c [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 20:05:12.0517 0x0a5c scfilter - ok 20:05:12.0579 0x0a5c [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule C:\Windows\system32\schedsvc.dll 20:05:12.0595 0x0a5c Schedule - ok 20:05:12.0642 0x0a5c [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\Windows\System32\certprop.dll 20:05:12.0642 0x0a5c SCPolicySvc - ok 20:05:12.0751 0x0a5c [ 98636FB2973B8876A7F0BECD076CF109 ] sdbus C:\Windows\System32\drivers\sdbus.sys 20:05:12.0751 0x0a5c sdbus - ok 20:05:12.0767 0x0a5c [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\Windows\System32\SDRSVC.dll 20:05:12.0782 0x0a5c SDRSVC - ok 20:05:12.0829 0x0a5c [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\Windows\System32\drivers\sdstor.sys 20:05:12.0829 0x0a5c sdstor - ok 20:05:12.0860 0x0a5c [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 20:05:12.0860 0x0a5c secdrv - ok 20:05:12.0892 0x0a5c [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\Windows\system32\seclogon.dll 20:05:12.0892 0x0a5c seclogon - ok 20:05:12.0939 0x0a5c [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\Windows\System32\sens.dll 20:05:12.0939 0x0a5c SENS - ok 20:05:12.0970 0x0a5c [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\Windows\system32\sensrsvc.dll 20:05:12.0970 0x0a5c SensrSvc - ok 20:05:12.0985 0x0a5c [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\Windows\system32\drivers\SerCx.sys 20:05:13.0001 0x0a5c SerCx - ok 20:05:13.0001 0x0a5c [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\Windows\System32\drivers\serenum.sys 20:05:13.0001 0x0a5c Serenum - ok 20:05:13.0017 0x0a5c [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\Windows\System32\drivers\serial.sys 20:05:13.0032 0x0a5c Serial - ok 20:05:13.0032 0x0a5c [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\Windows\System32\drivers\sermouse.sys 20:05:13.0048 0x0a5c sermouse - ok 20:05:13.0064 0x0a5c [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\Windows\system32\sessenv.dll 20:05:13.0079 0x0a5c SessionEnv - ok 20:05:13.0079 0x0a5c [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys 20:05:13.0079 0x0a5c sfloppy - ok 20:05:13.0126 0x0a5c [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\Windows\System32\ipnathlp.dll 20:05:13.0142 0x0a5c SharedAccess - ok 20:05:13.0232 0x0a5c [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll 20:05:13.0248 0x0a5c ShellHWDetection - ok 20:05:13.0263 0x0a5c [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 20:05:13.0263 0x0a5c SiSRaid2 - ok 20:05:13.0279 0x0a5c [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 20:05:13.0294 0x0a5c SiSRaid4 - ok 20:05:13.0310 0x0a5c [ AF5CC3F9B88F140D78FC967ABF0F4EC7 ] SmbDrv C:\Windows\System32\drivers\Smb_driver_AMDASF.sys 20:05:13.0326 0x0a5c SmbDrv - ok 20:05:13.0357 0x0a5c [ 19555D03CB179BED8B8AAA239A36BDA4 ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 20:05:13.0357 0x0a5c SmbDrvI - ok 20:05:13.0388 0x0a5c [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 20:05:13.0388 0x0a5c SNMPTRAP - ok 20:05:13.0419 0x0a5c [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport C:\Windows\system32\drivers\spaceport.sys 20:05:13.0419 0x0a5c spaceport - ok 20:05:13.0435 0x0a5c [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\Windows\system32\drivers\SpbCx.sys 20:05:13.0435 0x0a5c SpbCx - ok 20:05:13.0466 0x0a5c [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\Windows\System32\spoolsv.exe 20:05:13.0482 0x0a5c Spooler - ok 20:05:13.0591 0x0a5c [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\Windows\system32\sppsvc.exe 20:05:13.0685 0x0a5c sppsvc - ok 20:05:13.0779 0x0a5c [ 2FD9346F9D76CB4192D37329CFA47A82 ] SRTSP C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS 20:05:13.0794 0x0a5c SRTSP - ok 20:05:13.0810 0x0a5c [ 0E76CEF892C45734F7AED09FDDF35D4D ] SRTSPX C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS 20:05:13.0810 0x0a5c SRTSPX - ok 20:05:13.0841 0x0a5c [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\Windows\system32\DRIVERS\srv.sys 20:05:13.0841 0x0a5c srv - ok 20:05:13.0888 0x0a5c [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 20:05:13.0904 0x0a5c srv2 - ok 20:05:13.0919 0x0a5c [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 20:05:13.0919 0x0a5c srvnet - ok 20:05:13.0951 0x0a5c [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 20:05:13.0966 0x0a5c SSDPSRV - ok 20:05:13.0966 0x0a5c [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\Windows\system32\sstpsvc.dll 20:05:13.0982 0x0a5c SstpSvc - ok 20:05:14.0044 0x0a5c [ F452B51D895D894BF5487057E11D44CF ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe 20:05:14.0044 0x0a5c STacSV - ok 20:05:14.0091 0x0a5c [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\Windows\system32\drivers\stexstor.sys 20:05:14.0091 0x0a5c stexstor - ok 20:05:14.0138 0x0a5c [ B05AEC4014FFDC1793B5CCB6D9BD28D1 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys 20:05:14.0154 0x0a5c STHDA - ok 20:05:14.0201 0x0a5c [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\Windows\System32\wiaservc.dll 20:05:14.0232 0x0a5c stisvc - ok 20:05:14.0263 0x0a5c [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci C:\Windows\system32\drivers\storahci.sys 20:05:14.0263 0x0a5c storahci - ok 20:05:14.0294 0x0a5c [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys 20:05:14.0294 0x0a5c storflt - ok 20:05:14.0341 0x0a5c [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\Windows\system32\storsvc.dll 20:05:14.0341 0x0a5c StorSvc - ok 20:05:14.0388 0x0a5c [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\Windows\system32\drivers\storvsc.sys 20:05:14.0388 0x0a5c storvsc - ok 20:05:14.0404 0x0a5c [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\Windows\system32\svsvc.dll 20:05:14.0419 0x0a5c svsvc - ok 20:05:14.0435 0x0a5c [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\Windows\System32\drivers\swenum.sys 20:05:14.0435 0x0a5c swenum - ok 20:05:14.0591 0x0a5c [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\Windows\System32\swprv.dll 20:05:14.0607 0x0a5c swprv - ok 20:05:14.0669 0x0a5c [ 52DC0048D667757A8A2E4C87182890AC ] SymDS C:\Windows\system32\drivers\NISx64\1404000.028\SYMDS64.SYS 20:05:14.0669 0x0a5c SymDS - ok 20:05:14.0779 0x0a5c [ 599872BAD7CFB45C7CE47CDED4B726D8 ] SymEFA C:\Windows\system32\drivers\NISx64\1404000.028\SYMEFA64.SYS 20:05:14.0794 0x0a5c SymEFA - ok 20:05:14.0826 0x0a5c [ 42947647F71E9EF2167B42B372F1DDB7 ] SymELAM C:\Windows\system32\drivers\NISx64\1404000.028\SymELAM.sys 20:05:14.0826 0x0a5c SymELAM - ok 20:05:14.0857 0x0a5c [ F19E5E37ED8134B9E5F6287F2D3A75D7 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 20:05:14.0857 0x0a5c SymEvent - ok 20:05:14.0904 0x0a5c [ ADF37F1A715D6C56C8E065FD8569A9A4 ] SymIRON C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS 20:05:14.0904 0x0a5c SymIRON - ok 20:05:14.0982 0x0a5c [ 9CDCA70485BD6B9D230365F67C31F132 ] SymNetS C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS 20:05:14.0998 0x0a5c SymNetS - ok 20:05:15.0029 0x0a5c [ 3F45C3FE208CA5E68832B65C597A35A6 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 20:05:15.0044 0x0a5c SynTP - ok 20:05:15.0123 0x0a5c [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain C:\Windows\system32\sysmain.dll 20:05:15.0154 0x0a5c SysMain - ok 20:05:15.0193 0x0a5c [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll 20:05:15.0193 0x0a5c SystemEventsBroker - ok 20:05:15.0224 0x0a5c [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll 20:05:15.0240 0x0a5c TabletInputService - ok 20:05:15.0271 0x0a5c [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\Windows\System32\tapisrv.dll 20:05:15.0287 0x0a5c TapiSrv - ok 20:05:15.0381 0x0a5c [ 1794C43A000A47D92B3304FC1E3E512A ] Tcpip C:\Windows\system32\drivers\tcpip.sys 20:05:15.0412 0x0a5c Tcpip - ok 20:05:15.0443 0x0a5c [ 1794C43A000A47D92B3304FC1E3E512A ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 20:05:15.0443 0x0a5c TCPIP6 - ok 20:05:15.0490 0x0a5c [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 20:05:15.0490 0x0a5c tcpipreg - ok 20:05:15.0506 0x0a5c [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 20:05:15.0506 0x0a5c tdx - ok 20:05:15.0521 0x0a5c [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\Windows\System32\drivers\terminpt.sys 20:05:15.0521 0x0a5c terminpt - ok 20:05:15.0584 0x0a5c [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\Windows\System32\termsrv.dll 20:05:15.0599 0x0a5c TermService - ok 20:05:15.0615 0x0a5c [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\Windows\system32\themeservice.dll 20:05:15.0615 0x0a5c Themes - ok 20:05:15.0646 0x0a5c [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\Windows\system32\mmcss.dll 20:05:15.0646 0x0a5c THREADORDER - ok 20:05:15.0693 0x0a5c [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll 20:05:15.0693 0x0a5c TimeBroker - ok 20:05:15.0724 0x0a5c [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM C:\Windows\system32\drivers\tpm.sys 20:05:15.0724 0x0a5c TPM - ok 20:05:15.0756 0x0a5c [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\Windows\System32\trkwks.dll 20:05:15.0756 0x0a5c TrkWks - ok 20:05:15.0818 0x0a5c [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 20:05:15.0818 0x0a5c TrustedInstaller - ok 20:05:15.0865 0x0a5c [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 20:05:15.0865 0x0a5c TsUsbFlt - ok 20:05:15.0896 0x0a5c [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys 20:05:15.0896 0x0a5c TsUsbGD - ok 20:05:15.0912 0x0a5c [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 20:05:15.0928 0x0a5c tunnel - ok 20:05:15.0943 0x0a5c [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\Windows\system32\drivers\uagp35.sys 20:05:15.0959 0x0a5c uagp35 - ok 20:05:15.0974 0x0a5c [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys 20:05:15.0974 0x0a5c UASPStor - ok 20:05:16.0006 0x0a5c [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys 20:05:16.0006 0x0a5c UCX01000 - ok 20:05:16.0037 0x0a5c [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 20:05:16.0037 0x0a5c udfs - ok 20:05:16.0068 0x0a5c [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\Windows\system32\UI0Detect.exe 20:05:16.0068 0x0a5c UI0Detect - ok 20:05:16.0068 0x0a5c [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 20:05:16.0084 0x0a5c uliagpkx - ok 20:05:16.0099 0x0a5c [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\Windows\System32\drivers\umbus.sys 20:05:16.0099 0x0a5c umbus - ok 20:05:16.0099 0x0a5c [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\Windows\System32\drivers\umpass.sys 20:05:16.0115 0x0a5c UmPass - ok 20:05:16.0131 0x0a5c [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\Windows\System32\umrdp.dll 20:05:16.0131 0x0a5c UmRdpService - ok 20:05:16.0256 0x0a5c [ DBE2E6388379D5CC78099650541E9566 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 20:05:16.0256 0x0a5c UNS - ok 20:05:16.0287 0x0a5c [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\Windows\System32\upnphost.dll 20:05:16.0303 0x0a5c upnphost - ok 20:05:16.0318 0x0a5c [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\Windows\System32\drivers\usbccgp.sys 20:05:16.0334 0x0a5c usbccgp - ok 20:05:16.0349 0x0a5c [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\Windows\System32\drivers\usbcir.sys 20:05:16.0349 0x0a5c usbcir - ok 20:05:16.0381 0x0a5c [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\Windows\System32\drivers\usbehci.sys 20:05:16.0381 0x0a5c usbehci - ok 20:05:16.0443 0x0a5c [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub C:\Windows\System32\drivers\usbhub.sys 20:05:16.0443 0x0a5c usbhub - ok 20:05:16.0490 0x0a5c [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys 20:05:16.0490 0x0a5c USBHUB3 - ok 20:05:16.0521 0x0a5c [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\Windows\System32\drivers\usbohci.sys 20:05:16.0521 0x0a5c usbohci - ok 20:05:16.0553 0x0a5c [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\Windows\System32\drivers\usbprint.sys 20:05:16.0553 0x0a5c usbprint - ok 20:05:16.0553 0x0a5c [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS 20:05:16.0553 0x0a5c USBSTOR - ok 20:05:16.0584 0x0a5c [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\Windows\System32\drivers\usbuhci.sys 20:05:16.0584 0x0a5c usbuhci - ok 20:05:16.0615 0x0a5c [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 20:05:16.0615 0x0a5c usbvideo - ok 20:05:16.0662 0x0a5c [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS 20:05:16.0662 0x0a5c USBXHCI - ok 20:05:16.0678 0x0a5c [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\Windows\system32\lsass.exe 20:05:16.0678 0x0a5c VaultSvc - ok 20:05:16.0709 0x0a5c [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 20:05:16.0709 0x0a5c vdrvroot - ok 20:05:16.0756 0x0a5c [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds C:\Windows\System32\vds.exe 20:05:16.0771 0x0a5c vds - ok 20:05:16.0787 0x0a5c [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys 20:05:16.0803 0x0a5c VerifierExt - ok 20:05:16.0849 0x0a5c [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys 20:05:16.0865 0x0a5c vhdmp - ok 20:05:16.0881 0x0a5c [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\Windows\system32\drivers\viaide.sys 20:05:16.0881 0x0a5c viaide - ok 20:05:16.0912 0x0a5c [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\Windows\system32\drivers\vmbus.sys 20:05:16.0912 0x0a5c vmbus - ok 20:05:16.0928 0x0a5c [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys 20:05:16.0928 0x0a5c VMBusHID - ok 20:05:16.0959 0x0a5c [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\Windows\System32\ICSvc.dll 20:05:16.0974 0x0a5c vmicheartbeat - ok 20:05:16.0974 0x0a5c [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll 20:05:16.0990 0x0a5c vmickvpexchange - ok 20:05:16.0990 0x0a5c [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\Windows\System32\ICSvc.dll 20:05:17.0006 0x0a5c vmicrdv - ok 20:05:17.0006 0x0a5c [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\Windows\System32\ICSvc.dll 20:05:17.0006 0x0a5c vmicshutdown - ok 20:05:17.0021 0x0a5c [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\Windows\System32\ICSvc.dll 20:05:17.0021 0x0a5c vmictimesync - ok 20:05:17.0021 0x0a5c [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\Windows\System32\ICSvc.dll 20:05:17.0037 0x0a5c vmicvss - ok 20:05:17.0068 0x0a5c [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\Windows\system32\drivers\volmgr.sys 20:05:17.0068 0x0a5c volmgr - ok 20:05:17.0099 0x0a5c [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 20:05:17.0099 0x0a5c volmgrx - ok 20:05:17.0131 0x0a5c [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap C:\Windows\system32\drivers\volsnap.sys 20:05:17.0146 0x0a5c volsnap - ok 20:05:17.0154 0x0a5c [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\Windows\System32\drivers\vpci.sys 20:05:17.0154 0x0a5c vpci - ok 20:05:17.0158 0x0a5c [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 20:05:17.0158 0x0a5c vsmraid - ok 20:05:17.0205 0x0a5c [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS C:\Windows\system32\vssvc.exe 20:05:17.0221 0x0a5c VSS - ok 20:05:17.0237 0x0a5c [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys 20:05:17.0237 0x0a5c VSTXRAID - ok 20:05:17.0252 0x0a5c [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 20:05:17.0252 0x0a5c vwifibus - ok 20:05:17.0268 0x0a5c [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 20:05:17.0283 0x0a5c vwififlt - ok 20:05:17.0283 0x0a5c [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 20:05:17.0283 0x0a5c vwifimp - ok 20:05:17.0330 0x0a5c [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\Windows\system32\w32time.dll 20:05:17.0330 0x0a5c W32Time - ok 20:05:17.0346 0x0a5c [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\Windows\System32\drivers\wacompen.sys 20:05:17.0346 0x0a5c WacomPen - ok 20:05:17.0377 0x0a5c [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 20:05:17.0377 0x0a5c Wanarp - ok 20:05:17.0377 0x0a5c [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 20:05:17.0377 0x0a5c Wanarpv6 - ok 20:05:17.0440 0x0a5c [ 901CC968412F8155B08D7ABE0171166A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll 20:05:17.0455 0x0a5c WAS - ok 20:05:17.0690 0x0a5c [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\Windows\system32\wbengine.exe 20:05:17.0705 0x0a5c wbengine - ok 20:05:17.0752 0x0a5c [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 20:05:17.0768 0x0a5c WbioSrvc - ok 20:05:17.0862 0x0a5c [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\Windows\System32\wcmsvc.dll 20:05:17.0877 0x0a5c Wcmsvc - ok 20:05:17.0940 0x0a5c [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\Windows\System32\wcncsvc.dll 20:05:17.0955 0x0a5c wcncsvc - ok 20:05:17.0987 0x0a5c [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 20:05:17.0987 0x0a5c WcsPlugInService - ok 20:05:18.0018 0x0a5c [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\Windows\system32\drivers\wd.sys 20:05:18.0018 0x0a5c Wd - ok 20:05:18.0049 0x0a5c [ FD47DF026B32969B8A68721A0243E8EE ] WdBoot C:\Windows\system32\drivers\WdBoot.sys 20:05:18.0065 0x0a5c WdBoot - ok 20:05:18.0096 0x0a5c [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 20:05:18.0112 0x0a5c Wdf01000 - ok 20:05:18.0143 0x0a5c [ 5F425D842DD6ADE9F95A51A0616AFAD7 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys 20:05:18.0143 0x0a5c WdFilter - ok 20:05:18.0174 0x0a5c [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\Windows\system32\wdi.dll 20:05:18.0190 0x0a5c WdiServiceHost - ok 20:05:18.0190 0x0a5c [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\Windows\system32\wdi.dll 20:05:18.0205 0x0a5c WdiSystemHost - ok 20:05:18.0221 0x0a5c [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\Windows\System32\webclnt.dll 20:05:18.0221 0x0a5c WebClient - ok 20:05:18.0252 0x0a5c [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\Windows\system32\wecsvc.dll 20:05:18.0252 0x0a5c Wecsvc - ok 20:05:18.0283 0x0a5c [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\Windows\System32\wercplsupport.dll 20:05:18.0283 0x0a5c wercplsupport - ok 20:05:18.0315 0x0a5c [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc C:\Windows\System32\WerSvc.dll 20:05:18.0315 0x0a5c WerSvc - ok 20:05:18.0346 0x0a5c [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys 20:05:18.0346 0x0a5c WFPLWFS - ok 20:05:18.0377 0x0a5c [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\Windows\System32\wiarpc.dll 20:05:18.0393 0x0a5c WiaRpc - ok 20:05:18.0408 0x0a5c [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 20:05:18.0408 0x0a5c WIMMount - ok 20:05:18.0440 0x0a5c WinDefend - ok 20:05:18.0487 0x0a5c [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll 20:05:18.0487 0x0a5c WinHttpAutoProxySvc - ok 20:05:18.0549 0x0a5c [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 20:05:18.0549 0x0a5c Winmgmt - ok 20:05:18.0643 0x0a5c [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\Windows\system32\WsmSvc.dll 20:05:18.0674 0x0a5c WinRM - ok 20:05:18.0721 0x0a5c [ BB20956C424531003F7FA6CD36F11D5D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 20:05:18.0721 0x0a5c WinUsb - ok 20:05:18.0752 0x0a5c [ DAF801153E8F33E13AB278332250D78A ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys 20:05:18.0752 0x0a5c WirelessButtonDriver - ok 20:05:18.0799 0x0a5c [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\Windows\System32\wlansvc.dll 20:05:18.0815 0x0a5c WlanSvc - ok 20:05:18.0877 0x0a5c [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc C:\Windows\system32\wlidsvc.dll 20:05:18.0908 0x0a5c wlidsvc - ok 20:05:18.0940 0x0a5c [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys 20:05:18.0940 0x0a5c WmiAcpi - ok 20:05:18.0971 0x0a5c [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 20:05:18.0971 0x0a5c wmiApSrv - ok 20:05:19.0002 0x0a5c WMPNetworkSvc - ok 20:05:19.0018 0x0a5c [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys 20:05:19.0018 0x0a5c wpcfltr - ok 20:05:19.0049 0x0a5c [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\Windows\System32\wpcsvc.dll 20:05:19.0049 0x0a5c WPCSvc - ok 20:05:19.0080 0x0a5c [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 20:05:19.0080 0x0a5c WPDBusEnum - ok 20:05:19.0096 0x0a5c [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys 20:05:19.0096 0x0a5c WpdUpFltr - ok 20:05:19.0127 0x0a5c [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 20:05:19.0127 0x0a5c ws2ifsl - ok 20:05:19.0170 0x0a5c [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc C:\Windows\System32\wscsvc.dll 20:05:19.0170 0x0a5c wscsvc - ok 20:05:19.0202 0x0a5c [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys 20:05:19.0202 0x0a5c WSDPrintDevice - ok 20:05:19.0217 0x0a5c [ FA07DF46070F0826139709EF4D31FB71 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys 20:05:19.0217 0x0a5c WSDScan - ok 20:05:19.0233 0x0a5c WSearch - ok 20:05:19.0295 0x0a5c [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\Windows\System32\WSService.dll 20:05:19.0327 0x0a5c WSService - ok 20:05:19.0389 0x0a5c [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv C:\Windows\system32\wuaueng.dll 20:05:19.0436 0x0a5c wuauserv - ok 20:05:19.0467 0x0a5c [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 20:05:19.0467 0x0a5c WudfPf - ok 20:05:19.0483 0x0a5c [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys 20:05:19.0483 0x0a5c WUDFRd - ok 20:05:19.0499 0x0a5c [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\Windows\system32\DRIVERS\WUDFRd.sys 20:05:19.0499 0x0a5c WUDFSensorLP - ok 20:05:19.0530 0x0a5c [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 20:05:19.0546 0x0a5c wudfsvc - ok 20:05:19.0546 0x0a5c [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys 20:05:19.0546 0x0a5c WUDFWpdFs - ok 20:05:19.0561 0x0a5c [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys 20:05:19.0561 0x0a5c WUDFWpdMtp - ok 20:05:19.0592 0x0a5c [ FBB9B00D7A5756B0AA8E10BF7619E604 ] WwanSvc C:\Windows\System32\wwansvc.dll 20:05:19.0608 0x0a5c WwanSvc - ok 20:05:19.0686 0x0a5c [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe 20:05:19.0686 0x0a5c YahooAUService - ok 20:05:19.0702 0x0a5c ================ Scan global =============================== 20:05:19.0764 0x0a5c [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll 20:05:19.0811 0x0a5c [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll 20:05:19.0842 0x0a5c [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll 20:05:19.0874 0x0a5c [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe 20:05:19.0889 0x0a5c [Global] - ok 20:05:19.0889 0x0a5c ================ Scan MBR ================================== 20:05:19.0905 0x0a5c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 20:05:19.0983 0x0a5c \Device\Harddisk0\DR0 - ok 20:05:19.0983 0x0a5c ================ Scan VBR ================================== 20:05:20.0014 0x0a5c [ 7B76E006773A58A684777A4A1FCA0472 ] \Device\Harddisk0\DR0\Partition1 20:05:20.0014 0x0a5c \Device\Harddisk0\DR0\Partition1 - ok 20:05:20.0030 0x0a5c [ 0306E8073D24BCCB68A4F621768876F2 ] \Device\Harddisk0\DR0\Partition2 20:05:20.0030 0x0a5c \Device\Harddisk0\DR0\Partition2 - ok 20:05:20.0046 0x0a5c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3 20:05:20.0046 0x0a5c \Device\Harddisk0\DR0\Partition3 - ok 20:05:20.0077 0x0a5c [ B57686008DDCEB0E44880A439AE1EF34 ] \Device\Harddisk0\DR0\Partition4 20:05:20.0077 0x0a5c \Device\Harddisk0\DR0\Partition4 - ok 20:05:20.0108 0x0a5c [ 783C77D13213E58AB757A3835FA56601 ] \Device\Harddisk0\DR0\Partition5 20:05:20.0108 0x0a5c \Device\Harddisk0\DR0\Partition5 - ok 20:05:20.0108 0x0a5c ============================================================ 20:05:20.0108 0x0a5c Scan finished 20:05:20.0108 0x0a5c ============================================================ 20:05:20.0124 0x0b30 Detected object count: 0 20:05:20.0124 0x0b30 Actual detected object count: 0 20:06:07.0971 0x0a18 Deinitialize success ### #8 BoneFish BoneFish • Topic Starter • Members • 130 posts • OFFLINE • • Gender:Male • Location:South Carolina • Local time:02:36 AM Posted 20 August 2013 - 07:23 PM Ok Noknojon, I think I got it all posted this time. Thanks for the Norton removal link also. ### #9 noknojon noknojon Not M/$oft worker

Posted 20 August 2013 - 09:44 PM

Hi -

You seem to have no remains of the infection showing any more, and it looks healthy.

Do you think there are any problems left on your computer now ? I can see none in the scans.

Please just Update and Re-run a Quick scan with MBAM and see if it finds any problems like it did -

Also a Full scan with your avast!, but Only after Norton is removed.

Post a scan (or link) if your avast! still finds anything, even though it may be a "False Positive".

Their forum is full of this type of problem that is only found by avast! and was to be fixed -

After you run Norton Removal, just run Security Check by Screen317 to make sure Norton is not showing.

There is no need to post the log unless you still see Norton showing (as above) and we will use another remover.

Thank You -

Waiting for an Answer : Press F5 to refresh your browser - - - - - - - - - <  > - - - - - - - - - - - - Otherwise the answer is always "42" Or Reboot

War doesn't ever determine who is right  < -  > War only ever determines who is left

Posted 22 August 2013 - 05:14 AM

I ran a full system scan with Avast and everything was ok.

Here is the Security Check scan I ran.

I think it's ok too but not sure how to read it so I posted it.

Results of screen317's Security Check version 0.99.72
x64 (UAC is enabled)
Internet Explorer 10
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Antivirus
Windows Defender
Antivirus up to date!
Anti-malware/Other Utilities Check:
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 25
Process Check: objlist.exe by Laurent
AVAST Software Avast AvastUI.exe
AVAST Software Avast AvastSvc.exe
System Health check
Total Fragmentation on Drive C:  %
End of Log

Posted 22 August 2013 - 07:20 PM

OK BoneFish -

I will take this off watch now -

Please start a new topic if you have other problems -

Regards -

Waiting for an Answer : Press F5 to refresh your browser - - - - - - - - - <  > - - - - - - - - - - - - Otherwise the answer is always "42" Or Reboot

War doesn't ever determine who is right  < -  > War only ever determines who is left

